[pLog-svn] r5081 - in plugins/branches/lifetype-1.2/hiddeninput: . class/action class/security class/view locale templates
jondaley at devel.lifetype.net
jondaley at devel.lifetype.net
Tue Mar 13 10:31:01 EDT 2007
Author: jondaley
Date: 2007-03-13 10:31:01 -0400 (Tue, 13 Mar 2007)
New Revision: 5081
Modified:
plugins/branches/lifetype-1.2/hiddeninput/class/action/pluginhiddeninputupdateconfigaction.class.php
plugins/branches/lifetype-1.2/hiddeninput/class/security/hiddeninputfilter.class.php
plugins/branches/lifetype-1.2/hiddeninput/class/view/pluginhiddeninputconfigview.class.php
plugins/branches/lifetype-1.2/hiddeninput/locale/locale_en_UK.php
plugins/branches/lifetype-1.2/hiddeninput/pluginhiddeninput.class.php
plugins/branches/lifetype-1.2/hiddeninput/readme.txt
plugins/branches/lifetype-1.2/hiddeninput/templates/hiddeninput.template
Log:
hidden input is now fancier, in that it now can have some fields empty, and some fields populated. That should confuse the spammers a bit more. There is also a printHiddenFields() function to make it easier to use this plugin
Modified: plugins/branches/lifetype-1.2/hiddeninput/class/action/pluginhiddeninputupdateconfigaction.class.php
===================================================================
--- plugins/branches/lifetype-1.2/hiddeninput/class/action/pluginhiddeninputupdateconfigaction.class.php 2007-03-13 14:29:59 UTC (rev 5080)
+++ plugins/branches/lifetype-1.2/hiddeninput/class/action/pluginhiddeninputupdateconfigaction.class.php 2007-03-13 14:31:01 UTC (rev 5081)
@@ -11,6 +11,7 @@
{
var $_pluginEnabled;
var $_hiddenFields;
+ var $_emptyFields;
function PluginHiddenInputUpdateConfigAction( $actionInfo, $request )
{
@@ -29,8 +30,27 @@
$this->setCommonData();
return false;
- }
- return true;
+ }
+
+ // Check to make sure that all values in the empty fields input
+ // box are also in the hidden fields
+ $this->_emptyFields = $this->_request->getValue("emptyFields");
+ $emptyFieldsExploded = explode(",", $this->_emptyFields);
+
+ foreach($emptyFieldsExploded as $emptyField){
+ if($emptyField = trim($emptyField)){
+ if(strpos($this->_hiddenFields, $emptyField) === FALSE){
+ $this->_view =
+ new PluginHiddenInputConfigView($this->_blogInfo);
+ $this->_view->setErrorMessage(
+ $this->_locale->tr("hiddeninput_error_emptyfields"));
+ $this->setCommonData();
+ return false;
+ }
+ }
+ }
+
+ return true;
}
function perform()
@@ -39,6 +59,7 @@
$blogSettings = $this->_blogInfo->getSettings();
$blogSettings->setValue( "plugin_hiddeninput_enabled", $this->_pluginEnabled );
$blogSettings->setValue( "plugin_hiddeninput_hiddenfields", $this->_hiddenFields );
+ $blogSettings->setValue( "plugin_hiddeninput_emptyfields", $this->_emptyFields );
$this->_blogInfo->setSettings( $blogSettings );
// save the blogs settings
Modified: plugins/branches/lifetype-1.2/hiddeninput/class/security/hiddeninputfilter.class.php
===================================================================
--- plugins/branches/lifetype-1.2/hiddeninput/class/security/hiddeninputfilter.class.php 2007-03-13 14:29:59 UTC (rev 5080)
+++ plugins/branches/lifetype-1.2/hiddeninput/class/security/hiddeninputfilter.class.php 2007-03-13 14:31:01 UTC (rev 5081)
@@ -51,9 +51,11 @@
$hiddenFields = $blogSettings->getValue( "plugin_hiddeninput_hiddenfields" );
$hiddenFieldsList = explode(",", $hiddenFields);
+ lt_include(PLOG_CLASS_PATH."plugins/hiddeninput/class/dao/hiddeninput.class.php");
foreach( $hiddenFieldsList as $hiddenField ) {
- $commentHiddenField = $request->getValue( trim($hiddenField) );
- if(!empty($commentHiddenField)) {
+ $hiddenField = trim($hiddenField);
+ $commentHiddenField = $request->getValue($hiddenField);
+ if($commentHiddenField != HiddenInput::generateValue($blogSettings, $hiddenField)){
// if there is a match, we can quit and reject this request
