On Fri, Oct 03, 2008 at 10:02:29PM +1000, Bluebie, Jenna wrote: > The real trouble would probably come from prankster shoobies looking to > cause some havoc with their newfound skills. One way to work around that > would be to store a unique identifier, perhaps generated by the uuid gem, > the first time they run shoes.
The recipe that's always worked for me and blogspam is: first, issue the commenter an expiring token; second, limit the number of URLs that can be posted; third, periodically rename all the form fields (every 30 days); and, fourth, respect the people commenting. I don't think there's a danger of Shoesers getting malicious as long as the comments are generally helpful and high-quality. We may encounter some occassional mischief, but it'll be rare. I suspect RubyGarden's problem was that wikis can't generally restrict the second item on that list. _why
