Spammers are one of the biggest issues in WordPress. Most of the spammers attacks WordPress blogs more than any other blogging platform. They comment on our posts with the link to their website and comments with HTML mark-up. We recently shared a tutorial about removing website field from WordPress comments at this link.
Just like website field, we will disable uses of HTML in WordPress comments. In this way, the spammers will not be able to post comments with hyperlinks and annoying bold text. Seriously, I really hate that bold text in my comments!
In order to disable HTML markup in your WordPress’ comments, add following snippet to your current theme’s functions.php file:
// This will occur when the comment is posted
function plc_comment_post( $incoming_comment ) {
// convert everything in a comment to display literally
$incoming_comment['comment_content'] = htmlspecialchars($incoming_comment['comment_content']);
// the one exception is single quotes, which cannot be #039; because WordPress marks it as spam
$incoming_comment['comment_content'] = str_replace( "'", ''', $incoming_comment['comment_content'] );
return( $incoming_comment );
}
// This will occur before a comment is displayed
function plc_comment_display( $comment_to_display ) {
// Put the single quotes back in
$comment_to_display = str_replace( ''', "'", $comment_to_display );
return $comment_to_display;