New Modue: LG Quarantine: The user powered comment and weblog entry monitoring system!
Development and Programming
Leevi, you da Man! Amazing. When I get some time i’d love to test this.This module is actually completed on my dev machine… I’m just finishing an update to LG Polls and then I will relaunch all of my popular extensions / modules. If you want to keep updated check back in the forum of follow me on twitter
I am now a follower…
Hey guys,
Just a note to say I have released v1.0.0 of LG Quarantine with full documentation. You can grab it over at my site.
I have tried to test every aspect of the module and document it thoroughly but if you find any bugs please post in the forum or PM me.
Heres the link: LG Quarantine - Flag ExpressionEngine entries and comments as inappropriate.
I understand why one would want the “reason of the quarantine request”, but isn’t the full form under each comment a bit much? Particularity as a default setup?
I got the AJAX alternative.
Also, when I go to the Module it get a nasty SQL error.
–EDIT—
Nevermind. Forgot to uninstall and reinstall the module.
I understand why one would want the reason of the quarantine request, but isn’t the full form under each comment a bit much? Particularity as a default setup? I got the AJAX alternative.
Yeah the form below every comment is a bit much but a necessity. I did use links at the start but there is a bit of a risk a rogue bot might still follow those links and could potentially destroy a full site.
A form for entries with some show/hide magic would be ok as its only rendered once.
I think the best way to go is using ajax to show the form for comments only.
Even if you add a
rel="nofollow"attribute?
rel=”nofollow” is ok for those bots who play nice but it relies on the template developer to add it in so it does have a couple of flaws.
The reason I use forms can be attributed to this post by 37signals which relates to Googles Web Accellerator and the damage it did to many rails apps.
In short any destructive function should be submitted using a POST not a GET. Rails achieves this by adding and submitting a form dynamically with javascript when a destructive link is clicked.
LG Quarantine also supports secure forms so there is a bit of protection against other sites trying to post to your site and destroy comments and entries.
When I wrote a (simpler) flagging module, I divided it into two parts: the form-creation tag, and the submission-button generating part. Each comment generated a button, but the form was outside of the comments loop.
When the button was clicked, it updated a hidden field in the form with javascript – so there was only one form created, which saved a LOT of processing, especially when EE secure forms were turned on.
Just something to consider.
TTFN Travis
Hmm… that’s an interesting idea Travis… but not unlike the loading of the form using ajax. Aren’t they the same thing? They both rely on JS.
Basically you would click the link which would call a GET request to a template with just the form in it. The form is then inserted into the page with all the correct hidden fields.
I see. Thanks Leevi! Makes sense. Guess there is very little choice there…
Yep… POST all the way for destructive actions… see my comments above about how to minimise processing.
Also as a fall back you could have the link post to a single page with just the form on it in the structure of your site. Just set the return param to send the user back to the post / comment after they have submitted the form.
Leevi,
You’re right, and that’s a decent way to avoid the problem of multiple form generation. But I prefer not to use the AJAX method for two reasons:
1) Ajax is relatively fast, but slower than having the form already in the page
2) Using AJAX to fetch the form creates another “page view” in the logs, and in general adds a little more processing overhead (though you could debate whether CPU cycles saved outweigh the CPU cycles consumed…)
On the submitting side, though, submitting the form with AJAX instead of forcing the user to another completion page is a decent idea.
TTFN Travis
Travis,
LG Quaranine actually hides the entry_id and entry_type in the db and not in hidden form elements so updating the form dynamically isn’t possible.
Ironically enough this is to stop people dynamically changing the entry_id before they submit the form and trying to skip around the security. I still chekc if people can flag once the form is submitted so it might be overkill.
At the moment I’m fairly satisfied that with some js magic and a couple of simple EE templates fast processing and a smooth user experience can be achieved.
Cheers
I’m hoping to use this with the MSM (multiple site manager) and I noticed that this module creates an error on the additional site. This appears on the CP home pageand does not record the flagged entries for the additional site as well.Notice: Undefined index: 2 in /domain-path/public_html/system/extensions/ext.lg_quarantine_ext.php on line 140
Getting a similar issue, is this the same issue as yours Rob Q?
View the thread I started here.