Saturday, November 28, 2009
I've been playing around with Thingamablog, a nice little standalone application you can use to manage a site without having to use a database on your server--the approach appeals to me since the resulting web site is portable and more secure. But I wanted to be able to support comments. I poked around a bit, didn't find anything that really suited me or worked easily. I did find a nice page, part of Notes from James, that had a simple set of php scripts that would enable comments. That worked nicely, but it wasn't very secure, so I started playing with it and before long I had something workable, at least for my needs. It's still in need of testing and poking and prodding, so if you give it a try send me some feedback. I'm calling it Thingamacomment, and the current version is 0.9d.
The short version of how it works is you edit the template pages in your Thingamablog with some php code to pull in comments or parts of Thingamacomment. The commenting code and data are stored in a folder named "comments" at the root of the Thingamablog software. Comments are stored in a files folder and are named after the Thingamablog article to which they belong. When a user added a new comment, the comment is put into a small file named with an article number and a timestamp, and then are appended to the appropriate comments file, either immediately or after confirmation by the blog owner. When a comment is address, an email is sent to the blog owner (either with a confirmation URL or just to let the owner know).
For the long version, see the enclosed readme file.
The scripts also try to prevent malicious use by stripping out html tags, and looking for malformed data in email messages. It can also use ReCaptcha to help filter out bot traffic.