From e879b2534ced30aa447db560cb459ccf8c80a6eb Mon Sep 17 00:00:00 2001 From: Dac Chartrand Date: Thu, 20 Sep 2018 13:51:02 -0400 Subject: [PATCH] Randomize field. --- inc/helpers/namespace.php | 7 +++++-- partials/contact-form.php | 5 +++-- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/inc/helpers/namespace.php b/inc/helpers/namespace.php index 1f2e42f..cdb448e 100644 --- a/inc/helpers/namespace.php +++ b/inc/helpers/namespace.php @@ -9,6 +9,7 @@ namespace Aldine\Helpers; use function \Pressbooks\Metadata\book_information_to_schema; use function \Pressbooks\Metadata\is_bisac; +use function \Pressbooks\Utility\str_starts_with; use Pressbooks\Book; /** @@ -260,8 +261,10 @@ function handle_contact_form_submission() { } if ( isset( $_POST['submitted'] ) ) { // Check the fake anti-spam honeypot field. - if ( ! empty( $_POST['firstname'] ) ) { - return false; // Honeypot failed. + foreach ( $_POST as $pkey => $pval ) { + if ( str_starts_with( $pkey, 'firstname' ) && ! empty( $pval ) ) { + return false; // Honeypot failed. + } } $contact_email = get_option( 'pb_network_contact_email', get_option( 'admin_email' ) ); $output = []; diff --git a/partials/contact-form.php b/partials/contact-form.php index 6678da5..c52baf2 100644 --- a/partials/contact-form.php +++ b/partials/contact-form.php @@ -11,6 +11,7 @@ $pb_network_contact_form_title = get_option( 'pb_network_contact_form_title' ); $contact_form_title = ( ! empty( $pb_network_contact_form_title ) ) ? $pb_network_contact_form_title : __( 'Contact Us', 'pressbooks-aldine' ); $contact_form_response = \Aldine\Helpers\handle_contact_form_submission(); +$honeypot = 'firstname' . rand(); ?> @@ -23,8 +24,8 @@ $contact_form_response = \Aldine\Helpers\handle_contact_form_submission();