When it comes to domestic social comment systems, we have to mention a few representative services such as Duosuo, Denglu, Youyan, Comments, NetEase Cloud Posts, and Sohu Changyan. A few years ago, when social comments became popular, the comment systems that came with programs such as WordPress were not used. Some embedded Weibo as website comments, and some used third-party services such as Duosuo, Denglu, and Youyan to replace comments. of.

One advantage of using a third-party social comment system is that it saves commenters the trouble of logging in. However, in my opinion, there is a fatal disadvantage that the comment data is stored in the hands of a third party. In other words, as a blogger, I cannot guarantee the security of website data. Once the third-party service stops, even if I can export the comment data, it will consume a lot of time and energy.

Now let’s look back at some representative services such as Duosuo, Denglu, Youyan, Comments, NetEase Cloud Posts, and Sohu Changyan. The ones that are currently “half-dead” are Youyan and Sohu Changyan. Others have basically been officially declared "dead in action" (including NetEase Cloud's follow-up post about being "dead in action"). Some people may argue that there are also Youyan and Sohu Changyan that can be used?

Installation and use of HashOver free open source PHP comment system - self-built comment system replaces third-party services

At present, the official website of Youyan is basically unavailable to me. Looking at the number of users of Youyan, it should be "very few". Let’s take a look at Sohu Changyan again. I saw this article on Sohu’s official website: “Speak more about the blame left behind, let Changyan take over steadily.”

The so-called "pot" is really not that easy to "fix". This reminds me of When 115 Netdisk was shut down, 360 Netdisk said it would never shut down. Later, when 360 Netdisk shut down its service, Baidu Netdisk stood up and said it would provide services normally. Then, look at the current Baidu Netdisk... and when WeChat said that it charges fees for cash withdrawals, Alipay stood up and said that it is still free. Later, Alipay also started charging fees for cash withdrawals, and I never saw anyone speak out again.

I really hope that Sohu Changyan can go further, so that enough time can be left for our friends who are still using third-party reviews to realize that the most reliable data is in their own hands. HashOver, which this article will introduce, is a free and open source PHP comment system that can help us build our own comment system. It is easy to backup and migrate, can be remotely embedded, and is safe and reliable.

For more website building programs and VPS hosting, you can also check out:

  1. A webmaster who has used Alibaba Cloud VPS hosting for three years summed up the five major characteristics of Alibaba Cloud
  2. WHMCS integrates VPS.net to automatically activate a VPS host tutorial - sell VPS servers on WHMCS
  3. VPS.net VPS host experience - account verification and VPS host performance and speed evaluation

1. HashOver installation method

HashOver official website: http://tildehash.com/?page=hashover, project homepage: https://github.com/jacobwb/hashover-next. HashOver only needs PHP to run, so please prepare an LNMP environment.

Please download: HashOver 2.0 version from the official website, create a new folder in the root directory of the server: hashover, and upload the downloaded HashOver 2.0 file to this folder. Then modify the file permissions as follows:

Make sure all files have at least "0644" permissions

Make sure all PHP files have at least "0755" permissions

Make sure the permissions of the "hashover/pages" directory are "0777"

Modify the basic configuration file of HashOver. Edit: hashover/scripts/settings.php, fill in your notification email at $notification_email, fill in the 8-32-bit encryption symbol at $encryption_key, set the management user name at $admin_nickname, and set the administrator password at $admin_password. As shown below:

2. HashOver usage tutorial

HashOver can be embedded in any web page. You can call it remotely, or you can place HashOver and your website on a server and call it locally. In short, you only need to set the calling path. The functions are as follows:

1. Nested comments

2. Support editing or deleting comments

3. Support likes or dislikes

4.Supports five intelligent sorting methods

5. Multi-language support

6. Automatically add hyperlinks to URLs

7. Support avatars

8. Support external link pictures

9. You can customize the theme,

10. Support custom HTML tags

11. CSS can be customized

12. Support setting HTML range

13. Support spam filtering

14. Comments have RSS

15. Customizable comment fixed link

16. IP address can be blocked

17. Support URL completion

18. Support AJax asynchronous loading

JS method:

<script type="text/javascript" src="/hashover/hashover.js"></script>
<noscript>你的浏览器需要支持JS才能加载此评论.</noscript>

PHP method:

<?php $mode = 'php'; include('hashover.js'); ?>

Asynchronous loading method:

<div id="hashover"></div>
<script type="text/javascript">(function() { var s = document.createElement('script'), t = document.getElementsByTagName('script')[0]; s.type = 'text/javascript'; s.async = true; s.src = "/hashover.php"; t.parentNode.insertBefore(s, t); })();</script>

JS setting options. You can set corresponding options when loading JS, such as whether to close the username box, email box, etc.

<script type="text/javascript">
        var rows="4";        // Sets "Comments" field 调试
        var name_on="no";    // 禁用 "Name" field
        var passwd_on="no";  // 禁用 "Password" field
        var email_on="no";   // 禁用 "E-mail" field
        var sites_on="no";   // 禁用 "Website" field
</script>

This is the effect of HashOver's comment system.

