HTML Logo by World Wide Web Consortium (www.w3.org). Click to learn more about our commitment to accessibility and standards.

Moving forward with Composr

ocPortal has been relaunched as Composr CMS, which is now in beta. ocPortal 9 will be superseded by Composr 10.

Head over to compo.sr for our new site, and to our migration roadmap. Existing ocPortal member accounts have been mirrored.


Adding CAPTCHA to a contact us form?

Login / Search

 [ Join | More ]
 Add topic 
Posted
Rating:
#101260 (In Topic #19866)
Avatar

Honoured member

I have a contact us form that I've built based on a catalog with the standard fields, and have placed on a page using the main_contact_catalogues_block.

Unfortuntely, we're starting to get spammed by bots filling out the form with garbage information.  I've checked the security settings, blocks and catalogue configurations to see if there is anyway to enable or add the CAPTCHA verification to my contact us page, but I've come up blank??

I could be missing something somewhere, so I'm reaching out to see if anyone has ever tried this and come up with a solution?  The site is on version 8.

Thanks as always ;)
Back to the top
 
Posted
Rating:
#101265
Avatar

Well-settled

Is it controlled via the "Use CAPTCHA on feedback page" option maybe?
Back to the top
 
Posted
Rating:
#101281
Avatar

Honoured member

Thanks Duder, unfortunately I've already tried that and it doesn't work.  The application is really flexible, I would be shocked if there wasn't a way to do this?  Hopefully one of the experts will chime in!
Back to the top
 
Posted
Rating:
#101285
Avatar

Hi,

It looks like we've implementing this in v10, but it wasn't in v8 or v9.

This is the v8 file:
https://github.com/chrisgraham/ocPortal/blob/master/sources/blocks/main_contact_catalogues.php
This is the v10 file:
https://github.com/chrisgraham/ocPortal/blob/v10/sources/blocks/main_contact_catalogues.php

Probably the CAPTCHA parts of it could be back-ported. I haven't got time to test it, but try…

Code

<?php /*

 ocPortal
 Copyright (c) ocProducts, 2004-2012

 See text/EN/licence.txt for full licencing information.


 NOTE TO PROGRAMMERS:
   Do not edit this file. If you need to make changes, save your changed file to the appropriate *_custom folder
   **** If you ignore this advice, then your website upgrades (e.g. for bug fixes) will likely kill your changes ****

*/

/**
 * @license      http://opensource.org/licenses/cpal_1.0 Common Public Attribution License
 * @copyright   ocProducts Ltd
 * @package      catalogues
 */

class Block_main_contact_catalogues
{

   /**
    * Standard modular info function.
    *
    * @return ?array   Map of module info (NULL: module is disabled).
    */
   function info()
   {
      $info=array();
      $info['author']='Chris Graham';
      $info['organisation']='ocProducts';
      $info['hacked_by']=NULL;
      $info['hack_version']=NULL;
      $info['version']=2;
      $info['locked']=false;
      $info['parameters']=array('to','param');
      return $info;
   }

   /**
    * Standard modular cache function.
    *
    * @return ?array   Map of cache details (cache_on and ttl) (NULL: module is disabled).
    */
   function cacheing_environment()
   {
      $info=array();
      $info['cache_on']='(post_param(\'subject\',\'\')!=\'\')?NULL:array(array_key_exists(\'param\',$map)?$map[\'param\']:\'\',array_key_exists(\'to\',$map)?$map[\'to\']:\'\')';
      $info['ttl']=60*24*7;
      return $info;
   }

   /**
    * Standard modular run function.
    *
    * @param  array      A map of parameters.
    * @return tempcode   The result of execution.
    */
   function run($map)
   {
      if (addon_installed('captcha'))
      {
         require_code('captcha');
         $use_captcha=((get_option('captcha_on_feedback')=='1') && (use_captcha()));
      } else $use_captcha=false;

      $catalogue_name=array_key_exists('param',$map)?$map['param']:'';
      if ($catalogue_name=='') $catalogue_name=$GLOBALS['SITE_DB']->query_value('catalogues','c_name'); // Random/arbitrary (first one that comes out of the DB)

