Just a tip: For my my CakePHP blog I implemented Debuggable's Akismet
behavior/datasource and it's done an excellent job nabbing comment
spam without the need for captchas.
http://debuggable.com/posts/akismet-datasource:48bbe6f0-b7c0-47e5-8337-15624834cda3
On Nov 14, 1:44 pm, thankyou
I have a CMS in cakephp. I'm starting to get significant comment spam
for nude pictures, etc. The posters are entering HTML, which is
showing links to their websites. I want to only allow text and no
links, html, etc..
Is there an easy way to do this (I'm new to CakePHP)?
Thank you :)
--
Wildflower use an akismet component for this
I think that Croogo uses a simular comp too
not automatically adding comments makes sense
- S
2009/11/14 thankyou gregbo...@gmail.com
I have a CMS in cakephp. I'm starting to get significant comment spam
for nude pictures, etc. The posters are
and of course strip_tags
- S
2009/11/14 Sam Sherlock sam.sherl...@gmail.com
Wildflower use an akismet component for this
I think that Croogo uses a simular comp too
not automatically adding comments makes sense
- S
2009/11/14 thankyou gregbo...@gmail.com
I have a CMS in cakephp.
If they are able to post raw html to show nude pictures I can only
imagine what else they can do :(
--
You received this message because you are subscribed to the Google Groups
CakePHP group.
To post to this group, send email to cake-...@googlegroups.com.
To unsubscribe from this group, send
It seems your not doing any validation or filtering, thats a problem
with your app, not the spam. Try adding a captcha or a spam blocker.
http://www.milesj.me/resources/script/commentia-behavior
On Nov 14, 12:31 pm, LancerForHire lancerforh...@gmail.com wrote:
If they are able to post raw html
can they post php tags too?
I would be very scared of something like ?php unlink(/); ?
On Sat, Nov 14, 2009 at 4:55 PM, thankyou gregbo...@gmail.com wrote:
I do currently use captcha but its obviously not sufficient. People
can still post a href ... links.
On Nov 14, 4:00 pm, Miles J
Well then thats your fault for allowing HTML. Either strip the HTML
completely or use a BB code system.
http://www.milesj.me/resources/script/decoda
On Nov 14, 3:00 pm, David Roda davidcr...@gmail.com wrote:
can they post php tags too?
I would be very scared of something like ?php unlink(/);
the probably easiest way there is:
use h() for printing out the content of the comment
it will make all special characters useless
by the way:
use a captcha behaviour for those bots
and you should be fine
i even experimented with passive captchas
not visible to the user and therefore not