3. HashOver system settings

The setting file of HashOver: hashover/scripts/settings.php also provides a lot of setting options. Here is a selection of some setting codes for explanation:

 // 必填设置
    public    $notificationEmail    = 'example@example.com';    // 新评论邮件提醒
    protected $encryptionKey    = '8CharKey';           // 加密key
    protected $adminName        = 'admin';          // 管理员登录用户名
    protected $adminPassword    = 'passwd';         // 管理员登录密码

    // 基础设置
    public $language        = 'auto';           // 语言, for example 'en', 'de', etc. 'auto' to use system locale
    public $theme           = 'default';            // 主题模板
    public $usesModeration      = false;            // 评论显示前是否需要审核
    public $dataFormat      = 'xml';            // 存储方式; 可选: xml, json, sql
    public $defaultName     = 'Anonymous';          // Default name to use when one isn't given
    public $allowsImages        = true;             // 是否允许外链图片
    public $allowsLogin     = true;             // 是否允许登录
    public $allowsLikes     = true;             // 是否允许顶
    public $allowsDislikes      = false;            // 是否允许踩
    public $usesAJAX        = true;             // 是否开启 AJAX 
    public $collapsesUI     = false;            // 是否隐藏评论系统
    public $collapsesComments   = true;             // Whether to hide comments and display a link to show them
    public $collapseLimit       = 3;                // Number of comments that aren't hidden
    public $replyMode       = 'thread';         // 回复模式,可选 a 'thread' or as a 'stream'
    public $streamDepth     = 3;                // In stream mode, the number of reply indentions to allow before the thread flattens
    public $popularityThreshold = 5;                // Minimum likes a comment needs to be popular
    public $popularityLimit     = 2;                // Number of comments allowed to become popular

    // 时间设置
    public $serverTimezone      = 'America/Los_Angeles';    // 时区
    public $usesUserTimezone    = true;             // Whether comment dates should use the user's timezone (JavaScript-mode)
    public $usesShortDates      = true;             // Whether comment dates are shortened, for example "X days ago"
    public $timeFormat      = 'g:ia';           // Time format, use 'H:i' for 24-hour format (see: http://php.net/manual/en/function.date.php)
    public $dateFormat      = 'm/d/Y';          // Date format (see: http://php.net/manual/en/function.date.php)

    // 评论框设置, use true/false to enable/disable a field,
    // use 'required' to require a field be properly filled
    public $fieldOptions = array (
        'name'     => true,
        'password' => true,
        'email'    => true,
        'website'  => true
    );

    // 操作设置
    public $displaysTitle       = true;             // Whether page title is shown or not
    public $formPosition        = 'top';            // Position for primary form; options: 'top' or 'bottom'
    public $usesAutoLogin       = true;             // Whether a user's first comment automatically logs them in
    public $showsReplyCount     = true;             // Whether to show reply count separately from total
    public $countIncludesDeleted    = true;             // Whether comment counts should include deleted comments
    public $iconMode        = 'image';          // 如何显示 avatar icons (可选 'image', 'count' or 'none')
    public $iconSize        = '45';             // 头像大小
    public $imageFormat     = 'png';            // Format for icons and other images (use 'svg' for HDPI)
    public $usesLabels      = false;            // Whether to display labels above inputs
    public $usesCancelButtons   = true;             // Whether forms have "Cancel" buttons
    public $appendsCSS      = true;             // Whether to automatically add a CSS  element to the page 
    public $displaysRSSLink     = true;             // 是否显示 RSS feed 

    // 技术设置
    public $loginMethod     = 'defaultLogin';       // Login method class for handling user login information
    public $setsCookies     = true;             // Whether cookies are enabled
    public $secureCookies       = false;            // Whether cookies set over secure HTTPS will only be transmitted over HTTPS
    public $storesIPAddress     = false;            // 是否存储用户IP地址
    public $allowsUserReplies   = false;            // 是否给评论者一个邮件提醒
    public $noreplyEmail        = 'noreply@example.com';    // 发送邮件提醒的邮箱
    public $spamDatabase        = 'remote';         // Whether to use a remote or local spam database
    public $spamCheckModes      = 'php';            // Perform IP spam check in 'javascript' or 'php' mode, or 'both'
    public $gravatarDefault     = 'custom';         // Gravatar theme to use ('custom', 'identicon', 'monsterid', 'wavatar', or 'retro')
    public $gravatarForce       = false;            // Whether to force the themed Gravatar images instead of an avatar image
    public $minifiesJavaScript  = false;            // Whether JavaScript output should be minified
    public $minifyLevel     = 4;                // How much to minify JavaScript code, options: 1, 2, 3, 4
    public $enablesAPI      = true;             // API: true = fully-enabled, false = fully disabled, or array of modes
    public $latestMax       = 10;               // Maximum number of comments to save as latest comments
    public $latestTrimWidth     = 100;              // Number of characters to trim latest comments to, 0 for no trim
    public $userDeletionsUnlink = false;            // Whether user deleted files are actually unlinked from the filesystem