      $catalogue_title=get_translated_text($GLOBALS['SITE_DB']->query_value('catalogues','c_title'));

      if (post_param('subject','')!='')
      {
         if ($use_captcha)
         {
            enforce_captcha();
         }

         require_code('mail');
         $to_email=array_key_exists('to',$map)?$map['to']:'';
         if ($to_email=='') $to_email=NULL;
         form_to_email(NULL,'',NULL,$to_email);

         attach_message(do_lang_tempcode('SUCCESS'));
      }

      require_code('form_templates');

      $fields=new ocp_tempcode();

      if ($use_captcha)
      {
         $fields->attach(form_input_captcha());
         $text->attach(do_lang_tempcode('FORM_TIME_SECURITY'));
      }

      $special_fields=$GLOBALS['SITE_DB']->query_select('catalogue_fields',array('*'),array('c_name'=>$catalogue_name),'ORDER BY cf_order');

      $field_groups=array();

      $hidden=new ocp_tempcode();

      require_code('fields');
      foreach ($special_fields as $field_num=>$field)
      {
         $ob=get_fields_hook($field['cf_type']);
         $default=$field['cf_default'];

         $_cf_name=get_translated_text($field['cf_name']);
         $field_cat='';
         $matches=array();
         if (strpos($_cf_name,': ')!==false)
         {
            $field_cat=substr($_cf_name,0,strpos($_cf_name,': '));
            if ($field_cat.': '==$_cf_name)
            {
               $_cf_name=$field_cat; // Just been pulled out as heading, nothing after ": "
            } else
            {
               $_cf_name=substr($_cf_name,strpos($_cf_name,': ')+2);
            }
         }
         if (!array_key_exists($field_cat,$field_groups)) $field_groups[$field_cat]=new ocp_tempcode();

         $_cf_description=escape_html(get_translated_text($field['cf_description']));

         $GLOBALS['NO_DEBUG_MODE_FULLSTOP_CHECK']=true;
         $result=$ob->get_field_inputter($_cf_name,$_cf_description,$field,$default,true,!array_key_exists($field_num+1,$special_fields));
         $GLOBALS['NO_DEBUG_MODE_FULLSTOP_CHECK']=false;

         if (is_null($result)) continue;

         if (is_array($result))
         {
            $field_groups[$field_cat]->attach($result[0]);
         } else
         {
            $field_groups[$field_cat]->attach($result);
         }

         $hidden->attach(form_input_hidden('label_for__field_'.strval($field['id']),$_cf_name));

         unset($result);
         unset($ob);
      }

      if (array_key_exists('',$field_groups)) // Blank prefix must go first
      {
         $field_groups_blank=$field_groups[''];
         unset($field_groups['']);
         $field_groups=array_merge(array($field_groups_blank),$field_groups);
      }
      foreach ($field_groups as $field_group_title=>$extra_fields)
      {
         if (is_integer($field_group_title)) $field_group_title=($field_group_title==0)?'':strval($field_group_title);

         if ($field_group_title!='')
            $fields->attach(do_template('FORM_SCREEN_FIELD_SPACER',array('TITLE'=>$field_group_title)));
         $fields->attach($extra_fields);
      }

      $hidden->attach(form_input_hidden('subject',$catalogue_title));

      $url=get_self_url();

      return do_template('FORM',array('FIELDS'=>$fields,'HIDDEN'=>$hidden,'SUBMIT_NAME'=>do_lang_tempcode('SEND'),'URL'=>$url,'TEXT'=>$text));
   }

}


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#101286
Avatar

yeah, this was the commit, and my intuitive back-porting seems to match what happened in that commit:
https://github.com/chrisgraham/ocPortal/commit/b4570bd9eef420f962eb5e41d97a0494d0018841


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#101289
Avatar

Honoured member

Thanks Chris, I gave the code a try and as usual, you're right...it would probably need a fair amount of tweaking to get it to work, unfortunately as it is, it bails out and kills the whole block with any of those code changes (at least the way I tried implementing them). I appreciate the assist as always, will look for the functionality in v10 and just deal with deleting the spam contact messages for my v8 site. :)
Back to the top
 
1 guests and 0 members have just viewed this: None
Control functions:

Quick reply   Contract

Your name:
Your message: