I thought I had it figured out – people using OpenID LiveJournal ids were being flagged by SpamKarma2 because their comments were missing the two SpamKarma2 “payloads”, which are hidden input fields in the comment field that are used by SK2 to make sure the commenter really did look at the post before posting the comment.
Investigation showed that the script “openid-comments-post.php” validates your id by passing the fields in the form off to the OpenID server which then calls the script back. It appeared to me that it was only passing the fields to the plugins that it knew about, and so it was missing these SK2 payloads. So I was planning to try adding those missing fields to the script. But first I did some further experiments. And that’s where it all fell apart. I’m not using my Powerbook, because it’s in the shop to get the DVD drive fixed. And I can’t use my Linux box either, because the X configuration on it is hosed. So I find myself using the old G4 which I’ve hardly used at all. And for some reason, every test I’ve tried on both Safari and Firefox has worked – SK2 is not complaining about missing fields.
So I’m left with a few possibilities:
- It’s not the script, it’s Livejournal that sometimes swallows the SK2 fields.
- The plugin architecture of WordPress doesn’t specify the order that the plugins run, and under some instances the SK2 plugin runs before the OpenID plugin and othertimes after, and that makes the difference.
- It depends on a cookie on my other computers that isn’t on this one.
Update: It’s still complaining about the missing fields when I attempt to use OpenID commenting from work. Which means it might be the cookie thing, or it might be a Mac versus Linux thing.