diff options
| -rw-r--r-- | app/controllers/help_controller.rb | 9 | ||||
| -rw-r--r-- | app/models/contact_validator.rb | 2 | ||||
| -rw-r--r-- | app/views/help/contact.html.erb | 5 | ||||
| -rw-r--r-- | spec/controllers/help_controller_spec.rb | 17 |
4 files changed, 32 insertions, 1 deletions
diff --git a/app/controllers/help_controller.rb b/app/controllers/help_controller.rb index 9959df6d8..9033198a0 100644 --- a/app/controllers/help_controller.rb +++ b/app/controllers/help_controller.rb @@ -9,6 +9,7 @@ class HelpController < ApplicationController # we don't even have a control subroutine for most help pages, just see their templates before_filter :long_cache + before_filter :catch_spam, :only => [:contact] def unhappy @info_request = nil @@ -69,4 +70,12 @@ class HelpController < ApplicationController end + private + + def catch_spam + if request.post? && !params[:contact][:comment].empty? + redirect_to frontpage_url + end + end + end diff --git a/app/models/contact_validator.rb b/app/models/contact_validator.rb index 65e539669..e9a6e491c 100644 --- a/app/models/contact_validator.rb +++ b/app/models/contact_validator.rb @@ -7,7 +7,7 @@ class ContactValidator include ActiveModel::Validations - attr_accessor :name, :email, :subject, :message + attr_accessor :name, :email, :subject, :message, :comment validates_presence_of :name, :message => N_("Please enter your name") validates_presence_of :email, :message => N_("Please enter your email address") diff --git a/app/views/help/contact.html.erb b/app/views/help/contact.html.erb index ad89db9ec..e8a5fec8c 100644 --- a/app/views/help/contact.html.erb +++ b/app/views/help/contact.html.erb @@ -65,6 +65,11 @@ <%= f.text_area :message, :rows => 10, :cols => 60 %> </p> + <p style="display:none;"> + <%= f.label :comment, 'Do not fill in this field' %> + <%= f.text_field :comment %> + </p> + <% if !@last_request.nil? %> <p> <label class="form_label" for="contact_message">Include link to request:</label> diff --git a/spec/controllers/help_controller_spec.rb b/spec/controllers/help_controller_spec.rb index 8ac10e244..f92323f50 100644 --- a/spec/controllers/help_controller_spec.rb +++ b/spec/controllers/help_controller_spec.rb @@ -58,6 +58,23 @@ describe HelpController do deliveries.clear end + it 'has rudimentary spam protection' do + post :contact, { :contact => { + :name => 'Vinny Vanilli', + :email => 'vinny@localhost', + :subject => 'Why do I have such an ace name?', + :comment => 'I AM A SPAMBOT', + :message => "You really should know!!!\n\nVinny", + }, :submitted_contact_form => 1 + } + + response.should redirect_to(frontpage_path) + + deliveries = ActionMailer::Base.deliveries + deliveries.size.should == 0 + deliveries.clear + end + end end |