HashOver is a PHP comment system intended as a replacement for services like Disqus.

Overview

HashOver 2.0 (development)

HashOver is a PHP comment system intended as a replacement for services like Disqus. HashOver is free and open source software, under the GNU Affero General Public License. HashOver adds a "comment section" to any website, by placing a few simple lines of JavaScript or PHP to the source code of any webpage. HashOver is a self-hosted system and allows completely anonymous comments to be posted, the only required information is the comment itself.

Notable Features

General Customization Advanced
Threaded replies Multiple themes Allows limited use of HTML
Comment editing & deletion Customizable HTML Multiple comment sorting methods
Likes & Dislikes Comment layout template Spam filtering
Popular comments section Customizable CSS Notification emails
Multiple languages File format plugins Comment RSS feeds
Automatic URL links Authentication plugins Referrer checking
Administration Comment permalinks
Avatar icons IP address blocking
Display remote images

Required modules/compilation

Although most PHP installations include everything HashOver requires by default, depending on your setup you may need to install some modules/extensions and/or ensure PHP was compiled with support for the following modules.

Feature Module name(s) Debian/Ubuntu package name(s)
Date and Time date part of PHP core
Document Object Model dom part of PHP core
Regular Expressions pcre part of PHP core
User information encryption openssl part of PHP core
Multi-byte character support mbstring php-mbstring
Internationalisation intl php-intl
XML data storage format support xml, libxml, SimpleXML php-xml
JSON data storage format support json php-json

The following modules are optional

Feature Module name(s) Debian/Ubuntu package name(s)
PHP Data Objects PDO php-sqlite3, php-mysql
SQLite file format support pdo_sqlite, sqlite3 php-sqlite3

Checking for required modules

On UNIX (GNU, BSD, etc) you may list installed modules with this command:

php -m

On Windows the command to list installed modules is:

php.exe -m

Important differences from version 1.0

  • hashover.php is no longer used in JavaScript tags, the file /hashover/comments.php is used instead.

    So change:

    ">
    <script type="text/javascript" src="/hashover.php">script>

    To:

    ">
    <script type="text/javascript" src="/hashover/comments.php">script>

Important recent changes to version 2.0

  • The pages directory is now comments/threads, this change will cause existing comments to not appear until you move the directories under pages into the new comments/threads directory.

  • All JSON config files have been moved to the new config directory, you will need to move the files hashover/blocklist.json and hashover/ignored-queries.json into the new config directory. If these files do not exist, you don't need to do anything as these config files are completely optional.

  • The previously removed secrets.php file has returned. The required setup information, namely the notification e-mail address, encryption key, and the admin username and password are now stored in this secrets.php file located at /hashover/backend/classes/secrets.php.

    You will need to move the values of the public properties $notificationEmail, $encryptionKey, $adminName, and $adminPassword in the settings.php file into the new protected properties in the secrets.php file, and remove these properties from settings.php or replace the settings.php file entirely, as its source code is publicly viewable, whereas the source code of secrets.php is not.

HashOver on Windows

Windows will be officially supported by HashOver 2.0, there should not be any major issues with using HashOver on Windows. However, HashOver is primarily developed on and for UNIX operating systems, which are the primary operating systems used by the majority of web servers. If you have any issues with HashOver on Windows, please report them.

Information and Documentation

Official HashOver 2.0 Documentation

Comments
  • Initial hide option

    Initial hide option

    I like the change of #140 a lot. My blogs are generally very low on comments, so that is a nice enhancement.

    I know that hashover-next is not about new features, but because the above I raise it anyway, as it goes into the same direction of simplifying/minimizing the comments area. I never looked into the internals of hashover-next, so I don't know if this would be an easy implement or not.

    I suggest, similar to the collapseLimit variable, a boolean initialHide variable.

    • If false (default), everything remains as it is now.
    • if true, then the comments-block is completely hidden by default, and only a bar is showing something like "Show x comments (y counting replies)".

    I made a mockup with one of your blog entries that hopefully helps to clarify the idea: mockup

    enhancement 
    opened by prisae 14
  • Will stuff like a small 'latest post display' go in 2.x ?

    Will stuff like a small 'latest post display' go in 2.x ?

    I had some ideas on how stuff like this could be implemented but am wondering should this even be a topic for the current branch?

    Example idea:

    • once a new comment is written, also write the same comment in a file that stores cc 5-10 comments.
    • we can then use the file to e.g. display a separate widget somewhere with the latest posts

    Just wanted to throw a brainstorm out there, close or move if needed

    enhancement question 
    opened by Lux-Delux 11
  • PHP warnings etc.

    PHP warnings etc.

    Been debugging something else on my site, turned back all error logging (not just crit) and saw a bunch of warnings concerning hashover... Here they are so let's see if some are my fault and which can be fixed in the app:

    FastCGI sent in stderr: "PHP message: PHP Warning:  file_get_contents(): http:// wrapper is disabled in the server configuration by allow_url_fopen=0 in /var/www/mysite/htdocs/hashover.php on line 117
    

    I have fopen off as it's suggested pretty much everywhere, especially concerning Wordpress etc. security

    PHP message: PHP Warning:  file_get_contents(http://www.stopforumspam.com/api?ip=109.60.93.217): failed to open stream: no suitable wrapper could be found in /var/www/mysite.com/htdocs/hashover.php on line 117
    PHP message: PHP Strict Standards:  Only variables should be passed by reference in /var/www/mysite.com/htdocs/hashover/scripts/parse_comments.php on line 33
    PHP message: PHP Strict Standards:  Only variables should be passed by reference in /var/www/mysite.com/htdocs/hashover/scripts/parse_comments.php on line 33
    PHP message: PHP Strict Standards:  Only variables should be passed by reference in /var/www/mysite.com/htdocs/hashover/scripts/read_comments.php on line 67
    PHP message: PHP Strict Standards:  Only variables should be passed by reference in /var/www/mysite.com/htdocs/hashover/scripts/parse_comments.php on line 33
    PHP message: PHP Strict Standards:  Only variables should be passed by reference in /var/www/mysite.com/htdocs/hashover/scripts/read_comments.php on line 67
    PHP message: PHP Strict Standards:  Only variables should be passed by reference in /var/www/mysite.com/htdocs/hashover/scripts/parse_comments.php on line 33
    PHP message: PHP Strict Standards:  Only variables should be passed by reference in /var/www/mysite.com/htdocs/hashover/scripts/read_comments.php on line 67
    PHP message: PHP Strict Standards:  Only variables should be passed by reference in /var/www/mysite.com/htdocs/hashover/scripts/parse_comments.php on line 33
    PHP message: PHP Strict Standards:  Only variables should be passed by reference in /var/www/mysite.com/htdocs/hashover/scripts/read_comments.php on line 67
    PHP message: PHP Strict Standards:  Only variables should be passed by reference in /var/www/mysite.com/htdocs/hashover/scripts/parse_co
    2014/04/26 18:54:38 [error] 29530#0: *781 FastCGI sent in stderr: "PHP message: PHP Notice:  Undefined variable: js_title in /var/www/mysite.com/htdocs/hashover/scripts/javascript-mode.php on line 443" while reading upstream, client: 109.60.93.217, server: mysite.com, request: "GET /hashover.php HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "mysite.com", referrer: "http://mysite.com/thoughts/blabla/"
    

    I'm not sure if these are connected and/or if the problem for some of them lies with my nginx config.

    For reference, I'm using latest php 5.5, nginx 1.7

    bug 
    opened by Lux-Delux 11
  • Removing tables in favor of css

    Removing tables in favor of css

    This is a lot of work, but I'm currently in the process of removing table elements from the new comment form, also the reply form later.

    I'm a bit confused by the 'is mobile' parts at line 419 and 442 in javascript-mode.php.

    When are these called and what is displayed?

    enhancement question 
    opened by Lux-Delux 11
  • Comments not visible

    Comments not visible

    I open a new one for this, as #276 really is about the changelog.

    The issue is that I see the Hashover-Comment field. But soon as one comment is entered, it disappears. Actually, when you enter a comment and hit "Post Comment" then nothing happens. Refreshing the page then makes the whole comment section disappear.

    To debug it I create a new subdomain: https://hntest.werthmuller.org

    The only things on there is an index.html:

    <!DOCTYPE html>
    <meta content="text/html;charset=utf-8" http-equiv="Content-Type">
    <meta content="utf-8" http-equiv="encoding">
    <body>
      <script type="text/javascript" src="/hashover/comments.php"></script>
    </body>
    </html>
    

    and the hashover-folder. The only thing I did in the hashover folder was setting the emails, user password, and encryption key.

    The comment field appears. When you commit one comment, it disappears.

    Looking at the Console, as you suggested in other comments, reveals this:

    SyntaxError: JSON.parse: unexpected character at line 1 column 1 of the JSON                                     datacomments.php:281:19
        onSuccess https://hntest.werthmuller.org/hashover/comments.php:281
        onreadystatechange https://hntest.werthmuller.org/hashover/comments.php:312
    

    So there is an error parsing the json, but I am not sure what is the issue of it.

    PHP Version: 7.3.13

    I think it is the same error as reported at the very end of #234 by @jorgesumle , but there is no solution presented there: https://github.com/jacobwb/hashover-next/issues/234#issuecomment-414145572

    It was also mentioned in #227 - but again, I did not find a solution there.

    Thanks for any hints!

    opened by prisae 9
  • Guest Mode

    Guest Mode

    Hey there,

    is there any option for an anonymous / guest mode, yet? I would like to deactivate the 'Password', 'E-Mail' and 'Website' field for GDPR purposes, only allowing the user to choose a termporary nickname.

    Regards, el-ef

    opened by el-ef 9
  • Changing comments.css does not change appearance of comment area.

    Changing comments.css does not change appearance of comment area.

    Yesterday, April 30, I downloaded hashover-next, unzipped it, and copied the files to my local server. The main hashover directory is directly underneath /var/www/public_html. (Debian sid, but I relocated the localhost to public_html.)

    The commenting system works fine, but nothing I do to hashover/themes/default/comments.css changes the appearance. I would like to modify the colors to blend in with my site. Evenually I hope to put my changes in a separate .css file and call it after the other .css files.

    I am using the default theme:

    line 33 of hashover/backend/classes/settings.php is public $theme = 'default'; // Comment Cascading Style Sheet (CSS)

    settings.php is executable:

    [ed@sid public_html]$ ll hashover/backend/classes/settings.php -rwxr-xr-x 1 ed ed 13147 May 1 12:48 hashover/backend/classes/settings.php

    comments.css is readable by all:

    [ed@sid public_html]$ ll hashover/themes/default/comments.css -rw-r--r-- 1 ed ed 26186 May 1 16:42 hashover/themes/default/comments.css

    What am I missing. How do I change the background-color of hashover-inputs, for example?

    Thank you, Ed H

    opened by EdHamilton9 9
  • Added support for multi languages site Fixed email sender bug. Added customization of webmaster notification subject. Added the possibility to order in ASC and DESC

    Added support for multi languages site Fixed email sender bug. Added customization of webmaster notification subject. Added the possibility to order in ASC and DESC

    I've added an array that contains the list of names where the system'll check to get the language required. These checks is done in $_GET, $_POST, $_COOKIE.

    I've made the pull request, becouse I've used this approach to allow HashHover to works with my CMS.

    opened by AndreaCatania 9
  • Can't Login Anymore

    Can't Login Anymore

    First of all, thanks for that great piece of work. Pretty happy I found it and it seems to work quite smoothly, probably it is overpowered for what I am doing but fair enough.

    Here is the issue I am currently facing and can't get my head around: I adjusted the secrets, uploaded all files, adjusted access rights. All goode and able to login using the given credentials. Now about 10min later, I can't login anymore. Clicking on the login button will only give me an awkwardly long loading sequence and then opens the login page again.

    And since I am asking questions here already, where do I find html outputs in this version?

    bug question 
    opened by magicmastermindmurks 8
  • Small typos in de-locale

    Small typos in de-locale

    Small corrections to de-locale:

    • Translation of the month "May" was wrong.
    • In the Markdown description, you used 'Ihrem', which is the polite form of the colloquial 'Deinem'. However, throughout the German locale the colloquial version is used. I think in this case we can just leave it out, and therefore avoid the problem completely.
    • The phrase "entweicht HTML" sounds weird. But I have to admit that I don't know how to improve it, or if there is a good possibility in German to describe 'escapes' in the computer-sense at all. Maybe leaving it out would be an alternative.
    opened by prisae 8
  • JS Minification

    JS Minification

    I know this isn't easy to do with the current implementation due to various possible setups.

    Perhaps we can brainstorm on possible solutions.

    For example my loaded hashover.php? ... can be minified by at least 21%.

    Perhaps make minification 1 time after the settings are in place and then load the minified resource from there on forward?

    Using something like this perhaps https://github.com/tedious/JShrink not sure about licensing etc.

    enhancement 
    opened by Lux-Delux 8
  • Feature request: admin name setting

    Feature request: admin name setting

    When the admin posts a comment, the name will be set to "Admin" and the website to the root of the Hashover service. Because I run Hashover on a subdomain, I don't want a link there. I also prefer not to use the name "Admin" as the commentator's name.

    Settings specifying the admin name and its website would be nice features. Even better if they were specified in the locale file. It would also be nice if the anonymous commentator's name could be specified in the same file.

    opened by nsuomine 0
  • Links are cut in notification emails

    Links are cut in notification emails

    I have set the notification email format to text. I noticed that long links get cut. For example:

    Comment: https://xxxxxxxxxxx.com/fi/matkapalveluiden-arvostelut/2017/01/= 03/norwegian-reward-piristavan-erilainen-bonusohjelma/#hashover-c1

    Page: https://xxxxxxxxxxx.com/fi/matkapalveluiden-arvostelut/2017/01/03/no= rwegian-reward-piristavan-erilainen-bonusohjelma/

    Is there a limit for the line length? Copy-pasting links won't work. Email clients also make URLs clickable and when they are cut, the links won't work.

    opened by nsuomine 0
  • Date and time localization

    Date and time localization

    If I understand correctly, dates and times should be localized automatically according to the language setting. But if I set the language to de-de, it seems that times are still using the format 1:20 pm instead 13:20.

    I also tried to override time-format and time-pattern settings when creating hashOver object but I was not able to change the time format to 24h. Probably, I am doing something wrong.

    opened by nsuomine 4
  • Is it possible to use only one email instead of a full SMTP server?

    Is it possible to use only one email instead of a full SMTP server?

    I see that in the configuration it asks me for the data of a SMTP server where there must be a domain for these two emails.

    protected $notificationEmail = '[email protected]';
    protected $noreplyEmail = '[email protected]';
    

    However for my particular case I only need $notificationEmail since the users will receive their notifications by other means and also the activity is not very big.

    What I want is to fill only this data instead of installing a complete SMTP server:

    hostMail = "smtp.domain.sample"
    portMail = 587
    authType  = "cram_md5"
    emailAddress = "[email protected]"
    password = "mypassword"
    

    What are the files that need to be modified to make these changes? or is there already a way to do it?

    opened by curiosport 0
  • Hashover 2.0 does not work under PHP 8.2

    Hashover 2.0 does not work under PHP 8.2

    Hashover 2.0 does not work under PHP 8.2 on Apache. I receive an error message and a white page:

    Deprecated: Creation of dynamic property HashOver\SpamCheck::$ip is deprecated in […]/hashover/backend/classes/spamcheck.php on line 36

    Furthermore, login fails with several fatal errors.

    opened by Torsten-K 7
  • Dmarc issues

    Dmarc issues

    In sendmail.php, some emails will be send with "From:" header being that of commenter's supplied email address, not that of server domain. But if dmarc for mail server has policy quarantine/reject set (recommended for spammer/spoofing control), those emails will be treated as spam or rejected.

    opened by glendeni 0
Owner
Jacob Barkdull
Freelance Web Developer
Jacob Barkdull
Extract colors from an image like a human would do.

ColorExtractor Extract colors from an image like a human would do. Install Via Composer $ composer require league/color-extractor:0.3.* Usage require

The League of Extraordinary Packages 1.2k Jan 3, 2023
Botble plugin comment is a comment plugin for Botble CMS

Botble plugin comment This is a plugin for Botble CMS so you have to purchase Botble CMS first to use this plugin.

