Home Explore Help
Sign In
capslock
/
wifi-with-me
forked from FFDN/wifi-with-me
1
0
Fork 0
Files
Browse Source

(Feature) fix issue #10 : prevent robots contibution

Signed-off-by: CapsLock <faimaison@legeox.net>
CapsLock 9 years ago
parent
b8cac18e38
commit
6866ffa491
4 changed files with 27 additions and 1 deletions
Split View Show Diff Stats
  1. 21 0
      wifiwithme/apps/contribmap/decorators.py
  2. 2 0
      wifiwithme/apps/contribmap/forms.py
  3. 1 0
      wifiwithme/apps/contribmap/templates/contribmap/wifi-form.html
  4. 3 1
      wifiwithme/apps/contribmap/views.py

+ 21 - 0
wifiwithme/apps/contribmap/decorators.py
View File 

@@ -0,0 +1,21 @@
 
+from django.http import HttpResponseForbidden
 
+from .forms import PublicContribForm
 
+
 
+
 
+def prevent_robots(field_name='human_field'):
 
+    """
 
+    this decorator returns a HTTP 403 Forbidden error on POST requests
 
+    if a given field has been set
 
+
 
+    Keyword arguments :
 
+    field_name -- the name of the field to search for (default 'human_field')
 
+    """
 
+    def _dec(func):
 
+        def _wrapped_func(request, *args, **kwargs):
 
+            if request.method == 'POST':
 
+                form = PublicContribForm(request.POST)
 
+                if form.data[field_name]:
 
+                    return HttpResponseForbidden()
 
+            return func(request, *args, **kwargs)
 
+        return _wrapped_func
 
+    return _dec

+ 2 - 0
wifiwithme/apps/contribmap/forms.py
View File 

@@ -16,6 +16,8 @@ ORIENTATIONS = (
 
 
 
 class PublicContribForm(forms.ModelForm):
 
+    human_field = forms.CharField(required=False, widget=forms.HiddenInput)
 
+
 
     class Meta:
 
         model = Contrib

+ 1 - 0
wifiwithme/apps/contribmap/templates/contribmap/wifi-form.html
View File 

@@ -184,6 +184,7 @@ pourraient être intéressantes.
 
 
 
     <h2>Mes données</h2>
 
+    {{ form.human_field|formcontrol }}
 
 
     <p class="help-block">
 
 Les données collectées dans ce formulaire sont accessibles

+ 3 - 1
wifiwithme/apps/contribmap/views.py
View File 

@@ -2,16 +2,18 @@ from django.core.urlresolvers import reverse
 
 from django.http import JsonResponse, HttpResponseForbidden
 
 from django.shortcuts import render, redirect
 
 from django.views.generic import View
 
-
 
 from .forms import PublicContribForm
 
 from .models import Contrib
 
+from .decorators import prevent_robots
 
 
 
+@prevent_robots()
 
 def add_contrib(request):
 
     if request.method == 'GET':
 
         form = PublicContribForm()
 
     elif request.method == 'POST':
 
         form = PublicContribForm(request.POST)
 
+
 
         if form.is_valid():
 
             form.save()
 
             return redirect(reverse('thanks'))