I have given you all the ability to comment on my blog. It's something that's been horrendously lacking for quite some time, and my only excuse is that there are so few people reading this it doesn't make much of a difference. But now they are here and all 12 of my feed subscribers can come and comment.

It was actually more difficult than you'd expect, because I don't use any blog software - I write everything in HTML in emacs, and until the comments system, there was no database. So integrating it was both an exercise in architectural integrity, and philosophy - I didn't want to let you comment until the comments behaved the way I wanted them to. Mainly I wanted them to degrade gracefully, not slow down the page, and enable you to write a comment that was as thoughtful as a blog post, and formatted to same precision. The solution of course was *markdown* - which takes plain text like _this_ and changes it to this.

Oh, and since I rolled my own comment system, you'd be legitimately concerned about whether it was any good at escaping user input. I'll freely admit that I had it pretty much done, then found that every single comment field (Name, Website, Comment, Email) could be exploited. But I closed all that up. And I believe a man is only as good as his word: Exploit my comment system and I'll pay you $20. So go read my code which I've graciously provided, and start fuzzing. Here, this might help.

Update: Someone managed to break markdown, which in turn caused a javascript error in chrome. So whoever that was, identify yourself and I'll buy you a cookie =)

Second Update: My friend and general pythonista Jay Moiron broke my json encoding, proving his point that I should have used simplejson from the beginning. I relented, and fixed it.

if 1 * 2 < 3:
    print "hello, world!"