this patch adds a negative-captcha feature to the purchase suggestions form
some info for the curious...
http://nedbatchelder.com/text/stopbots.html
https://github.com/subwindow/negative-captcha
http://www.rubydoc.info/github/subwindow/negative-captcha/frames
to test this patch...
1/ apply patch
2/ enable 'suggestion' and 'AnonSuggestions' sysprefs
3/ attempt to add a 'purchase suggestion' in OPAC
adding the suggestion should succeed
4/ edit the koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-suggestions.tt file,
to reveal the hidden 'negcap' field
replace line 87 opac-suggestions.tt, from...
<li id="negcap" style="position: absolute; left: -2000px;">
to ...
<li id="negcap">
5/ attempt to add another suggestion, and populate the 'negcap' field
adding the suggestion should fail
Signed-off-by: Christopher Brannon <cbrannon@cdalibrary.org>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Amended patch: Remove the bug report number in the comment since git log
cans provide the same result.
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
<label for="note">Notes:</label>
<textarea name="note" id="note" rows="5" cols="40"></textarea>
</li>
+
+ <!-- Add a hidden 'negcap' field -->
+ <li id="negcap" style="position: absolute; left: -2000px;">
+ negcap <input type="text" name="negcap"/>
+ </li>
+
</ol>
</fieldset>
<fieldset class="action">
my $allsuggestions = $input->param('showall');
my $op = $input->param('op');
my $suggestion = $input->Vars;
+my $negcaptcha = $input->param('negcap');
+
+# If a spambot accidentally populates the 'negcap' field in the sugesstions form, then silently skip and return.
+if ($negcaptcha ) {
+ print $input->redirect("/cgi-bin/koha/opac-suggestions.pl");
+ exit;
+}
+
delete $$suggestion{$_} foreach qw<op suggestedbyme>;
$op = 'else' unless $op;
projects / koha.git / commitdiff