One of the things I’ve always liked most about II is how open II’s commenting system is. On the other hand, one of the things I’ve come to hate is how open II’s commenting system is.

There are several reasons for this, the two main ones being 1) that emails are not actually validated, which allow for invalid emails to be used and 2) trolls have been rather viciously taking advantage of this ease of anonymity.

If #2 comes as a surprise, be sure to give your props to Puppet, swenson, and Neurotic Platypus for keeping an eye on the comments.

Now, I happen to like talking to people in private and maybe sorting things out before resorting to banning them, but that is not possible when the email provided is not valid, and I am tired of handing out IP bans like Halloween candy.

And so I’ll be overhauling the comments system to use OpenID.

Now, I am well aware that some commenters prefer not to share their personal emails (I’m one of them), which is why the system will have two main features to begin with:

  1. A nickname, which will appear on the site.
  2. The OpenID will only be visible to admins.

I plan on linking nicknames to OpenIDs so that we don’t wind up with multiple people with the same names running around, and I also plan on giving the option to display one’s OpenID, but these are things for later.

For now, comments will remain open until I can figure out how to 1) incorporate OpenID smoothly into Textpattern and 2) ensure that all the comments from the current system are properly migrated over.

If you have any questions, concerns, or suggestions, please comment on this post.

Comment

  1. swenson on 19 November 2012, 11:58 said:

    For those worried that OpenID is a pain to set up, it’s really very easy and they don’t bug you with e-mails or anything. Plus, if you like, you can use it many other places as well. I’m planning on using my pre-existing one, in fact! (We will be able to do that, right, Kyll? I should be careful not to make wild statements I’m not sure about yet!)

  2. Kyllorac on 19 November 2012, 12:09 said:

    I’m planning on using my pre-existing one, in fact! (We will be able to do that, right, Kyll?

    That’s the plan. All the major OpenID providers (Google, LiveJournal, Yahoo, etc.) should be supported, so if one has an account with one of those providers, they’ll be able to use the ID to log in to comment. I’ll have more information on which providers are accepted later, once I finish integrating everything.

    I’m also going to try and keep the logging in at a minimum via single sign on, meaning that if you’re already logged into an OpenID account (like Google in Chrome), you won’t have to retype all that info.

  3. Brendan Rizzo on 19 November 2012, 15:23 said:

    So, how exactly does this work? (Sorry if I come off as an idiot, I just don’t understand what’s going on.)

  4. HimochiIsAwesome on 19 November 2012, 15:51 said:

    Sounds like a pretty good idea!
    Although I guess this means the end of putting my website as a link to the song ‘HEY’ as sung by He-Man, huh? Hahaha~
    But yeah, anything to stop irritating trolls, although I haven’t seen many at all, so, to all involved in comment checking, have cookies. And sheep. What do you mean that’s a weird combination

  5. Kyllorac on 19 November 2012, 20:31 said:

    So, how exactly does this work?

    On the surface, not much will change. Instead of asking for a name, email, and website, the new system will ask for a name and OpenID. You’ll then be logged in and able to post comments without having to re-enter that information (similar to how checking the Remember Me boxes means you don’t have to re-enter your name and email every time you comment) unless you log out.

    You probably already have at least one OpenID.

  6. Taku on 20 November 2012, 06:31 said:

    Possibly a very well-timed demonstration in favour of this, there’s suddenly a half-dozen spam posts spread through the comments.

    I support this change.

  7. swenson on 20 November 2012, 09:38 said:

    Haha, I was just thinking that, Taku! Taken care of.

  8. Nate Winchester on 21 November 2012, 15:04 said:

    And now I can’t seem to post anything without being accused of being automated.

    WTH?

  9. Nate Winchester on 21 November 2012, 15:05 said:

    OK, that last comment was a test. So short comments clear but longer ones don’t?

  10. Epke on 21 November 2012, 16:24 said:

    Will this affect our forum login?

    P.S. I hope Hotmail’s an OpenID :S

  11. Kyllorac on 21 November 2012, 21:08 said:

    Will this affect our forum login?

    No.

    And now I can’t seem to post anything without being accused of being automated.

    I haven’t made any changes yet, so I don’t know why you’ve been having trouble commenting.

    Have you been linking to multiple images/off-site things in your comments?

  12. Nate Winchester on 21 November 2012, 21:11 said:

    Have you been linking to multiple images/off-site things in your comments?

    I just was going to link to IMDB. But even removing it caused it to be blocked.

    Oh ok. After testing from home, it looks like some IP addresses may trip the alerts while others may not.

  13. Kyllorac on 21 November 2012, 22:04 said:

    it looks like some IP addresses may trip the alerts

    Yup. Hit me up with the IP addresses you try to post most frequently from, and I’ll see if I can make some exceptions. ;P

  14. Fair on 22 November 2012, 02:37 said:

    I think it’s a great idea. We have/had trolls? Puppet, swenson, and Neurotic Platypus must be doing a good job then!

  15. Puppet on 5 December 2012, 17:01 said:

    I haven’t done anything since school started haha. Thank Neurotic Platypus and the other admins for being awesomely awesome because they’ve been taking care of everything.

  16. NeuroticPlatypus on 21 February 2013, 21:37 said:

    Is anyone else unable to get to the forums?

  17. Pryotra on 21 February 2013, 21:49 said:

    I can’t.

  18. Taku on 21 February 2013, 21:51 said:

    puts hand up

    I just checked when I saw your comment, NP. Blank screen with a

    Index of /forum
    

    at the top, and a few empty file-list type columns.

  19. NeuroticPlatypus on 21 February 2013, 21:57 said:

    ^^That’s what I get, Taku.

  20. Falling on 21 February 2013, 22:11 said:

    halp!
    I see the same thing

  21. Taku on 22 February 2013, 05:18 said:

    Seems to be fixed now. Might have just been a server update in progress, or something equally harmless.

  22. eekee on 19 March 2013, 19:29 said:

    Thank you! I was just now to complain about the way it makes everyones email address public. :) I don’t know how II’s authors got away with it as one of the longest-standing Must Knows on the web is you do not put other peoples email addresses into the page, because it’s wide open for spammers to harvest.

    In fact I took a little precaution when commenting, and I guess you might want to know I’m not trying to spoof when I use an email address of the form impishidea@myname.domain.tld. I’m making use of a feature of my mail provider which will deliver mail addressed to anything@myname.domain.tld to my account, so if I start getting spam at any such address I can just have it drop all mails to that address. I wish I’d started doing this sooner, it’s quite an effective way to keep out spam.