Yeesh. They just don’t know when to quit.
Last night, despite my best efforts to hack this package to prevent comment posting, they still managed to find some URL to allow them to do so… I got hit with 92 more spam comments.
In desperation, I started digging through the database schema and discovered that each post has a flag that determines what level of comments to allow. I edited the table to disable comments on all existing posts, changed the default value for new db entries, and found the line in the admin interface where I type new posts that was setting comments to ‘open’ by default and overriding the prefs stored in the db.
This time had better work 