I’ve just discovered a bug in my blog: any comment posts get thrown into the bit-bucket and are never passed to me for acceptance / publishing if the user making the comment is a guest (that is not a blog author) and accessing the public instance on my blog.ellisons.org.uk domain rather than my private and locally installed development system.
I can only plea in mitigation is that this combination made it easier to miss this bug in my module and integration tests. I did a quick check on my access logs (I’ve got the last 18 months archived), and I’ve work out how many comment posts were made in this period – roughly 4 a week. If I ignore the 21 spammer probes that were 404’ed, there were a total of 295 reader comments. The comments themselves are gone forever, but appended an article league table for comments, with a cut at 5 comments. My sincere apologies to all these blog readers, and I really regret losing this valuable feedback.
There were a couple of factors that helped my missing this. The first is that I decided to do a complete reimplementation of the blog engine based on some of the conclusions that I’ve come to in these articles on PHP performance, and I’ve been working on that on my development system. The second is that I had some heavy commitments in apache.org that took most of my spare time for a couple of months. Both of these will be the subject of future articles. However, I first needed to fix this bug before I could publish this article from my test system to live – otherwise I would have whithered with shame!
A postscript one month on
I continued to track the Apache logs and saw regular POSTs to articles but none were arriving on my administration queue for approval, so I added small diagnostic to dump any POSTs to the article page to a debug file. Yup lots of posts but all spam, which my “simple sum” validation was defeating. Nobody loves me after all 🙁