Permalink
Browse files

Add a brute anti-spam measure.

  • Loading branch information...
1 parent 1767a04 commit adb1af84fc384a00daaea3d05913c7ea4e6b219b @crowbot crowbot committed Apr 3, 2013
@@ -14,7 +14,9 @@ def feedback
if request.post?
@feedback = Feedback.new(params[:feedback])
if @feedback.valid?
- ProblemMailer.deliver_feedback(params[:feedback], @location, @operator)
+ if !@feedback.is_spam?
+ ProblemMailer.deliver_feedback(params[:feedback], @location, @operator)
+ end
flash[:notice] = t('static.feedback.feedback_thanks')
redirect_to(root_url)
else
@@ -10,17 +10,23 @@
#
class Feedback < ActiveRecord::BaseWithoutTable
-
+
column :email, :string
column :name, :string
column :subject, :string
column :message, :string
+ column :website, :string
column :feedback_on_uri, :string
column :location_id
column :location_type
column :operator_id
validates_presence_of :email, :name, :subject, :message
validates_format_of :email, :with => Regexp.new("^#{MySociety::Validate.email_match_regexp}\$")
-
+
+ def is_spam?
+ return true if ! self.website.blank?
+ return false
+ end
+
end
@@ -15,83 +15,94 @@
<%- elsif @location %>
<%= raw t('static.feedback.location_feedback', :location => name_in_sentence(@location)) %>
<%- else %>
- <%= raw t('static.feedback.please_give_feedback', :email => mail_to(@email)) %>
- <%- end %>
- </p>
- </div>
+ <%= raw t('static.feedback.please_give_feedback', :email => mail_to(@email)) %>
+ <%- end %>
+ </p>
+ </div>
</div>
<div id="main-content" class="container">
-
- <div class='feedback-form'>
- <%- form_for(@feedback, :url => feedback_path) do |form| %>
- <div class='fieldset'>
+ <style type="text/css">
+ .feedback-form label[for=feedback_website] { display: none; }
+ .feedback-form input[id=feedback_website] { display: none; }
+ </style>
+
+
+ <div class='feedback-form'>
+ <%- form_for(@feedback, :url => feedback_path) do |form| %>
+ <div class='fieldset'>
<%- if current_user %>
<%= form.hidden_field :name, :value => current_user.name %>
<%= form.hidden_field :email, :value => current_user.email %>
<%- else %>
- <div class='form-field'>
- <%= form.label :name %>
- <%= raw form.text_field :name %>
- <%- if @feedback.errors.on(:name) %>
- <div class='error'>
- <%= error_message_on @feedback, :name %>
- </div>
- <%- end %>
- </div>
+ <div class='form-field'>
+ <%= form.label :name %>
+ <%= raw form.text_field :name %>
+ <%- if @feedback.errors.on(:name) %>
+ <div class='error'>
+ <%= error_message_on @feedback, :name %>
+ </div>
+ <%- end %>
+ </div>
- <div class='form-field'>
- <%= form.label :email %>
- <%= raw form.text_field :email %>
- <%- if @feedback.errors.on(:email) %>
- <div class='error'>
- <%= error_message_on @feedback, :email %>
- </div>
- <%- end %>
- </div>
+ <div class='form-field'>
+ <%= form.label :email %>
+ <%= raw form.text_field :email %>
+ <%- if @feedback.errors.on(:email) %>
+ <div class='error'>
+ <%= error_message_on @feedback, :email %>
+ </div>
+ <%- end %>
+
+ </div>
+
+ <div class='form-field'>
+ <%= label_tag 'feedback_website', 'Leave this blank' %>
+ <%= raw form.text_field :website %>
+ </div>
<%- end %>
- <div class='form-field'>
- <%= form.label :subject %>
- <%= raw form.text_field :subject %>
- <%- if @feedback.errors.on(:subject) %>
- <div class='error'>
