Avoiding comment spam would be good. There are a couple of ways of doing
this:
1. Use a captcha (or some similar thing like KittenAuth). Doable but
it’d bloat cruciforum quite a bit and it’d require some sort of PHP
image generation thing, which might not be included in all default PHP
builds and therefore makes installation hard. You’d implement this by
generating an image and making, say, the MD5sum of the image contents be
a hidden post field, and then compare the two once posted. CAPTCHAs are
bad for accessibility, though, and the sound alternative is
realistically not possible to do in cruciforum’s limited environment.
2. Use akismet. This would be relatively easy; just include an akismet
class in cruciforum.php (http://miphp.net/blog/view/php4_akismet_class
is one for PHP 4, which is our baseline), and use it if and only if
there is an akismet.txt file next to cruciforum.php containing the key.
This makes installation one step harder (because you have to manually
create that file), but it’d work.
What should comments detected as spam do? Cruciforum could just
blackhole them entirely—since there’s no administrator, you can’t
post a comment and then moderate it later—or a spam comment could go
into the page but look “disabled” with all links disabled, or possibly
be hidden and allow clicking to expose it.