Gro
/
webseite
forked from ag_kommunikation/webseite
0
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: Bot-Detection erweitert. (#105)

This commit is contained in:
muli 2022-06-16 16:41:24 +02:00
parent 83d4694190
commit 5a089b6a2a
2 changed files with 14 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
assets/js/contact_form.js
View File

@ -5,6 +5,7 @@ const message = document.getElementsByClassName('contact_form__message')[0];
const name = document.getElementsByClassName('contact_form__name')[0];
const email = document.getElementsByClassName('contact_form__email')[0];
const captcha = document.getElementsByClassName('contact_form__captcha')[0];
const now = (new Date().getTime/1000).toFixed();
contact_form.addEventListener('submit', function(event) {
event.preventDefault();
@ -12,6 +13,7 @@ contact_form.addEventListener('submit', function(event) {
formData.append('message', message.value);
formData.append('name', name.value);
formData.append('email', email.value);
formData.append('time_sent', now);
// If some bot entered some value, return.
if (typeof captcha.value == 'undefined') {

13
assets/php/contact_form.php
View File

@ -57,7 +57,18 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST['name'])) {
$response['errors'][] = 'Du hast keinen Namen eingegeben.';
}
if ($_POST['captcha'] != 'Nudelsuppe') {
/*
Idee zur Bot-Erkennung:
1. Ein Bot hat das Pseudocaptcha entweder leer abgeschickt, oder sich selbst etwas ausgedacht.
2. Ein Bot schickt die Daten in unter 5s ab.
3. Ein Mensch braucht nicht länger als 60min.
*/
if (
$_POST['captcha'] != 'Nudelsuppe' ||
preg_match('d{10}', $_POST['time_sent']) != 1 ||
(preg_match('d{10}', $_POST['time_sent']) != 1 && time() - $_POST['time_sent'] < 5) ||
(preg_match('d{10}', $_POST['time_sent']) != 1 && time() - $_POST['time_sent'] > 3600)
) {
$response['errors'][] = 'Wir glauben du bist ein Bot.';
}
} else {