Skip to content
Permalink
Browse files

Merge pull request #402 from agdsn/spamprotection

add honeypot for spam protection
  • Loading branch information...
marcelb98 committed Mar 26, 2019
2 parents f1995ee + 111bfc2 commit 5b02a1b2e4d9c1843443bae76d806081db580c58
Showing with 26 additions and 4 deletions.
  1. +21 −3 sipa/forms.py
  2. +5 −1 sipa/static/css/style.css
@@ -72,7 +72,25 @@ def __call__(self, *args, **kwargs):
*args, readonly=True, **kwargs)


class ContactForm(FlaskForm):
class SpamCheckField(StringField):
def __init__(self, *args, **kwargs):
super().__init__(*args, **kwargs)

def __call__(self, *args, **kwargs):
c = kwargs.pop('class', '') or kwargs.pop('class_', '')
kwargs['class'] = u'%s %s' % ('honey', c)
kwargs['autocomplete'] = 'off'
return super().__call__(*args, **kwargs)


class SpamProtectedForm(FlaskForm):
# Adds a honypot for bots to the form.
# This field must not be filled out to submit the form.
# We're using 'website' as the field-name since we won't give bots a hint.
website = SpamCheckField(label="", validators=[Length(0, 0, "You seem to like honey.")])


class ContactForm(SpamProtectedForm):
email = ReadonlyStringField(
label=lazy_gettext("Deine E-Mail-Adresse"),
validators=[Email(lazy_gettext("E-Mail ist nicht in gültigem "
@@ -92,7 +110,7 @@ class ContactForm(FlaskForm):
])


class AnonymousContactForm(FlaskForm):
class AnonymousContactForm(SpamProtectedForm):
email = StrippedStringField(
label=lazy_gettext("Deine E-Mail-Adresse"),
validators=[Email(lazy_gettext("E-Mail ist nicht "
@@ -114,7 +132,7 @@ class AnonymousContactForm(FlaskForm):
])


class OfficialContactForm(FlaskForm):
class OfficialContactForm(SpamProtectedForm):
email = StrippedStringField(
label=lazy_gettext("E-Mail-Adresse"),
validators=[Email(lazy_gettext("E-Mail ist nicht "
@@ -155,4 +155,8 @@ img[alt=software_logo] {

#hints div {
margin-bottom: 10px;
}
}

.honey {
display: none;
}

0 comments on commit 5b02a1b

Please sign in to comment.
You can’t perform that action at this time.