Quantcast

«

»

Jan 26 2013

Impostercide tweak

Hoping this ends the lamentations of people forgetting to sign in before posting a comment, and using an already-registered name. Impostercide should now do something like this:

Possible Imposter

You are attempting to post a comment with information (i.e. email address or login ID) belonging to a registered user. If you have an account on this site, please login to make your comment. Otherwise, please try again with different information. Copy and paste the comment below into another document before returning to the previous page or you may lose the comment.

Comment submitted:
Don’t mind me, testing Impostercide updates.

Let me know if this mangles anything else. It shouldn’t; it was a very simple tweak.

In case you’re forgetting why this is even necessary, here’s a reminder.

Update:
For clarity, at the recommendation of some folks on Twitter, I’ve altered the text somewhat.

Possible Imposter

You are attempting to post a comment with information (i.e. email address or login ID) belonging to a registered user. If you have an account on this site, please login to make your comment. Otherwise, please try again with different information.

Copy and paste the comment below into another document before returning to the previous page, or you may lose the comment (depending on your browser and settings). You can log into your account using the icons above the comment form on the previous page.

Comment submitted:
Testing another Impostercide tweak.

13 comments

Skip to comment form

  1. 1
    gAytheist

    so I’m confused. I sign in using my Google account. Is that still OK (I guess I’ll find out when this question either does or doesn’t get posted)?

  2. 2
    Jason Thibeault

    Yeah, that’s fine.

    When you auth against an account, what it does is it creates a local login (with a randomly generated hash username), then updates the display name to match your service’s login. If you log in with Google, you pretty much always have to log in with Google to use your registered name. If someone tries to use your login name or email address, they’ll get bounced as an impostor.

    If you use a local login (e.g. you signed up for a FtB WordPress account), you’ll have to use that username/password to log in. If you use Facebook or Twitter, likewise (and I believe using either forces your display name to be the sc_hashofnumbers style username you’ll sometimes see on Dispatches).

  3. 3
    Aratina Cage

    Thank you! :)

  4. 4
    Xanthë, Amy of my threads

    Hi Jason,

    since I have a WP account which uses the same e-mail address as the FtB account, it seems to be doing some sort of redirection — I logged out a couple of times, and logging in with the WP credentials essentially gets remapped to the FtB account.

  5. 5
    Xanthë, Amy of my threads

    Ditto Facebook and Google (seeing as the registered e-mail is at gmail!); logging in with the FB or Google credentials is enough for FtB to say, okay that must be the same person as has this local account here at FtB, so I end up being logged in under the FtB account. Neat. The only login method that I can’t use is Yahoo (since my Yahoo account is cobwebbed).

  6. 6
    birgerjohansson

    Testing.

  7. 7
    birgerjohansson

    Yeah!!!! It finally works!

  8. 8
    Randomfactor

    One more tweak requested: PZ and Ed have a link at the bottom of all their posts which not only directs you to the WordPress login, but then redirects you back to the article at hand. Without that, clicking the WordPress icon you provideand logging in forwards me to a Dashboard page which is of no use to me. So I’ve taken to logging in at PZ/Ed’s blog even if the post I want to comment on is at another blog.

    This one, for example.

    As the redirect link appears at the bottom of every PZ/Ed comment, I’m assuming it’s something in their style sheet which could be adopted by all FTB writers?

  9. 9
    Jason Thibeault

    That’s actually a function of WordPress, and the fact that PZ and Ed both require registration. However, it might be possible to hijack the code WordPress uses for that login link, and make sure the theme’s login buttons (the ones marked Connect With on others’ forms) uses the same redirect scheme.

    I really wish people wouldn’t slag on Dashboard so much though. It’s so useful for managing your own profile, e.g. display name. Poor dashboard never gets a chance. :(

  10. 10
    CompulsoryAccount7746, Sky Captain

    On a related note, ReasonableDoubts has been getting hit hard by spammers for a couple months now.

    I tried notifying the hosts via their doubtcast gmail account, but I got no response.

  11. 11
    ragarth

    This is a test post. I got smacked by this code last night, and my attempt to post on Lousy Canuck after that popped into moderation.

    If this post is moderated as well, does that mean trying to post when you forget to log in automatically restricts your account?

  12. 12
    Jason Thibeault

    ragarth: No, each blog has its own rules for moderation. Mine, since a giant spam deluge about a month (couple months? Like Reasonable Doubts?) ago, has switched to “you must have an approved post before comments leave moderation”. It’s slightly more work for me, but it keeps about twenty spam posts a day from hitting the front page. After you’ve had a comment pass moderation, you’re free to post (unless you’re put INTO moderation, at which point I have to approve every comment).

    If you got hit by it, it’s just because you forgot to log in, and logging in (or using a different name/email) is enough to put you back into good standing. Otherwise people could “prank” one another by intentionally tripping the Impostercide on them. And we have some very petty assholes in this community.

  13. 13
    ragarth

    Rightio. Thanks for letting me know.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite="" class=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>