Welcome to Dagon Design. In addition to free scripts, WordPress plugins, and articles, we offer a variety of services including custom theme design, plugin creation, and PHP scripting. Contact me for more information.

Updated Friday, February 20th, 2009 at 8:20pm

Prevent author impersonation in WordPress comments

This modification to WordPress prevents unregistered comment authors from using the names or email addresses of the registered authors on your site. It does this by first checking to see if the comment author is logged in. If they are not, it compares their name and email address to the registered author data. If there is a match, the comment is blocked and a custom message is displayed. The name and email address comparison is case-insensitive.

Requirements

This code modification has been tested in WordPress 2.2 through 2.8+

Instructions

1) Open /wp-comments-post.php for editing (backup the file first!)

2) Find the following block of code:

Notice: In WordPress 2.8, the code has changed a bit, but should be easy to find near the top of the page.

$comment_author       = trim(strip_tags($_POST['author']));
$comment_author_email = trim($_POST['email']);
$comment_author_url   = trim($_POST['url']);
$comment_content      = trim($_POST['comment']);

3) After it, add the following:

// get list of user (display) names for blog
global $wpdb;
$valid_users = (array)$wpdb->get_results("
  SELECT display_name, user_email FROM " . $wpdb->prefix . "users");

// get ID of logged in user (if there is one)
global $userdata;
get_currentuserinfo();
$logged_in_name = $userdata->ID;
$logged_in_email = $userdata->user_email;
 
// see if the comment author matches an existing author
$found_match = FALSE;
foreach ($valid_users as $va) {
  if (trim($va->display_name) != '') {
    if (strtolower($va->display_name) == strtolower($comment_author)) {
      $found_match = TRUE;
      break;
    }
  }
  if (trim($va->user_email) != '') {
    if (strtolower($va->user_email) == strtolower($comment_author_email)) {
      $found_match = TRUE;
      break;
    }
  }  
}

// if commenter is not logged in, but match was found, block the comment
if (trim($logged_in_name) == '') {
  if ($found_match == TRUE) {
    wp_die( __('You cannot post using the name or email of a registered author.') );
  }
}

4) Save and close the file

Notes

To test this modification, simply log out and try to post a comment using the name that displays when you regularly post comments (when you are logged in).

If you would like to change the message, just modify this line:

wp_die( __('You cannot post using the name or email of a registered author.') );

  If you have found this page useful, please consider donating. Thanks!

  1. 88
    Handbags Replicas
    12-25-11 1:09AM

    I highly recommend Dagon Design’s Multi Column links. Check out how it looks on my site.LV

  2. 87
    Handbags Cheap
    12-25-11 12:59AM

    it’s easy plugin to use and very useful for people who use wordpress as their platform. bravo for dagon design COACH

  3. 86
    Replicas Handbags
    11-15-11 10:04PM

    I have been very optimistic about you, I think you can certainly make some big business. Just do you good. Believe me. Handbags

  4. 85
    Handbags Cheap
    11-15-11 9:55PM

    It is well known that unity is strength, a chopstick is very fragile, ten chopsticks hard reality, not so fast can be broken. So, no matter how many contradictions, we should be united together, is not it, Oh, I hope to peaceful coexistence. Handbags

  5. 84
    gucci
    11-4-11 11:08PM

    Coach is a leading American designer fydf

  6. 83
    wholesale
    10-31-11 7:20AM

    Coach is a leading American designer

  7. 82
    coach
    10-29-11 10:54PM

    him realize that its his calling to reach out to them and share his skills and knowledge to turn them into better persons and athletes.European Championship qualifying, group A has a competition at home.

  8. 81
    cheap coach boots
    10-29-11 10:45PM

    i liked it .thanks for shairing.

  9. 80
    sheepskin ugg
    10-29-11 10:33PM

    Hey, very intrusting and informative Video .it is realy useful of my side . i liked it .thanks for shairing.

  10. 79
    wholesale
    10-28-11 12:40AM

    I usually find great deals on ebay and with ma

  11. 78
    cheap coach sunglasses
    10-27-11 10:09PM

    bottleless water coolers I will watch this on youtube later when I am done with my work even it has low video quality

  12. 77
    gucci hat
    10-27-11 10:09PM

    Hey, very intrusting and informative Video .it is realy useful of my side . i liked it .thanks for shairing.

  13. 76
    wholesale
    10-24-11 6:42AM

    wished to write in my site something like that.

  14. 75
    wholesale
    10-17-11 6:18AM

    Brand Scientific research cen

  15. 74
    wholesale
    10-16-11 7:24AM

    he COACH handbag receives people’

  16. 73
    donghanjin
    10-15-11 5:18AM

    Thank you so very much for taking

  17. 72
    wholesale
    10-11-11 2:36AM

    ?the pier at Gulfport precisely where riggings of shrimp boats are loose stitches

  18. 71
    wholesale designer
    10-10-11 10:19PM

    tell me .you like it so much??

