webdev blog carp fishing blog

Blog Roll
Jun 26, 2006

Storing Comments

At the moment I am completely reworking the commenting module for the PHP framework I develop and maintain. And I am redesigning it so it can easily be added to the Miranet CMS for customers later on.

In the meantime I am also very busy with other affairs, so please bare with me for some time and it will be here...

One of the goals of implementing commenting functionality is that we can use the comments not only to create more content about the subject we are dealing with in a document by enabling visitors to add their opinion, but also to establish a way to store trackback information.

We need a slightly more elaborate database for storing all data in a proper way if we want to achieve this, and of course we have to think very seriously about security and spam, preferably before anything is stored.

What we plan to do with the stored data is yet another thing, and we will work this out later, first we will give an outline of what we think is needed for storing.

First we will have to get the data that comes along with a comment, or a backtrack entry.
Then we will filter that data to make sure it is "safe".
After that we will force one or more of the following possible safety measures:

  • after filtering store the data in the database and show it as it was sent (not quite safe)
  • we check if a CAPTCHA string filled in by the submitting party matches the one stored in a session or other storage medium(good for getting rid of bots and automated submissions)
  • we can evaluate all comments by receiving a mail notice, and manually disable or edit comments we don't approve of, like spam messages. (quite safe, but needs daily review and can be tedious)
  • we can make comments only public after reviewing them manually through the mail notice. (needs regular review and can be tedious, but is the safest method)

Only when a comment's status is marked as "active" in the database it can be shown

I am still developing the new comments class and it's methods, so you will need to contact me through the contact page to if you would like to comment my ideas.

There are no comments on this blog entry yet!

Send your comments to or post them right here!

name e-mail
comment title website url

Start > blog> blog development> storing comments...

inloggen validate