- Marco Luthe Online! - http://www.saphod.net -
How To Prevent Commenters From Using Your eMail
Posted By Marco On October 14, 2008 @ 17:02 In WordPress Stuff | No Comments
WordPress does not provide any function that would check the commenter’s eMail against e.g. the blog owner’s eMail. That way, anybody could use the admin’s name and eMail to leave a comment in the name of the blog owner. Since these blog owner’s comments are often highlighted, this impersonation is quite crucial.
Here is a way to disallow using a distinct eMail without being logged in:
if ( get_option('comment_registration') ) wp_die( __('Sorry, you must be logged in to post a comment.') );
if ( strtolower($comment_author_email) == strtolower('firstname.lastname@example.org') ) wp_die( __('Sorry, but you must be logged in to use that email. Nice try, though... ') );
If you are using Filosofo Comments Preview , you have to open that plugin file and do the same changes. The same would be necessary for any plugin that bypasses wp-comments-post.php.
I wonder if I could use the “preprocess_comment” filter to add this functionality, so that the core WordPress files do not have to be touched.
Eureka! Bingo! Works! My first plugin!
Inspired by the article Prevent author impersonation in WordPress comments .
Article printed from Marco Luthe Online!: http://www.saphod.net
URL to article: http://www.saphod.net/2008/10/14/how-to-prevent-commenters-from-using-your-email/
URLs in this post:
 WP Protect Author Email: http://www.saphod.net/wp-content/downloads/wp-protect_author_email.zip
 Filosofo Comments Preview: http://www.ilfilosofo.com/blog/comments-preview/
 Prevent author impersonation in WordPress comments: http://www.dagondesign.com/articles/prevent-author-impersonation-in-wordpress-comments/