MT-Approval 1.0.0 »
Since there haven't been any changes in the last few days, I think this would be a fine time to announce the release of version 1.0.0 of MT-Approval. Things seem to be running well and I think it's a safe move.
If you're using a version prior to this one, you probably should upgrade. More recent versions (for instance, 0.1.9) won't differ much in their code, but that way you know that you are up-to-date.
I've also included some documentation in the archive, so that those of you who download it and don't want to go through these old posts don't have to try and figure out how everything works. Rather, you do - you'll just have one place to look instead of a dozen.
Comments (42)
As far as I can tell, I installed MT Approval according to the directions.
But when I try to "install" it from the MT Approval screen, I get the following message: "MT-Approval was unable to update your Movable Type installation."
Any ideas? I'm at a loss.
Posted by J at TAotB on January 7, 2005 12:25 AM
That message should only appear in one circumstance - and that is if the file cannot be found when the process tries to update it. Which version are you using (it should tell you near the bottom of the page)? What sort of server do you have that is hosting your website?
Posted by Chad Everett on January 7, 2005 10:56 AM
Hi Jay,
I've TypeKey identity, but my comments does'nt showup at below article that I'm commenting. Is MT-Approval compatible with TypeKey identity?
Thank's for help
Benediktus,
BeneVision
Posted by Benediktus on January 8, 2005 9:00 PM
I'm not exactly sure what you're saying, but I took a look at your blog. You don't seem to have the TypeKey signin info on the comment submission. So I previewed my comment and it showed up. So I signed in and the preview was lost, which I think is what you are asking about.
This isn't a problem with MT-Approval, but with TypeKey. You should sign in prior to previewing the comment. So your TypeKey sign in link should be on your comment submission form, not your comment preview form. Once you are signed in, the preview seems to work fine (and includes the hash provided by MT-Approval).
Posted by Chad Everett on January 9, 2005 8:17 AM
I noticed in the txt file that says it requires MT 3.1 or higher. Maybe this is a FAQ, but is there any chance you could port the MT-Approval plugin to 2.65?
Otherwise, do yo have any recommendation for similar plugins that work with 2.65? I really have no intention of ever upgrading (too much of a pain and licensing issues).
Thanks.
Posted by Noel Llopis on January 9, 2005 11:53 AM
Hi Noel -
It's unlikely that this will be ported to any version prior to 3.1, as there is no callback to "capture" the approval hash in those versions. It would have to be hacked into the code manually. That isn't to say it couldn't be done, and in fact I have a "hack-o-matic" function already that might be adaptable to this purpose. But it would take signficantly more effort than that which it does now. Contact me or visit the donation page if you'd like to encourage development of such a version, and I'll be happy to consider it.
As far as the upgrade, there are options. Namely, I have just completed another upgrade of this sort, and would be happy to talk to you about this service if you are interested. Please let me know.
Finally, you should check into the licensing issues. It's quite possible that you can continue using an upgraded version for little to no cost. I'd be happy to help you if you're unsure how to proceed. Please let me know on that as well.
Posted by Chad Everett on January 9, 2005 2:29 PM
I have followed your suggestion Mr Jay. My comment status is approved, but it not showed up. Means, the article still has "No-one has commented on this entry (yet)." message. This did not happen if I did not use typekey.
Posted by Benediktus on January 10, 2005 9:35 AM
Hi Jay,
Running MT 3.14 and MT-Blacklist 2.01. Installed MT-Approve 1.0. All went well with the install and also at the MT- Approve UI where I did the final install.
Followed your instructions and removed "post" from the main comment listing template and used the javascript to check for Preview changes on the preview template.
I'm still getting throttled when attempting to post a comment. Getting the following error"
Comment Submission Error
Your comment submission failed for the following reasons:
In an effort to curb malicious comment posting by abusive users, I've enabled a feature that requires a weblog commenter to wait a short amount of time before being able to post again. Please try to post your comment again in a short while. Thanks for your patience.
Please correct the error in the form below, then press Post to post your comment.
Any ideas on what might be going wrong?
Thanks. Appreciate your work.
Posted by Jesse Brown on January 12, 2005 1:14 PM
I visited your site, and when I approve the comment, there is no hash from MT-Approval in the source of that page. Because you mention that you made the changes to the comment form, that's telling me that you do not use the MTCommentFields tag.
That means that the most likely instance is that you didn't add the MTApprovalHash tag to your template. I confirmed this by looking for the field anywhere within the source of your comment preview page. So make sure you have added the tag and you should be set to go at that point.
Posted by Chad Everett on January 12, 2005 1:43 PM
Thanks Jay, I think I'm too "Mac-ified" and unused to actually READING the instructions. :-)
I placed the the field inside the form boundaries of the Comment Preview template and all is well now. The "Form Boundaries" are not obvious to neophytes so anyone attempting to do this needs to look thoroughly at the actual lines of the Preview Template to determine where the form actually starts. I put my field at the end just before </form>.
So now I've renamed my comments.cgi which cut spam to 1/10th or less of what I was getting and now I have this plugin which hopefully will cut it to zero.
Thanks for writing this.
