@andrei-lopatenco You are correct, there is no Flags API at the moment... there never was one for the Write API plugin, and when it got ported into core, we didn't make one either.
But it sounds like a good idea.
@baris just pushed a fix that hopefully solves the user deletion bug, and I guess we all know what we're doing in the upcoming weeks re: spam prevention
What about adding support for Project Honeypot, I use it on my forum and haven't had a single spambot registration in 7 months. It stops them before they even get to the registration process. Then an option for either a Q&A or one of them new fangled captchas where you need to click the spanner or something.
Most Captchas are easily broken by bots, the only real way you can stop a spambot by using a captcha is if you build your own or use one that's not well known, the spam bot creators don't bother hacking the smaller captcha providers.
An option to use each one would be nice though, maybe a few different captcha providers, or a Question & Answer form. Then run them through someone like Stop Forum Spam whilst we're there. This, by default would also give you an edge over other bulletin board software, as most just handle it through a plugin/add-on.
I'd like to have an option within ACP like "Allow posting without javascript" and "Allow registration without javascript", because many bots do not have js activated.
The following traps could be done as well:
If these options are implemented the following should be configurable within ACP:
In combination with the database suggestion by @anooxy this should filter most bots without annoying (javascript-enabled) users in any way.
Interestingly enough I had the idea of making a Project Honeypot plugin 2 months ago
Never came around to doing it though... Still have that Poll thing and the video chatting...