thanks miller. I’d rather not discuss my mutancy on here.. might make people nervous. 
1. No special user access.. I just have a password on my add/edit pages. It’s simple and easy.
2. For a while, I had no problems with comment spam. Then I started to get a couple. Then one day I got like 50 at once, so I did something “extreme” - I made it so users have to have JavaScript to submit comments. I have a randomly generated spam key, and then use something like this on the page:
<form id="cform" style="display:none">
<input id="txtauthor" name="<?= $spam ?>a"/>
<input id="txtemail" name="<?= $spam ?>e"/>
<input id="txturl" name="<?= $spam ?>u"/>
<textarea id="txtbody" name="<?= $spam ?>b" rows="10" cols="40"></textarea>
<input type="hidden" id="antispam" name="antispam"/>
</form>
<script type="text/javascript">
document.getElementById('cform').style.display = 'block';
document.getElementById('antispam').value = '<?= $spam ?>';
</script>
<noscript>Sorry, you need JavaScript to post comments.</noscript>
So if the spam key is ‘xxxx’ the author field is ‘xxxxa’, email ‘xxxxe’, etc. The spam key is filled using JavaScript. Then on the server side I do this:
if (isset($_POST['antispam'])) {
$antispam = $_POST['antispam'];
$cauthor = $_POST[$antispam . 'a'];
$cbody = $_POST[$antispam . 'b'];
$cemail = $_POST[$antispam . 'e'];
$curl = $_POST[$antispam . 'u'];
if ($cbody && $cauthor)
addComment($id, $cemail, $cauthor, $cbody, $curl);
}
Haven’t had a single spam comment since!
). Can you give us details about your custom made blog?
