forked from ag_kommunikation/webseite
feat: Bot-Detection erweitert. (#105)
This commit is contained in:
parent
83d4694190
commit
5a089b6a2a
@ -5,6 +5,7 @@ const message = document.getElementsByClassName('contact_form__message')[0];
|
||||
const name = document.getElementsByClassName('contact_form__name')[0];
|
||||
const email = document.getElementsByClassName('contact_form__email')[0];
|
||||
const captcha = document.getElementsByClassName('contact_form__captcha')[0];
|
||||
const now = (new Date().getTime/1000).toFixed();
|
||||
|
||||
contact_form.addEventListener('submit', function(event) {
|
||||
event.preventDefault();
|
||||
@ -12,6 +13,7 @@ contact_form.addEventListener('submit', function(event) {
|
||||
formData.append('message', message.value);
|
||||
formData.append('name', name.value);
|
||||
formData.append('email', email.value);
|
||||
formData.append('time_sent', now);
|
||||
|
||||
// If some bot entered some value, return.
|
||||
if (typeof captcha.value == 'undefined') {
|
||||
|
@ -57,7 +57,18 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
||||
if (empty($_POST['name'])) {
|
||||
$response['errors'][] = 'Du hast keinen Namen eingegeben.';
|
||||
}
|
||||
if ($_POST['captcha'] != 'Nudelsuppe') {
|
||||
/*
|
||||
Idee zur Bot-Erkennung:
|
||||
1. Ein Bot hat das Pseudocaptcha entweder leer abgeschickt, oder sich selbst etwas ausgedacht.
|
||||
2. Ein Bot schickt die Daten in unter 5s ab.
|
||||
3. Ein Mensch braucht nicht länger als 60min.
|
||||
*/
|
||||
if (
|
||||
$_POST['captcha'] != 'Nudelsuppe' ||
|
||||
preg_match('d{10}', $_POST['time_sent']) != 1 ||
|
||||
(preg_match('d{10}', $_POST['time_sent']) != 1 && time() - $_POST['time_sent'] < 5) ||
|
||||
(preg_match('d{10}', $_POST['time_sent']) != 1 && time() - $_POST['time_sent'] > 3600)
|
||||
) {
|
||||
$response['errors'][] = 'Wir glauben du bist ein Bot.';
|
||||
}
|
||||
} else {
|
||||
|
Loading…
Reference in New Issue
Block a user