2007-02-13 16:55:26 +01:00
|
|
|
require 'form_tag_helper_extensions'
|
|
|
|
module FormSpamProtection
|
|
|
|
module ClassMethods
|
|
|
|
def protect_forms_from_spam(*args)
|
|
|
|
before_filter :protect_form_from_spam, *args
|
|
|
|
before_filter :protect_form_handler_from_spam, *args
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def protect_form_from_spam
|
|
|
|
@protect_form_from_spam = true
|
|
|
|
end
|
|
|
|
|
|
|
|
def protect_form_handler_from_spam
|
|
|
|
unless request.get? || request.xml_http_request?
|
2008-01-18 21:49:28 +01:00
|
|
|
if params[:_form_key] && session[:form_keys]
|
2009-02-04 21:26:08 +01:00
|
|
|
key = Digest::SHA1.hexdigest(params[:_form_key])
|
2008-01-18 21:49:28 +01:00
|
|
|
if session[:form_keys].keys.include?(key)
|
|
|
|
session[:form_keys][key][1] += 1
|
|
|
|
if session[:form_keys][key][1] >= 4
|
|
|
|
render :text => "You cannot resubmit this form again.", :layout => 'error', :status => 403
|
|
|
|
return false
|
|
|
|
end
|
2007-02-13 16:55:26 +01:00
|
|
|
end
|
|
|
|
else
|
2008-12-01 00:44:21 +01:00
|
|
|
render :text => "You must have Javascript on, and cookies enabled, to submit this form.", :layout => 'error', :status => 403
|
2007-02-13 16:55:26 +01:00
|
|
|
return false
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
extend ClassMethods
|
|
|
|
|
|
|
|
def self.included(receiver)
|
|
|
|
receiver.extend(ClassMethods)
|
|
|
|
end
|
|
|
|
|
|
|
|
|
2008-01-17 10:20:19 +01:00
|
|
|
end
|