22 Feb
2010
22 Feb
'10
3 p.m.
Hi Caleb,
Caleb James DeLisle wrote:
Guests should be allowed to comment on a page but we
still want to avoid automated
comment adding and captcha is a solution which already exists.
If a captcha is displayed on each comment form which shows at the bottom of each page
then each page load will require the generation of a captcha which will hurt
performance.
A.
When the user is anonymous, don't show the comment form, instead show a link
"Add Comment" and load the form and image through ajax.
This would not be a major change since anonymous users currently don't see the
comment form.
B.
Display the form but strip the 'Add Comment' button and force the user to preview
the
comment and load the image with the preview button. Of course the behavior must be
different when users don't have Javascript and they are viewing the comments through
"?viewer=comments" so there would have to be some means of detecting how
commentsinline
was being loaded.
What about:
Keep the current form. When the user clicks "Add Comment" the comment is
submitted w/o using AJAX. On the server, if the current user is not
authenticated then return to the client a preview of the comment with
two options: (1) log in or (2) solve the captcha to add the comment.
I don't know if this is doable.
Thanks,
Marius
In order to keep the core from becoming dependent on the captcha module, the commentadd
action will have to be duplicated in commentinline.vm I see no other way around it.
Any other ideas?
Caleb
_______________________________________________
devs mailing list
devs(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/devs