homepage Welcome to WebmasterWorld Guest from 54.211.219.178
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Visit PubCon.com
Home / Forums Index / Code, Content, and Presentation / WordPress
Forum Library, Charter, Moderators: lorax & rogerd

WordPress Forum

    
Disable URL Field for Comments?
Planet13




msg:4437780
 11:58 pm on Apr 5, 2012 (gmt 0)

Hi there, Everyone:

Is there an easy way to disable the URL field for comments?

I figure that removing it might help to cut down on spam comments.

Even better is if not only was there a way to remove it, but if there was some way to see whether they attempted to submit a URL by bypassing the standard submit (like they were using scrapebox or something) and then rejecting it.

 

Coral




msg:4437842
 5:07 am on Apr 6, 2012 (gmt 0)

You can add a custom function, something like what I listed below. You could change the word URL: next to the field in the form, like Favorite Ice Cream: (you can edit the comments.php to remove the URL field as well)

function disabledurl(){

if (strpos($_POST['url'],'/'))
wp_die( __('Error: Please do not enter a URL.') );

add_filter('pre_comment_author_url','disabledurl');
return $_POST['url'];
}

rocknbil




msg:4438041
 4:26 pm on Apr 6, 2012 (gmt 0)

Comment span comes in many forms. That's just one of them. You can do a dozen or so "or's" or you can use preg_match() to look specifically for the URL. Then you can save your or's for even more filters:

// Define a semi-global array so you can update it as you need it.
// It's more of a configuration.

$form_spam = Array (
'\[\s*URL.*\]*',
'\[\s*LINK.*\]*',
'\%5B\s*URL.*(\%5D)*',
'\%5B\s*LINK.*(\%5D)*',
'\[\s*a\s*href.*\]*',
'\%5B\s*a\s*href.*(\%5B)*',
'\<\s*a\s*href.*\>*',
'\%3C\s*a\s*href.*(\%3E)*'
);


Then wherever your form submits, call the function to use this array to check against.

$is_spam = check_for_urls($form_spam);
if ($is_spam) { wp_die( __('Error: Please do not enter a URL.') ); }

The function accepts your array as a parameter, and loops through the patterns.

function check_for_urls($patterns){
$spam = null;
foreach ($_POST as $key => $value) {
foreach ($patterns as $v) {
if (preg_match("/$v/i",stripslashes($_POST[$key]))) {
$spam_in = 1;
break;
}
}
}
return $spam;
}


This will not just check ONE field, it will check them all, and is case-insensitive. If you have a field that specifically allows a URL pattern, you'll have to skip it in the loop.

You can extend this to other patterns too:


$bad_patterns = Array (
'b*cc\s*:',
'to\s*:',
'content\-type',
'\[\s*URL.*\]*',
'\[\s*LINK.*\]*',
'\%5B\s*URL.*(\%5D)*',
'\%5B\s*LINK.*(\%5D)*',
'\[\s*a\s*href.*\]*',
'\%5B\s*a\s*href.*(\%5B)*',
'\<\s*a\s*href.*\>*',
'\%3C\s*a\s*href.*(\%3E)*',
'example.com',
'viagra',
'pharm',
'male\s+enhance'
);


"example.com" = your domain name, the reason being, you'll never submit a comment to your self and a common ploy is to use anything@yourdomain.com in spam.

I will add that wp_die (or any die on error) is not very user friendly (and is lazy) as it forces the user to use their back button. What should happen there is if there's an error, it returns to the form with fields populated.

Planet13




msg:4438150
 9:06 pm on Apr 6, 2012 (gmt 0)

Thanks so much, rocknbill :)

rocknbil




msg:4438784
 4:12 pm on Apr 9, 2012 (gmt 0)

Small error (that's actually huge, it will fail) there is no variable "$spam_in" in the example. Change it to this instead.

$spam = 1;

Hindsight=20/20. :-\

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / WordPress
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved