-
Marco
-
witchypoo
-
Clare
Similar Posts
Visitors to this post also read
Categories
- Around The Web (76)
- Cinema/DVD/TV (21)
- Firefox/Thunderbird (27)
- Fun Stuff (44)
- Gaming Stuff (12)
- Miscellaneous Stuff (55)
- Music Stuff (33)
- News Stuff (12)
- Personal Stuff (55)
- WordPress Stuff (126)
Archives
- July 2010 (4)
- June 2010 (4)
- May 2010 (2)
- April 2010 (1)
- March 2010 (1)
- September 2009 (1)
- July 2009 (1)
- June 2009 (2)
- May 2009 (1)
- April 2009 (1)
- March 2009 (2)
- February 2009 (2)
- January 2009 (8)
- December 2008 (10)
- November 2008 (9)
- October 2008 (9)
Recent Comments (including Ping-/Trackbacks)
- Marco on How To Add Ping-/Trackbacks When Using Disqus
"Hey guys, it seems they have published a new version of the Disqus plugin which …" - James on How To Add Ping-/Trackbacks When Using Disqus
"Hi Marco - the post on fublo.net i…" - Marco on How To Add Ping-/Trackbacks When Using Disqus
"Thanks for the mentioning. I turned off trackbacks for Disqus now, also, but I t…" - James on How To Add Ping-/Trackbacks When Using Disqus
"Hi Marco, thanks for this code snip. I've extended some of the formatting us…" - Marco on How To Add Ping-/Trackbacks When Using Disqus
"Hi Chris,thanks for your feedback, I am glad the code works.I th…"
How To Prevent Commenters From Using Your eMail
October 14th, 2008 | View Comments
Download my (first!) plugin WP Protect Author Email
(tested with WP 2.6.2 up to 2.7.1).
It actually uses the “preprocess_comment” filter of WordPress to check the commenters eMail – thus making it unnecessary to change any core files (like explained below)!
All you have to do is unzip the file, open it with a text editor, look for “$wp_pae_email” and put in the address that should be protected. Then save and upload this file to your wp-content/plugins/ directory, activate it via the admin panel – and see if it is working. Any feedback is welcome!
WordPress does not provide any function that would check the commenter’s eMail against e.g. the blog owner’s eMail. That way, anybody could use the admin’s name and eMail to leave a comment in the name of the blog owner. Since these blog owner’s comments are often highlighted, this impersonation is quite crucial.
Here is a way to disallow using a distinct eMail without being logged in:
if ( get_option('comment_registration') ) wp_die( __('Sorry, you must be logged in to post a comment.') );if ( strtolower($comment_author_email) == strtolower('email@to-be-check.ed') ) wp_die( __('Sorry, but you must be logged in to use that email. Nice try, though...
') );Note:
If you are using Filosofo Comments Preview, you have to open that plugin file and do the same changes. The same would be necessary for any plugin that bypasses wp-comments-post.php.
Another note:
I wonder if I could use the “preprocess_comment” filter to add this functionality, so that the core WordPress files do not have to be touched.
Happy note:
Eureka! Bingo! Works! My first plugin!
Inspired by the article Prevent author impersonation in WordPress comments.
Filed under: WordPress Stuff · Tags: comments, email, hack, plugin, wordpress