[wp-hackers] Reviews for Plugins

Otto otto at ottodestruct.com
Tue Nov 1 21:58:28 UTC 2011

On Tue, Nov 1, 2011 at 4:52 PM, Ryan Frankel <ryan.frankel at gmail.com> wrote:
> I think the real issue here is that WordPress.org would have to be on-board with this.  The issues with identity management and what the UI should like like are problems that can be solved.  They might not be simple but they are doable.  But, when it comes down to it, if the repo doesn't support something like this then there is not much hope.
> I do like the idea of using Gravatars though.  Which brings me to another thought similar to this…it would be possible to create a plugin that does something similar to this and stores reviews elsewhere.  Basically, you would just have to report the current users e-mail, the plugin slug, and their rating.   It could be a separate web service that does this sort of thing.  I think the problem is that the ratings wouldn't be shown in the repo though.

WP.org backing isn't your problem. Identity confirmation and authentication is.

See, if you don't have solid authentication to ensure one vote per
user, then you're going to run into gaming of the system. Guaranteed.
Heck, I've had to deal with it on .org before, for the star ratings.

Without a solid authentication scheme, you'll have plugin authors
mass-voting on their own plugins to raise their ranks, and mass
downvoting on whatever they perceive to be the competition. You may
think that this is stupid, and you're right. Doesn't matter.

I once found a guy on org who created something like 2000 fake
accounts, then had them mass-vote on a handful of plugins. When I
removed the votes (and the accounts), he did it again, with another
set of accounts that he had pre-created in anticipation of this.
Seriously. For freakin' star ratings.

Any system you implement that doesn't have solid authentication will
be subject to gaming, and gamed it will be, rendering it rapidly


More information about the wp-hackers mailing list