[tor-commits] [donate/master] Added captcha to subscription form

peterh at torproject.org peterh at torproject.org
Wed Jun 10 22:48:37 UTC 2020 

commit de457a6367b549d9c242d53e76f9ff64c5b6768f
Author: Peter Haight <peterh at giantrabbit.com>
Date:   Mon May 11 15:36:30 2020 -0700

    Added captcha to subscription form
    
    We've been getting what we think is a lot of spam from one of the Tor exit
    nodes, so we want to try a captcha on the subscription page to see if it calms
    down.
    
    Issue #46281
---
 src/SubscriptionController.php | 4 ++++
 templates/captcha.twig         | 4 ++++
 templates/index.twig           | 5 +----
 templates/subscribe.twig       | 1 +
 4 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/src/SubscriptionController.php b/src/SubscriptionController.php
index 7c7ddc68..513319ba 100644
--- a/src/SubscriptionController.php
+++ b/src/SubscriptionController.php
@@ -72,6 +72,10 @@ class SubscriptionController extends BaseController {
       'lastName' => NULL,
     );
     $errors = array();
+    $captcha = new \Tor\Captcha();
+    if (!$captcha->is_valid($parsedBody, $_SESSION)) {
+      $errors[] = "Captcha is incorrect, please check your input.";
+    }
     $subscriptionInfo = array();
     foreach ($fieldValidationRules as $fieldName => $validationRule) {
       $fieldValue = ArrayExt::fetch($parsedBody, $fieldName, '');
diff --git a/templates/captcha.twig b/templates/captcha.twig
new file mode 100644
index 00000000..084972b7
--- /dev/null
+++ b/templates/captcha.twig
@@ -0,0 +1,4 @@
+      <div class="captcha">
+        Enter the following 4 letters (case insensitive) <img src="/captcha" border="0" />
+        <input id="captcha" type="text" class="required" data-name="captcha" data-stripe="captcha" aria-label="captcha" name="captcha" size="4">
+      </div>
diff --git a/templates/index.twig b/templates/index.twig
index 2ba7fb51..979307d4 100644
--- a/templates/index.twig
+++ b/templates/index.twig
@@ -216,10 +216,7 @@
         <span id="donate-submit-amount"></span></br>
         <span id="donate-submit-perk"></span>
       </div>
-      <div class="captcha">
-        Enter the following 4 letters (case insensitive) <img src="/captcha" border="0" />
-        <input id="captcha" type="text" class="required" data-name="captcha" data-stripe="captcha" aria-label="captcha" name="captcha" size="4">
-      </div>
+      {{ include('captcha.twig') }}
       <div id="donate-submit-button">
         <input class="donate button" type="submit" value="{% trans %}Donate{% endtrans %}">
       </div>
diff --git a/templates/subscribe.twig b/templates/subscribe.twig
index c204eb8a..51cf0577 100644
--- a/templates/subscribe.twig
+++ b/templates/subscribe.twig
@@ -36,6 +36,7 @@
       <p>
         We respect your privacy. We'll never share your email with anyone or collect information about you that you didn't give us.
       </p>
+      {{ include('captcha.twig') }}
       <input class="purple button join" type="submit" value="Join">
     </form>
   </div>

More information about the tor-commits mailing list