lost password?

home
•  xaraya +
•  rails
•  django
•  webdev
•  xamp
•  musings

rss
Tag this page
   

» Blogs that link here
last modified: Apr 29, 2007
(first posted: Feb 20, 2007)
(3607 Reads)
keywords: comments spambots
Permalink

How to do Anonymous Comments

With just a couple clicks you can enable anonymous comments on your articles. But it says "Posted by: Anonymous". What if you want people to add their name? [Updated with more thoughts about psyching out spambots]

Enable Comments

To enable comments on a publication type, such as a blog posting, first hook the Comments module into the Articles module, for the specific pubtype(s) you want. (Admin > Global > Modules > Configure Hooks > Comments > Articles > and Enable the pubtypes)

Next, configure Comments to allow anonymous posts. (Admin > Content > Comments > Modify Configuration > " Allow anonymous posting")

In my case, I've also selected "Flat" rendering.

Add Fields

We want to capture the user's name. We'll do this using Dynamic Data. Hook the DynamicData module into Comments (Admin > Global > Modules > Configure Hooks > Dynamic Data > Comments > Enable). And add the fields we want: (Admin > Content > Comments > Modify Configuration > Dynamic Data Field Modify, and then:

Label: Name, Type: textbox

Add Privileges

We have to grant permission for anonymous users to submit comments. Go to Add Privilege (Admin > Users > Privileges > Add Privilege) and submit the following:

Name: commentsSubmit
Module: comments
Level: comment

Then assign this privilege to the Everyone Roles group (Admin > Users > Roles, select Everyone group, click View Privileges icon, and assign commentsSubmit.

Modify Templates

To access the DynamicData we use xar:data tags in the templates. In forms, to show the input field for Name:

<xar:data-getitem name="$properties" module="comments" itemtype="0" itemid="0" />
<xar:data-input property="$properties['name']" />

Copy the file modules/comments/xartemplates/includes/input-box.xd to themes/yourtheme/modules/comments/incudes/input-box.xt, and replace instances of #$package['name']# with the xar:data lines shown above.

Similarly, for display, copy the file modules/comments/xartemplates/includes/view-flat.xd to view-flat.xt in your theme. Editing is a bit more complicated because BlockLayout doesn't handle objects very well, so we use temporary variables and &gt; when it complains.

<xar:set name="ii">$loop->item</xar:set>
<xar:data-getitem name="$properties" module="comments" itemtype="0" itemid="$ii['xar_cid']" />
<xar:set name="p">$properties['name']</xar:set>
<xar:if condition="!empty($p-&gt;value)">
	#$p->value#
<xar:else />
	#$loop:item['xar_author']# 
</xar:if>

Replace all instances of #$loop:item['xar_author']# with the above code.

One more thing, extending this to handle the Preview form is more complicated. I just decided to comment out the Preview button (<input type="submit" ... > at bottom of the form).

That's it. This can easily be extended to also get a visitor's email address and website, etc.

Handle Spam Bots

A common way to handle robotic spammers is using a Captcha -- those distorted images that require you type the same text. Another less intrusive way is a service like Akismet. Both would be nice things to add to Xaraya, but for now I'll take a deadly simple route:

Add this little js function to the top of the input-box.xt template:

<script type="text/javascript">
  function checkNotspamBox(f) {
    if (f.notspam.checked == false) {
      alert('Hi. Unless you\'re a spam bot, please let us know you are not');
      return false;
    } else
      return true;
  }
</script>

In the <form> tag, replace the onSubmit attribute with

onSubmit="return checkNotspamBox(this) && submitonce(this);"

And then in the form add the checkbox:

<input type="checkbox" value="0" name="notspam" id="notspam" />: This is not spam

More about Spambots

This from a recent IRC conversation. Spambots read your form an fill out any fields that look "important". And they go after common field names. So if its smart enough, or lucky 50% of the time it'll check the "notspam" checkbox, and they're in. Here's a better suggestion:

Provide a text field with a name that sounds important, like "website_url" or "email_address", then use CSS to hide the field so it's not visible to a normal browser. The bot will try to fill it in. Your app can check that, if the field has content, then ignore the spambot's post.  

Someone else added that for browsers without CSS (eg accessiblity) include (hidden) text that says "Don't enter anything into this field". 

 

 

< prev  next>

How to do Anonymous Comments

Posted by: boom on February 20, 2007 07:00 PM
be interesting to see how effective your poor man's captcha works out...

#

How to do Anonymous Comments

Posted by: Tim Stalker on March 09, 2007 03:24 PM
Test

#

Re: How to do Anonymous Comments

Posted by: Tim Stalker on March 09, 2007 03:25 PM
Thanks for this info. This will work perfect for me.

#

Re(1): How to do Anonymous Comments

Posted by: Test Man on March 31, 2007 11:06 AM
Yes, try it.

#

How to do Anonymous Comments

Posted by: Wayne Walker on April 05, 2007 02:27 AM
Excellent post. I have been looking at tying the Name and Email in with the eBulletin Module so that I can capture that data for possible Newsletter subscriptions (with permission, of course), without them needing to subscribe as a site Registered Member. But as this is a hobby for me, work has intervened again. So this will be a great interim solution until I have free time again, who knows when. Xaraya would have such a complete Blogging solution if the Formantibot Module could be hooked into Articles (under a Blog Pubtype). If only I had time to learn the Module development side of things. Oh well. Great Blog, by the way. I've just started with FeedDemon, so your Blog is one of my first feeds. I really like the 15 part Rails v Django series. All very new to me, but great reading. Keep up the good work!

#

How to do Anonymous Comments

Posted by: Tim Stalker on April 05, 2007 09:48 AM
I'm wondering what kind of success you're seeing with this solution?? I'm finishing a new blog using Xaraya but hesitant to activate anonymous comments like this. Is this working for you? I see it maybe as a temporay solution until someone can hook Formantibot to comments.

#

How to do Anonymous Comments

Posted by: linoj on April 05, 2007 11:04 AM
Wayne, Thanks for the kudos, I appreciate it. :) Tim, the anti-spam checkbox is working so far, to the extent I haven't seen any spam.

#

Testing blank name field

Posted by: Anonymous on October 27, 2007 02:20 AM
Is there a way to make the name field you created here required. I'm testing this by not entering a name which should still give anonymous in the output. Need to have the name field work like the comment body field. If nothing is entered and a user hits submit, nothing should be entered.

#

Require a name

Posted by: Tim Stalker on October 27, 2007 02:43 AM
To require a name, use this script: <script type="text/javascript"> function checkNameBox(f) { if (f.dd_objectnumberhere.value == "" ) { alert('Hi. Please provide your name or screen name.'); return false; } else return true; } </script>

#

How to do Anonymous Comments

Posted by: Steven on April 30, 2008 05:20 AM
Testing...

#

Post a new comment

: This is not spam

Name :