After upgrade to Wordpress 4.4, users are unable to post comments

If a decision to update Wordpress used to be a no-brainer, version 4.4 is troubling, and continues to produce unwanted side effects. So far I have had to fix two serious problems, an here is another one.

I have a Buddypress site. After the recent upgrade, several users reported that they're unable to post comments to posts. The users' problem reports go like this:

I can edit my own articles, but cannot comment on others comments, nor can I post a comment on other articles. I get the box to do the comment, I can type it in, but when the page reloads after saving the comment, my comment is not there.

I went back to add some replies and a new comment this morning, and none of them are being accepted by the system.

I went back to nnn page, tried the Cntl+F5, and attempted to post again – still no result. I am not sure what else to attempt on my end…

At the same time, the majority of users (including myself) seem to be able to post just fine and judging from the activity log at the site, many other users are able to leave comments.
Still, there are sufficient error reports to indicate a pattern. The problem seems to occur with comments, but not posts, activity stream or forum posts/replies. At this point I strongly suspect that the trouble has to do with the 4.4 upgrade, where some elements of the comment form have been changed.

I have now disabled the CDN caching, flushed WP Supercache and even reduced expiry time for javascripts in .htaccess to 1 hour, plus advised the users to retry after a Ctrl+F5 in their browsers. This did not present a solution for the affected.

What would be your further suggestions?

  • Predrag Dubajic

    Hey @Martino,

    Hope you're doing well today :slight_smile:

    I tried testing this on my installation and had no issues with the comments, and since it only happens on your installation in some cases I was not sure what further steps I could try to replicate this issue.

    Have you tried running basic troubleshooting by disabling your other plugins and switching to default WP theme?

    Do you have any info which browser and OS users with issues were using?

    Have you tried reinstalling BP to see if that will make any difference?

    Also, did you try posting on BP support forums to see if there are other users with similar issues?
    https://buddypress.org/support/

    Best regards,
    Predrag

  • Martino

    Thanks for your reply. I'm positive that this is a Wordpress comment flow issue, not BP. All BP-managed functions are working as previously.

    As I wasn't able to replicate the problem myself, I reckon that disabling plugins down to the naked WP site isn't an easy option - would have to be tested with the affected users while shutting down the production site for everyone else - too difficult I'm afraid.

    I'm suspecting some broken javascript/ajax interaction in the comments form, the key starting question is how to ensure that these users have received the WHOLE of WP upgrade in their browsers

  • Adam Czajczyk

    Hey Martino!

    Thanks for your explanation. I think this is a bit difficult issue as, just as you mentioned, even you weren't able to replicate this on your own site.

    I tried to test this with my setup (with BP enabled, just to make sure) but everything seems to be working fine. I understand that performing a full plugin conflict test (by disabling all the plugins) may be a bit troublesome for you at this moment, especially on "live" site but I'd like to ask you to try at least switching to default Twenty Fifteen theme and - this would be really great if you could do this - perhaps ask one of the users of your site (who experienced that error) to check if it helped.

    I'm suggesting this because I think you may be on a right track suspecting some kind of JS/Ajax issue here and Twenty Fifteen so far is most "bulletproof" theme for testing this.

    the key starting question is how to ensure that these users have received the WHOLE of WP upgrade in their browsers

    I don't think this is of much importance as an upgrade takes place on server and entire WP runs on WP. The only parts that may still "reside" in user's browsers may be e.g. some images, parts of CSS or (that's actually important) JavaScript but it should be enough to ask your users to clear their browser's cache fully as described here:

    http://www.refreshyourcache.com/en/home/

    Best regards,
    Adam

  • Martino

    I have traced the code for comments and this seems interesting. The function responsible for comments template is /buddypress/themes/bp-default/functions.php, the function name is bp_dtheme_blog_comments, declared like this...

