Forum Replies Created
-
a 404 error or a redirect to the main URL unless you have a post or a page whose slug is “blog”
Yes I am running the same. I have done some thinking on this. I do believe tat the answer is a plugin. If I come up with anything I’ll let you know.
instead of “objects=blogs” put “type=sitewide” It works on my test server, but it only shows the new blog comments and nothing else. If i understand this right you want to show the regular site wide activity plus the unregistered members’ comments. I’m going to take a look at the way you can tweak the filters but right now I have nothing. Sorry.
correction: if you use the filter that Andy indicated at the link you mentioned, it DOES display comments made by unregistered users. I just tested it. Make sure that the comments are not in moderation. However, I still think that this would be better in a plugin.
This may be something to do in a plugin. The activity stream is only for the registered members. I suggest creating a widget called “Non-member comments”
yes, hello world is supposed to appear on any new blog that you create on the site. that’s a test that it works. solarpoweredfuture is not the main blog on the site so do not try to access it with “/blog” — that’s only for the main blog, in your case http://networkingpeople.biz/blog
The short answer is Yes. The long one is they are made for filling out forms and submitting them. A drop-down is just a field that they might encounter, so expect the functionality. On the other hand we are talking here about bots that look for WP/MU installations to exploit the default sign up or comment forms. As a rule of thumb, anything that you can do to change the default behavior, do it. It’s like Andy said: if you make it the default, the spammers will figure out a way to get around it.
Also: try very hard to stay away from the following in your URLs: wp-signup.php, wp-register, register, wpmu, wp, and anything that hints at a wordpress installation.
$bp->root_domain . '/' . BP_REGISTER_SLUG;
@David that’s what wp-hashcash does. it adds a hidden form field whose value is set only via JavaScript when the page loads in the browser. if the browser is a bot, the value of the field will not be set because bots usually do not have JavaScript capabilities. It isn’t the field itself that makes the difference, it’s what it contains that enables you to tell a human from a bot.
@andy I have been meaning to ask you: how do I get a BP module to register as a site wide plugin so that it shows up in the site wide plugins list? BuddyPress and the example module register as site wide plugins but my own module doesn’t — it activates as a regular plugin that has to be activated for each blog within wpmu. I have followed the example model step by step. Is there some magic line of code that I’m missing?
Thanks.
@Gp01 My contribution to the plugin is minor and does not justify releasing it as a plugin. However, I am working on something based on the same “proof of work” idea and that may turn into a plugin. In the meantime, my little hack looks like it’s holding its ground.
I agree with Andy. Changing the slugs to something unique is not only a good idea but it also should be a requirement. However, that requires that you know your way around BP so that when you upgrade you don’t go back to defaults. Hey! I just gave myself an idea: dynamic slugs for BP components — a plugin or something that would give the admin an easy way to set the slugs to whatever they want. That would be something…
I will but I would like to take a little more time to see if it works. So far it looks like it does. However I have not tried on bp 1.2. Gotta install that first and see how it goes there.
I have adjusted the wp-hashcash plugin to work with buddypress signup. Here is what I did: I got the wp-hashcash plugin and I added the following code to the file:
Code:function wphc_check_signup_for_bp(){global $bp;
// get our options
$options = wphc_option();
$spam = false;
//if( !strpos( $_SERVER[ ‘PHP_SELF’ ], ‘wp-signup.php’ ) )
//return $result;// Check the wphc values against the last five keys
$spam = !in_array($_POST[“wphc_value”], $options[‘key’]);if($spam){
$options[‘signups-spam’] = ((int) $options[‘signups-spam’]) + 1;
wphc_option($options);
$bp->signup->errors[‘spam’] = __(‘You did not pass a spam check. Please enable JavaScript in your browser.’);
} else {
$options[‘signups-ham’] = ((int) $options[‘signups-ham’]) + 1;
wphc_option($options);
}}
add_action( ‘bp_signup_validate’, ‘wphc_check_signup_for_bp’);function wphc_error_hook_register_page(){
do_action(‘bp_spam_errors’);
}
add_action(‘bp_before_register_page’, ‘wphc_error_hook_register_page’);Then, under the line (line number about 507)
Code:add_action( ‘signup_hidden_fields’, ‘wphc_add_signupform’ );I put this line:
Code:add_action(‘bp_after_registration_submit_buttons’, ‘wphc_add_signupform’);Then I activate the plugin. It should keep spam bots from being able to create accounts, but humans spammers can still do it. Anyway, if you can’t get it to work, let me know via PM and I will try to send you the file.
Later
