Padraic Brady has posted part ten in his series on the construction of a blogging system with the Zend Framework. This part of the series focuses on the commenting system and using a reCAPTCHA and Akismet system on it to prevent spam.

Blogs all have two other features besides actual content. They allow readers to post comments, and they offer XML feeds of their content. With the blog application itself coming along nicely, and with Addendum #2's revised styling, it's a good time to take a peek at adding comments.

He has created a custom Service component for the framework that interfaces directly with the reCAPTCHA service (along with a form helper, view helper and validation methods) so that an element can be added just like anything else in a form. Code of its use is included.

He works this into his comment form, including the Controller and the action that would be called. He shows how to attach an Akismet call to the form too via the framework's own service methods. Finally, he handles the other side of things - the administrative piece and displaying the (hopefully non-spam) comments back out on the post.

Vinu Thomas has posted about a PHP/GD CAPTCHA solution he's come across - Secureimage.

From the company's description:

Securimage is an open-source free PHP CAPTCHA script for generating complex images and CAPTCHA codes to protect forms from spam and abuse. It can be easily added into existing forms on your website to provide protection from spam bots. It can run on most any webserver as long as you have PHP installed, and GD support within PHP.

Features of the tool include simple addition and validation methods, the ability to make audible CAPTCHAs and True Type font support. You can download the software from the project's website.

On the ProDevTips blog today, Henrik has posted about an alternative to the popular Akismet plugin for the PHP blogging tool, WordPress, to help prevent even more comment spam from making it past - WP_Hashcash.

WP Hashcash is an antispam plugin that eradicates comment spam on Wordpress blogs. It works because your visitors must use obfuscated javascript to submit a proof-of-work that indicates they opened your website in a web browser, not a robot.

He includes the code that he needed to change to get the widget part of the plugin up and working correctly. You can find out more about this plugin from its page on Elliot Back's blog.

On the Venture Skills Blog, there's a new post that looks at one of the more recent advancements in keeping the spammers away from your blogs comments (one among many other uses) - re-captchas.

Commonly CAPTCHA is a visual image where the user is asked to type the word they see (or hear) however some provide a logic puzzle [...] Re-captcha works by asking the user for two words instead of the normal one, one word is known to the system and is the actual CAPTCHA the second is an unknown word, if the user gets the CAPTCHA then the users "guess" for the unknown word is recorded, over time a word is given a probability score and when high enough becomes a known word.

They Also include links to re-captcha modules for two of the popular CMS/blogging tools - WordPress and Drupal - to make integration easy.

In a new post on the Dotvoid.com blog today, Danne Lundqvist talks about some of the issues he's had with the mail function in PHP. Specifically, it's about the mails being set but not making it to their destinations.

Instead I have used a PHP class that allows me to send emails using a remote smtp server using an account on that server. This has been a good solution for my setup anyways. A few days ago a friend of mine was asked to investigate the very same problem for a client.

As it turns out, the solution to their problem was pretty simple - a conflict between the sendmail_from in the php.ini and the "From" passed into the mail function call. A simple ini_set resolved the issue and kept the spam filters from catching and blocking the message.

PHPClasses.org is spotlighting another package from their site today - this time it's a CAPTCHA class that takes things a step further and introduces animation into the mix to make it even harder for bots to get through.

Laszlo Zsidi is a PHP Web developer that has written an harder to break CAPTCHA solution. It consists in generating animated GIF images that exhibit the validation text.

Since the text never appears all at once in each of the animated frames, this solution certainly raises the bar in terms of difficulty for the robots to guess the validation text, making it very hard to defeat, if possible at all.

You can check out the class here, including a sample animated gif file and a download of everything you'll need to get started.

There's an odd little application that's been brought up that's written in PHP with one purpose - obfuscating an email address/HTML so it's very difficult for a spambot (or other harvesting program) to get a hold of the content and add to its list. The Obfuscator takes in an email address and, with the click a button, spits back out the obfusicated code.

They're also offering the source for the application so you can get behind the scenes and see how it works. It definitely does a good job at making things more difficult, but I'm not sure how useful it really is in practice. If you're just using it to drop into a one-time kind of location, it would work, but the results this thing spits out would be a nightmare to maintain (especially the HTML).

One good thing, though, is that too the user, it all looks seamless. There's no funny characters or things they'd have to change in their browser to get it to work.

On his blog today, David Coallier has an announcement about the PEAR package he's been working on that's finally come into it's own - the Text_CAPTCHA_Numeral.

Hello all, so for the previous weeks I have put the simple pear package Text_CAPTCHA_Numeral through the rough pear proposal process and voting. Now it has been proposed, and accepted, you can see it working at this address (In it's natural form).

David also points out the live source of the demo, giving developers a great place to start with this package. There's even two FAQ questions to help get simple topics out of the way (spammers and storing the answer).

Ryan points out a handy tool to help keep even more spammers from making their way to your blogs and posting comments - Bad Behavior.

I love Akismet the spam filter for comments that is built into Wordpress. It's blocked 812 spam comments in a little under 2 months for me. I was content with it, but I grew tiresome that it would even get to my site. Akismet is great for blocking spams that are already to your blog, but there has to be something out there that would block the spammers from coming to your site in the first place.

Luckily there is something like that, it's called Bad Behavior.

Luckily, it's also made for Wordpress, so you can download and install directly with no fuss. He comments that he's already seeing results with even more caught than Akismet was before.

When it comes to limiting the spam that comes through on your site (usually on the open comments), a CAPTCHA can do some of the best work. It provides a good alternative to convoluted techniques for restricting the commenting system of your site, and does it in a simple, easy for a human to use, kind of system. Implementing them, however, can be a bit tricky, so this new article on Dublish.com is here to help.

The article steps you through the creation of the single-script functionality to generate the image. It's an image with a series of random characters on a gradient background created with the GD libraries. The code used in the CAPTCHA is stored in a session variable for validation later. He adds a few graphical touches to make it look a bit nicer, and finishes off with an example of its use.