MT-Approval 0.1.1

  • Added automatic updater.

Unfortunately, even MT-Moderate has not resolved the comment spam issue, because to get to the point where it is moderated takes a bit of processing power. Multiply that by a huge number of times and you see the problem. What is needed is something that doesn't take quite as many resources.

That's where MT-Approval hopes to step in. Installing MT-Approval immediately prevents anyone from commenting on your blog if that comment does not contain an "approval hash". This approval hash is generated by a template tag, <$MTApprovalHash$> in your comment preview templates. That means you must preview the comment before posting. Otherwise you will not get the hash, and thus, you will not be able to post.

You must be using Movable Type 3.1 or higher to use MT-Approval.

First thing, FTP the contents of the zip file to your server, starting in the main Movable Type directory. Keep the directory structure in the archive, and put each file into the appropriate location. Before continuing, CHMOD mt-approval.cgi to permissions of 755 so that it can execute.

Now the paths diverge. If you have older comment preview templates that do not use <$MTCommentFields$>, you simply need to add the <$MTApprovalHash$> tag to those preview templates (preview and error) and you are ready to go. If you have <$MTCommentFields$>, you will instead integrate the plugin with your blog. Go to the mt-approval.cgi script (either directly or by using the link on your main MT menu) and click the Install link. Once done, MT will provide the tag for you automatically in any template that uses <$MTCommentFields$>.

That's all it takes and you are now ready to start blocking some comment spam!

15 Comments

thank god someone has taken the time to think this through. I have been attempting a number of HTML methods including escape characters to by-pass the spam as an all-inclusive rather than program specific approach, but since I use MT anyway, this is just as good for my purposes.

I followed the instructions but got this error: "Can't call method "id" on an undefined value at extlib/jayseae/approval.pm line 132."

I presumed I had comment fields as I have the latest version of MT. Was I correct in this? If so, do you know what this error was?

many thanks!
ian

Hi Ian - Can you provide some more information? For instance, when are you getting the message? During rebuild or at some other time? What version of MT-Approval are you using? I cannot tell you if you are using MTCommentFields or not, you'll need to check that. Go to your comment preview template and see if you see a tag called, appropriately enough, MTCommentFields. If you do, then you are using the field.

Same here:
"Can't call method "id" on an undefined value at /web/script/mdwalters/djawal.com/cgi-bin/extlib/jayseae/approval.pm line 132."

Okay the 1st problem ("id")is in the permissions of the various files; all the .pl and .pm files need to chmod'ed to 755 (D'Oh!)

But there is no 'header.tmpl' or 'footer.tmpl' in my weblog path anywhere. I suspect these are small files so if you could just put up the source, it should be easy to fix?

Both header.tmpl and footer.tmpl should be in the tmpl/cms directory under your Movable Type directory (cgi-bin/tmpl/cms), which is where the approval.tmpl file should also be located. Can you verify this?

I ran into a problem with this tool working for a day (I upgraded to 3.14 Tuesday night and then added this plugin)--I was able to turn it off and turn it on several times--and then not working at all. When I go to http://[url/pathtomt]/mt-approval.cgi I get:

"Can't call method "id" on an undefined value at extlib/jayseae/approval.pm line 125."

If I'm reading approval.pm correctly ( I tried this way: less -N approval.pm), that's a line that says:

125 foreach my $perms (MT::Permission->load({ author_id => $auth->id })) {

Errrrrrrr... help ;)

Hi-

I followed all the instructions and got this error when I went to install:

(./lib/MT/Template/Context.pm) Open Failed: Permission denied

Do you know what I need to do?

thanks,

Andrew (overrun by spam)

The problem encountered by KG (and others) is related to accessing the mt-approval.cgi script without having logged into Movable Type. That has been fixed, and is available in version 0.1.4, available for download now.

Andrew, the problem you have is typically caused by permissions - in other words, you don't have write permission to that file. You'll need to check those permissions, and perhaps get the assistance of your web host to make sure that you're all set.

So MTApprove forces you to preview before posting. That fine, but wouldn't removing the post button from the comment form on the individual archive do the same thing? Or am I missing something here?

Yes, you are missing a step. Removing the post button would (generally) require a human to preview prior to posting. But it doesn't help if you are receiving spam from a robot of some sort. They simply submit things directly to your comment script - and include the post on the submission. Removing a button on a display form that they never see will not stop them. This method requires someone to preview, because it creates a hash of information that is created during the preview. No preview = no hash = no post.

I should have mentioned that as soon as I got that error on the Context.pm file, I went to check to see if it was there. When it was, I CHMOD'ed the file to read, write and execute for all. Then I went to install MT-Approval again and got the same error.

Ironically, I came into the office this morning thinking that there would hundreds of spam comments waiting to be deleted, but there were none. I was shocked. I'd still like to get the plugin installed properly, so please email me when you get a chance. thanks.

What version of MT-Approval are you using, Andrew? Also, do you know what sort of server you are on (that is, *nix or Windows)?

Will this plugin conflict with MT-Blacklist?

Nope. Though designed to work without Blacklist (and alleviate the need for it), this plugin will work fine in conjunction with Blacklist. If a plugin happens to get past the throttling of MT-Approval, it will be subject to MT-Blacklist's analysis, just as it normally would. The idea is that this should keep out much of the comment spam you might otherwise get, so theoretically Blacklist should be working a lot less - but it should still work just fine.

Recent Entries

A New Approach to Fighting Spam
Drew asks if MT-Approval has been updated to work with MT5 - specifically version 5.14, but since version 5.2 was…
Adventures with Joomla!
One of my longtime customers, Craig Reid, recently inquired if I could help with an issue his parents were having…
MT-Notifier defined (%hash) is deprecated error?
Alert (and long-time) MT-Notifier user Scott Yoshinaga - yes, from nemu*nemu - mentioned an error that he had been seeing…