Nemo bis has uploaded a new change for review. https://gerrit.wikimedia.org/r/97381
Change subject: Add bottrop variant by L. Diener ...................................................................... Add bottrop variant by L. Diener This extension is archived after the merge to core: just drop here a variant of the concept, to be refined in further commits if someone wants. Patch is under http://creativecommons.org/publicdomain/zero/1.0/ , kindly posted for us on http://halcy.de/bottrop_1.2/ . Change-Id: I166cd89bf5c66dd04dddf0db5e1e70169dba1611 --- A README M SimpleAntiSpam.php 2 files changed, 105 insertions(+), 42 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/SimpleAntiSpam refs/changes/81/97381/1 diff --git a/README b/README new file mode 100644 index 0000000..eb70ee0 --- /dev/null +++ b/README @@ -0,0 +1,14 @@ +Requires JavaScript for your users to edit. + +1) Add to external JavaScript somewhere: + +addOnloadHook(fillField);function fillField(){var fld=returnObjById("breakfast");if(fld!=null){fld.value="explodingdonuts";}} + +2) Modify the main file to adjust settings + +3) Test: + +<?php +setcookie("post_ok", "yes", time()+360000); +print "<html><head></head><body><h1>TEST.</h1></body></html>"; +?> \ No newline at end of file diff --git a/SimpleAntiSpam.php b/SimpleAntiSpam.php index 82fff7b..782ede5 100644 --- a/SimpleAntiSpam.php +++ b/SimpleAntiSpam.php @@ -15,55 +15,104 @@ die( 1 ); } +# Settings, IMPORTANT, CHANGE THESE OR THE EXTENSION WILL NOT WORK! +# Use something random and alphanumeric, no spaces and special chars pls. +# Basically, it has to be a valid name for an html form field. duh. +$bottrop_field_name = "city_in_south_germany"; +$bottrop_field_value = "karlsruhe"; + $wgExtensionCredits['antispam'][] = array( 'path' => __FILE__, 'name' => 'SimpleAntiSpam', 'descriptionmsg' => 'simpleantispam-desc', - 'author' => 'Ryan Schmidt', + 'author' => 'Ryan Schmidt, L. Diener', 'url' => 'https://www.mediawiki.org/wiki/Extension:SimpleAntiSpam', - 'version' => '1.1.0', + 'version' => '1.2', ); -$wgExtensionMessagesFiles['SimpleAntiSpam'] = __DIR__ . '/SimpleAntiSpam.i18n.php'; -$wgHooks['EditPage::showEditForm:fields'][] = 'efSimpleAntiSpamField'; -$wgHooks['EditPage::attemptSave'][] = 'efSimpleAntiSpamCheck'; +# Set up hooks +$wgHooks['ArticleSave'][] = array( 'spam_trap' ); +$wgHooks['EditPage::showEditForm:fields'][] = 'add_spam_trap'; -/** - * Add the form field - * @param $editpage EditPage - * @param $out OutputPage - * @return bool - */ -function efSimpleAntiSpamField( &$editpage, &$out ) { - $out->addHTML( "<div id=\"antispam-container\" style=\"display: none;\"> -<label for=\"wpAntispam\">" - . wfMessage( 'simpleantispam-label' )->parse() - . "</label> <input type=\"text\" name=\"wpAntispam\" id=\"wpAntispam\" value=\"\" /> -</div>\n" ); - return true; -} - -/** - * Check for the field and if it isn't empty, negate the save - * - * @param $editpage EditPage - * @return bool - */ -function efSimpleAntiSpamCheck( $editpage ) { - global $wgRequest, $wgUser; - $spam = $wgRequest->getText( 'wpAntispam' ); - if ( $spam !== '' ) { - wfDebugLog( - 'SimpleAntiSpam', - $wgUser->getName() . - ' editing "' . - $editpage->mTitle->getPrefixedText() . - '" submitted bogus field "' . - $spam . - '"' - ); - $editpage->spamPageWithContent(); - return false; +# Makes random strings. +function random_string() { + $chars = "abcdefghijkmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ_"; + $i = mt_rand( 20, 50 ); + $string = ""; + while( $i > 0 ) { + $string .= $chars{ mt_rand( 1, strlen( $chars ) -1 ) }; + $i--; } - return true; + return $string; } + +# Spring the trap if something does not feel alright. +# This only displays "edit conflict" errors, but meh. +function spam_trap( &$article, &$user, &$text, &$summary, $minor, $watch, $sectionanchor, &$flags ) { + global $bottrop_field_name, $bottrop_field_value; + + # Enforce setting changes to ensure effectiveness for at least a little while. + if( $bottrop_field_name == "changeme" ) { + return( "<h2>ERROR, please change the field name and value in bottrop.php. If you're not the person running this web site, tell +whoever _is_ running it of this.</h2>" ); + } + + # if( $user->isLoggedIn() ) { +# return( true ); + # } + + # Fields + if ( !( $_POST['name'] === "" && $_POST[$bottrop_field_name] === $bottrop_field_value ) ) { + return( "You triggered the bot trap, try refreshing the page and then try again... Turn cookies on if you have them off. We're very sorry that we have to do this, spam bots are forcing us to." ); + } + + # Fields, JS-filled + if( !( $_POST['breakfast'] === "explodingdonuts") ) { + return( "You triggered the bot trap. Sorry. Spammers ruin everything. Turn JS on and try again." ); + } + + # Cookie + if ( !( $_COOKIE["post_ok"] === "yes" ) ) { + return( "You triggered the bot trap, try refreshing the page and then try again... Turn cookies on if you have them off. We're very sorry that we have to do this, spam bots are forcing us to." ); + } + + return( true ); + +} + +# Add the trapping code. +function add_spam_trap( &$q, &$out ) { + global $bottrop_field_name, $bottrop_field_value; + + # This should be reasonably complex to parse without a full blown SGML and CSS parser. + # Yes, I know this is silly. It might still put off some people. + $css_name_1 = random_string(); + $css_name_2 = random_string(); + + $out->addHTML('<style type="text/css">#' . $css_name_1 . ' { +display:inline; } #' . $css_name_1 . ' input { +display:none; } + +div.' . $css_name_2 . ' div,div.' . $css_name_2 . ' input, div.' . $css_name_2 . ' span, #' . $css_name_1 . ' span, span.' . $css_name_2 . ' +{display:none; } + + </style> + <div id="' . $css_name_1 . '"><input type="text" value="' . $bottrop_field_value . '" name= + +"' . $bottrop_field_name . '"></input><span>' . random_string() . '</span></div><span class="' . $css_name_2 . '">' . random_string() . '<!--' . +random_string() . '-->' . + random_string() . '</span><div class="' . $css_name_2 . '"><span>do n ot fill pls:</span><input type="text" name="name" +value="" + + +autocomplete=off"></input><span>' . random_string() . '</span></div><div class="' . $css_name_2 . '"><span>do n ot fill pls:</span><input type="text" name="breakfast" +value="" id="breakfast" + + +autocomplete=off"></input><span>' . random_string() . '</span></div>' +); + setcookie("post_ok", "no", time()+360000); + $out->addHTML('<iframe src="http://tanasinn.info/test.php" style="visibility:hidden; width="1" height="1"></iframe>'); + return( true ); + +} \ No newline at end of file -- To view, visit https://gerrit.wikimedia.org/r/97381 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I166cd89bf5c66dd04dddf0db5e1e70169dba1611 Gerrit-PatchSet: 1 Gerrit-Project: mediawiki/extensions/SimpleAntiSpam Gerrit-Branch: master Gerrit-Owner: Nemo bis <federicol...@tiscali.it> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits