Random Post: Creating PDF files from Word
RSS .92| RSS 2.0| ATOM 0.3
  • Home
  • Author
  • Breakfast
    •  

    OpenId for WordPress Seems Hopeless

    I’ve spent a long time this evening trying to decide how I might go about creating an OpenId plugin for WordPress for use with this site. The whole point is that you shouldn’t have to sign up for a user account to leave comments. Well, the way I have it set up right now, you don’t actually need to create a user account to post comments anyway. You can always just leave your name and email address. That actually works far better than I once thought it would: after the first time a allow one of your comments, everything else is allowed to pass right through. Of course, that system isn’t the most secure—authentication boils down to knowledge of an email address rather than a password. Then again, I don’t need my comments to be secure; I need them to be spam-free.

    Right now, it seems like WordPress was just not built for this type of extension. For one thing, the login page is hard coded into the WordPress core functionality and not very plugable. The code for posting comments in the wp-comments-post.php file is similarly hopeless. Basically, there’s no way to enable the use of OpenId without creating a hack rather than a plugin. It’s a shame too, because it seems like that sort of thing would be useful (and not just OpenId). With Kim Cameron and his push to present InfoCard as a sexy technology, you would think that improved authentication plugability would be a priority. Oh well. I suppose I should ask about this on a WordPress forum before getting any more frustrated.

    In any case, I’ve come to the conclusion that my goal shouldn’t be to enable the posting of comments with an OpenId: it should be the creation of users who authenticate with OpenId. When you click on login, you should be given the option to use a local password or an OpenId URI. Of course, that means I’ll have to hack WordPress, but such is life. What do you guys think? How hard is it to maintain just one more password?

    This entry was posted on Thursday, April 20th, 2006 at 11:17 pm and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    4 Responses to “OpenId for WordPress Seems Hopeless”

    1. Bill Burcham Says:
      May 25th, 2006 at 5:53 pm

      I use the OpenID Comments For WordPress plugin at memerocket and it works fine. I did have to manually replace some PHP in the comment form to integrate it, but it works.

      Note: I’d like to add a captcha in now since I’ve started to get comment SPAM. Comment SPAMmers are using OpenID now.

    2. Alan J Castonguay Says:
      June 23rd, 2006 at 5:35 pm

      “Of course, that means I’ll have to hack WordPress, but such is life. What do you guys think?”

      You’re right, the lack of hooks for authentication or registration is annoying. I think that the openid-registering should be implemented parallel to the Wordpress login scheme. As you noted, it’s not really possible to hook into the wp-login.php form. However, using a plugin it is possible to completely override the page, and re-implement all of its functionality. This is a kludge and a half, but doable.

    3. rzbgyntzye Says:
      June 22nd, 2007 at 9:28 pm

      Hello! Good Site! Thanks you! lsircrcmlu

    4. Rudolf Says:
      November 6th, 2008 at 12:47 am

      I like your office raises)

    Leave a Reply