Symphony.

Let me start off by noting that I am not a programmer and am very new at XSLT. I am learning as I go, however. Right now, most of what i read in these forums is over my head but I like Symphony too much to not keep trying.

I’m wondering if anyone here has any comments or observations regarding comment spam and Symphony. I often moderate all of my comments to avoid spam on my other sites but I note that Symphony doesn’t have this function by default and that comments are dofollow.

Does anyone here have any experiences to share? Do the available extensions pertaining to spam do enough of the job that this shouldn’t be a concern for me?

Would appreciate the input.

Mike

Heya Mike, good question. As you mentioned, there are some available extensions that help to take care of some amount of spam. I’ll admit that I haven’t had a chance to try any of them out yet, so I’ll let others comment on that.

As for moderating comments yourself, that can already be done by Symphony without any extensions. Basically what I’ve done in the past is to create a Select Box Field in your “Comments” section that might have three values (Pending, Approved, Unapproved) or something like that.

Then, you can set up your comment form on the front-end to put data into this section. Do this by attaching an event like “Save Comments” (you can even make it send you an email, if desired) You can either use a hidden field which sets the “Approved” value to “Pending”, though this is not technically secure. You can also save out a specific Event with some extra coding to do this.

Finally, you’ll want to filter your comments Datasource, both by which post’s comments you are viewing, but also filter on the Select Box you created and force it to be “Approved”.

Then, as you get comments, in the backend you can basically just sort by which comments are Approved or not, and go in and change the value yourself. It’s not too shabby.

It’s not too shabby

Indeed. My personal preference is to utilize a check box (yes or no to publish) instead of a select box; but the principle is the same.

I’ll vouch for the Akismet extension. It’s the same API used on Wordpress blogs so it has a good pedigree. When installed it appears as an Event Filter you can select when editing your Comment event. If it thinks a comment is spam, it simply discards it instead of saving it.

Using a checkbox sounds like a good option to work in conjunction with akismet. Is there a sample somewhere or tutorial that explains how to do this? I hate to be “that guy” but I really am quite new to XSLT and am learning as I go..

I hate to be “that guy” but I really am quite new to XSLT and am learning as I go..

Don’t worry about being “that guy” because most of us were once “that guy.”

I’m not aware of any particular “how to” articles on setting up a comments section, specifically, but the principle is the same as any other content you want to manage in Symphony. I would refer to the learning guide which is in a constant state of improvement.

Essentially it’s broken down into these steps:

1. Under blueprints create a section called Comments.
2. Add the appropriate fields and be sure to include a select box link field to the section that you want the comments to relate and a checkbox field named publish.
3. Under blueprints, go to components and create a data source. This is the most important step where you need to filter the data source.

Typically, you would filter using a parameter outputted by another data source (so it only shows comments for a particular entry from the “Articles” section for instance - obviously you would have needed to create this section, fields, and data sources prior to creating the Comments section) and lastly filter by the publish field. I have attached a snippet of my Comments data source.

Lastly, if this is not making any sense be sure to install the default workspace. This is how I learned to work with Symphony. It will allow you to make changes and see what happens; screw things up too much and you can simply reinstall :-)

Attachments:

comments_datasource.png

Wow, i’m rather amazed how easy that was. I just modified my existing comments datasource to include that filter and bingo.

I love this cms. Thank you for the help everyone

I have one related question to this. Now that i’ve followed these instructions and have a comment approval mechanism in place there is just one thing left. On my articles, if the comment is not approved, it still shows 1 comment. in the meta section (where it shows category, publish date, etc) .

It will not show the actual comment itself but the count increments regardless of approval state. How do I make it reliant on the approval state?

nickdunn posted an answer (can’t find it) with a link to this custom SQL datasource some time ago. You just have to modify it to your needs.

Can someone assist with this part? I’m still stuck with figuring out how to stop it from showing the # of comments when they have not yet been moderated.

The way I’m going to do it in a current project of mine is to add a checkbox and filter by that checkbox in the DS. Unchecked means no comment shown and it’s not counted in the datasource.

I have the same problem with my blog post comment count including the unpublished comments. I’ve decided to live with it for now because I don’t get many comments and I moderate the comments at least twice each day.

I tried Akismet but found it unsatisfactory. It let too much spam through. This was surprising because it worked great when I used it with WordPress for about three years.

I wrote my own spam filtering rules into the event.save_comment.php file:

• Allow comments from known contributors based on their e-mail address.
• Discard comments that have certain words in the author name.
• Discard comments that have certain words or phrases in the comment body.
• Discard comments from certain e-mail addresses.
• Accept all others but hold them for moderation.

These rules have worked well so far.

For a month or two, rather than discard the bad comments I placed them in their own Section (which was identical to my Comments section) to ensure that my rules weren’t throwing away good comments. I abandoned that though when the Section filled with hundreds of spam comments and no ham comments.

My Indecent extension might help you filter out bad comments. It works as a filter that you add to your event. The $_POST['fields'] array is run over your line delimited blacklist, and if something is detected, it’ll prevent the event from saving.

Would it be possible to have this work via two sections? One ‘to moderate’ section and one ‘comments’ section, using events to copy to, and then delete from?

Sounds a little excessive I guess…

On my Wordpress site, I have about 6 ham in many years compared to 1000s of spam, so I’m scrapping comments for now, as I don’t have a surefire way of checking them, and the ‘count’ issue worries me too.

EDIT:

Should read @wisolman’s post first eh? Are you willing to publish your event so we can see how you did this?? I’d love to know.

Here is the sanitized code from my save comment event (event.save_comment.php):

<?php

require_once(TOOLKIT . '/class.event.php');

Class eventsave_comment extends Event{

    const ROOTELEMENT = 'save-comment';

    public $eParamFILTERS = array();

    //spam blocking stuff
    private static $source_id = 4; //the real comments section id
    //allow these email addresses without moderation or spam checking:
    private $verified_visitors = array('put', 'e-mail', 'addresses', 'here');
    //block these short comments:
    private $spam_body = array('Hello!', 'Aloha!');
    //block these author names:
    private $spam_author = array('ipod', 'pills', 'health', 'apple', 'hair',
        'celebtity', 'iphone');
    //block these email addresses:
    private $spam_email = array('asdqweasf@aol.com');
    //block author names that contain one of these terms:
    private $spam_author_contains = array('acai berry', 'valium', 'cialis', 'viagra',
        'poker', 'porn', 'propecia', 'vimax', 'pharm');
    //block comment bodies that contain one of these terms:
    private $spam_body_contains = array('[url=http', 'Very nice site!');

    public static function about(){
        return array(
                 'name' => 'Save Comment',
                 'author' => array(
                        'name' => 'Author Name',
                        'website' => 'http://localhost/sym-blog',
                        'email' => 'author@cox.net'),
                 'version' => '1.0',
                 'release-date' => '2010-04-06T01:50:47+00:00',
                 'trigger-condition' => 'action[save-comment]');    
    }

    public static function getSource(){
        return self::$source_id; //changed for spam blocking
    }

    public static function allowEditorToParse(){
        return true;
    }

    public static function documentation(){
        return '
            I deleted the documentation stuff to make this file smaller. You
            probably already have it in your save comment event.
        ';
    }

    public function load() {            
        if(isset($_POST['action']['save-comment'])) return $this->__trigger();
    }

    protected function __trigger() {
        //spam blocking stuff
        if (in_array($_POST['fields']['email'], $this->verified_visitors)) {
            $_POST['fields']['publish'] = 'Yes';
        } elseif (in_array(trim($_POST['fields']['comment']), $this->spam_body)
            || in_array($_POST['fields']['author'], $this->spam_author)
            || in_array($_POST['fields']['email'], $this->spam_email)) {
            return self::$source_id = 11; //save spam in section 11 for review
            //return false; //discard spam without saving for review
        } else {
            foreach ($this->spam_author_contains as $word) {
                $pos = stripos($_POST['fields']['author'], $word);
                if (is_int($pos)) return self::$source_id = 11; //save spam in section 11 for review
                //if (is_int($pos)) return false; //discard spam without saving for review
            }
            foreach ($this->spam_body_contains as $word) {
                $pos = stripos($_POST['fields']['comment'], $word);
                if (is_int($pos)) return self::$source_id = 11; //save spam in section 11 for review
                //if (is_int($pos)) return false; //discard spam without saving for review
            }
        }

        include(TOOLKIT . '/events/event.section.php');
        return $result;
    }       

}

Comments from known site visitors are published without review. Comments from unknown site visitors that are not identified as spam are saved in the comments section but not published until they are manually reviewed. Comments identified as spam are either saved in the spam section for further review or discarded outright.

My comments section id is 4 and my spam section id is 11. The spam section is identical to the comments section except that it doesn’t have the publish checkbox field.

Thanks very much for this! I must admit, I’ve not got round to Events yet, it’s not too far away on my Symphony build, but this will give me some food for thought.

Cheers!