You must be logged in to comment…
-
nandobase said:
everyone must have a Wp.com account to be able to comment. That is the story.
Really? Ugh, if that is the case.
That’s not exactly what the post-event announcement said, though:
Howdy!
We’ve recently updated our commenting system.
Now, if someone tries to comment with an email address that’s attached to a WordPress.com account, they’ll need to sign into WordPress.com before they can comment.
-
@ teamoyeniyi
I have someone who is reading through my entire web site. She is commenting to me in a forum we are both members of. What does that tell you?
WordPress.com already had enough to be one of the best blogging service and wants to be your next forum so they put this great feature called “you must be logged in to comment” to start with? :)
-
I think I understand the programming problem a LITTLE bit more now, based on posting comments as me logged in at WP and in a browser not logged in. The Javascript code in the case of me being logged in can access my comments even before they are moderated, and notes that moderation is pending. That much is good. But the cases where I’m not logged in, there’s no way for the Javascript code to look that up on the server, since there’s no username or email to lookup with. So it can’t show “your comment is awaiting moderation”. That’s an issue with no practical solution.
But, it should still be possible to make those posts and just live without seeing the “your comment is awaiting moderation”. Anonymous commentators are just not gong to be able to see any confirmation of their comment because there isn’t any identification to find that info when the page refreshes after posting. They just need to get past the empty email string issue to allow the comment to go into the moderation queue.
What I worry about is if a comment in the past was ever rejected with an empty email string, that MAY have ended up blocking all future comments with the same string. If rejecting comments ordinarily blocks the email address of the commentator, that’s probably the nature of the glitch. They would need to add special code specifically for the empty string case if that is so.
-
I can add that I would not run a blogging service that allowed UNmoderated anonymous comments at all. That’s where I (personally) would draw the line because that would be so wide open to spamming that it would risk an overload on the servers. I work in systems/network administration/security and do know how that happens. Such a thing potentially would leave WP vulnerable to spammers taking it down. So if you want anonymous comments, they really need to be moderated. OTOH, comments from logged in users could have that be optional (easy to block if a real user starts spamming).
-
@nandobase … I don’t see it that way. WP could not have had a successful site without knowing how to go about making it secure. If they wanted to shift to a FB style “force everyone to login” scheme, things would be different than they are now. They would not have allowed me to comment anonymously on hbdchick’s blog (via the workaround of typing in “none” for the email address). I have a couple theories on what code bugs might be causing this problem, but I’ll wait and see what their staff can figure out at this point. If they are intent on doing as you say, they will close up the “programming hole” that lets me work around that concept.
OTOH, when an anonymous user does post a comment, that might well be a good time to insert an ad that helps them financially support running all those servers. Those things do cost money (along with databases, routers, massive internet bandwidth, etc).
-
Motre said:
OTOH, when an anonymous user does post a comment, that might well be a good time to insert an ad that helps them financially support running all those servers. Those things do cost money (along with databases, routers, massive internet bandwidth, etc).
If WordPress doesn’t want to allow anonymous comments anymore, that’d be fine with me. I’d have to give up using their blog service which has been, for me anyway, absolutely terrific, but I understand they might have different goals on the internet than me. ;-)
I do wish they’d just say one way or another though … and if this had been in the works for any length of time (although that looks like that wasn’t the case), then an announcement beforehand so that everyone could’ve prepared themselves accordingly would’ve been nice.
-
I hope it’s just a bug problem. And I hope they will tell us that they are working on it.
-
No! it’s not a bug. Here’s the announcement.https://en.forums.wordpress.com/topic/recent-update-to-commenting?replies=1
-
Surely it would have been better to hard-code Matt’s email address (and those of anyone else who was worried about this problem) into the system and let him log on to be able to comment – leaving the rest of us to enjoy things as they were.
But then what would I know about it – I only spent the best part of 45 years working in IT!
-
I can see how this issue may be tricky to debug, and how tests may have worked for them. It’s weekend (and early early morning in SF for them) right now. I’m going to go play around a bit with another “blog in waiting” I created last night, and see what happens with it. And I still have an issue on this blog of mine to figure out.
I would say, let’s let this wait out until Monday or so, when more staff are on hand, and see what they do/say.
FYI to staff, you have my email if you want to inquire about my observations on this.
-
Matt will soon come to this thread with “This new addition is final and is going to be a part here forever” and then “Topic closed” That’s why I prefer my wordpress.org blogs.
-
That announcement says “if someone tries to comment with an email address that’s attached to a WordPress.com account, they’ll need to sign into WordPress.com before they can comment.”
That just means if you registered with WP using “(email visible only to moderators and staff)” AND then try to use “(email visible only to moderators and staff)” in the email field for commenting to post a comment, you must login (BTW, if you are already logged in, you won’t see the email field, but will see a message telling you that you are posting as your logged in username).
I don’t see anything in the announcement that says their intention is to make leaving the email field blank not work.
To do what they are doing now, they obviously have to take what is given in the email field and look that up in the user database on the email column. That code appears to not be handling a blank email field as a special case and bypassing the lookup. Further, there is surely a database of blocked commentators (e.g. the ones that have in the past tried to spam via comments, or did other TOS violations). That would have to be looked up, too. That would be for both global blocks and per-blog blocks. MAYBE the empty string got into the key column for either of those lookups. I can give scenarios on how that would happen.
-
Someone says that this was done to block spamming Wow a good joke. A spammer can use any e-mail address like (email visible only to moderators and staff) [e-mail >> blahblah @ blahblah.com] to deceive bots. But I think a comment without an email and even without a name doesn’t make a sense.
-
For now I’ve told my readers that they should fill in a fake e-mail if they get the error message, which works (with having the setting that they have to leave a name and e-mail address), I still know how they are based on names, blog url’s and ip address. My dashboard is still looking weird though (on more than one computer), I tried to add a widget telling my readers what they can do about it, but it’s too messed up to actually add widgets *yay*.
-
BTW, I agree with making things work as they have expressed in the announcement. It might be a bit inconvenient for WP users to have to login, but it protects your WP-user-based identity in WP comments. No one can fake an email that is already known to WP. I would not want someone else to use the email address I signed up to WP with to create my blog.
I can make a fool of myself all by myself … I don’t need others to do it for me :)
Anyway, if you are a WP user, either login and make the comment, or make it anonymously (once they get, what I still think is a bug, fixed). Or comment as a non-WP user.
-
@timechief … as long as anonymous or unknown email based comments are moderated, there’s the spam protection.
-
I applaud what AutoMATTic are trying to do as I’ve had a couple friends that have been impersonated in comments, but it is apparent staff did not thing this thing through, which seems to be their new standard MO of late. Even here on this page is someone who was impersonating one of the volunteers here in the forums until they were caught.
It is unfortunate that people have to do shit like this (impersonation), and unfortunate that wordpress.COM then botches the fix and is slow in fixing their botch.
- The topic ‘You must be logged in to comment…’ is closed to new replies.