meyerweb.com

Some of you may have tried to comment recently and been hit with a “comments are closed for the time being” error. That was Gatekeeper, actually, and it was being tripped even by valid responses to the Gatekeeper challenge. The weird thing is that some people were able to comment, whereas others were not. I have no idea why this was happening.

The point of this being to say that I’ve updated Gatekeeper to return a more helpful error message, and also believe some changes I made should make gatekeeper less random. If I’m wrong and you get an error, please use the e-mail link in the error message to send the error to me. If I’m right and you get no error, then no worries.

If I get a lot of error reports, I’ll hobble or disable Gatekeeper, but I hope it doesn’t come to that. We’ll see. In the meantime, my sincere apologies to anyone who got bitten by this bug, and I hope things will be better from here on out.

Now out the door: Gatekeeper 1.5 RC4. It really does (so far as I can tell) allow pingbacks and trackbacks, as this post’s comments show. So if you tried to ping or track back to a post here in the last three months, and you really wanted it to show up here, you might want to try again. If you’re running Gatekeeper and want tracks and pings to work, you should definitely upgrade to RC4.

The auto-addition of the challenge to forms that don’t contain the pose_challenge call is still broken. ‘Jim’ has more information and some examples of forms that fail to get an auto-added comment if you’d like to take a crack at solving that particular puzzle.

It’s update day! I just pushed WP-Gatekeeper 1.5rc3 into the public eye. The major change in this version is that Gatekeeper no longer prevents trackbacks (or pingbacks) from ever reaching your site. See, before, it was effectively destroying all those without notice or appeal. Now it just lets them through, whatever their content.

What this means is that Gatekeeper is, as it always was meant to be, a way to prevent comment-form spambots from succeeding. Trackbots will now get through unless you take other steps, like disabling trackbacks or running another spam filter or something. I’d actually like to see WordPress split tracks/pings apart from comments, and let you set their “always moderated” flags separately. Thus you could set things up so all tracks and pings are moderated, but comment-form comments are not. That would work great for me. Maybe not so well for others, though.

Unfortunately, rc3 still has that problem where it doesn’t always automatically add a challenge to your comment forms, though you can still get the challenge by manually adding gatekeeper_pose_challenge to the comment forms in your theme. My grep-fu (or maybe it’s my PHP-fu; or, hell, both) is weak; I can’t figure out why the routine fails. Anyway, head on over to the Gatekeeper page if you’re interested, and especially if you can figure out why the auto-challenge routine is failing. Thanks.

I was going to ignore the whole WordPress search engine gaming situation, especially with Matt on vacation and so unable to speak for himself at the moment. Dougal and Jonas have weighed in with their bits, and that seemed good enough. But as a high-profile WordPress user and supporter, I’ve had some readers ask me about my opinion. So okay, here it is.

I’m not going to call Matt any names, or declare his actions to have been evil. Matt and I, along with Tantek, founded GMPG and worked together on XFN. I would consider Matt a very good acquaintance. (Don’t read too much into that: I’m unusually choosy about using the term “friend”.) He’s young, enthusiastic, and very smart. That doesn’t mean that he doesn’t make mistakes, but it might mean he’s more willing to try things out just to see how they go.

From a technical point of view, though, this isn’t much of a change from past practices. Anyone who’s installed WordPress has probably noticed that, by default, the system contains links to all of the big WordPress contributors. If you just set up the default template and don’t fiddle with anything, those links show up in your blog.

And what effect do those links have? They can pump enormous amounts of Google juice into the sites of those people, for one. Remember when Matt reached the #1 result on Google for “Matt”? The pre-installed links can seriously skew blog-networking systems, for another. If Technorati didn’t exclude those people from the ranking lists, they’d dominate the Technorati Top 100. As of this writing, photomatt.net has more links from more sources than does Boing Boing. So do most, if not all, of the other blogs that come with your WordPress install.

Adding hidden article links seems to me to be another step along the same path. Is it a good path? All I can say is that it isn’t a path I would have followed. Then again, I’m such an old-school hippie-Utopian pseudo-socialist about the Web that I don’t have retailer affiliate accounts, and never did.