    `/**
    * Template for comments and pingbacks.
    *
    * To override this walker in a child theme without modifying the comments template
    * simply create your own bp_dtheme_blog_comments(), and that function will be used instead.
    *
    * Used as a callback by wp_list_comments() for displaying the comments.
    *
    * @param mixed $comment Comment record from database
    * @param array $args Arguments from wp_list_comments() call
    * @param int $depth Comment nesting level
    * @see wp_list_comments()
    * @since BuddyPress (1.2)
    */
    function bp_dtheme_blog_comments( $comment, $args, $depth ) {

    This could mean that the comment posting functionality relies on some obsolete BP function.... not very good. Must look deeper into it.

  • Martino

    Patches rolled back, no difference for the affected users. Here's the latest user comment

    Well I gave it a try (again) and I got a message saying I had already posted that comment ! Oh my :slight_smile: So then I tried re-wording it, and it seemed to take it, but nothing shows up! Hope this helps some, and no worries I know you guys will get it figured out :slight_smile:

    So the problem is that something got broken between Buddypress 2.2.4 and Wordpress 4.4...

  • Adam Czajczyk

    Hello Martino!

    I took another chance to replicate it on my setup, switching themes and additional plugins and also commenting from different accounts but still no luck: everything works smoothly for me.

    I'm not quite sure yet what would it be, but I got a feeling that we both may be missing something important here. I've noticed though that you've got no domains registered with your WPMU DEV account so I'm not aware of your site address.

    That said, would it be possible that you share a link to the site in question. Furthermore, it would be really great if you could let me take a closer look at your setup via our WPMU DEV Dashboard plugin as described here:

    https://premium.wpmudev.org/manuals/wpmu-dev-dashboard-enabling-staff-login/

    Would it be possible? Let me know please!

    Best regards,
    Adam

  • Martino

    Hi Adam,
    Unfortunately I don't run the WPMU Dashboard on this setup.

    The issue is slowly developing in a quirky way. I have since had the 3rd user reporting the same problem. At the same time, asked a panel of 5 other random users to test the same, and they reported no problems at all.

    Something must be wrong at the client side of things, but what? This made me suspect Wordpress session cookie. If for any reason these went corrupt or become incompatible between WP upgrades...
    Here's a record of my recent conversation with one of the users

    Admin: Regarding your recent comment at the support forum
    I understand that you have tried this on two separate computers
    (work PC + home Mac) with the same negative result. That’s useful piece of info.

    Once again, thank you for your patience. As we were unable to replicate the problem on my end, I’d like you to assist me with the following.

    I would like to log you out from the system now – can do it centrally from the server or you can do it yourself, but please approve – you’d need to remember your password to sign in again.

    Once LOGGED OUT, please DO NOT sign in again immediately but do the following:
    1. Get back to any of the articles
    2. Try to post a comment as non-registered user. The comment form is also open for any occasional visitor, so this should be doable – the only difference being that you’d need to fill in your name & email manually.
    Does this work?

    Now please SIGN IN to the system again using your username & password.
    3. Try adding a comment to some article now.
    Does it work?

    User: Ok did as you requested, both things worked from here at work on my work PC. I will try posting from my MAC tonight when I get home. Hopefull all is resolved! Thanks so much for your work on this, I sure love iModeler and miss being able to post!

    User: Ok now I did the same thing at home from my macbook and could not post either way. So???

    Admin: Well, at this point still not sure what this all means. Last night I have activated a panel of 5-6 other users to check the same functionality. All reported smooth operation.

    Let’s stick with this. Another potentially useful piece of info is that you’re using PC and Mac. There’s certainly no reason for them first to behave similarly (badly), and now differently as soon as we were applying the same actions. What kind of internet connection (operator) are you using at home?

    Also, I have now enforced new login on your account from both machines, just to clear off this part of the test.

    What do you make of this?

  • Martino

    Sure. Feel free to comment on my old post here http://goo.gl/tm9avM. Please only mark the comments with "Testing. please ignore" as the'd all go up in the activity stream.

    I have had my hosting support turn on and check PHP error logs from the exakt time when a said user problem occurred. Showed no errors. It made me think that the problem might not be PHP code, but the Javascript that somehow fails to make an Ajax call to save the comment...