- <%= error_message_on @feedback, :subject %>
- </div>
- <%- end %>
- </div>
-
- <%- if params[:url] %>
- <%= raw hidden_field_tag 'feedback[feedback_on_uri]', params[:url] %>
- <%- end %>
- <%- if @operator %>
- <%= raw hidden_field_tag 'operator_id', @operator.id %>
- <%- end %>
- <%- if @location %>
- <%= raw hidden_field_tag 'location_id', @location.id %>
- <%= raw hidden_field_tag 'location_type', @location.class.to_s %>
- <%- end %>
-
- <div class='form-field'>
- <%= form.label :message %>
- <%= raw form.text_area :message, {:rows => 8, :cols => 50} %>
- <%- if @feedback.errors.on(:message) %>
- <div class='error'>
- <%= error_message_on @feedback, :message %>
- </div>
- <%- end %>
-
- </div>
-
- <button class="button" type="submit"><%= t('static.feedback.send') %></button>
-
- </div>
- <%- end %>
- </div>
-</div>
+ <div class='form-field'>
+ <%= form.label :subject %>
+ <%= raw form.text_field :subject %>
+ <%- if @feedback.errors.on(:subject) %>
+ <div class='error'>
+ <%= error_message_on @feedback, :subject %>
+ </div>
+ <%- end %>
+ </div>
+
+ <%- if params[:url] %>
+ <%= raw hidden_field_tag 'feedback[feedback_on_uri]', params[:url] %>
+ <%- end %>
+ <%- if @operator %>
+ <%= raw hidden_field_tag 'operator_id', @operator.id %>
+ <%- end %>
+ <%- if @location %>
+ <%= raw hidden_field_tag 'location_id', @location.id %>
+ <%= raw hidden_field_tag 'location_type', @location.class.to_s %>
+ <%- end %>
+
+ <div class='form-field'>
+ <%= form.label :message %>
+ <%= raw form.text_area :message, {:rows => 8, :cols => 50} %>
+ <%- if @feedback.errors.on(:message) %>
+ <div class='error'>
+ <%= error_message_on @feedback, :message %>
+ </div>
+ <%- end %>
+
+ </div>
+
+ <button class="button" type="submit"><%= t('static.feedback.send') %></button>
+
+ </div>
+ <%- end %>
+ </div>
+</div>
@@ -0,0 +1,67 @@
+require 'spec_helper'
+
+describe StaticController do
+
+ describe 'GET #feedback' do
+
+ def make_request
+ get :feedback
+ end
+
+ it 'should render the feedback template' do
+ make_request
+ response.should render_template('static/feedback')
+ end
+
+ end
+
+ describe 'POST #feedback' do
+
+ integrate_views
+
+ before do
+ @default_params = {:feedback => {:email => 'test@example.com',
+ :message => 'Nice website',
+ :name => 'Feedback Giver',
+ :subject => 'Like it'}}
+ end
+
+ def make_request(params=@default_params)
+ post :feedback, params
+ end
+
+ it 'should show the "thanks" message' do
+ make_request
+ flash[:notice].should == 'Thanks for your feedback!'
+ end
+
+ it 'should redirect to the front page' do
+ make_request
+ response.should redirect_to(root_url)
+ end
+
+ describe 'when the spam-detecting "website" field is not filled in' do
+
+ it 'should send the feedback to the site contact address' do
+ ProblemMailer.should_receive(:deliver_feedback)
+ make_request
+ end
+
+ end
+
+ describe 'when the spam-detecting "website" field is not filled in' do
+
+ it 'should not send the feedback' do
+ ProblemMailer.should_not_receive(:deliver_feedback)
+ make_request(@default_params.merge({:feedback => {:email => 'test@example.com',
+ :message => 'Nice website',
+ :name => 'Feedback Giver',
+ :subject => 'Like it',
+ :website => 'Anything'}}))
+ end
+
+ end
+
+ end
+
+end

0 comments on commit adb1af8

Please sign in to comment.