Bảo Bối 27 Nov 25, 2021
Rah comment spam - Comment anti-spam plugin for Textpattern CMS

rah_comment_spam Packagist | Issues | Donate Rah_comment_spam provides customizable anti-spam tools for Textpattern CMS’ comment system. Set minimum a

Jukka Svahn 2 Apr 24, 2022
Arc admin comment preview - Simple Textpattern plugin that adds a comment preview to admin

arc_admin_comment_preview This is a Textpattern plugin for adding comment previews to the admin comment edit pages. Requirements Textpattern 4.0.8+ In

Andy Carter 1 Jan 20, 2017
Blogs System(Posts ,Comment and Notification)

About Laravel Laravel is a web application framework with expressive, elegant syntax. We believe development must be an enjoyable and creative experie

null 1 Oct 24, 2021
Rinvex Bookable is a generic resource booking system for Laravel, with the required tools to run your SAAS like services efficiently

Rinvex Bookings is a generic resource booking system for Laravel, with the required tools to run your SAAS like services efficiently. It has a simple architecture, with powerful underlying to afford solid platform for your business.

Rinvex 435 Jan 5, 2023
RecordManager is a metadata record management system intended to be used in conjunction with VuFind.

RecordManager is a metadata record management system intended to be used in conjunction with VuFind. It can also be used as an OAI-PMH repository and a generic metadata management utility.

National Library of Finland 42 Dec 14, 2022
A high-performance backend cache system. It is intended for use in speeding up dynamic web applications by alleviating database load.

A high-performance backend cache system. It is intended for use in speeding up dynamic web applications by alleviating database load. Well implemented, it can drops the database load to almost nothing, yielding faster page load times for users, better resource utilization. It is simple yet powerful.

PHPSocialNetwork 2.3k Dec 30, 2022
[READ ONLY] WordPress-specific Comment data model

Comments WordPress-specific Comment Data Model Install Via Composer composer require pop-wp-schema/comments Development The source code is hosted on t

PoP WordPress Schema 2 Dec 14, 2022
Laravel + Vuejs Nested Comment App

Laravel + Vuejs Nested Comment App

null 1 Feb 2, 2022
Ce projet vous montre comment utiliser des fonts localement dans vos applications Laravel, avec ViteJS et Tailwind CSS

Laravel - use local fonts with Tailwind CSS and Vite Ce projet est né d'un constat: vous êtes souvent nombreuses et nombreux à galérer pour utiliser d

Fred Christian 2 Sep 20, 2022
Some Joomla! 4.x Web Services Api Examples and Experiments to raise the level of awareness of the huge potiental of Joomla! 4.x Web Services.

j4x-api-examples WHY? If you are a Joomla! developer or want to become a Joomla! developer there is a new resource for you The Official New Joomla! Ma

Mr Alexandre ELISÉ 11 Nov 29, 2022
:panda_face: Jitamin is a free software written in PHP, intended to handle the project management over the web. QQ群: 656868

Jitamin Jitamin (pronounced /ˈdʒɪtəmɪn/) is a free software written in PHP, intended to handle the project management over the web. Jitamin is inspire

jitamin 916 Dec 14, 2022
Couleur is a modern PHP 8.1+ color library, intended to be compatible with CSS Color Module Level 4.

?? Couleur: A modern PHP 8.1+ color library ?? Couleur: A modern PHP 8.1+ color library ?? Presentation ⚙️ Installation ?? Quick Start ?? Usage ?? Imm

Matthieu Masta Denis 3 Oct 26, 2022
Composer plugin that wraps all composer vendor packages inside your own namespace. Intended for WordPress plugins.

Imposter Plugin Composer plugin that wraps all composer vendor packages inside your own namespace. Intended for WordPress plugins. Built with ♥ by Typ

Typist Tech 127 Dec 17, 2022
Wrapping all composer vendor packages inside your own namespace. Intended for WordPress plugins

Wrapping all composer vendor packages inside your own namespace. Intended for WordPress plugins.

Typist Tech 93 Dec 17, 2022
Antvel is an ecommerce project written in Laravel 5.* intended for building a friendly eStore either for startups or big companies.

Antvel is an ecommerce project written in Laravel 5.* intended for building a friendly eStore either for startups or big companies.

Antvel - Official 650 Dec 28, 2022
This module is intended to provide oauth authentication to freescout.

OAuth FreeScout This module is intended to provide oauth authentication to freescout. Module was tested on keycloak oauth provider with confidential o

Michael Bolsunovskyi 9 Dec 21, 2022
Document templates Laravel package is intended for creating/managing user editable document template

Document Templates Introduction Document templates Laravel package is intended for creating/managing user editable document templates, with ability to

42coders 139 Dec 15, 2022