Padraic Brady has posted part ten in his series on the construction of a blogging system with the Zend Framework. This part of the series focuses on the commenting system and using a reCAPTCHA and Akismet system on it to prevent spam.

Blogs all have two other features besides actual content. They allow readers to post comments, and they offer XML feeds of their content. With the blog application itself coming along nicely, and with Addendum #2's revised styling, it's a good time to take a peek at adding comments.

He has created a custom Service component for the framework that interfaces directly with the reCAPTCHA service (along with a form helper, view helper and validation methods) so that an element can be added just like anything else in a form. Code of its use is included.

He works this into his comment form, including the Controller and the action that would be called. He shows how to attach an Akismet call to the form too via the framework's own service methods. Finally, he handles the other side of things - the administrative piece and displaying the (hopefully non-spam) comments back out on the post.

Vinu Thomas has posted about a PHP/GD CAPTCHA solution he's come across - Secureimage.

From the company's description:

Securimage is an open-source free PHP CAPTCHA script for generating complex images and CAPTCHA codes to protect forms from spam and abuse. It can be easily added into existing forms on your website to provide protection from spam bots. It can run on most any webserver as long as you have PHP installed, and GD support within PHP.

Features of the tool include simple addition and validation methods, the ability to make audible CAPTCHAs and True Type font support. You can download the software from the project's website.

On the ProDevTips blog today, Henrik has posted about an alternative to the popular Akismet plugin for the PHP blogging tool, WordPress, to help prevent even more comment spam from making it past - WP_Hashcash.

WP Hashcash is an antispam plugin that eradicates comment spam on Wordpress blogs. It works because your visitors must use obfuscated javascript to submit a proof-of-work that indicates they opened your website in a web browser, not a robot.

He includes the code that he needed to change to get the widget part of the plugin up and working correctly. You can find out more about this plugin from its page on Elliot Back's blog.

There's an odd little application that's been brought up that's written in PHP with one purpose - obfuscating an email address/HTML so it's very difficult for a spambot (or other harvesting program) to get a hold of the content and add to its list. The Obfuscator takes in an email address and, with the click a button, spits back out the obfusicated code.

They're also offering the source for the application so you can get behind the scenes and see how it works. It definitely does a good job at making things more difficult, but I'm not sure how useful it really is in practice. If you're just using it to drop into a one-time kind of location, it would work, but the results this thing spits out would be a nightmare to maintain (especially the HTML).

One good thing, though, is that too the user, it all looks seamless. There's no funny characters or things they'd have to change in their browser to get it to work.