[wp-hackers] Best way to 'enhance' wp-comments-post.php
Eric A. Meyer
eric at meyerweb.com
Thu May 25 18:06:33 GMT 2006
In order to block a flood of direct-submission comment spam--
stuff that was just hitting the WP post scripts directly, never
touching a post or its comment form-- I hacked some measures into
wp-comments-post.php. These took the basic form of checking to see
if the submission came from a post comment form, and if not, skipping
over everything in wp-comments-post.php from the comment "//if the
user is logged in" to the $location redirect. By preserving the
redirect, I figured I could fool any scripts that hit the scripts
directly but also checked to see if they got the post page back as a
I'd like to abstract this process out to a plugin, so I don't have
to re-hack wp-comments-post.php every time I upgrade. So what I'm
wondering is, what hook should I hang on to start this check? I
thought about copying one of the hooks Akismet uses, but I didn't
really know why it was using the ones it was using, so that seemed
like a fragile solution at best. I also don't really have to start
where I did with my hack-- it just seemed like a good place.
Also, should the plugin itself do the redirect part instead of
trying to somehow jump to the appropriate point in
wp-comments-post.php? That seems simplest, but I wasn't sure if
there was a better way.
Thanks for any help with this.
Eric A. Meyer (eric at meyerweb.com)
Principal, Complex Spiral Consulting http://complexspiral.com/
"CSS: The Definitive Guide," "CSS2.0 Programmer's Reference,"
"Eric Meyer on CSS," and more http://meyerweb.com/eric/books/
More information about the wp-hackers