Whitelist not working

Do you have any active plugins?

No. Clean install, no plugins. I translated locales.php but that shouldn’t affect whitelist functions, and some of the translations I made to various files also shouldn’t affect at all.

EDIT: Okay, the wordpress codex informed me that the whitelist checks against previously approved comments for their EMAIL address. Well, if the email field is empty, and even a single one comment with an empty email field has been approved, it approves all with empty email fields? Oh man…

2nd EDIT: Well tried with non-empty email field.. still goes thru. Any advice on how the whitelist actually works? Could be easier to look into it myself..

If it’s a trackback or pingback…it checks to see if the domain of the TB or PB is in the links list

If it’s not a TB or PB, then it has to have the commenter name and email filled out, which it then checks to see if that commenter and email match have had a previously approved comment. If they have it does one last check to see if the email address is in the moderation word list.

That was a mouthful…

Just look at function check_comment

That check_comment function might be hackable to check against previously approved IP’s, I think I try that. Would be more versatile I think.
Thanks for the help so far.

Oh well, doesn’t seem to work with the emails even. If I have the “… previously approved comment…” option on, and try to submit a comment with an email and name, it still goes right thru… what gives??? I did clean the DB of those name/email inputs I tried it with…

Okay, I got it… comment_approved default value was “1” NO WONDER it didn’t work… nice nice…

If it’s of any help… updated 1.2 to 1.5 and the only plugin is SpamKarma.

Whitelisting is shot. Last night 3 cam sex commentspams (their 1st comments) went on-line without being held for moderation. I got a newbie to check from their location… after messing up the CAPTCHA a few times (profile is set for strict at the moment) their first comment went straight to line. It’s also in the moderation queue too;~|

well.. that default value, even after I changed it to “0”…. still no-good. I need to to moderate ALL comments until I come up with a solution. Luckily my blog is quite new and no rush…

Hi, can I just a “me too” to this problem. I just installed 1.5, and have no plugins installed.

I too have the “Comment author must have a previously approved comment” check box on and yet anyone can still post a comment.

I have no previous comments, so theoretically noone should be able to comment, but so far three comment spammers have come through and the onlyone that was stopped was stopped because it contained like 100 links in it.

Any ideas on how to fix this? I don’t really want to turn the “every comment must be moderated” option on.

Thanks.

Has anyone had any further luck with this problem?

Here’s my ‘luck’ – your own mileage may vary.
Removed SpamKarma – it messed up ‘new commenter whitelisting’.
Stock WP v1.5 whitelisting is now working.
Incoming spam is TrackBack spam but still spam nevertheless.
Entered “tigerspice” into CommentBlackList area.
De-ticked future TrackBacks/PingBacks (never used hereabouts) in DiscussionOptions.
To resolve any further (legacy) TrackBacks/PingBacks (quickly/harshly) have installed the ModerateTrackBack plugin code (www.mtdewvirus.com/code) and, meanwhile, quietly working my way down my database. If I knew more about MySQL I expect I could clear the TB/PB ticks with one command, but I don’t;~/
Bottom line: no more trouble – no luck required.

I found a bug, reported it, and submitted a quick and easy patch for whitelisting. WP is currently whitelisting pingbacks and trackbacks, no matter what. The code didn’t have a way to return false for pb and tb.

If you want to make the quick fix to your install, check the patch file that is attached to the bug report.