  19. 70
    wholesale
    9-29-11 2:42AM

    Burberry Handbags are one of best selling brand Bags around the world. Burberry

  20. 69
    wholesale
    9-20-11 2:01AM

    Our online shop offering the most popular Gucci Men’s Sandals, We deal with world brand Gucci Thong Sandals For Men. You will find them are the most stylish and up-to-date. Safe and fast shipping is worth to have a try.

  21. 68
    replica cheap jackets
    9-19-11 8:40PM

    Thanks for a nice share you have given to us with such an large collection of information dvvfffd

  22. 67
    wholesale
    9-16-11 8:57PM

    I wouldnt have ever noticed you if I never tried look and research. Superb and excellent and aim delighted I saw it. Now I know what I need to do. Thanks ever so much.

  23. 66
    replica eyewear
    9-5-11 11:45AM

    Nice hosting! It’s my first time to read like this article. hndhnf

  24. 65
    replica eyewear
    9-5-11 11:21AM

    vgs This is a wonderful site! I’ve been looking for something like this 
for a while now! Thank you!

  25. 64
    replica jewelry
    8-30-11 11:18PM

    it’s very useful.rfg

  26. 63
    Mads
    8-27-11 7:43PM

    This webpage is just what i was looking for – thank you for sharing all this.

  27. 62
    handbags
    8-25-11 12:16PM

    Thanks for a nice share you have given to us with such an large collection of information dvvfffd

  28. 61
    replica
    8-25-11 12:15PM

    Thank you so very much for taking the time to share…very useful, indeed!cvbf

  29. 60
    handbags
    8-25-11 12:13PM

    Thanks for a nice share you have given to us with such an large collection of information dxxffd

  30. 59
    shaki
    8-24-11 2:17AM

    i appreciate this effort,..
    best regards,..

  31. 58
    online mba tumblr
    8-14-11 5:18AM

    Thanks for all the clarification and help. It was really very supportive.

  32. 57
    online degrees blog
    8-12-11 5:27AM

    Thanks a lot for the help and advice.

  33. 56
    Admin
    7-4-11 11:07AM

    Thx for the comments!

  34. 55
    Best Phone Lookup
    6-6-11 7:47AM

    I visited this page first time and found it Very Good Job of acknowledgment and a marvelous source of info………Thanks Admin!

  35. 54
    marihuana nasiona
    6-4-11 5:02AM

    The word press has really help a lot. Keep it up.

  36. 53
    sun
    4-21-11 12:00PM

    I want to thank you for the efforts you write in this post. I hope the same best work from you in the future. Thanks for sharing us a great information that is actually helpful. Good day! bachelor in fire science

  37. 52
    Myrna
    4-15-11 3:38AM

    A very very funny series thank you one and all for bringing it to our screens.

  38. 51
    sun
    4-12-11 12:03PM

    I want to be a part of this mags. I have idea to make a good design and to make a good layout for this mags. We need to make other people to feel interesting by see our mags cover, then they will buy it criminal justice bachelors

  39. 50
    sun
    4-9-11 7:35AM

    My 2 year old son has been in the hospital for bilateral pleural chylous effusions since Jan 29, p/o Fontan in November of 2009. He has tried diet, diuretics, thoracic duct ligation and now pleurodesis on the right side. end of tenancy cleaning

  40. 49
    sun
    4-9-11 7:33AM

    My 2 year old son has been in the hospital for bilateral pleural chylous effusions since Jan 29, p/o Fontan in November of 2009. He has tried diet, diuretics, thoracic duct ligation and now pleurodesis on the right side. Donnie Boddy

  41. 48
    sun
    4-8-11 5:11AM

    please make sure you have read the entire article. Also, please read through the comments because most common issues have already been discussed many times. Thanks. healthcare IT degree

  42. 47
    sun
    3-22-11 8:22AM

    please read through the comments because most common issues have already been discussed many times. Thanks. information technology masters degree

  43. 46
    ???????
    3-20-11 10:49PM

    nice tip. it’s work

  44. 45
    masters degree sports management
    3-7-11 1:46AM

    Wow , I was looking for this tips until i found this
    It’s very nice tips.masters degree sports management

  45. 44
    loveseats for small spaces
    3-5-11 11:22AM

    yes agree with people. This is the nice tip we should know. Go Go

  46. 43
    healthcare administration degree online
    3-4-11 6:10PM

    please read through the comments because most common issues have already been discussed many times. Thanks.healthcare administration degree online