Based on what I’ve been picking up from conversations and sessions at the Search Engine Strategies conferences, what Matt did with these hidden links is at best a gray-hat SEO tactic, and probably a black-hat move. There will be (and already have been) reprecussions, and Matt will have to deal with them. How he deals with them will, I think, be far more important than what he did. We’ll just have to wait to see how that unfolds.

Meanwhile, I fully intend to keep using, hacking on, and contributing to WordPress, because it’s a good system at a great price with an even better license.

Update: Matt has explained his side of the story.

Thanks to the good offices of Server Logistics (providers of the Complete MySQL package) and Jonas Luster (who gave me the database import command I actually needed) I brought my local copy of WordPress back up to speed last night and was able to test the Gatekeeper update script. Thus, WP-Gatekeeper RC2 makes its debut.

Here’s what changed:

• Added “reset to default” links for the challenges and the markup template on the management page. Remember that if you say “OK” to the pop-up dialog box, the data will be reset to install default and there’s no going back.
• Fixed a bug where logged-in users still had to answer the Gatekeeper challenge. Now there should be no challenge for logged-in users. This assumes that your install allows people to register and log in, of course. (Thanks, ColdForged!)
• Tweaked the scanning routines to be more cross-platform friendly, the form scanning to be kinder to 1.5 themes that were ported from 1.2 installs, and fixed (I think) a slash-insertion bug that could affect the markup template. (Thanks, Scott!)
• Added theme-root support. (Thanks, Terrence!)
• Changed the gatekeeper_default_template option to be called gatekeeper_markup instead.

That last change was the original motivation to create the update script, since the plugin would break without updating the option name. While I was at it, I decided to throw in routines to let users of the 1.0b1 version migrate their challenges over to version 1.5 and then delete the old tables.

So if you’ve run any previous version of WP-Gatekeeper, you’ll need to download and run the update script. It’s called wp-gk-rc2-update.php. To run it, uncompress the archive and drop the PHP file into your main WordPress directory, then load it up in a Web browser. From there, the script should walk you through the update procedure. If you’ve only ever used GK 1.5 RC1, then it will be two steps and painless. If you were running 1.0b1, then it’ll be three or so steps and still painless. (Unless of course I have bugs, in which case there may be pain.)

Basically, you’ll need to run the updater either immediately before you install the RC2 plugin, or immediately after. In the interval between the two, there will be trouble. I’m sorry, but I don’t know of a way toclose that window. My recommendation is to run the update script and then drop the plugin into your plugins directory as soon as the updater finishes. However many seconds passes between the two will be the window of possible breakage.

So there you have it. Assuming no problems are encountered, the plugin will reach 1.5 final within the next week. Let me know if you hit any roadblocks or see ways in which the code can be improved.

Update: problems have been encountered. The automatic-placement routines seem to have failed, so no challenge will appear unless you use the gatekeeper_pose_challenge() call in your comment form template. This means nobody will be able to post unless they’re logged in (and maybe not even then). I’ll post an update as soon as I figure out what’s failing and how to fix it. Sorry for any inconvenience!

I have two coding projects going, and both are for the moment stalled. Maybe you can help.

The more recent of the two is WP-Gatekeeper, which is almost ready to go from RC1 to RC2 except for one tiny little problem: I upgraded my local copy of MySQL, and it blew away my WordPress database. So I mysqldumped the database from meyerweb.com, copied it down to my hard drive, and tried to mysqlimport it. And tried, and tried, and tried, until eventually my eyes started bleeding. No dice. Therefore, no possible chance of my testing the update script, which is necessary because it actually deletes tables from the 1.0b1 version of Gatekeeper. I don’t want to put it out into the wild without making sure that it deletes the right tables, and no others.

Obviously, without a successful import of the dump file, I can’t test the script. I’ve read the MySQL documentation, and done everything it says to do. It fails. I tried logical variants, in case there was something the documentation was leaving out. No dice. Then I tried illogical variants, including some SQL statements that included words I wouldn’t ordinarily type, let alone say out loud. The error message is basically always the same, and it never helps. It goes something like this:

~/mw > mysqlimport -u root meyerweb meyerweb20050309.sql.dump 
mysqlimport: Error: Table 'meyerweb.meyerweb20050309' doesn't exist,
 when using table: meyerweb20050309

Well, no kidding, geniuses; there is no table called that, because it’s the name of the dump file, not anything in the database. And yes, when I dumped the DB from meyerweb, I did it so that it contained the CREATE and USE directives at the top of the dump file. They don’t seem to make any difference at all.

