Hi,

Been using Zenphoto for a few years now on the same sites and have always kept up to date with the latest release, currently running 1.3.1.2 [5831]. Until this week I have never had a problem with spam in the comments. This week I am suddenly getting lots of spam even though I have the simple spam filter enabled with CAPTCHA as well as name & email enabled.

Any thoughts? For now I have disabled comments as the sites are currently quiet regarding real comments.

Thanks

Steve

Well, captcha and the simple spam filter are quite basic spam filters. I suggest to try Akisment (if that spam filter still works, since it is not officially supported).

Hi,

OK thanks for that, I'll look in to Akisment and maybe give it a go, I guess I have just been lucky up till now!

Steve

HI,

I know this should be obvious to me, but I thought switching comments off on the admin/album page would disable comments for the individual images within that album as well as the album, but it dosen't. Is there another way to bulk disable comments for all the images within an album other than clicking the check box on each individual image?

Yes I woke up to more spam this morning!

Thanks

Steve

No it does not, it disables the comments on the album itself, not its images. You can disable comments on each item type (images, albums, pages, news articles) on the comment_form plugin options. If you disable that plugin you will have no comments at all.

Thanks, I knew it must be somewhere.

Steve

Disabling comments almost defeats the purpose of a blog. As far as I know Akismet simply places spam in a spam folder. It is also not 100% .. Of the two I would select Akismet rather than switching off comments

@warriorone, switching off comments is just a temporary measure for now. After 3 years of no spam, finding loads every day is a bit of a shock. I don't log in to the sites everyday, so I don't want it to build up.

Regarding Akisment, I am actually at a bit of a loss how to implement it as there is no specific plugin for zenphoto. I am probably just missing the obvious.

Maybe I should just make all the users register?

Thanks

Steve

Your most secure would be to have people who want to post become registered users. Hopefully there are not a lot of them.

There is an Akisment plugin on the Zenphoto WEB plugin pages. But it is written by a user so unless he visits here you will be pretty much on your own using it. Also, unfortunately, I have no idea of how to locate it. (I have always had problems with the site serach!)

The akismet spamfilter can be found here:

http://www.zenphoto.org/2009/11/spamfilter-akismet/

As well there's a few other spam filter plugins for zp here:

http://www.zenphoto.org/tag/spam/

I use akismet myself and it seemed to work fine while using the zen comments

@sbillard, would I be right in presuming that if I implement user registration, the gallery would still be visible to the public but to comment registration is required?

I have started experimenting but have 3 problems with the registration plugin:

1. On the user registration that is created, I am getting HTML code visible around the text 'passwords must be at least 6 characters long and contain at least one character from each of the following groups:'

2. On the verification email that is sent only the domain is created as a link all the code after the link is just plain text, so to verify one needs to highlight the whole link and text and then cut/paste in to the browser.

3. When the verify is initiated in the browser it works but at the top of the page there are warnings (I have removed the actual server path:

Warning: pack() [function.pack]: Type H: illegal hex digit . in /path/zp-core/zp-extensions/register_user.php on line 150

Warning: Cannot modify header information - headers already sent by (output started at /path/register_user.php:150) in /path/index.php on line 120

Warning: Cannot modify header information - headers already sent by (output started at /path/zp-core/zp-extensions/register_user.php:150) in /path/index.php on line 121

Warning: Cannot modify header information - headers already sent by (output started at /path/zp-core/zp-extensions/register_user.php:150) in /path/index.php on line 122

Warning: Cannot modify header information - headers already sent by (output started at /path/zp-core/zp-extensions/register_user.php:150) in /path/themes/zenpage/register.php on line 3

I am using the zenpage theme

Thanks

Steve

1. Yes. Users and site access are somewhat independent. You can, of course, password protect your gallery on the gallery option tab. Then only registered users can access the site.

2. I would guess your mail client is insterting line breaks on long lines. (A common problem.) Not much we can do about that on our end.

3. Probably related to #2? If the link is "damaged" it will not work. A line break in the link would constitute an invalid hex character.

@sbillard, thanks for that, any thoughts on the first issue:

1. On the user registration page that is created, I am getting HTML code visible around the text 'passwords must be at least 6 characters long and contain at least one character from each of the following groups:'

That would be a standard indication of the strength of passwords required. There is actually an option that determines the required password pattern. If you want less strict passwords change the "Password characters" option on the general options tab. Setting it empty means no restrictions, so no message either.

@sbillard, I understand what the message about the password length means but I don't understand why I am seeing the raw HTML code around it on the user registration page, it appears between the re-enter password field and the enter CAPTCHA field.

Right off hand I do not know. Perhaps a link to the site so that we can take a look at the page/html?

@sbillard, http://www.katzentv.net/page/register

Well, the password note is being HTML encoded. That is not done by the standard register user form. Have you made any changes in this area? Look for something like $msg = $_zp_authority->passwordNote(); and be sure that the raw $msg is echoed: echo $msg; not something like echo html_endode($msg));

@sbillard, I haven't changed any code related to the user registration, all I have done at this stage is check the the user registration plugin so its loaded, I haven't even changed any of the default settings yet.

I'll look for that code you mention, I presume its in the zp extenstions folder somewhere? User registration I guess?

Steve

Looks like this was something fixed in the development stream. Look at the register_user_form.php script circa line 38 and remove the htmlspecialchars() bit.