  47. 42
    DVDSoft
    2-17-11 2:14AM

    Thanks so much! Great plugin.
    mp4 to dvd, itunes to dvd

  48. 41
    genelce
    2-12-11 8:18PM

    Thank you thank this ia a nice tip

  49. 40
    person_guyz
    2-1-11 8:13AM

    Best-of-Programm jedoch probiert Josef Hader etwas, was viele Kollegen machen, er aber normalerweise nicht: Nummern spielen und dazwischen Lieder singen.online engineering masters degrees

  50. 39
    jibran
    1-30-11 3:06PM

    Companies these days are using ergonomic furniture to ensure that there are no injuries from work related hazards. Use an ergonomic chair and feel better comfort in your back and shoulder. Bed Bugs

  51. 38
    webseo67
    1-25-11 3:55AM

    Hi! I tried to use your plugin but it shows me the last XX posts instead of the posts of the last XX days…
    mary kay skin care

  52. 37
    jibran
    1-18-11 2:08AM

    Best-of-Programm jedoch probiert Josef Hader etwas, was viele Kollegen machen, er aber normalerweise nicht: Nummern spielen und dazwischen Lieder singen. best movie download sites

  53. 36
    biker helmets
    1-10-11 5:45AM

    Wow , I don’t know about this tips before.
    I do like Prevent author impersonation in WordPress comments as you post in tutorial.

  54. 35
    DVDSoft
    12-19-10 12:15AM

    And if you download the right software, you can MP4 to DVD. How to remove DRM protection from M4V, WMV, M4P, AAC, M4A, WMA, OGG, iTunes, Napster, Rhapsody legally? So that you can burn iTunes to DVD or convert DRM files to other unprotected formats.

  55. 34
    55 inch lcd
    12-3-10 10:52AM

    Wow , I was looking for this tips until i found this
    It’s very nice tips.

  56. 33
    ?????????????????
    11-16-10 11:42AM

    Thank. This ia a nice tip!

  57. 32
    sai
    10-12-10 2:13AM

    it’s help a lot to me

  58. 31
    rap
    8-20-10 3:09PM

    oww nice . thank you .)

  59. 30
    John
    7-30-10 1:22PM

    I also need this for WP 3.0. Has anyone got it working on the new version yet?

  60. 29
    zaone
    7-25-10 11:57AM

    Hi, it seems like this doesn’t work on WP 3.0. Do you know what modifications should be made to make it work? Thank you.

  61. 28
    nikki
    6-29-10 2:40AM

    We supply all kinds of moncler boots,moncler bags,moncler coats,moncler jackets,moncler T-shirt,moncler vest and so on.We have got a good reputation pf our products with top quality and good price.We sincerely look forward to futher cooperation with you for mutual benefits.We are sure that you will find working with us is a pleasant, time-saving and profitable experience. Please feel free to contact us if you have any questions.Our website is http://www.newlyapparel.com.

  62. 27
    Michael
    4-30-10 3:32AM

    @Jake
    Might be a little late now but if you remove all references to name like “if (trim($logged_in_name) == ”) {” it should only check email.

  63. 26
    wpbloggy
    2-25-10 12:52AM

    A VERY USEFUL bit of code! Thank you for sharing this useful technique, I’ve wanted such a feature for some time.

  64. 25
    Nothing
    2-16-10 7:14PM

    i just test its working on Version 2.9.2 , great thing thanks alot :D

  65. 24
    Chip D
    1-25-10 7:20PM

    Has anyone tried this in WP 2.9.1 yet?

  66. 23
    Jake
    1-7-10 10:01PM

    I really like how this works, however I would like it to ONLY check the email. I don’t care if someone uses the same name, but if they use the same email it will use their gravatar. I get way too many comments and have already seen many users with the same names.

    Could you post a version that only checks email?

    Thank you, I appreciate it and this works great even on 2.9.1

  67. 22
    right foot
    12-8-09 3:35PM

    WOW!!!
    This is absolutely amazing (and if left open, dangerous!)

    I can’t believe the boffins who wrote WP didn’t think about something like this and implement a fix!

    I have started to update all my (38) blogs… muchos grassears dude!

  68. 21
    Road Rage
    11-30-09 10:30PM

    I love this – thanks so much for it. Is there a way to edit the output so that if someone wrote a long comment, that their text won’t be lost?

    For example, someone could have no intentions of impersonating anyone, write a very good and long comment using the name “Mike”, and understandably not know that it was already registered. How can they be notified that their comment won’t be submitted until they change their name, but not lose what they wrote?

    I imagine it would involve notifying them without leaving the page they’re on.

