Plugin Sale! Save 15% on pro plugins with discount code: NEWYEAR2021
Web Dev + WordPress + Security

Another Mystery Solved..

Recently, after researching comment links for an upcoming article, I realized that my default <input> values were being submitted as the URL for all comments left without associated website information. During the most recent site redesign, I made the mistake of doing this in comments.php:

...

<input class="input" name="url" id="url" value="[website]" onfocus="this.select();" type="text" tabindex="3" size="44" maxlength="133" alt="website" />

...

Notice the value="[website]" attribute? It seemed like a good idea at the time — I even threw in a nice onfocus auto-highlighting snippet for good measure. I ran the form with this in place for around eight weeks before finally noticing multiple comments using this for their site URL:

http://website

Hmmm. Not so good. For one, that’s not very search-engine friendly. For two, it’s sloppy. For three it’s wrong. What was I thinking? Who cares. The point is, if you are using predefined values in your comment form, they are submitted as user-input data whenever a “real” value is not provided. Thus, all of those visitors leaving comments without bothering to include their site URL have been filling your site with “dead” links. Weak, dude (said pointing to myself). Another important point is that auto-clearing JavaScript will not actually “clear” anything before the comment is submitted.

Having learned this important lesson, I immediately restructured the comment form, replacing all predefined value attributes with blank values (value=""). Then, with all future occurrences prevented, it was time to clean up the mess. And for that, there are two possibilities:

  • Scour the comments section via the admin and edit each URL link manually

..or..

  • Crack open the database for a two-second batch-edit via SQL update, aka “find and replace”

Fortunately, there were fewer than twenty links erroneously referencing http://website, so manually editing all of them would not have taken longer than fifteen minutes at the most. Even so, there are far better ways to spend those fifteen minutes, so I chose the direct approach:

UPDATE wp_comments SET comment_author_url = replace( comment_author_url, 'http://website', '' ) ;

And with that, everything was corrected and returned to normal. Mystery solved, lesson learned. Thanks for listening.

Jeff Starr
About the Author
Jeff Starr = Designer. Developer. Producer. Writer. Editor. Etc.
BBQ Pro: The fastest firewall to protect your WordPress.
Welcome
Perishable Press is operated by Jeff Starr, a professional web developer and book author with two decades of experience. Here you will find posts about web development, WordPress, security, and more »
WP Themes In Depth: Build and sell awesome WordPress themes.
Thoughts
Simply Static is my go-to plugin for generating static HTML versions of WordPress sites. Works flawlessly.
Note to self: never, ever, ever buy any CD or DVD from eBay. Every single time the discs are scratched, damaged, missing, fake, or worse. Never again you clowns.
Find out if a plugin works with the latest version of WordPress @ plugintests.com
Going through all of my data, deleting all the chaff. Going for less than 500 GB total data storage.
Finally deleted all the cool unused placeholder Twitter accounts that I signed up for years ago. I will never use them.
After several years with Dashlane, I've moved on to a simpler, better solution.
After 10+ years, finally moved the last of my sites away from Media Temple.
Newsletter
Get news, updates, deals & tips via email.
Email kept private. Easy unsubscribe anytime.