Image verification for comments in WordPress 2.0

01
Apr
Tags: php || 7 Comments
TwitThis || StumbleUpon || Digg it || del.icio.us || Reddit

I’m sick of blog spam. It is such a pain to have to mark it all as spam (And what exactly does that function do? I’ve seen the same spam come through many times, so it doesn’t seem to learn…)

Anyways, here is my quick and dirty hack to add a image verification box on the comments page (Warning WordPress hack ahead - I’ll bother to learn the plugin system one day…)

This hack requires the following PHP libraries installed on your server: Freetype, GD and mcrypt.

Create a new file in [path_to_your_blog]/wp-image-verify.php

Insert the following code:

  1. < ?php
  2. require( dirname(__FILE__) . ‘/wp-config.php’ );
  3. $verifier = $_REQUEST[‘verifier’];
  5. $display_string = decrypt($verifier);
  7. $image_details = imagettfbbox (10, 0, ‘/usr/share/fonts/TTF/tahoma.ttf’, $display_string);
  8. $image = imagecreatetruecolor($image_details[4] - $image_details[5], (0 - $image_details[5]) - (0 - $image_details[3]) + 1);
  9. imageantialias($image, true);
  10. $background = imagecolorallocate($image, 255, 255, 255);
  11. imagefill($image, 0, 0, $background);
  12. imagettftext($image, 10, 0, $image_details[0] + 1, 0 - $image_details[5], imagecolorallocate($image, 119, 119, 119), ‘/usr/share/fonts/TTF/tahoma.ttf’, $display_string);
  14. header(“Content-type: image/png”);
  15. imagepng($image);
  17. ?>

Note - you will probably (ok will) have to change the path of the font as /usr/share/fonts/TTF/tahoma.ttf is a font I copied from my windows directory.

Open [path_to_your_blog]/wp-comments-post.php and add the following lines at around line 25:

  1. $verifier = trim($_POST[‘verifier’]);
  2. $verifier_compare = decrypt($_POST[‘verifier_hash’]);

Open [path_to_your_blog]/includes/comments-functions.php and add the following lines at the top of the file:

  1. // image verifier functions - by Myles Eftos
  2. $key = “afedss”; // Enter a 5 character string
  3. $iv = “sdfesdf”; // Enter a 7 character IV
  5. function random_string($length = 6) {
  6. $str = ;
  7. for($i = 0; $i < $length; $i++) {
  8. $str .= chr(rand(ord(‘A’), ord(‘Z’)));
  9. }
  10. return $str;
  11. }
  13. function encrypt($string) {
  14. global $key;
  15. global $iv;
  17. return base64_encode(mcrypt_encrypt(MCRYPT_DES, $key, $string, MCRYPT_MODE_ECB, $iv));
  18. }
  20. function decrypt($string) {
  21. global $key;
  22. global $iv;
  24. return chop(mcrypt_decrypt(MCRYPT_DES, $key, base64_decode($string), MCRYPT_MODE_ECB, $iv));
  25. }

Replacing the $key and $iv variables with a random 5 and 7 cahracter string respectively.

Finally find the comments.php file in you theme directory - if you are using the default theme it is at [path_to_your_blog]/wp-content/themes/default and add the following lines after the url textbox (Around line 89 in the default template):

  1. < p>

  2. < input type=“text” name=“verifier” id=“verifier” size=“22″ />
  3. < label< small>Enter the string you see here: < img src=“< ?php echo get_option('siteurl'); ?>/wp-image-verify.php?verifier=< ?php echo urlencode ($image_hash) ?>” alt=”" />< / small>  < / label>
  5. < input type="hidden" name="verifier_hash” value=”< ?php echo $image_hash; ?>” />
  6. < /p>

All done :)