David and Katherine Goodwin

In the same vein as Wordpress through Subversion I thought it might save me some hassle to run Drupal through CVS, which should/could save me from hassle when I have to upgrade and copy a load of files into the 'active' version's directory.

So... I reckon all I need to do is :

cvs -z6 -d:pserver:anonymous:anonymous@cvs.drupal.org:/cvs/drupal co -r DRUPAL-5 -d drupal-CVS-5 drupal

Which will plonk drupal into a directory called 'drupal-CVS-5'.

We've been using Drupal for some time now; and as a whole it seems really good.

Unfortunately "the spammers" have managed to walk through the default drupal captcha module - to the extent I end up deleting between 10 and 20 bits of spam a day.

Thankfully, I'm not the only one suffering, and http://drupal.org/node/151781 is the result. So; hopefully you can still use this site to submit comments; if not please email me (david at $this_domain)

I've upgraded this site to Drupal 5.1; hence any planets it's on have probably 'reposted' any recent content.

Presumably this implies RSS feeds aren't very intelligent.

Blog Spamming

As I was leaving work this evening, I noticed the load on one of our servers was quite high (~10)... I had a quick head scratch, and thought it was just a Zope process misbehaving, and thought no more about it (after all, it was 18:30, and time to go home)

Fast forward a couple of hours, after cycling/dog walking/eating tea, and I notice the load is still ~ 10... "Not good".

A quick bit of investigation showed Apache and PostgreSQL to be the main culprits... and one Apache log file was filled with requests similar to :

Drupal Comment Spam - Part 2

On Saturday, I upgraded this site once again, and realised I'd need to re-implement my hackish anti-spam code.... not to be outdone, I thought I'd enhance it slightly, so now the following patch exists; which might make life easier in the future.

Basically, I can't be bothered to write anything particularly complex to combat spam with Drupal, and I think I only need to make my site slightly different from all others, in order to defeat most automated spam bots - therefore, I've added a complex mathematical equation to the comment form for the site.... and contributors need to answer it in order to submit a comment for moderation. In the off chance I get no spam over the next month or so, I'll probably remove moderation.

Drupal Comment Spam

For the last few months, I've been suffering under the weight of spam awaiting 'approval' from me in the comment moderation queue.

On Saturday, I finally hacked the comment.module file to make Drupal reject spam which matched the following :

• Author and Subject were the same - strangely a lot of spam seems to be in the format where the author and subject fields are set to the same value.
• Body contains more than a set number of URLs - this is quite a harsh restriction I guess, but very few valid comments contain URLs anyway. I did originally have it blocking any URLS, but have since changed it to only allowing a certain number.

Spam will still have to pass through moderation from Kat or I, but so far it does seem to have stopped any crap from being posted.

Nasty Drupal Comment Deletion Bug

I logged into this site this morning and went to delete all the spam (as usual). However, I then noticed that all the legitimate comments had vanished. Argh!

It seems there is a nasty Drupal bug which leads to all comments being deleted if two people try and delete the same comments at the same time. Hopefully there will be a fix soon.

On the good side of things, I now have a better backup/restore procedure for PostgreSQL.

I've just spent some time upgrading Drupal to 4.7.1. It was rather awkward, mainly because I had at some random time in the past installed some scriptlet thing, that had PHP code stored in the database. Needless to say, that PHP code was now invalid against the new drupal API, and nothing worked.

See for the full story

I'm still figuring out some of the new Drupal features, and haven't re-installed all of the modules yet (some aren't compatible with 4.7 yet). I'm not sure if I'll bother redoing the theme.

I've enabled service links and the delicious modules for drupal (this website). I'm not sure if they add unnecessary clutter or not; so thoughts/feedback welcome.

Drupal upgrade

Yesterday I received a few emails from Drupal.org alerting me to a few security fixes. I was a little miffed, and could see myself spending a few hours fixing the PostgreSQL compatibility with Drupal, but I am happy to say that it took about 1 minute to upgrade to the new version of Drupal, and it worked perfectly with PostgreSQL. I opted for the lazy approach of just unextracting the new release over the old one, and it worked.