Comments

1. Oscar Says:
   January 13th, 2004 at 09:36 pm

   For users of inline comments, here is what I emailed to Les ...(with some editing
   out of words that I intuited he would be okay with, but perhaps not others ...)
   Yes, this one thing drives me nuts and is well known to me.
   
   
   When I first wrote the script, the only way to NOT hack the MT code was to
   use "on unload" to trigger the script. The only way it could call the script was
   to either use a popup window (shades of your local porno site), or else to
   use hidden frames. So I opted for hidden frames.
   
   
   For the most part, I was able to break out of them by the end of the script,
   but as it got harder and harder to write code that would work with all browsers,
   I lost that ability. But, it didn’t matter much with popup windows. I have
   now become much more aware of this problem for inline comments though, and I am
   trying to find a cross broswer solution for my upcoming next release, with lots of
   other features as well.
   
   
   In the meantime, if you want to try to work around it for now, you could
   change your link to your main page to:
   
   <a href="<$MTBlogURL$>" target=_top>MAIN PAGE</a>
   
   
   And that will break the frames and reupdate the address bar properly. It won’t
   help if they insist on reloading the same page.
   
   I apologize for the pain in the behind, but I am working as hard as I can on it
   for the next version, and hope to find a good solution - within days, if real
   life quits interfering by loading me up with work!
   
   
   I’ll post this in my comments too, for others to use in the interim.
   
   
   Thanks for pointing this out, and, btw, I’ve always enjoyed your great site!
   
   

2. Les Says:
   January 13th, 2004 at 08:13 pm

   Just got around to slapping this on my site today, Oscar, good work! Though I have run into one problem that I haven’t been able to figure out yet and which may be specific to how I’m doing things.

   I’m not using a comment popup window (such as this one) for my comments as I prefer to have folks go straight to the individual archive. I made the changes to my archive page as per the instructions and everything works as advertised, but I’ve noticed that when it re-displays the page following the comment it doesn’t update the address bar of the browser properly and, in fact, shows the path to the script. If a reader then reloads the page it causes it to resubmit the comment making a duplicate. Worse yet, if they click on the MAIN link I have to take them back to the main page it still doesn’t change the URL properly leaving it pointing to the script and making a reload/resubmit possible. I’ve tested this in both IE and Mozilla and it’s the same in both.

   For example the link to my entry in which I talk about your plugin is http://stupidevilbastard.com/archives/2004/01/13/a_few_minor_changes_around_the_old_blog.php and after submitting a commit it becomes http://jenkinsonline.net/mt/sub-to-com.cgi and stays that way. I’m assuming there’s something that the original MT comment script did to avoid this as it wasn’t a problem previously. If you’re not sure then I’ll see if I can’t figure it out and then fill you in on what I come up with. Still, thought you’d like to know about it. Other than this one annoying behavior it works great!

3. Oscar Says:
   January 13th, 2004 at 04:36 pm

   I don’t know KO. But the structure of this script is such that it will likely be compatible as is. If it is not, I will fix it as soon as possible. This script uses nothing nonstandard.

4. KO Says:
   January 13th, 2004 at 03:51 pm

   Just wondering what difference MT 3.0 will make to this plugin…

5. aSH Says:
   January 13th, 2004 at 09:21 am

   Hello Oscar, thanks for your answers.
   I made a post in my blog here:
   http://www.actionscripthero.com/blog/archives/000239.php

   That’s basically what I think now. Thank you again for your wonderful work.
   Best regards,
   aSH

6. Oscar Says:
   January 12th, 2004 at 10:57 pm

   Well, aSH, thanks for the kind words, and I appreciate your thoughtful comments. As I said in my most recent post, a little bit of carrying on about Comment Spam, I think we can do an okay job of limiting advertising spam, but a less good job of limiting vandalism.

   MT-Blacklist can build a good database over time that significantly cramps the places a piece of comment spam can refer you. IP Banning, even by range is, as you say, not all that effective, and may actually be best for vandals, but still not much good. And I agree about not wanting to lose the magic with more severe measures.

   I personally find comment spam nowhere near the threat that having your smtp server co-opted is. They can send hundreds of thousands of emails before you get on top of it if you’re not extremely attentive. This happened to me once when I was slow to re-implement my procmail filtering one weekend after a crash.

   When I subscribe to people’s comments in the blogosphere, I enjoy what I receive in my inbox for the most part. And if it’s the occasional comment spam, frankly, it fits right in with the other 400 spams I get every day. I am well versed in the use of my delete button. But, that may just be me.

   The worst case scenario for spamming I suppose is that someone writes a script to “subscribe without posting” hundreds of email addresses (hey, you gave me an idea - for my upcoming release, I will include a threshhold where you get notified if there are more than a certain number if subscriptions to a post - a heads up that something funny is afoot, so to speak). Anyway, after subscribing all those people, they then slip a comment spam in past the blacklist, and it is sent to the subscribers.  (I’m going to put a flood control in there too, now that I’m thinking about it, so there is a delay when entering multiple non-posting subscriptions from the same IP address).

   This spamming scam is certainly easily possible, but extremely inefficient, except for vandalism purposes. There are better and easier ways to spam. Also, I personally am at constant risk of being shot when I cross the street for coffee, or dying of that coffee, or a million other dangers. If someone wants to bring me down with spam, then I’ll cross that bridge when I get to it.

   What I can say, is that I will do my best to keep the EZ Subscribe To Comments script compatible with all comment spam protection efforts. And, I am open to ideas. I think introducing the open door of subscriptions does introduce a greater spam danger, but that is the reason for Jennifer’s original great ideas of entry-wide and site-wide opt-outs. People can always decide they’ve just plain had enough of hearing from your site, and block any mail from your comments. That’s a start. But, we hope most people will tolerate the occasional spam, secure in the knowledge that the blog author is on the case.

   Well, that’s enough of my thoughts on all that. So far, people have not had any big problems that I have heard about.

7. aSH Says:
   January 12th, 2004 at 09:21 pm

   I have been waiting for this feature for a long time. I know that there are other scripts in the wild, but I’m particulary interested in “EZ Subscribe To Comments”.
   But I have a question before using this plugin. Since I installed MT-Blacklist the spam comments have been reduced in my blog 85%. I got at least 200 spam comments a while ago, and one of my colleagues got 400 once. Now, I got just a few per week (at the moment…) My blacklist has now an important number of spammers blocked and my log activity makes me think that the nightmare is over. However I fear that spammers would be able to send their crap to my readers via my blog, despite IP banning and MT-Blacklist.
   In the technical notes, you wrote:

   “The script allows all comments to be accepted or rejected by IP Banning, MT-Blacklist, and any other mechanisms in place before processing subscriptions. If the comment is rejected, so is the subscription. If you wish to subscribe without posting (a valuable feature, especially if some entries are dedicated to plugins or scripts you have written, where readers want to keep up with changes and problems), then, obviously, there is no comment processing. This method does run through MT’s IP Banning however, and this confers protection against anyone wishing to subscribe people to comments out of sheer malice. The worse case is comment spam, and MT-Blacklist has us covered there.”

   That’s very cool! But IP banning doesn’t works with people using dynamics IP and MT-Blacklist is not pre-emptive (I know that maybe that’s impossible).
   So, I would like to know what do you think about this. Is this really a issue? Do you have feedback of people talking about some experiences with replying spamm comments to readers?

   The new mt-send-entry.cgi has fixed the spam vulnerability to send mass mail via the previous version of the script, and this is good news I think. Do you think that Six Apart is addresing the spam comments issue for Movable Type 3.0? (I have heard something about registering, comments registration, but IMHO that hurts the magic of blogging, social relations and the ecosystem within the blogosphere.)

   Finally, I want to thank you for your wonderful work and for sharing your technical expertise with us. You are not only providing us with great code; you are helping us in our daily activity to build and consolidate our communities.

   Best regards,

   aSH

8. Oscar Says:
   January 12th, 2004 at 11:39 am

   Oh, and being so busy making excuses last night, I forgot to mention that I DID put the file name into a variable at the beginning of the script for the new version which I will release soon. That should make it easier to change the name in the future. We hobbyists sometimes don’t think of these things without being told

9. Oscar Says:
   January 12th, 2004 at 02:43 am

   Thanks for the info Crys, I appreciate it, and I’m sorry for that hassle. One of my goals, as generally unwieldy as it is, has been to make this as easy for the user as possible to install (I see that I’ve done you no favors, however ).

   But that was my reason for keeping the thing all in one file (the EOD blocks instead of templates). You can imagine what a pain it has been to manage it that way. But, I wanted people to be able to throw the script in a directory and forget about it. I should probably give MT users more credit. Also, when I started the thing, I had no idea it would evolve to the extent it has - complex beyond what I originally had in mind, and full of tacked on features that people have requested. Serves me right.

   Anyway, one of these days, I will clean it up. In the meantime, sorry for the inconvenience, and I appreciate your feedback!

10. Crys Says:
    January 12th, 2004 at 12:27 am

    Just 30 seperate places where the literal filename was included in the code—your use of eod blocks (generally concidered poor practice these days for anything complex, btw—especially in an app that already requires HTML::Template) is going to make it rather hard to fix, other than on a case by case basis via search and replace.

11. Oscar Says:
    January 12th, 2004 at 12:09 am

    Hi Crys, well, I’m sorry to hear THAT! But this is what happens when I have to work on this thing in 5 minute dribs and drabs. Half the time I forget what I’ve done where, and duplicate all kinds of stuff. I’m about finished with a new version with several new features, but no optimized code. Maybe after that, I’ll be able to go through it and clean it up.

    BTW, what ARE these changes? They are cgi specific? Or is it just the fact that there is so much duplication.

    Well, anyway, it works. Cleanliness will have to wait a little longer ...

12. Crys Says:
    January 11th, 2004 at 11:56 pm

    While I definately appriciate the work that went into this —kudgy is indeed the right word for some of the coding —there are over 30 locations in the script that must be changed if you need to change the file extention to .pl

13. Oscar Says:
    January 7th, 2004 at 07:20 pm

    My apologies to subscribers for that casino spam. I have added it to the blacklist. I think this script’s listing at the plugin directory may have opened the door…

14. kat Says:
    January 7th, 2004 at 03:42 pm

    Thanks Oscar!  You are correct, I had my ISP provider blocked and that included my own.  Did some thinking figured that was probably it since I check MT-Blacklist to be sure I didn’t put my own darn domain in it *L*.  Thanks for a wonderful script.  It was so easy to setup and configure.  Now just to finish my templates and all will be complete!  Thanks again!  (Hey kewl live preview)

15. Oscar Says:
    January 7th, 2004 at 01:58 pm

    Kat straightened this out herself, but I will respond here for others who might run into this. “You are not allowed to post comments” is MT’s IP Ban script speaking to you. If you get this error, chances are you have banned a range of IP addresses that includes your own. You might never have noticed it before because perhaps you don’t comment on your own blog except to test scripts like this. Anyway, I think the proverbial and time-honored phrase applies here, “it’s a feature and not a bug.”

16. kat Says:
    January 7th, 2004 at 01:12 pm

    Hey there Oscar, I installed the script checked my html and everything is as you explained in your setup.  But everytime I try to submit a comment to test it and subscribe at the same time I get an error:  You are not allowed to post comments.

    I’m not sure what’s going on, much help appreciated!

    

17. Maggie Says:
    December 28th, 2003 at 11:09 pm

    Well I think I switched over Oscar .  One never knows with me right?  As no one ever subscribed/subscribes, however, I really don’t know it it ever did or does work .  You are still the most talented man I know on the net!!

18. Oscar Says:
    December 26th, 2003 at 09:45 pm

    Thanks! I actually did that about three days ago, after I was certain that I couldn’t generate one single error in my httpd error log with the thing, and that I couldn’t find one browser that it didn’t work with (phew!). It always takes awhile (sometimes a long while) for the scripts and plugins to actually get processed. But thanks for the idea - I’ll follow up if it falls through the cracks! (but feel free to spread the good word ...)

19. dclal Says:
    December 26th, 2003 at 09:10 pm

    I was just over at the MT Plugin Dirctory, and noticed a section for “Other Helpful Scripts”. I thnik you should submit the EZ Subscribe To Comments script over there.

20. Oscar Says:
    December 20th, 2003 at 08:53 pm

    Paul and I found an error in his template.

    Lest others fall prey, here’s the problem ... he had (error in red):

    <input type="hidden" name="blogname" value="<$MTBlogName$>"/>
    <input type="hidden" name="title" value="<$MTEntryTitle
    encode_html="1"$>"/>
    <input type="hidden" name="link" value="<$MTEntryLink> "/>
    <input type="hidden" name="script" value="

    sub-to-com.cgi

    "/>
    <input type="radio" name="subscription" value="subscribe" />Subscribe <br/>
    <input type="radio" name="subscription" value="unsubscribe" />Unsubscribe <br/>
    ——————————-

    
    Note the hidden input named “script” ... it should NOT be the name of our EZ script ... this is the place where the EZ script gets the name of the REAL “mt-comments.cgi” script (or whatever it might have been renamed to) ... so it SHOULD look like (correct tag in green):

    <input type="hidden" name="blogname" value="<$MTBlogName$>"/>
    <input type="hidden" name="title" value="<$MTEntryTitle
    encode_html="1"$>"/>
    <input type="hidden" name="link" value="<$MTEntryLink> "/>
    <input type="hidden" name="script" value="

    <$MTCommentScript$>

    "/>
    <input type="radio" name="subscription" value="subscribe" />Subscribe <br/>
    <input type="radio" name="subscription" value="unsubscribe" />Unsubscribe <br/>
    ———————

    Enjoy!
    ——————-
    After much email, we also found that his server is very sensitive to Perl warnings, leading me to ferret out every one of them (I think) in the script. Version 1.085b conatins all those fixes, if you’re having any trouble.

Page 4 of 5 pages « First  <  2 3 4 5 >

Trackbacks

1. : jasonheyd.: EZ Subscribe To Comments installed the EZ Subscribe to Comments plugin recently. so, now you can track replies to comments, should you so desire....
   Tracked at 2004 02 17 14:35:42
   
2. : Al-Muhajabah's Movable Type Tips: EZ Subscribe To Comments The blog author gets an email notification whenever a new comment is posted on their blog. But, often, commentors themselves would like to be notified when new comments are posted to entries that they're monitoring. The venerable solution is the...
   Tracked at 2004 02 17 21:34:30
   
3. : A Soft Answer: EZ Subscribe To Comments Well I was going to delete this post after I used it for a test, but Hugh pegged it with a comment. So it wouldn't be fair to delete the post but I thought I would at least post what I am trying to do behind the scenes in case anyone else with Movable ...
   Tracked at 2004 03 19 14:07:59
   
4. : A Soft Answer: EZ Subscribe To Comments Well I was going to delete this post after I used it for a test, but Hugh pegged it with a comment. So it wouldn't be fair to delete the post but I thought I would at least post what I am trying to do behind the scenes in case anyone else with Movable ...
   Tracked at 2004 03 19 14:08:17
   
5. : 8 Ways to Sunday: EZ Subscribe To Comments I just upgraded this blog to Movable Type 3.0 beta 2. Curious about the new version? Here are some of the highlights...
   Tracked at 2004 05 06 14:35:23
   

Tell us your thoughts...
And (as you probably know) if you want a pic to show with your comment, go get a gravatar!

Next entry: Jerry Reed's Drive In

Previous entry: NetFlix Suite