Well, I guess I revived the thread myself, by posting that I had a little solution.

The problem is that it's just a hack which has to be implemented on a module by module basis. There is also a difference whether you use PHP 4 or PHP 5, so you'll have to experiment a little on your own. It also seems you are interested in implementing it on the system-wide comment function. I don't know where the comment function writes the comment to the database, or where otherwise to catch a comment and test it against Akismet in the most efficient way. I think one could dig a little and find a good spot to apply the hack. But there're more qualified people here to help out with that bit of information. It must also depend on the XOOPS version you're using. The question to be asked being: Where can I catch the system as it is writing a comment to the database in XOOPS version XY?

Now, if you want to use it on some individual module where your users can submit something, You also will have to find the correct spot in the php code where the submission is written to the database. I think you have a fair chance of finding it if you look for the words "INSERT INTO" in files called "post.php" or "sumbit.php" inside the module folder.

Once you found a good place for your operation and are ready to go, you, of course, need the Akismet class for the PHP version your server is running. In my last post is a link to a page which links to the two in question, for PHP4 and PHP5. You also need the Akismet API key. But it looks like you have one already.

You drop that Akismet class (a php file) somewhere handy in your file structure. Let's assume into the "class" folder, because it sounds like a good place for it

Then the operation:

1. You call the class from the place you have identified as a good one to perform the check, again I assume it's immediately before a line which instructs the database server to write the comment to the database. (I think that's a good place, because that's where you have performed all your local checks, and the variables are all set up).

2. You identify the relevant variables which you pass on to the Akismet class. At least, you need to know what variable the body of the submission comes wrapped into. In the code below, you replace the variables you would have to replace "$submission_author" and "$submission_body" with the relevant variables from the module you're hacking.

2. You perform the check

3. If spam check returns positive, you abort the dtabase writing process and return something, perhaps send yourself an email if you don't have a problem with shifting to spamming from your blog to your email account.

4. If spam check returns negative, you just let the script do whatever it wanted to do anyway.

Both Akismet classes (for PHP4 and 5) come with instructions and a ready made code snippet which you slightly adapt, and then can use to call the relevant function. For me, WF-Links and PHP5, this code used to call the class/function looks something like this (red needs attention):


From there, again, you hand it back to the original script which should go on with something like a line containing "INSERT INTO" and which stores the submission in the database.

This will just stop everything identified by Akismet as spam and never tell you about it. If you care about a notification, you can send yourself an email, or you can also create a database table to which to write your spam. But that's a more complex operation.

If you only want to check if user hasn't logged in or is anonymous, you have to wrap the entire thing into the corresponding test.

Hope that helps a little. Sorry I cannot be more precise, but it depends on a whole lot of things. Perhaps you can do something with it.

That was a completely nifty post! All the clues I need. And a great starting point for others as well, I'll bet.

Thanks for putting the little write-up about where to put the Akismet class. That helped me over a rough spot.

Thanks!

Glad you think it's useful. It really is an encouragement to experiment with it, rather than an instruction on how to use it. If you, or someone else, figures out a way to use it with this or that module, or perhaps particularly with the global xoops's comment feature, please don't forget to post back.

I'm catching all my spam on wf-links so far. Netquery/Bad Behavior did a good job until quite recently. But then, it seems they figured out a way to break through Bad Behavior, at least with lax settings. So Akismet is now doing the cleaning up.

Ok here's the code that I used to fix comment spam in the "Contact us" XOOPS module. Works a treat!

I put the Akisment.class.php file in the Class folder (yep, made sense to me too).

I modified the modules/contact/index.php file. I inserted your code between these two lines in that file -- this is where the file gets set to send the email;

$xoopsMailer->setBody($adminMessage);
$xoopsMailer->send();

I took your code, stuck in my info (site, Wordpress key, etc) and ran up the code looking for variables that would work. The first time I tried it, I wound up with a blank screen, so i commented it out and then uncommented each line. As I came across errors (leading to a blank screen) I'd fix 'em. Completely nifty.

Quote:

Perfecto! I pasted a little spam into the comment field and the module came back with that "your comment looks like spam to us". Put in a real message and it came through fine.

I'm completely fired up. AMS hack is next.

Uffda... I need some help from the assembled gang. I went rummaging for the place to put the Akismet call in AMS and can't figure out where to put it. Anybody out there understand AMS well enough to be able to tell me where it actually posts a comment to the database?

There are several layers of included calls in AMS and I'm not enough of a programmer to be able to figure out which is the one that actually does the posting. I have a feeling that AMS may be using XOOPS core code to do the posting, which would be neat because then the hack would catch comment spam in *all* comments, not just the ones in AMS. But, like I said, I can't figure out where to insert the code.

I pretty much assume that AMS uses the comment functionality of the core to handle comments. That's what all the other modules seem to be doing anyway. And I do think we should be able to figure out how to hack the core.

If somebody can jump in and give us a lead where to hack... I've had a very brief look and didn't find the obvious place, but I will try to look, perhaps over the weekend. But I'm also not a programmer and don't know a lot about the internals of XOOPS, so if somebody can come up with a quick and authoritative answer, that would be excellent.

The question, again, is: Where in the code does XOOPS (or its different versions) write comments to the DB?

Ok, this should be a good place to put the entire comment submission routine through Akismet. Again, there're some elements that have to be adapted manually to individual server setups, this seems to be working for the XOOPS version I'm working with (2.2 branch), and I do not know about others. Also, this kills everything Akismet identifies as Spam without further notice. You can send yourself an email without much fuzz, but that's what we're all looking for, isn't it? A little more spam in our email accounts. So not for the faint at heart, and not if your users might hate you for false positives.

You need the Akismet class, API key, and so forth, as per a post above in this thread.

Open /include/comment_post.php in an editor. Depending on your XOOPS version you might find a line

case "post":

somewhere around line 140. Insert the call to the Akismet class immediately following that line. Provided that you're using the version I'm using at the time of writing of the Akismet class for PHP5, it should then look something like this:

The gray bits are from the original script, the red ones the parts you'll have to look into. I've caught a little spam in my sandbox with this, but have not brought it online. I am not saying it works. It's just a suggestion to try out.

*edit: There was a little quirk in my code quote above (a $ lacking in the declaration of $MyBlogURL). I've edited it. There might be others.*

Ah! Perfecto.

The only thing I forgot was to pull the Akismet class stuff into the Class directory (read up the thread a little bit for that gizmo).

Once I did that, it worked like a charm just like you've posted it (of course, I'm running PHP5 which is the version of the code you're using -- for most folks, you'll want to substitute the PHP4 version but the mapping should be easy).

I'm loving this hack -- it lets Akismet take a look at all comments in the system, not just the ones coming through AMS.

You da man! Sorry it took me sooo long to try it out. My excuse is that all of the hacking time has been sucked up by studying for the ham-radio license exam. But putting this into my system was a really rewarding 15 minute break from radio.

Thankyou thankyou thankyou!!

Thanks for thanking. This is also very good in combination with the new version of the XOOPS Protector module, which lets you define the maximum number of links that can be in a POST request. Now I have: XOOPS Protector for a pre-screening, then Netquery's Bad Behavior to have a close look at the HTTP request, then Akismet to look at the post itself. That's pretty thorough, I would think. But amazingly enough, there are still posts which arrive at the Akismet check.