e7d080db25
A slightly more efficient implementation of the above change to form_spam_protection. |
||
---|---|---|
.. | ||
lib | ||
tasks | ||
test | ||
vendor/enkoder | ||
init.rb | ||
install.rb | ||
Rakefile | ||
README | ||
uninstall.rb |
FormSpamProtection ================== Tired of forms in your web application getting spammed? Captcha works but is a pain. This plugin ensures a real person is submitting the form without requiring anything from the user except that they have Javascript turned on. This plugin uses the Hivelogic Enkoder, normally used to protect spambots from harvesting e-mail addresses, to enkode a hidden field on the form. That field is required when the user submits the form or they get an error. To install: ./script/plugin install -x http://form-spam-protection.googlecode.com/svn/form_spam_protection/ To use: In your controller, just add: protect_forms_from_spam You can also specify :only or :except just like a before filter: protect_forms_from_spam :only => :index In fact, it is just a before filter. To protect only the form in one action and the handling (but not the form) in another, do this: before_filter :protect_form_from_spam, :only => :new before_filter :protect_form_handler_from_spam, :only => :create ...though this is seldom necessary. Bugs: Please submit bugs through the tracker at http://code.google.com/p/form-spam-protection/issues/list TODO: * Add <noscript> tags to the form to display the "you must have Javascript on" message * Make messages and resubmit limit configurable