Update: Due to lack of time and interest (on my part), I am no longer maintaining JSSpamBlock or ImageScaler.
The way JSSpamBlock has evolved since I first released it has reminded me why I love open-source. From day one, I had users pointing out bugs and features they would like added, sometimes even submitting a fix for the bug or adding a new feature in themselves. Here are some modifications I have come across on other blogs:
After Georg Kaindl and I had a discussion on whether a database was really neccesary (he made some excellent points on why this is not the case, though I still maintain that the extra protection is worth the small cost of time), he released a JSSpamBlock modification as a new plugin called simpleAntiSpam. He also came up with a clever way to require that the form be parsed once by the bot for each post (although the bot can make unlimited comments to a post once it has parsed the form). I have considered making this functionality the default in an upcoming version of JSSpamBlock, since it will be more than enough protection for the average user.
More recently, I got a comment from Brandon Checketts, who had modified JSSpamBlock so that the comment field names were different than the defaults. The reason was that even if spam bots adapt to JSSpamBlock, modified field names will throw them off. Although I can’t see anyone modifying their spam bots to specifically get around my plugin, I have always tried to design it as if they eventually would, so this will likely be a feature in future versions as well.
Kevin Pendleton, another user, has ported JSSpamBlock to Perl. His version is a bit simpler; it uses a hard-coded value instead of a randomly generated one. In my experience with bots, this should be enough to block out the vast majority of spam bots.
A diff algorithm in its most basic form takes two strings, and returns the changes needed to make the old string into the new one. They are useful in comparing different versions of a document or file, to see at a glance what the differences are between the two. Wikipedia, for example, uses diffs to compare the changes between two revisions of the same article.
Solving the problem is not as simple as it seems, and the problem bothered me for about a year before I figured it out. I managed to write my algorithm in PHP, in 18 lines of code. It is not the most efficient way to do a diff, but it is probably the easiest to understand.
It works by finding the longest sequence of words common to both strings, and recursively finding the longest sequences of the remainders of the string until the substrings have no words in common. At this point it adds the remaining new words as an insertion and the remaining old words as a deletion.
You can download the source here: PHP SimpleDiff
Update: Due to lack of time and interest (on my part), I am no longer maintaining JSSpamBlock or ImageScaler.
It must look like JSSpamBlock is all I have been working on these days, which is the opposite of true. I have a couple cool projects coming along that I hope to post soon, but I fixed another oversight in JSSpamBlock. Basically, if you installed JSSpamBlock in a folder called /jsspamblock/ in the plugins directory (rather than putting the file directly in the plugins directory), the activate hook was not called, so the database tables were not created. This is now fixed. Thanks to david_kw of exfer network for discovering the problem and the solution. You can find the new JSSpamBlock 1.4 in the WordPress plugin directory.
Update: Due to lack of time and interest (on my part), I am no longer maintaining JSSpamBlock or ImageScaler.
A user of JSSpamBlock found a bug which is rather undesirable; it incorrectly assumes that comments are spam if a new comment hash has since been generated. Versions up to 1.2 have this bug. The new version 1.3 does not, and can be found here: http://wordpress.org/extend/plugins/jsspamblock/ . Sorry for any inconvenience. This will be the last JSSpamBlock for a while, I promise ;).
Thanks to Stephen Darlington for finding this bug.
Update: Due to lack of time and interest (on my part), I am no longer maintaining JSSpamBlock or ImageScaler.
I have made a few small changes to JSSpamBlock, my WordPress spam detection plugin. I found that the plugin had some problems with custom WordPress themes, since some theme developers apparently don’t include the comment form hook. I have added instructions on how to call JSSpamBlock manually from the template file. I have also fixed the plugin for older versions of WordPress which did not have the wp_die() function.
The plugin is now hosted at the WordPress Plugin Directory. You can find it’s page here: JSSpamBlock 1.2. If you have a working installation, there is no reason to upgrade.
Update: Due to lack of time and interest (on my part), I am no longer maintaining JSSpamBlock or ImageScaler.
I got my first comment spam on this blog the other day. It inspired me to try an idea I got a few months back. My theory was that these bots aren’t very smart - they are programmed to post as many comments as possible on as many sites as possible, hoping that a handful of these comments would get past whatever system the blogger was using to prevent spam. I hypothesized that these bots did not execute JavaScript, and that by requiring some JavaScript to run in the browser I would be able to check with reasonable accuracy weather the comment was submitted by a human or a bot.
I wrote up a simple plugin to test the theory. I checked the logs to find that I was right. In fact, most of the bots that were spamming my blog did not even include the hidden element, which indicates that they were posting to the wp-comments-post.php file directly rather than accessing the form first. The bots that did access the form did not execute the JavaScript and therefore their comments were blocked. Since the trick only involves JavaScript, most users will not even notice the difference. Users without JavaScript simply need to follow the given instructions to copy a number to a text box in order to prove they are human. This is what users without JavaScript will see:
If you are interested in using JSSpamBlock on your own blog, here are the download links:
There have been a few times - and there will certainly be more - where I need to generate a calendar through JavaScript. Although there are a few good open-source JavaScript calendars out there, there is always a trade-off between flexibility and simplicity. The goal of popCalendar was to maximize flexibility without compromising simplicity. To do this, it is built in a modular way so that it can be extended, but it is still simple to use.
Currently, there is only one component: the calendar itself. In a future release, I will add a component to allow the calendar to be used as a date input for a text input.
It is still in beta, but in my brief testing I didn’t find any bugs. Here are some links if you are interested in using it for yourself (see readme.txt for license):
Last weekend, I won a nice new Toshiba laptop in a local software competition. My entry was a web-based fractal explorer. I had a lot of fun making it, and it is fun to play with as well. I have decided to release it under an open-source license so that other people can play around with it (see the download link at the bottom of this post).
Unfortunately, I do not have access to a powerful Tomcat server with a lot of bandwidth, so I can’t host an online demo. If anyone has the resources and is interested in hosting it, please let me know.
Here are some screenshots of the application in action:
Since it is a web-based application, any supported web browser can be the client (see the documentation for a list of supported browsers; any modern Gecko-based browser is supported as well as IE and Opera.) The client interface is loosely based on Google Maps. The server is a Java Servlet run through Tomcat. You can read more about how it works in the documentation.
Downloads:
RSS Feed