In wp-login.php at the root level:
Following:
$user_email = apply_filters( 'user_registration_email', $_POST['user_email'] );add:
$user_verify = $_POST['user_verify'];Following:
$errors['user_email'] = __('< strong > ERROR< /strong > : This email is already registered, please choose another one.');add:
if ($user_verify == '') { // verification
$errors['user_verify'] = __('< strong > ERROR< /strong> : Only real users can register.');
$user_verify = ''; // obviously no effect as it stands at the moment, but deals with failed verification
}Following:
< p >
< label > <?php _e('E-mail:') ... < /label >
< /p > add:
< p >
< label > <?php _e('Are you real?') ?> < br />
< input type="text" name="user_verify" id="user_verify" class="input" value="" size="10" tabindex="25"> </label>
< /p> I hope that makes some sense over the noise of Blogger formatting. As before, it adds a new input field to the registration screen which asks: "Are you real?" and which (as it stands) accepts any non-null response ("Yes", "y", "no", "What do you think?") to allow registration to continue.
I don't know whether the hooks exist to make this into a plugin, and I'm not promoting it on the wordpress.org site as if I were them, I'd take a dim view of somebody hacking around with their nice new code. However, this is effective. I got four more spam registrations in the 24 hours that I was running with 2.1 prior to modification, and they've stopped again now. And the domains from which they registered were new to me, so a blacklist wouldn't have helped.
