show all comments


Added CAPTCHA to prevent spam comments

March 14, 2008 01:16:59 +0200 (EET)

I finally caved in to the spammers, and added a CAPTCHA test to the "Add Comment" page. I hate having to inconvenience you to prevent the idiots messing up the commons, but the truth is I don't have time to be cleaning out the spam by hand, so it's either CAPTCHA for the commenters or a mess for all readers. Sorry.

The CAPTCHA system I chose is reCAPTCHA, from Carnegie Mellon:

reCAPTCHA improves the process of digitizing books by sending words that cannot be read by computers to the Web in the form of CAPTCHAs for humans to decipher. ...But if a computer can't read such a CAPTCHA, how does the system know the correct answer to the puzzle? Here's how: Each new word that cannot be read correctly by OCR is given to a user in conjunction with another word for which the answer is already known. The user is then asked to read both words. If they solve the one for which the answer is known, the system assumes their answer is correct for the new one. The system then gives the new image to a number of other people to determine, with higher confidence, whether the original answer was correct.
Currently, we are helping to digitize books from the Internet Archive. In order to achieve our goal of digitizing books, we need your help. If you run a website that suffers from problems with spam, you can put reCAPTCHA on your site.

If you can't read the CAPTCHA image, just click the link to get another one -- neither clicking the link nor entering the wrong words will lose your comment (assuming the web works; I always write my comments elsewhere and paste them in, just in case!).

Since there wasn't a Smalltalk plug-in for the reCAPTCHA API, I made my own. It only took about 30 minutes for the client and server sides combined, and most of that was rejigging some bits to avoid adding an extra dependency on an HTTP helper client. Predictably, the result worked -- almost. This is the web, after all. For some reason, the field to enter the words disappeared if the cursor strayed into the TinyMCE JavaScript rich text editor toolbar. Add 6 hours of testing and hacking with newer JavaScript editor versions, IE, different <div> and CSS layouts etc. In the end I dumped the pretty reCAPTCHA frame and went with the longer-winded custom layout. Simple, boring, works perfectly.

If anybody wants the Smalltalk code for the client and server sides, take a look at Blog-ServletsExtensions from the Cincom public repository. This adds reCAPTCHA to the Silt blog server (Silt-Core 1.139), but it should be easy enough to extract the code for use elsewhere: see the package comment for instructions.


Blog server update

March 28, 2006 00:45:45 +0300 (EEST)

As a belated birthday present to this blog, I've updated the Silt server software it runs on. The main differences are:

  • A gazillion bug fixes courtesy of James Robertson
  • Presumably some nice shiny new bugs introduced by yours truly
  • The "Add Comment" page now has a WYSIWYG comment editor
  • Lost comments should be a thing of the past (nobody ever complained, and I only noticed this intermittent bug in the spam protection recently -- sorry to any who were affected!)
  • The Archives pages are more sensible about which month to show
  • At the bottom of the sidebar are various different CSSs to try

Comments and feedback are welcome -- if you're quick, I might even do something about them now while I'm on a roll, rather than defer them to the next upgrade (2nd birthday? :->).


MetaCase blog server live

March 01, 2005 12:13:24 +0200 (EET)

After a few days of something approaching international pair programming, the MetaCase blog server awakes! It's been one of the more interesting non-work projects of recent months, and a real privilege to work with James Robertson on the server.

Aside from being a Domain-Specific Modeling cheerleader, I'm a member of the "I'll stop using Smalltalk when they pry it from my cold dead fingers" club. Even so, I did try to find a free ASPX blog engine to run on our server. .Text seemed hard to install and was in the process of becoming Community Server, so I left it alone. DasBlog looked great, easy install and good support, but unfortunately only coped with one blog per server.

After exhausting my list of ASPX servers the next candidate was Silt, the Cincom Smalltalk blog server. Since I've been reading James Robertson's and others' blogs on that server, I knew the server worked, and apparently James was just tidying it up so others could use it. In a fit of community spirit, I decided to join in and spoil everything... I mean help. Whilst the results still aren't as finely polished as they could be, it seems ready enough - at least for our needs. And if it breaks, I can fix it. Whether that's a good or bad idea remains to be seen...