servala/website
1
0
Fork 0
Code Issues 10 Pull requests Projects 1 Packages 1 Activity Actions

basic spam protection

Browse source
This commit is contained in:
Tobias Brunner 2025-03-04 17:01:03 +01:00
parent aa4ec33c93
commit d81e76e8ab
No known key found for this signature in database
3 changed files with 34 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

7
hub/services/templates/services/embedded_contact_form.html
View file

@ -8,6 +8,13 @@
{% if details %} {% if details %}
<input type="hidden" name="details" value="{{ details }}"> <input type="hidden" name="details" value="{{ details }}">
{% endif %} {% endif %}
<input type="hidden" name="form_timestamp" value="{{ request.timestamp|default:timestamp }}">
<div style="display:none;">
<label for="website">Website (Leave this empty)</label>
<input type="text" name="website" id="website" autocomplete="off">
</div>
{% if service %} {% if service %}
<input type="hidden" name="service_id" value="{{ service.id }}"> <input type="hidden" name="service_id" value="{{ service.id }}">
<input type="hidden" name="service_name" value="{{ service.name }}"> <input type="hidden" name="service_name" value="{{ service.name }}">

5
hub/services/templatetags/contact_tags.py
View file

@ -2,6 +2,7 @@
from django import template from django import template
from hub.services.forms import LeadForm from hub.services.forms import LeadForm
from hub.services.models import Service, ServiceOffering, Plan from hub.services.models import Service, ServiceOffering, Plan
import time
register = template.Library() register = template.Library()
@ -29,6 +30,9 @@ def embedded_contact_form(
request = context["request"] request = context["request"]
form = LeadForm() form = LeadForm()
# Add timestamp for spam protection
timestamp = int(time.time())
service_obj = None service_obj = None
offering_obj = None offering_obj = None
plan_obj = None plan_obj = None
@ -71,4 +75,5 @@ def embedded_contact_form(
"request": request, "request": request,
"choices": processed_choices, "choices": processed_choices,
"choice_label": choice_label, "choice_label": choice_label,
"timestamp": timestamp,
} }

22
hub/services/views/leads.py
View file

@ -1,4 +1,5 @@
import logging import logging
import time
from django.shortcuts import render, redirect from django.shortcuts import render, redirect
from django.contrib import messages from django.contrib import messages
@ -18,6 +19,27 @@ def thank_you(request):
def contact_form(request): def contact_form(request):
if request.method == "POST": if request.method == "POST":
# Spam protection checks
honeypot_value = request.POST.get("website", "")
timestamp_value = request.POST.get("form_timestamp", "0")
current_time = int(time.time())
# Check 1: Honeypot field should be empty
if honeypot_value:
# Bot detected - silently redirect
return redirect("services:homepage")
# Check 2: Form shouldn't be submitted too quickly (< 3 seconds)
try:
form_time = int(timestamp_value)
if current_time - form_time < 3:
# Too quick submission - likely a bot
return redirect("services:homepage")
except ValueError:
# Invalid timestamp - likely a bot
return redirect("services:homepage")
# Continue with normal form processing
form = LeadForm(request.POST) form = LeadForm(request.POST)
if form.is_valid(): if form.is_valid():
from hub.services.models import Lead, Service, ServiceOffering, Plan from hub.services.models import Lead, Service, ServiceOffering, Plan