    More input from users:

    I followed your instructions – logged out and posted as a guest to the Spitfire article – it did not show up. I then logged back in and tried to post again to the same article, and I got an error message saying ”Looks like you tried to post a duplicate comment,” even though my comment doesn’t show

    I just tried commenting again on an article with the same negative results. I did notice that upon entering my comment the screen will jump to the top of the article page (a sign that the WP redirects to the new comment's non-existent bookmark - Ed.), where in the past I would stay in the area and see my comment at the bottom of the page.

    And finally, this one is even more interesting!

    Ok here is some more info that may help. I commented on the wood effect in this case and when I hot the button to post the comment, as my screen refreshes it says:
    http://nnn.com/2015/12/wood-effect-my-way/comment-page-1/#comment-241231
    Them it changes back to the address of the article. http://nnn.com/2015/12/wood-effect-my-way/ without posting my comment. Just for trial sake, I entered the address for the comment 241231 into my browser and it loaded for a second, then just went to the article.

    Awaiting your further input

  • Martino

    Finally a Breakthrough! I have checked the comment id 241231 mentioned by the above user directly in the database. The thing is: the comment is there! Went to the comments admin, and yes, all the three users' comments have been marked as spam.

    So the situation is this: for whatever reason, with or around the upgrade to WP 4.4, Akismet or Wangguard has marked the three users (or their ip addresses?) as spammers and started consequently hiding their comments from view, even though they were properly received and saved in the DB.

    The bad thing was that:
    - No error messages were ever issued to the users... (which may by the way Akismet works, but is NOT user-friendly in case of false positives)
    - This has been done to the registered users who have previously been cleared for comments.

    Judging from the fact that the spam block was also active while the users were logged out, I reckon that Akismet (or Wangguard) have blocked on IP-address level, not user id level.

    The questions are these:

    1. How do I know if its the Akisment or Wangguard that spam-marked these users?
    2. How can I permanently heave the block?
    3. Can I prevent these filters from ever blocking registered, logged in users?

    Thee questions remain, but what a relief!

  • Martino

    Fixed the Akismet API key issue. Can't possibly think that this was the souyrce of the problem, but who knows?
    My 3 questions prevail

    1. How do I know if its the Akisment or Wangguard that spam-marked these users?
    I have checked Wangguard, it does NOT mark the users as sploggers or spammers.
    2. How can I permanently heave the block?
    3. Can I prevent these filters from ever blocking registered, logged in users?

  • Adam Czajczyk

    Hello Martino!

    I'm sorry for the delay on this. It's just that we're supposed to "go by the queue" and when you post few posts in a row (before any staff member replays) the thread is automatically pushed at the end of the queue (as a newer one). I apologize for this.

    The good news is that most likely it could be the main culprit here. I never analyzed the way Akismet or Wangguard work but since you confirm that those comments were marked as SPAM, it's highly possible that due to not-valid key Akismetweren't working properly.

    1. How do I know if its the Akisment or Wangguard that spam-marked these users?
    I have checked Wangguard, it does NOT mark the users as sploggers or spammers.

    As far as I know, Akismet doesn't mark users as spammers permanently. Instead it only block comments however it doesn't inform you of any single comments and you need to periodically check comments list in your dashboard. That's the downside of this.

    I don't think there'd be other way to confirm the issue than running further test with "live users" or just observing what happens.

    2. How can I permanently heave the block?

    As Wangguard didn't mark user as splogger or spammer, we can assume that it was Akismet that was malfunctioning. I found some threads over Internet confirming that it's doing this from time to time: stubbornly marking comments of certain users as SPAM although it's not a SPAM at all (for no reason).

    There may be a solution for this but it would involve some custom coding. It seems that Akismet may install "pre_comment_approved" filter that returns "spam" string in case comment is market as spam. Therefore it should be possible to hook to that filter and apply a callback function that would change this.

    The code part is briefly described here:
    https://codex.wordpress.org/Plugin_API/Filter_Reference/pre_comment_approved

    There's a chance, I think, to use this to create either a white-list of users that would be excluded from spam check or just check whether comment was posted by registered user and automatically mark it as "1" ("approved").

    3. Can I prevent these filters from ever blocking registered, logged in users?

    See above :slight_smile:

    I hope that helps!
    Best regards,
    Adam

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.