From 644937f411b309e48ce7174a787633ad0f337463 Mon Sep 17 00:00:00 2001 From: Mason James Date: Wed, 28 May 2014 13:59:20 +1200 Subject: [PATCH] Bug 3144 - anti-spam for opac-suggestions this patch adds a negative-captcha feature to the purchase suggestions form some info for the curious... http://nedbatchelder.com/text/stopbots.html https://github.com/subwindow/negative-captcha http://www.rubydoc.info/github/subwindow/negative-captcha/frames to test this patch... 1/ apply patch 2/ enable 'suggestion' and 'AnonSuggestions' sysprefs 3/ attempt to add a 'purchase suggestion' in OPAC adding the suggestion should succeed 4/ edit the koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-suggestions.tt file, to reveal the hidden 'negcap' field replace line 87 opac-suggestions.tt, from...
  • to ...
  • 5/ attempt to add another suggestion, and populate the 'negcap' field adding the suggestion should fail Signed-off-by: Christopher Brannon Signed-off-by: Jonathan Druart Amended patch: Remove the bug report number in the comment since git log cans provide the same result. Signed-off-by: Chris Cormack Signed-off-by: Galen Charlton --- .../opac-tmpl/bootstrap/en/modules/opac-suggestions.tt | 6 ++++++ opac/opac-suggestions.pl | 8 ++++++++ 2 files changed, 14 insertions(+) diff --git a/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-suggestions.tt b/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-suggestions.tt index f58dd00dd7..e10f37eec7 100644 --- a/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-suggestions.tt +++ b/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-suggestions.tt @@ -83,6 +83,12 @@
  • + + +
  • + negcap +
  • +
    diff --git a/opac/opac-suggestions.pl b/opac/opac-suggestions.pl index 72383eb1c5..ac6172d4cc 100755 --- a/opac/opac-suggestions.pl +++ b/opac/opac-suggestions.pl @@ -33,6 +33,14 @@ my $input = new CGI; my $allsuggestions = $input->param('showall'); my $op = $input->param('op'); my $suggestion = $input->Vars; +my $negcaptcha = $input->param('negcap'); + +# If a spambot accidentally populates the 'negcap' field in the sugesstions form, then silently skip and return. +if ($negcaptcha ) { + print $input->redirect("/cgi-bin/koha/opac-suggestions.pl"); + exit; +} + delete $$suggestion{$_} foreach qw; $op = 'else' unless $op; -- 2.39.5