From 8ebc38577298b0f87b64fbab7e66dc36564fa3dc Mon Sep 17 00:00:00 2001 From: Michael Vogel Date: Wed, 15 Jan 2020 18:55:32 +0100 Subject: [PATCH] Improved spam protection --- src/Module/Register.php | 24 +++++++++++++++++++----- view/templates/register.tpl | 19 +++++++++++++------ view/theme/frio/templates/register.tpl | 15 +++++++++++---- view/theme/vier/style.css | 1 + 4 files changed, 44 insertions(+), 15 deletions(-) diff --git a/src/Module/Register.php b/src/Module/Register.php index 4bf9e5edd2..bd0858ee3b 100644 --- a/src/Module/Register.php +++ b/src/Module/Register.php @@ -121,6 +121,7 @@ class Register extends BaseModule '$openid' => $openid_url, '$namelabel' => L10n::t('Your Full Name (e.g. Joe Smith, real or real-looking): '), '$addrlabel' => L10n::t('Your Email Address: (Initial information will be send there, so this has to be an existing address.)'), + '$addrlabel2' => L10n::t('Please repeat your e-mail address:'), '$ask_password' => $ask_password, '$password1' => ['password1', L10n::t('New Password:'), '', L10n::t('Leave empty for an auto generated password.')], '$password2' => ['confirm', L10n::t('Confirm:'), '', ''], @@ -196,6 +197,24 @@ class Register extends BaseModule $arr = $_POST; + // Is there text in the tar pit? + if (!empty($arr['email'])) { + Logger::info('Tar pit', $arr); + notice(L10n::t('You have entered too much information.')); + DI::baseUrl()->redirect('register/'); + } + + + // Overwriting the "tar pit" field with the real one + $arr['email'] = $arr['field1']; + + if ($arr['email'] != $arr['repeat']) { + Logger::info('Mail mismatch', $arr); + notice(L10n::t('Please enter the identical mail address in the second field.')); + $regdata = ['email' => $arr['email'], 'nickname' => $arr['nickname'], 'username' => $arr['username']]; + DI::baseUrl()->redirect('register?' . http_build_query($regdata)); + } + $arr['blocked'] = $blocked; $arr['verified'] = $verified; $arr['language'] = L10nClass::detectLanguage($_SERVER, $_GET, DI::config()->get('system', 'language')); @@ -263,11 +282,6 @@ class Register extends BaseModule DI::baseUrl()->redirect('register/'); } - // Is there text in the tar pit? - if (!empty($_POST['registertarpit'])) { - \notice(L10n::t('You have entered too much information.')); - DI::baseUrl()->redirect('register/'); - } Model\Register::createForApproval($user['uid'], Config::get('system', 'language'), $_POST['permonlybox']); diff --git a/view/templates/register.tpl b/view/templates/register.tpl index 7aa1a4d991..b47d39b975 100644 --- a/view/templates/register.tpl +++ b/view/templates/register.tpl @@ -14,7 +14,7 @@ {{if $oidlabel}}
- +
{{/if}} @@ -30,17 +30,23 @@
- +
- +
+
+ + +
+
+ {{if $ask_password}} {{include file="field_password.tpl" field=$password1}} {{include file="field_password.tpl" field=$password2}} @@ -50,13 +56,14 @@
-
@{{$sitename}}
+
@{{$sitename}}
+ + {{if $permonly}} - {{include file="field_textarea.tpl" field=$permonlybox}} - + {{include file="field_textarea.tpl" field=$permonlybox}} {{/if}} {{$publish nofilter}} diff --git a/view/theme/frio/templates/register.tpl b/view/theme/frio/templates/register.tpl index 81e519ef75..3bc6c83787 100644 --- a/view/theme/frio/templates/register.tpl +++ b/view/theme/frio/templates/register.tpl @@ -31,17 +31,23 @@
- +
- +
+
+ + +
+
+ {{if $ask_password}} {{include file="field_password.tpl" field=$password1}} {{include file="field_password.tpl" field=$password2}} @@ -49,14 +55,15 @@
- + {{$nickdesc nofilter}}
+ + {{if $permonly}} {{include file="field_textarea.tpl" field=$permonlybox}} - {{/if}} {{$publish nofilter}} diff --git a/view/theme/vier/style.css b/view/theme/vier/style.css index 3c507de366..d9e1304a90 100644 --- a/view/theme/vier/style.css +++ b/view/theme/vier/style.css @@ -2424,6 +2424,7 @@ aside #id_password { #register-name-end, #register-email-end, +#register-repeat-end, #register-nickname-end { clear: both; }