eharmonyblog

Oops, cross post. Please delete

Yes, are you sharing the theme files to the public?

I’m bumping this because one of my commenters told me he received spam on a throwaway email address he used only on my site. It’s embarrassing. Will someone please file a bug report on this problem? I don’t know how. Thanks!

I reviewed the 2.3.2 code and saw that:

• wp-includes/comment-template.php defines get_comment_author_email(), get_comment_author_IP() and other similar functions. Most of them have apply_filter calls, so a crafty plugin can control whoever uses these functions.
• Unfortunately, several WP source files access the database column directly (i.e., “$comment->comment_author_IP”):

• wp-admin/comment.php
• wp-admin/edit-form-comment.php
• wp-admin/edit.php
• wp-admin/export.php
• wp-admin/import/mt.php
• wp-admin/includes/comment.php
• wp-admin/includes/template.php
• moderation.php
• xmlrpc.php
• wp-comments-post.php
• wp-content/plugins/akismet/akismet.php
• wp-includes/comment.php
• wp-includes/pluggable.php

Someone should review these source files because any plugin based on add_filter can’t hide the commenter’s email addresses.

pluggable.php contains the code for the ‘new comment’ notification email, which asks us site admins to ask our contributors to swear by a privacy policy. Scriptygoddess and Mark Jaquith’s Subscribe To Comments plugin is better.

Until this hole is fixed, the ‘Contributor’ role can view email addresses in two places: Comments -> Comments (wp-admin/edit-comments.php) in “Mass Edit Mode” and in “View Mode”. Bushtool’s fix above missed the “view mode” part.

Until this hole is fixed, I recommend the use of the laboratoriocaffeina.it plugin. Suit the $user_level to taste. ‘Author’ is 2, ‘Editor’ is 7 and ‘Administrator’ is 10.

“nope, you can still go in through the dashboard manage and click on individual posts and see the comment email addresses.”

bushtool, I can’t reproduce this in 2.3.2. Will you care to check again?

I can, I have, no one else does, and it has no effect. In other words, the only wp-cron.php and cron.php entries in the logs are my own visits, and those visits didn’t make any posts appear.

theapparatus, thanks for looking. You might want to read ticket #4566 and its comments, too.

Oh Otto I’m sorry, but, apparently, only the first [ID] pair is converted. May I trouble you and ask your php wizardry again?

Finally! — blog-independent, platform-independent, webhost-independent hyperlinking between posts of one blog. It worked in excerpts, posts, RSS feeds and even “email this post”‘s. THANK YOU!

I think this needs to be put in WordPress’s plugin repository or whatever-it’s-called. Or, at the least, this feature be added to WordPress.

eHarmony Blog

Otto, the file activated successfully, but apparently doesn’t do anything. [ID=1]Link to my post[/ID] stays that way.

I see. Thanks. Wouldn’t it be grand if I can just code say (a href=”ZZZ”)text(/a) in the post editor, where ZZZ is the post-slug or the post-ID, and WordPress will automatically convert it to a blog-independent, host-independent URL? This means I don’t embed my blog’s file structures in my content, which I thought was important.

Wasn’t this requested before? As a plugin, perhaps?

eHarmony Blog