New Drupal warning module

Submitted by dag on Tue, 2009/02/03 - 22:30

One of the first things requested from a Drupal developer before contributing a module is to check whether the functionality is already implemented in another module. Because I couldn't find something similar but I do not feel confident that my search was conclusive let me explain what my Drupal warning module does.

The warning module was created as part of my war against comment spam. Mollom already does a tremendous job of blocking most of the comment spam (+-300 a day), but since my site was listed on do-follow lists I attracted a lot of spammers commenting (on-topic) on my articles as normal users, but leaving behind URLs to commercial and unrelated websites.

My blog is moderated since I don't want to encourage spammers anyway, but it is as important to clearly advertise that to anyone potentially adding spam.

For this reason a big warning box above the comment entry notifies the user that any effort spend would be in vain if they are to promote unrelated websites. And that the website is moderated anyway. The default message for the comment form currently is:

Please refrain from adding URLs to unrelated or commercial websites. This site is moderated and comments with inappropriate links are rejected. Thank you for your understanding.

I used to get on average 10 to 15 spam comments with peaks of 30 spam comments. But since using this module for 5 days the average number of spam comments dropped instantly to 3. Some people apparently still do not take me serious :-)

The warning module could also be useful for other purposes since the warning message is configurable. And currently the module allows for 2 disclaimers: one for registering a new user and one for leaving a comment.

So if you want to test this module, you can find it for now at:

If you have suggestions or improvements, or you know another module that basically does the same, let me know. Also, this is my first Drupal module so any help with what I am doing is greatly appreciated.

Luckily it is a very simple module :-)

Update: The Warning module is now available from Drupal's Modules website at:

Looks nice. I've been

Looks nice. I've been thinking of throwing something like this together myself for my own site.

Some comments:

  1. "Disclaimer" is the wrong word to use here. To disclaim is to absolve one's self of legal responsibility or privilege, which is not quite what your module's doing. Maybe something like "Comment warning" would be better.
  2. In various places in your code, you're adding items to arrays without initializing them first. The fact that PHP lets you do this is one of the biggest anti-features in computer programming history. (And for those who have strict error reporting enabled on their PHP interpreter - and when you're coding, you really should that enabled - it will cause a visible error.)
  3. In your hook_help() function, you shouldn't concatenate several t() lines like that. Instead, put the whole thing inside a t(). Also, @user-management should be !user-management - we don't want t() to try to escape characters in paths.
  4. Finally, there's some style issues with regards to the comments and the if/else block in hook_form_alter. Check out the Coding Standards page on D.o.

All in all, not bad for a first module… definitely a better start than some of my first hackjobs.

Thanks for the nice feedback.

Thanks for the nice feedback. Concerning the name I am not sure what would be best. I called it disclaimer because it could be used for that while all other names I came up with didn't fit well.

"Comment warning" does not fit the bill because it is not just specific to comments. I decided to simply call it warning. Currently it is for adding warnings to forms, but we could also extend it to allow for adding warnings to other elements.

Is there a way to enable PHP error messages from Drupal. I looked at the Devel module but haven't found that option. What I would like is to only have these errors as user 1 (or for specific roles). That would help debug modules/sites as a group without necessarily impacting normal users.

For the hook_help() function using more than one t(). I thought it was nicer if the translation people would not see the HTML tags. It would also mean that modifying a single paragraph would not render the complete text useless. Is there a guide about best practices for this ?

Thanks again for your feedback. I will rename the module when I do the next batch of updates. :-)

RE: way to enable PHP error messages

Try the drupal-6.x-dev release, that will show you the PHP notices..

I don't think there's a way

I don't think there's a way to only enable errors for user 1, but if you enable it in the php.ini file for your local computer (not any live server), then only you will see the errors it produces. Add this line:

error_reporting = E_ALL & E_STRICT

There's also the Coder module, which can find common errors, though I think it's more for finding style guide violations than PHP errors - I'm not sure. (I myself don't use it as much as I should… and my code features tab breaks instead of spaces due to a limitation of my code editor of choice, so it brings up that error on every single line of code whenever I run it…)

By the way, I noticed you're using my Mollom Stats module. Sweet. :)

It would have been nice if

It would have been nice if the error_reporting could be enabled by a module (even if that means it may not be enabled from the start of the runpath). And being able to enable it only for certain roles makes it possible to have a few site-admins debug/report those issues without the need of a staging environment, since it wouldn't impact normal users and normal performance.

I hope this becomes part of the work they are doing at: (thanks to pasqualle for the info btw).

BTW I am convinced that your mollom block should go in the main mollom module. And I found it on your site :)

This is just what I need!

For me also, about half of the comments that get through mollom are human-generated spam. There seem to be just a handful of websites targetting me, and the come and go over time. Most are selling SEO services, but also financial services and random tangible products now and then too. I don't mind if their website is respectable, not with too many ads, and they leave a meaningful comment – but then that wouldn't be spam now would it! It's the ones who fail to meet one or more of those criteria that I delete, or sometimes just remove the user's website link.

To the point, this module is just what I ned and I installed it. I look forward to testing it's progress.

Som Feedback

I like the idea..
So I quickly tried seeting it up ..
Upon enabling the module I ran into the following warning which actually happens on different locations

warning: Missing argument 2 for variable_get(), called in /htdocs/blog/sites/ on line 80 and defined in //htdocs/blog/includes/ on line 490.

Apart from that I only saw the warning page AFTER the submit of a comment .. not when I open up the comment page.
Not sure if that's the idea.

Oh and throw it on the Drupal project sites.. then Drupall will let me know when to upgrade )


The module should help a lot in reducing the amount of spam in the moderation queue. I've been running a module that does something similar but only on selected nodes, with great success. Every now and then someone still calls my bluff, I guess they don't believe me either ;)

As for code feedback;
- there still are a few variable_get()'s without second argument. Even though its unlikely they will ever be needed, the parameter is still mandatory in D6.
- do you really need that global variable?
- maybe pass the message through filter_xss_admin.