$result = new PipelineResult( false, HIDDEN_INPUT_MATCH_FOUND, $locale->tr("error_hiddeninput_field_missing"));
return $result;
Modified: plugins/branches/lifetype-1.2/hiddeninput/class/view/pluginhiddeninputconfigview.class.php
===================================================================
--- plugins/branches/lifetype-1.2/hiddeninput/class/view/pluginhiddeninputconfigview.class.php 2007-03-13 14:29:59 UTC (rev 5080)
+++ plugins/branches/lifetype-1.2/hiddeninput/class/view/pluginhiddeninputconfigview.class.php 2007-03-13 14:31:01 UTC (rev 5081)
@@ -18,11 +18,13 @@
$blogSettings = $this->_blogInfo->getSettings();
$pluginEnabled = $blogSettings->getValue( "plugin_hiddeninput_enabled" );
$hiddenFields = $blogSettings->getValue( "plugin_hiddeninput_hiddenfields" );
+ $emptyFields = $blogSettings->getValue( "plugin_hiddeninput_emptyfields" );
if ($hiddenFields == "") $hiddenFields = "GetOutSpammer,GoHellSpammer";
// create a view and export the settings to the template
$this->setValue( "pluginEnabled", $pluginEnabled );
- $this->setValue( "hiddenFields", $hiddenFields );
+ $this->setValue( "hiddenFields", $hiddenFields );
+ $this->setValue( "emptyFields", $emptyFields );
parent::render();
}
Modified: plugins/branches/lifetype-1.2/hiddeninput/locale/locale_en_UK.php
===================================================================
--- plugins/branches/lifetype-1.2/hiddeninput/locale/locale_en_UK.php 2007-03-13 14:29:59 UTC (rev 5080)
+++ plugins/branches/lifetype-1.2/hiddeninput/locale/locale_en_UK.php 2007-03-13 14:31:01 UTC (rev 5081)
@@ -2,15 +2,18 @@
$messages["manageAntiSpamPlugins"] = "Anti Spam Management";
$messages["ArticleReferers"] = "Hidden Input";
-$messages["hiddeninput_hiddenfields"] = 'Hidden fields for comment form, use "," to separate each field name';
+$messages["hiddeninput_hiddenfields"] = 'Hidden fields for comment form, use "," to separate each field name. List a couple fields here, and then put some of them in the "Empty Fields" box below.';
+$messages["hiddeninput_emptyfields"] = 'Hidden fields for comment form, use "," to separate each field name. These fields should be left empty when the comment is submitted.';
$messages["hiddeninput_plugin_enabled"] = "Enable this plugin";
$messages["hiddeninput_plugin"] = "Hidden Input Plugin";
$messages["hiddeninput_settings_saved_ok"] = "Hidden Input settings saved successfully!";
$messages["hiddeninput_error_hiddenfields"] = "Field names cannot be empty, you must enter at least one field!";
+$messages["hiddeninput_error_emptyfields"] = "Empty field names must be a subset of the Hidden Fields!";
$messages["error_hiddeninput_field_missing"] = "You can not leave a comment here due to the spam trap.";
$messages["label_configuration"] = "Configuration";
$messages["label_enable"] = "Enable";
$messages["label_hiddenfields"] = "Hidden Fields";
+$messages["label_emptyfields"] = "Empty Fields";
?>
\ No newline at end of file
Modified: plugins/branches/lifetype-1.2/hiddeninput/pluginhiddeninput.class.php
===================================================================
--- plugins/branches/lifetype-1.2/hiddeninput/pluginhiddeninput.class.php 2007-03-13 14:29:59 UTC (rev 5080)
+++ plugins/branches/lifetype-1.2/hiddeninput/pluginhiddeninput.class.php 2007-03-13 14:31:01 UTC (rev 5081)
@@ -18,7 +18,7 @@
$this->id = "hiddeninput";
$this->author = "Mark Wu";
$this->desc = "This plugin offers hidden fields to comment form to prevent spammer post from spam robot.";
- $this->version = "20070303";
+ $this->version = "20070313";
$this->prefix = Db::getPrefix();
@@ -73,6 +73,18 @@
return $commentHiddenFields;
}
+ function printHiddenFields()
+ {
+ lt_include(PLOG_CLASS_PATH."plugins/hiddeninput/class/dao/hiddeninput.class.php");
+ print "<style>.hidinp { display: none }</style>\n";
+ foreach($this->getHiddenFields() as $hiddenField){
+ print "<input class='hidinp' type='text' ".