Plus all that was after I reinstalled MySQL about seventeen times because it refused to start up even though the installation was supposed to be point-and-click. Eventually I switched to a different, third-party install package, and it went like a charm. Serves me right, I suppose, for assuming that the MySQL.com folks could put together an install package that actually works. At this point, as far as I’m concerned, MySQL is the rotted corpses of the maggots that once infested the corn inside a pile of moose droppings.

Not that I’m bitter that this wasted four hours of my life or anything.

The other project is, of course, S5. It’s currently stuck at 1.1b5, because there’s this problem in Firefox for Windows that I simply cannot figure out. I commented on it a little over a month ago; the basic problem is that when viewing the testbed slide show in Firefox for Windows, it seems to “jiggle”, apparently from constant re-scaling of the fonts. I can’t figure out how to stop it.

So any ideas, anyone? At this stage, that’s pretty much the last major problem before going final. Safari still blocks use of Page Up and Page Down when in the outline view, but that’s something I can live with. The nervous-twitch display in Firefox for Windows isn’t acceptable in a non-beta version.

I’ll still be using S5 1.1b5 for my SXSW presentations, but that’s okay because I’ll be using Firefox for Macintosh, which doesn’t appear to suffer from the same problem. If it does start having problems, I’ll just switch to Safari. No big deal.

Anyway, that’s where things stand on those two projects. Hopefully I’ll get over the roadblocks soon, and be able to get them moving again.

Now playing: WP-Gatekeeper 1.5 RC1, a complete overhaul of the Gatekeeper plugin. This version is compatible with WordPress 1.5, and is basically plug-and-play. Why “basically”? Because like Windows, there are situations where the plug doesn’t lead straight to play—but more on those in a bit.

First, if you’re using the default WordPress template or a template that uses the same markup, then literally all you have to do is install and activate the plugin. The challenge will be placed into the comment form using the same markup patterns used for the other inputs (name, email, and so on). In fact, this will happen for any theme that uses the same markup as the WP 1.5 default. In cases where the plugin can’t find the appropriate markup pattern, it will insert the challenge just after after the textarea element in the comment form.

So suppose that you’ve completely altered your comment form markup, and what’s more, you don’t want the challenge appearing after the textarea element. No problem: insert a call to gatekeeper_pose_challenge at whatever point in the form you want the challenge to appear, surround it with whatever markup is needed, and you’ll be good to go. That’s the kind of situation where you have to do a little more work than simple plug-and-play. Otherwise, the installation should be quick and painless.

There is a potential exception: non-UNIX servers. I think I have things set up so it shouldn’t matter, but I may well be wrong, not having other servers on which to test. So if you run into trouble, disable the plugin and everything should go back to normal (unless you added gatekeeper_pose_challenge to your comment forms, in which case you’ll have to remove those too). Let me know if you hit trouble, and we’ll see about getting it fixed before going final.

I’m running GK 1.5 on meyerweb now, and everything seems to be proceeding without incident. My upgrade problems earlier today were due to forgetting to pull out the hooks I’d hacked into wp-comments-post.php and other files for the old version of Gatekeeper. Those hooks are no longer needed in GK 1.5, and leaving them in place broke commenting.

If you were thinking about using Gatekeeper but were put off by the long DIY instructions in the old version, then now’s the time to try it out. It’s easy to install, and even easier to back out if you run into trouble.

I’d like to thank Scott Sauyet for helping me with a number of the new routines and features in GK 1.5, including the use of the built-in options table instead of having to set up a separate table for Gatekeeper, the form-scanning routines, and more.

Thanks to some version skew problems with WP-Gatekeeper, I managed to break commenting last night. I believe I have things fixed now, but if not, leave me a comment. I kid! Speaking of WP-Gatekeeper, the new 1.5 version is almost ready to go, so if you’re interested, stay tuned.