Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
The inline commenting bypasses Mollom for comments flagged as unsure.
Steps to reproduce
- Installed Drupal 7.22
- Enable comments if not enabled in a minimum install
- Set authorized users to have the following permissions - View comments, Post comments, Skip comment approval
- Installed Ideal Comments 7.x-1.1
- Installed Mollom 7.x-2.6
- Set Mollom to test mode
- Add a comment form to Mollom for a selected content type
- Go to the content type where you added Mollom comment form and add some content
- Add a comment to a added content as 'ham'
- Try replying to the ham content as 'spam' or 'unsure'
- Mollom security filtering will be bypassed and the spam will be added straight away
Note: I would not recommend this module for large production sites. I am debugging a site which has nearly 2.4GB of spam comments that has been added because of this bug. Therefore flagged this issue as Critical. Please update your module page to reflect this issue so you can prevent people not using the module with a similar setup as described above.
Comment | File | Size | Author |
---|---|---|---|
Screen Shot 2013-06-02 at 09.15.34.png | 38.05 KB | sankatha |
Comments
Comment #1
drupalerocant CreditAttribution: drupalerocant commentedI had the same problem, the only way to solve the big amount of spam was disablig ideal comments module.
A pity, as it is very useful.
I'll follow the issue jus in case someone can solve it.
Comment #2
drupalerocant CreditAttribution: drupalerocant commentedanyway I would say this is a duplicate of #1722414: About mollom