+ "name='$hiddenField' value='".
+ HiddenInput::generateValue($this->blogInfo->getSettings(), $hiddenField).
+ "' />\n";
+ }
+ }
+
function getPluginConfigurationKeys(){
lt_include(PLOG_CLASS_PATH."class/data/validator/stringvalidator.class.php");
return (Array(
@@ -80,7 +92,10 @@
"type" => "boolean"),
Array("name" => "plugin_hiddeninput_hiddenfields",
"validator" => new StringValidator(),
- "type" => "integer"),
+ "type" => "string"),
+ Array("name" => "plugin_hiddeninput_emptyfields",
+ "validator" => new StringValidator(),
+ "type" => "string"),
));
}
}
Modified: plugins/branches/lifetype-1.2/hiddeninput/readme.txt
===================================================================
--- plugins/branches/lifetype-1.2/hiddeninput/readme.txt 2007-03-13 14:29:59 UTC (rev 5080)
+++ plugins/branches/lifetype-1.2/hiddeninput/readme.txt 2007-03-13 14:31:01 UTC (rev 5081)
@@ -5,30 +5,26 @@
This plugin offers you add hidden fields to your comment form to prevent comment spam robot. Usage as followed:
+Configuration:
+1. Create a number of hidden fields in the configuration settings.
+
+2. Put some of them in the "empty" list. That way, some of the fields
+ will have to be filled in, and some left blank, it will be harder
+ for the spammer to figure it out.
+
You can use:
-1. $hiddeninput->getHiddenFields() to get the hidden fields.
+1. $hiddeninput->printHiddenFields() to print out the hidden fields
Example:
Add the following code to commentform.template inside <form> ... </form>:
{if $hiddeninput}
- {foreach from=$hiddeninput->getHiddenFields() item=hiddenField}
- <input style="display: none" type="text" name="{$hiddenField}" value="" />
- {/foreach}
+ {$hiddeninput->printHiddenFields()}
{/if}
-IMPORTANT CHANGE in 1.2, you must set the value to "" rather than
-"GetOut!" or whatever you might have used in previous versions. This
-should work even better against spammers.
+IMPORTANT CHANGE in 1.2:
+ Use printHiddenFields() to print the HTML rather than doing it
+ yourself. Also, see the new EmptyField setting to confuse the
+ spammers a little more.
-Alternate method - I don't know if the spammers are smart enough to
-read the display: none thing, so I (jondaley) do it is like this:
-style.css
-.validate{
- display: none;
-}
-
-commentform.template
-<input class="validate" type="text" name="{$hiddenField}" value="" />
-
Modified: plugins/branches/lifetype-1.2/hiddeninput/templates/hiddeninput.template
===================================================================
--- plugins/branches/lifetype-1.2/hiddeninput/templates/hiddeninput.template 2007-03-13 14:29:59 UTC (rev 5080)
+++ plugins/branches/lifetype-1.2/hiddeninput/templates/hiddeninput.template 2007-03-13 14:31:01 UTC (rev 5081)
@@ -27,11 +27,22 @@
<input class="text" type="text" name="hiddenFields"
id="hiddenFields" value="{$hiddenFields}"
{user_cannot_override
- key=plugin_hiddeninput_hiddenfields}disabled="disabled"
+ key=plugin_hiddeninput_hiddenfields}readonly
{/user_cannot_override}
width="10" />
</div>
+ <div class="field">
+ <label for="emptyFields">{$locale->tr("label_emptyfields")}</label>
+ <div class="formHelp">{$locale->tr("hiddeninput_emptyfields")}</div>
+ <input class="text" type="text" name="emptyFields"
+ id="emptyFields" value="{$emptyFields}"
+ {user_cannot_override
+ key=plugin_hiddeninput_emptyfields}readonly
+ {/user_cannot_override}
+ width="10" />
+ </div>
+
</fieldset>
<div class="buttons">
More information about the pLog-svn
mailing list