    // 图片设置,Types of images allowed to be embedded in comments
    public $imageTypes = array (
        'jpeg',
        'jpg',
        'png',
        'gif'
    );

    // 远程域名加载设置,External domains allowed to remotely load HashOver scripts
    public $allowedDomains = array (
        // '*.example.com',
        // '*.example.org',
        // '*.example.net'
    );

    // 数据库选项,General database options
    public $databaseType        = 'sqlite';         // Type of database, sqlite or mysql
    public $databaseName        = 'hashover-pages';     // Database name

    // SQL database options
    public $databaseHost        = 'localhost';          // Database host name
    public $databaseUser        = 'root';           // Database login user
    public $databasePassword    = 'password';           // Database login password
    public $databaseCharset     = 'utf8';           // Database character set

    // Automated settings
    public $isMobile        = false;

    // Technical settings placeholders
    public $rootDirectory;
    public $httpRoot;
    public $httpScripts;
    public $httpImages;
    public $cookieExpiration;
    public $domain;

Please see the explanation above for detailed explanation of settings, two key settings: language and time. If you set the language, please set "language" to "zh-cn", and remember to change the time zone to Shanghai time zone.

4. HashOver related issues

HashOver theme template. You can specify the theme template in the settings: public $theme = ‘default’;, and you can modify the CSS style according to your own needs.

HashOver email notification. HashOver does not provide SMTP settings and provides email notification directly through the mail() function, so you need to install a mail server such as postfix or sendmail on the host and enable mail() in php.ini.

How does HashOver enable MysqL storage mode? The default setting is: public $dataFormat = 'xml'; that is, the xml storage method is used. The principle is: the first comment is named "1.xml" and the second comment is named "2.xml" ,So on and so forth. When a user replies to a comment, create another file. When a comment is deleted, the visitor will simply delete the corresponding file.

The advantage of using xml storage method is that it is easy to migrate and the response speed is fast. If you want to switch to database storage, first change public $dataFormat = ‘xml’ to sql, and then fill in your database in General database options. If you have a remote database, please fill in the remote database information.

Disqus comments are imported into Hashover. Java program: https://github.com/ianrenton/disqus-to-hashover, the operation method is as follows:

1. First download the JAVA source code and compile it in NetBeans or Eclipse (remember to select the JAXB plug-in)

2. Export the data as comments.xml in the Disqus background and put it in the compiled program directory.

3. Run the compiled JAVA program, and the hashoverpage directory and each XML file will be generated.

4. Upload the generated page directory to the directory where HashOver is located on the server.

In addition, HashOver is currently in the 2.0 test version, so there are still many problems to be solved. The following are possible problems in the current version. If you encounter similar problems, you can refer to them.

PDO error. After selecting mysql and filling in the database information, the following error message appeared: HashOver: PDO.php file could not be included!. The reason is that the PDO class somewhere forgot to add the root namespace. At present, someone has submitted a PR for this issue. We can make some changes ourselves before the official merge.

#打开:hashover/scripts/parsesql.php

Line 76  在PDO前面加上“”
$fetchAll = $results->fetchAll (PDO::FETCH_NUM);

Line 111 同理
return (array) $result->fetch (PDO::FETCH_ASSOC);

AJAX cross-domain issue. When enabling ajax mode in the configuration file, you will find that all requests fail. Because the hashover does not handle cross-domain access (adding the CORS header), the request is intercepted by the browser. You can add code at the top of hashover/scripts/settings.php or configure it with Nginx/apache.

header("Access-Control-Allow-Origin:".(isset($_SERVER['HTTP_ORIGIN'])?$_SERVER['HTTP_ORIGIN']:"*"));
header("Access-Control-Allow-Credentials:true");

Problem of not saving user information. hashover does not handle cross-domain access, so only adding the cors header cannot save cookies. The solution is to find XMLHttpRequest in hashover/scripts/javascript-mode.php and add withCredentials=true to all XHR objects.

HashOver uses SMTP to send letters. This part is reproduced from Weng's Weiyu. For the specific modification process, you can carefully read the blogger's article The second article in the hashover series: SMTP email . Here you can download Weng's modified smtp.php and writecomments.php files: hashover-smtp.zip. Backup: https://www.ucblog.net/wzfou/hashover-smtp-pack.zip

Unzip the downloaded smtp.php and place it in the scripts directory of the hashover. Be sure to open the editor and replace SMTP with your own information, and then overwrite the original file with writecomments.php. Finally, you will Comment reply email notification reminders can be implemented.

5. Summary

HashOver is quite convenient to install and use. Comment data storage uses XML by default. If you want to switch to database form, it is recommended to use a dedicated server for comment data storage and remotely reference HashOver comments in other web pages. This way you no longer have to worry about data loss.

From the introduction of this article, you can also see that HashOver has many problems. This may be largely due to the fact that HashOver is a personal program maintained by foreign developers. Fortunately, it provides a wealth of setting options for everyone to customize. Interested friends can go to the HashOver official website to read the development documentation.

PS:Article update record:

On August 19, 2017, HashOver was updated to use SMTP to send letters.

Leave a Reply