php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #81183 Spammers now commenting on bugs.
Submitted: 2021-06-21 03:41 UTC Modified: 2021-06-21 11:18 UTC
From: a at b dot c dot de Assigned:
Status: Open Package: Website problem
PHP Version: Irrelevant OS: Irrelevant
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: a at b dot c dot de
New email:
PHP Version: OS:

 

 [2021-06-21 03:41 UTC] a at b dot c dot de
Description:
------------
First seen at: https://bugs.php.net/bug.php?id=70059

Even though the "nofollow" attribute means no self-respecting search engine will pay those links any attention, they're still there to brighten the day of people using the bug tracker.


Expected result:
----------------
I dunno ... a smarter captcha won't make a difference because many of these spambots these days actually have cerebra.


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2021-06-21 03:41 UTC] a at b dot c dot de
A domain-specific captcha question?
 [2021-06-21 04:06 UTC] tstarling@php.net
Why not just delete the comments? If it's only a handful of comments, it's easier to just delete them than to write software to stop them from happening in the first place. I checked the source -- there is a comment delete feature if you're sufficiently privileged. 
https://github.com/php/web-bugs/blob/3a2b04358544336d36e73006a47175d6afb83f1f/www/bug.php#L114
 [2021-06-21 11:00 UTC] danack@php.net
I'm planning to update the site to:

* only make links to a whitelisted set of sites be actual links.
* hide comments until they are moderated.
* hide user email addresses except for username part and first 2 characters of domain, unless the person viewing the webpage is logged in.


Anyone got any objections to any of those?
 [2021-06-21 11:18 UTC] cmb@php.net
I think this is better discussed on the internals mailing list,
andd we're likely better off switching to another bugtracking
platform anyway.
 [2021-06-25 13:04 UTC] m at m dot cz
Why not simply migrate to Github issues?

We can even align the PHP bug IDs with GH ones.
 
PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Tue Sep 28 02:03:38 2021 UTC