From 40e38dd400149ec87d2c66d27bd9f3bd43f73fbf Mon Sep 17 00:00:00 2001 From: Ralf Becker Date: Wed, 7 May 2008 13:16:09 +0000 Subject: [PATCH] bot-safer contact form --- .../inc/class.addressbook_contactform.inc.php | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/addressbook/inc/class.addressbook_contactform.inc.php b/addressbook/inc/class.addressbook_contactform.inc.php index 2ea1fb3add..25e5c8dcb0 100644 --- a/addressbook/inc/class.addressbook_contactform.inc.php +++ b/addressbook/inc/class.addressbook_contactform.inc.php @@ -7,7 +7,7 @@ * @package addressbook * @copyright (c) 2007 by Ralf Becker * @license http://opensource.org/licenses/gpl-license.php GPL - GNU General Public License - * @version $Id$ + * @version $Id$ */ require_once(EGW_INCLUDE_ROOT.'/etemplate/inc/class.uietemplate.inc.php'); @@ -37,7 +37,9 @@ class addressbook_contactform if (is_array($content)) { - if (isset($content['captcha_result']) && $content['captcha'] != $content['captcha_result']) + if (isset($content['captcha_result']) && $content['captcha'] != $content['captcha_result'] || // no correct captcha OR + time() - $content['start_time'] < 10 && // bot indicator (less then 10 sec to fill out the form and + !$GLOBALS['egw_info']['etemplate']['java_script']) // javascript disabled) { $tpl->set_validation_error('captcha',lang('Wrong - try again ...')); } @@ -75,12 +77,12 @@ class addressbook_contactform } if ($tracking->do_notifications($content,null)) { - return '

'.$content['msg'].'

'; + return '

'.$content['msg'].'

'; } else { return '

'.lang('There was an error saving your data :-(').'
'. - lang('Either the configured email addesses are wrong or the mail configuration.').'

'; + lang('Either the configured email addesses are wrong or the mail configuration.').'

'; } } } @@ -121,12 +123,13 @@ class addressbook_contactform $content['show'][$name] = true; } } + $preserv['start_time'] = time(); } $content['addr_format'] = $GLOBALS['egw_info']['user']['preferences']['addressbook']['addr_format']; - + if ($addressbook) $preserv['owner'] = $addressbook; if ($msg) $preserv['msg'] = $msg; - + // a simple calculation captcha $num1 = rand(1,99); $num2 = rand(1,99);