Jesse
Posted by Jesse Brown on January 14, 2005 6:45 AM
just wanted to say thanks for working all this stuff up. I know using MT since it is so popular kind of makes you a target for spam but at the same time it is so great to have a community of people to work on problems with/for you.
Thanks again!
Posted by Sean on January 17, 2005 7:12 PM
I'm in the process of installing the MT-Approval plugin - but it fails when I hit install. I have just downloaded and installed MT for the first time yesterday, and everything else seems to work fine...
I get this error:
(/home/user9999/cgi-bin/movabletype/lib/MT/Template/Context.pm) Open Failed: Permission denied
There is no Template/Context.pm - so I'm not surprised - but where does this file come from? It is not in the install package that I downloaded from the MT site?
Posted by Nick on January 20, 2005 12:50 PM
The Context.pm file should exist in every MT distribution. It's possible it doesn't exist in that location (but that is where it should be, assuming that "movabletype" is your main MT directory). If you can find this, I may be able to help you track down the problem.
Posted by Chad Everett on January 20, 2005 12:53 PM
OK - thanks for your help - I redownloaded the MT-3.14.zip file and the file was in there - uploaded, set the permissions and all is OK now - thanks for letting me know.
Posted by Nick on January 20, 2005 1:05 PM
Well, I thought all was OK - but I don't see where this hash key is being generated - the plugin says that it is installed OK. My site.
Posted by Nick on January 20, 2005 1:16 PM
It looks okay to me. Remember that you need to preview the comment first, to generate the hash.
Posted by Chad Everett on January 20, 2005 1:29 PM
Hi,
I've got a mixture of old and new blogs on my site. Even though I've upgraded to the latest MT release (3.14) I notice that the older blogs don't use the 'MTCommentFields' in their comment templates. I'm not really sure how this is so, I recently moved to a new server with a fresh install of MT and then restored my database (MySql) from the old site.
My question is this; can I run a combination of the two types of Mt-Approval or do I need to upgrade the comment templates for my older blogging customers?
Tia for any suggestions,
Henry.
Posted by Henry on January 21, 2005 12:39 AM
Hi Henry - You can most certainly do both. You will need to make sure you have added the <$MTApprovalHash$> template tag to those templates that do not use MTCommentFields, and you will also need to make sure that you have integrated MT-Approval with your installation through the management interface (to handle those that do).
Posted by Chad Everett on January 21, 2005 5:46 AM
Oh - so when a visitor just hits post - it comes up with an obscure message. Is this right? Should I be removing the POST button some how and force the visitor to preview the message first? How would I do this?
Posted by Nick on January 21, 2005 7:42 AM
That would be ideal, yes. If the user posts their comment without previewing it, the hash will not exist, and the comment will not be accepted. This is roughly equivalent to what will happen with spam comments - the posting won't be allowed because it wasn't previewed.
You have several options, but keep in mind that the comment must be previewed in order to generate the hash.
You can remove the POST button, but if you use the MTCommentFields tag in your template (which you probably do if you're just starting with MT), you won't be able to modify the output. In that case, you may simply want to add a disclaimer to your comment listing form, somewhere near this tag, saying that the comment must be previewed first.
You could also add the MTApprovalHash field to the error template, so that when someone receives the message, the hash is generated. Then add a disclaimer to this page stating that the necessary information has been added and they are able to post now. This should continue to help with comment spamming bots, but may make it slightly easier for them - they would simply need to get the error and then submit (which they could do with the "preview" anyway).
Posted by Chad Everett on January 21, 2005 7:48 AM
Have you thought about having a button created that we can put on our websites to help promote this utility?
Posted by matt on January 26, 2005 1:03 PM
No thought at all. But if you're offering to create one, I'd be happy to promote it.
Posted by Chad Everett on January 27, 2005 2:55 PM
Hey Jay-
I'm running the latest version of MT and it uses MTCommentFields. I'd love to be able to remove the post button because it's confusing people despite the instructions that I have on the comments page. I see what you've written above about removing it. Short of diving into one of the .pm files and editing the button out, can you provide us poor suckers with some alternate code to replace MTCommentFields that will have the hash and not have a post button?
thanks,
Andrew
Posted by Andrew on January 28, 2005 12:32 PM
This plugin is GREAT. It has singlehandedly eliminated all my comment spam. Thanks so much!
Posted by existentialmoo on January 29, 2005 2:14 PM
Excellent! I'm so glad that it has helped!
Posted by Chad Everett on January 29, 2005 6:57 PM
Jay-
Your plugin (and others) are so successful that spammers have moved on fom comments and are now targeting trackback. Have you got anything in your arsenal for this?
thanks,
Andrew
Posted by Andrew on February 1, 2005 2:34 AM
Hi Andrew -
I have received three of them this very morning, so I feel your pain. Unfortunately, trackbacks by nature are designed to be received by a computer - so any plugins requiring human intervention - captcha or hash or something similar - won't work.
I think the best protection against trackback spam will likely be MT-Blacklist, as I believe it can be used against trackbacks as well as comments. However, I don't know that for certain, as I don't actually run MT-Blacklist. I'm doing some ongoing research issue to see if I can figure out a way to address it with MT-Approval, but I just don't know yet. I'll keep you posted!
