Sometimes Simplicity is the Answer

Shelley on Tuesday, 2008-06-10

Tagged:

The Web: The Technology

I never realized before that the difficulty with XHTML and allowing comments has a solution so breathlessly simple that I hit myself for not having seen it before.

I have configured the htmLawed module to "scrub" comments, but that wasn't the solution. The solution is not to allow a person to save a comment until they preview the comment, first. If the input is invalid XHTML, they won't see the form, or the form save button, in order to save the comment.

htmLawed should help with the accidentally invalid XHTML, and preview should help eliminate the deliberately invalid XHTML. We hope.

I've turned comments on. We'll see how it goes.

update

Yesterday I discovered that the htmLawed module was still allowing the infamous U+FFFF et al through, and submitted a bug. Today, the htmLawed Drupal module was just updated to point to htmLawed source 1.0.9, which neutralizes the illegal Unicode characters that caused so many problems with my Wordpress installations.

I am absolutely astonished at how fast and how responsive the htmLawed Drupal module developers are. I submitted a bug yesterday, and it was fixed by today. My comments should now be XHTML safe.

Printer-friendly version

Comments

Submitted by Anonymous on Tue, 06/10/2008 - 10:54.

Interesting idea. Too bad WordPress doesn't have "Preview Comment" functionality out of the box (though I'm sure a plugin out there would do the trick like this one).

However, I see at least one problem: I might enter valid XHTML, then press Preview. Then in the next screen enter invalid XHTML and click Save. The only way I see around this is to get rid of the editable textarea in Preview mode (and force people to use their browser's Back button if they want to re-edit).

P.S. Another Problem: While playing around with your Comment Preview thing, I found that if I put two href's in an <a> element, Drupal apparently strips out all but the last one for preview.

P.P.S. Yet Another Problem: At least in the comment preview, the paragraphs did not break automatically for me. This comment has four paragraphs.

Submitted by Shelley on Tue, 06/10/2008 - 11:20.

That I could add functionality in so that if the text is changed, the save button is hidden and the person has to go through preview again. Of course, that begs the question of what to do if scripting is disabled. In addition, I think that htmLawed will do scrubbing for illegal characters, but I'm still going through the documentation and haven't seen how to ensure that the illegal characters are scrubbed out.

As for not honoring the paragraph breaks, not sure what's happening. According to the documentation, that functionality is handled by Drupal (and is turned on). Hmmm.

Update: I had the filters in the wrong order.

Submitted by Frans (not verified) on Wed, 06/11/2008 - 08:15.

You could check on the server-side if the comment data is the same as before or different, as well as through client-side. If it's different, enforce preview again.

Submitted by Shelley on Wed, 06/11/2008 - 13:17.

And an option I'll look into. Either yours or Jeff's solution would work. It's more a matter of seeing how I can modify behavior without directly hacking the comments module.

Submitted by ScottM (not verified) on Tue, 06/10/2008 - 16:07.

I like it-- it sounds like a solid, simple solution. With lots of Ses to describe it.

Submitted by Bud Gibson (not verified) on Tue, 06/10/2008 - 20:22.

I *like* this commenting system, particularly the fact that I can put a little title on the comment.

Now, what would be really great is if I could log in, comment, have it show up in my aggregated comments somewhere as well as on your post.

Welcome to Web 2.0, I think you're creating a community site.

Submitted by Bud on Tue, 06/10/2008 - 20:30.

I just discovered that I can do OpenID commenting. I like this new system. Superior. Let's see if I'm trusted under my OpenID or if I have to log in to your site.

What would be good is if you associated my OpenID with my user. I originally came in on OpenID, then was assigned a user name. Let's see if the OpenID I originally used is associated with the user you gave me. It is on the OpenID end.

upadate: Indeed my OpenID login IS associated with my user. Shelley, you've convinced me that this is the platform to use. Does it import MT?

BTW, xhtml is not an issue for me, as I almost always use plan text and put my links in raw. If you gave me formatting buttons, I would attempt those.

Submitted by Shelley on Tue, 06/10/2008 - 20:51.

Bud, I haven't a clue. I imagine it does, most of the tools use the same type of RSS export syntax.

Submitted by Jeff Schiller (not verified) on Tue, 06/10/2008 - 22:49.

Just an FYI - that first anonymous comment was me. I just tried logging in using my OpenID that I've used on Sam Ruby's site a couple times, but it complained about an illegal character (presumably the underscore in jeff_schiller?).

Anyway, this is fine too...

Submitted by Shelley on Wed, 06/11/2008 - 13:18.

I had a feeling it was you, Jeff. It had your voice and you, I, Sam, and Jacques are, I think, the only living people interested in open comments and strict XHTML support.

Not sure what's happening with the OpenID module. Sounds like a good bug to file with the OpenID module developers.