  69. 20
    BadGirl45
    10-23-09 5:13AM

    There are certainly a number of biological differences between men and women. ,

  70. 19
    BadGirl40
    10-22-09 5:58AM

    Where all content is aggregated for you, ready to be consumed. ,

  71. 18
    Sooran
    9-15-09 5:23AM

    tancks.
    This Post Helped me
    Good Time

  72. 17
    Brad H - Insurance Guru
    8-26-09 11:13PM

    Fantastic, thank you for sharing this. It works like a champ. Now websites cannot be stolen from people who post a lot.

  73. 16
    andol
    7-27-09 6:14AM

    that is bloody cool, i love that tip.

  74. 15
    rap dinle
    7-22-09 12:53PM

    I have written a small plugin, so one doesn’t have to change any core files.

  75. 14
    Admin
    7-7-09 8:34PM

    This has been tested, and works, in the latest release of WordPress – 2.8

    (The code you look for has changed a bit, but should be easy to find near the top of the file)

  76. 13
    wordpress professionals
    7-3-09 12:32AM

    Is this working for wp 2.8 ? I am gonna check and will update here if it does not. I believe it should

    Thanks

  77. 12
    top Wordpress Plugins
    7-3-09 12:28AM

    great plugins, that one must have. Appreciate them

  78. 11
    Sajid
    5-12-09 2:04AM

    Great for OEM author’s. Nice i also try this. Thanks for sharing with us.

  79. 10
    boilr
    5-10-09 9:23PM

    nice hack/code.

    how would i add a back button to the error message to help commenters try to comment again. as is, just brings up an error page with the message.

    also, is it possible to show the message without revealing the location of the wp_comments_post file?

    thanks

  80. 9
    ListenUp
    4-1-09 10:41PM

    Fantastic. Thanks. Was having trouble with some funny guys at my site using admin (that’s me) to reply to other people visiting the site. Best part is it doesn’t allow variants of the name say admin such as Admin or AdMin etc.
    Super stuff. Thanks. Works for 2.7 Wordpress by the way.

  81. 8
    Admin
    2-22-09 11:10PM

    This code has been tested in the latest release of WordPress (2.7.1)

  82. 7
    Brokakeroko
    10-20-08 3:05PM

    I like your site. Brokakeroko

  83. 6
    Ipstenu
    10-17-08 10:52AM

    I heavily cribbed from both you and Marco Luthe to make this plugin. It seems to be working right now, though I’m sure someone could hack it:

    function wp_prevent_imposters( $commentdata){

// get list of user (display) names for blog
global $wpdb;
$valid_users = (array)$wpdb->get_results(" SELECT display_name, user_email FROM " . $wpdb->prefix . "users");

global $userdata;
get_currentuserinfo();

// get email of current user
$logged_in_email =  $commentdata['comment_author_email'];
$logged_in_name  =  $commentdata['comment_author'];

// see if the comment author matches an existing author
$found_match = FALSE;
foreach ($valid_users as $va) {
  if (trim($va->display_name) != '') {
    if (strtolower($va->display_name) == strtolower($logged_in_name)) {
      $found_match = TRUE;
      break;
    }
  }
  if (trim($va->user_email) != '') {
    if (strtolower($va->user_email) == strtolower($logged_in_email)) {
      $found_match = TRUE;
      break;
    }
  }
}

// if commenter is not logged in, but match was found, block the comment
  if ($found_match == TRUE) {
    wp_die( __('You cannot post using the name or email of a registered author.') );
  }
  else {
    return $commentdata;
  }

}

add_filter('preprocess_comment', 'wp_prevent_imposters');

  84. 5
    Marco Luthe
    10-14-08 12:17PM

    Thanks for the inspiration! I have written a small plugin, so one doesn’t have to change any core files.

    http://www.saphod.net/2008/10/14/how-to-prevent-commenters-from-using-your-email/

  85. 4
    Admin
    4-5-08 6:30PM

    Tracey: That is a good idea. I just made a modification to the code.

    I also tested to see if this modification will work in WordPress 2.5, and indeed it does. :)

  86. 3
    Tracey
    4-2-08 6:40PM

    How would you tweak this to prevent someone inserting a registered user’s email address instead of their own?

    For example, my site uses gravatars but a user could ‘impersonate’ someone else if they know that person’s email, at which point the gravatar will display for a user who may not have made the comment.

    Hope this makes sense!

  87. 2
    tommi
    2-25-08 5:17PM

    Nice hack, great explanation!

  88. 1
    ekinturkmen
    8-3-07 12:57AM

    thanks

Leave a Comment

Before you comment: If you are having an issue with a script, please make sure you have read the entire article. Also, please read through the comments because most common issues have already been discussed many times. Thanks.


Be sure to wrap all code in <code></code> tags.