The latest 6.x versions of the Mollom module support the Pressflow lazy session handling, however it's not clear how that support works without looking through the code or issue #562374: Mollom incompatible with Pressflow's (and Drupal 7's) session handling -- causes CAPTCHAs to fail. The 'more help' link in the module settings contains the mode descriptions from the old module, which does mentioned captch cache effects, but not everyone will look here. When the comment form is configured to only use the Mollom captcha, anonymous comments are enabled, and the comment form is displayed on a node view, a session is started for ALL node views. Without looking in one of those places mentioned, most people would be confused about why they are seeing none of their content getting cached. Can the the captcha cache warning be made more prominent? It might also make sense to add a prominent warning based on the sites cache mode.
Comment | File | Size | Author |
---|---|---|---|
#8 | 0001-723422-by-sun-Clarify-protection-mode-options.patch | 4.28 KB | sun |
#7 | admin-protection-modes.7.png | 11.35 KB | sun |
#7 | mollom.admin-protection.7.patch | 3.95 KB | sun |
Comments
Comment #1
sunHm. Not sure where to put this. Ideally, README.txt...
Comment #2
sunI think this is no longer the case, as we've made the module compatible with browsers/clients not supporting cookies over in #775398: Disabled cookies == no session data, impossible to submit a protected form
Comment #3
Dries CreditAttribution: Dries commentedThis is not entirely fixed. The patch in #775398 makes it better but we still have a
$GLOBALS['conf']['cache'] = 0;
in themollom_process_mollom()
to prevent pages with CAPTCHAs from getting cached. The reason we can't cache those pages is because the URLs to the CAPTCHAs are session specific.Maybe that is something to document on the form protection settings page? It can be a reason to choose 'text analysis mode' over 'CAPTCHA only mode'.
Either way, I'm going to set this to 'needs work'.
Comment #4
sunComment #5
sunComment #6
sunDue to another issue that got fixed recently, the latest stable release outputs a note for the CAPTCHA-only protection now:
The wording of this note can definitely be improved.
Comment #7
sunAttached patch...
1. Clarifies the recommended option for all settings.
2. Clarifies the difference between text analysis and CAPTCHA-only.
3. Ensures that the recommended option always comes first.
Screenie:
Comment #8
sunComment #9
sunThanks for reporting, reviewing, and testing! Committed to all branches.
A new development snapshot will be available within the next 12 hours. This improvement will be available in the next official release.