From 64a1f148fedcf375a47f959edbdd4cab0170acea Mon Sep 17 00:00:00 2001
From: Gareth Rees <gareth@mysociety.org>
Date: Tue, 19 Aug 2014 09:29:54 +0100
Subject: Add honeypot spam protection to body update form

Intercepts the request and redirects to the homepage if the comment
field is filled in on the public body update form.
---
 app/controllers/public_body_change_requests_controller.rb | 12 ++++++++++++
 1 file changed, 12 insertions(+)

(limited to 'app/controllers/public_body_change_requests_controller.rb')

diff --git a/app/controllers/public_body_change_requests_controller.rb b/app/controllers/public_body_change_requests_controller.rb
index 4a6c5f5cb..773308546 100644
--- a/app/controllers/public_body_change_requests_controller.rb
+++ b/app/controllers/public_body_change_requests_controller.rb
@@ -1,5 +1,7 @@
 class PublicBodyChangeRequestsController < ApplicationController
 
+    before_filter :catch_spam, :only => [:create]
+
     def create
         @change_request = PublicBodyChangeRequest.from_params(params[:public_body_change_request], @user)
         if @change_request.save
@@ -23,6 +25,16 @@ class PublicBodyChangeRequestsController < ApplicationController
         else
             @title = _('Ask us to add an authority')
         end
+    end
+
+    private
 
+    def catch_spam
+        if params[:public_body_change_request].key?(:comment)
+            unless params[:public_body_change_request][:comment].empty?
+                redirect_to frontpage_url
+            end
+        end
     end
+
 end
-- 
cgit v1.2.3