add rakismet support and update README and CHANGELOG

CHANGELOG

@@ -3,6 +3,7 @@
 =1.2.0
 * Threaded private messages
 * Clear cache link in admin dashboard
+* Add support for using rakismet gem to check comments for spam (see README for instructions)
 
 =1.1.0
 * fixed time_ago formatting problem on user/index

README.markdown

@@ -17,6 +17,7 @@ Requirements:
 	  ri_cal
     authlogic
     searchlogic
+    rakismet (if using akismet for spam protection)
 	  aws-s3 (if using s3 for photos)
 
 Getting CommunityEngine Running
@@ -75,6 +76,7 @@ LONG VERSION:
 		  config.gem 'icalendar'		
 		  config.gem 'authlogic'
 		  config.gem 'searchlogic'
+		  config.gem 'rakismet'		  
 		  
       config.action_controller.session = {
         :key    => '_your_app_session',
@@ -226,6 +228,29 @@ Note, this will affect the look and feel of buttons. You can highlight what is l
 For more, see /lang/readme.txt.
 
 
+Spam Control
+------------
+
+Spam sucks. Most likely, you'll need to implement some custom solution to control spam on your site, but CE offers a few tools to help with the basics. 
+
+ReCaptcha: to allow non-logged-in commenting and use [ReCaptcha](http://recaptcha.net/) to ensure robots aren't submitting comments to your site, just add the following lines to your `application.yml`:
+
+    allow_anonymous_commenting: true
+    recaptcha_pub_key: YOUR_PUBLIC_KEY
+    recaptcha_priv_key: YOUR_PRIVATE_KEY
+
+You can also require recaptcha on signup (to prevent automated signups) by adding this in your `application.yml` (you'll still need to add your ReCaptcha keys):
+
+    require_captcha_on_signup: true
+
+Akismet: Unfortunately, bots aren't the only ones submitting spam; humans do it to. [Akismet](http://akismet.com/) is a great collaborative spam filter from the makers of Wordpress, and you can use it to check for spam comments by adding one line to your `application.yml`:
+
+    akismet_key: 4bfd15b0ea46
+
+(If you do this, make sure you are requiring the `rakismet` gem in `environment.rb`)
+
+
+
 Other notes
 -----------
 

app/models/comment.rb

@@ -1,5 +1,7 @@
 class Comment < ActiveRecord::Base
-
+  include Rakismet::Model
+  rakismet_attrs :author => :author_name, :comment_type => 'comment', :content => :comment, :user_ip => :author_ip
+
   belongs_to :commentable, :polymorphic => true
   belongs_to :user
   belongs_to :recipient, :class_name => "User", :foreign_key => "recipient_id"
@@ -15,7 +17,8 @@ class Comment < ActiveRecord::Base
   validates_presence_of :author_email, :unless => Proc.new{|record| record.user }  #require email unless logged in
   validates_presence_of :author_ip, :unless => Proc.new{|record| record.user} #log ip unless logged in
   validates_format_of :author_url, :with => /(^$)|(^(http|https):\/\/[a-z0-9]+([\-\.]{1}[a-z0-9]+)*\.[a-z]{2,5}(([0-9]{1,5})?\/.*)?$)/ix, :unless => Proc.new{|record| record.user }
-
+  validate :check_spam
+
   acts_as_activity :user, :if => Proc.new{|record| record.user } #don't record an activity if there's no user
 
   # named_scopes
@@ -116,10 +119,15 @@ def unsubscribe_notifications(email)
     end
   end
 
-  protected
-  def whitelist_attributes
-    self.comment = white_list(self.comment)
-  end
+  def check_spam
+    if AppConfig.akismet_key && self.spam?
+      self.errors.add_to_base(:comment_spam_error.l) 
+    end
+  end  
 
+  protected
+    def whitelist_attributes
+      self.comment = white_list(self.comment)
+    end  
 
 end

community_engine_setup_template.rb

@@ -77,6 +77,8 @@ def add_application_yml(name)
 gem 'ri_cal'
 gem 'authlogic'
 gem 'searchlogic'
+gem 'akismet'
+
 rake('gems:install', :sudo => true)
 
 

config/application.yml

@@ -11,14 +11,17 @@ closed_beta_mode: false
 # off of the http headers
 community_locale: "en"
 
-# The label you use for 'staff' writers (featured writer, staff, pro, etc.)
 allow_anonymous_commenting: false
 require_captcha_on_signup: false
 #recaptcha_pub_key: YOUR_PUB_KEY
 #recaptcha_priv_key: YOUR_PRIV_KEY
 # uncomment these keys if you turn captcha on for commenting or signup
 
-# for SEO reasons sometime you should control the robots on how they have to handle your content
+#akismet_key: YOUR_KEY
+#uncomment this if you want to use akismet for comment filtering. Go to http://en.wordpress.com/api-keys/
+
+
+# for SEO reasons sometimes you should control the robots on how they have to handle your content
 # listing of stuff which points to single posts or entries should normally not been indexed, 
 # but the robot should follow the internal link to show the post
 robots_meta_list_content: 'noindex,follow'

config/initializers/rakismet.rb

@@ -0,0 +1,5 @@
+if AppConfig.akismet_key
+  Rakismet::KEY  = AppConfig.akismet_key
+  Rakismet::URL  = APP_URL.gsub("http://", '')
+  Rakismet::HOST = 'rest.akismet.com'
+end

lang/ui/en.yml

@@ -279,6 +279,8 @@ en:
   comment_author_email_required: "Required, won't be shown on the site."
   #en: comment_web_site_label: "Web site (include http://)"
   comment_web_site_label: "Web site (include http://)"  
+  #en: comment_spam_error: "Comment was flagged as spam. Please make sure you aren't including any spammy words or links and try again."  
+  comment_spam_error: "Comment was flagged as spam. Make sure you don't include spammy words or links and try again"  
   #en: comments: Comments
   comments: Comments
   #en: comments_count: {{count}} comments