Posted by Chad Everett on February 1, 2005 5:57 AM
Now that I said that, I have an idea. It'll take a bit of percolating to get it to work in a way that's actually useful, but nonetheless, it might just work. Give me a bit to play with it and see if I can come up with something useful.
Posted by Chad Everett on February 1, 2005 6:06 AM
Thank you for trying--I got hit with forty trackbacks this morning!
Posted by ffej on February 1, 2005 12:52 PM
I just installed everything but when I go to the
http://www.example.com/cgi-bin/mt/mt-approval.cgi
I get a 500 server error.
I am using cgi-wrapper so could that be causing a problem? MT Approval shows up in my MT menu so it's definitely in there, but I can't get to it. (Yes, I did change example.com to my own domain) :)
Posted by Tracy on February 9, 2005 12:54 AM
The most common cause for this is due to the permissions on mt-approval.cgi. Make sure that it is set to 755, since it must be executable.
Posted by Chad Everett on February 9, 2005 5:37 AM
Just wanted to let you know that MT-Approval is fabulous. Easy to set up, easy to use, and easy to administer, because I don't have to administer it at all.
The hardest part of using it was remembering my JavaScript to disable posting if a user edits their post-preview comment.
I have to admit, I'm considering removing MT-Blacklist, because I don't think it's doing anything for me anymore. At least, it's not doing anything on the plus side, anymore.
Posted by J from Fear Always Remains on February 12, 2005 12:18 PM
Hi jay, I've recently installed the plugin on my site. The problem is, I'm not sure if it's working or not. I can see the hash appearing in the preview and yet, a recent look at my MT-Blacklist revealed that I still experience spam attack flood (1 spam every 4 minutes).
The only thing that prevents the spams from appearing in the comment area is the keywords in MT-Blacklist. Please correct me if I'm wrong, but I thought that MT-Approval will prevent those spambots from even attempting to post their comments. So I'm wondering if I have installed it incorrectly.
Posted by Garten on February 17, 2005 7:16 AM
Please read this for a discussion about this very topic.
Posted by Chad Everett on February 17, 2005 9:10 AM
I'm having a bizarre problem. I installed MT-Approval with no problems (not using MTCommentFields). Everything was working fine, but then I decided to get fancy and somehow broke it. I really like your comment preview page, Jay, so I looked at the page source and tweaked my template until it looked (I thought) the same. And, indeed, the comment preview page now seems to be right, but clicking the post button gives a 500 Internal Server Error. I've checked permissions (755), but like I said, before I got fancy, it was working just fine. Any advice?
Posted by Becky on March 28, 2005 2:10 PM
Well, if you are using my comment preview mechanism as an example, it probably won't work. I've tweaked MT-Approval so that the preview and post functions are separated, and on the preview I submit to mt-approval.cgi and on the post to mt-comments.cgi - but that won't work with the publicly available version. You can make it work - but it won't work just like mine does, because of that.
My guess is you are getting the error because the version of mt-approval.cgi you have doesn't support the preview functionality. If you are submitting to mt-approval.cgi for preview, change it to mt-comments.cgi (or whatever the current name is) and try again and it should work. If the problem is something else, I'd need more info to help.
Posted by Chad Everett on March 28, 2005 2:21 PM
I'm submitting both the preview and the post to mt-comments.cgi... wasn't even aware that submitting to mt-approval.cgi was an option. The preview works just fine (submitting from the individual archive page, or, after editing, from the preview page) -- it's just the posting that doesn't work. I can send you the relevant templates if you like, or answer any questions that might help troubleshoot. I'd appreciate any ideas you have!
Posted by Becky on March 28, 2005 3:11 PM
For what it's worth, even though hashes are in fact being generated (according to my page source) I'm getting a 500 error if I click on MT-Approval in my plugins list. But, like I said above, the form action points to mt-comments.cgi. How bizarre.
Posted by Becky on March 28, 2005 6:27 PM
If you get a 500 error when you click on mt-approval.cgi in your main menu, then it's likely not (or at least not only) your template. Likely causes of that are either permissions or some sort of corrupt data. If you have an error log on your system, check it to see if you can find why the file isn't displaying - it ought to tell you that the file doesn't have execute permissions, or if it's missing something, or whatever.
Posted by Chad Everett on March 28, 2005 6:48 PM
Thanks for the tip. My error log did indeed have a strange message (something about mod_rewrite and the maximum number of internal redirects being reached -- greek to me). I've filed a trouble ticket with my host and will hopefully get this resolved sooner rather than later. Thanks for your help, and for your ongoing fabulous work!
Posted by Becky on March 28, 2005 9:13 PM
Will MT Approval work with the upcoming MT version 3.2 ??
Posted by Chas on August 22, 2005 7:42 PM
No, I believe that 3.2 breaks MT-Approval. I will look into it some more, and if the default install that includes SpamLookup has need for a new version, I'll see about putting one together.
Posted by Chad Everett on August 26, 2005 11:28 AM