instiki/vendor/plugins/form_spam_protection
Jacques Distler a57152d743 Fix Category Listing Bugs
The links to the category listings
were bogus, and the category listing
page needed some XSS-unprotection.
2010-05-27 00:27:49 -05:00
..
lib Update to Rails 2.3.8 2010-05-25 12:45:45 -05:00
test Clarify form_spam_protection Error Message 2008-11-30 17:44:21 -06:00
vendor/enkoder Sync with latest (2/13/2007) Instiki svn. 2007-02-13 09:55:26 -06:00
init.rb Sync with latest (2/13/2007) Instiki svn. 2007-02-13 09:55:26 -06:00
install.rb Sync with latest (2/13/2007) Instiki svn. 2007-02-13 09:55:26 -06:00
Rakefile Sync with latest (2/13/2007) Instiki svn. 2007-02-13 09:55:26 -06:00
README Sync with latest (2/13/2007) Instiki svn. 2007-02-13 09:55:26 -06:00
uninstall.rb Sync with latest (2/13/2007) Instiki svn. 2007-02-13 09:55:26 -06:00

FormSpamProtection 
==================

Tired of forms in your web application getting spammed? Captcha works but is a
pain. This plugin ensures a real person is submitting the form without
requiring anything from the user except that they have Javascript turned on.

This plugin uses the Hivelogic Enkoder, normally used to protect spambots from
harvesting e-mail addresses, to enkode a hidden field on the form. That field
is required when the user submits the form or they get an error.

To install: 
  ./script/plugin install -x http://form-spam-protection.googlecode.com/svn/form_spam_protection/

To use: In your controller, just add: 
  protect_forms_from_spam

You can also specify :only or :except just like a before filter:
  protect_forms_from_spam :only => :index

In fact, it is just a before filter. To protect only the form in one action
and the handling (but not the form) in another, do this:
  before_filter :protect_form_from_spam, :only => :new
  before_filter :protect_form_handler_from_spam, :only => :create
...though this is seldom necessary.

Bugs:
Please submit bugs through the tracker at http://code.google.com/p/form-spam-protection/issues/list

TODO:
* Add <noscript> tags to the form to display the "you must have Javascript on" message
* Make messages and resubmit limit configurable