From f739eb84b28101c9a758999195cd22752f5a9d39 Mon Sep 17 00:00:00 2001
From: Dac Chartrand <dac.chartrand@gmail.com>
Date: Thu, 20 Sep 2018 13:33:27 -0400
Subject: [PATCH] Simple honeypot (fixes #134)

---
 inc/helpers/namespace.php | 6 +++++-
 partials/contact-form.php | 6 ++++++
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/inc/helpers/namespace.php b/inc/helpers/namespace.php
index 8f521ba..1f2e42f 100644
--- a/inc/helpers/namespace.php
+++ b/inc/helpers/namespace.php
@@ -259,6 +259,10 @@ function handle_contact_form_submission() {
 		return false; // Security check failed.
 	}
 	if ( isset( $_POST['submitted'] ) ) {
+		// Check the fake anti-spam honeypot field.
+		if ( ! empty( $_POST['firstname'] ) ) {
+			return false; // Honeypot failed.
+		}
 		$contact_email = get_option( 'pb_network_contact_email', get_option( 'admin_email' ) );
 		$output = [];
 		$name = ( isset( $_POST['visitor_name'] ) ) ? $_POST['visitor_name'] : '';
@@ -315,7 +319,7 @@ function handle_contact_form_submission() {
 		}
 		return $output;
 	}
-	return;
+	return false;
 }
 
 /**
diff --git a/partials/contact-form.php b/partials/contact-form.php
index 67f7e10..6678da5 100644
--- a/partials/contact-form.php
+++ b/partials/contact-form.php
@@ -22,6 +22,12 @@ $contact_form_response = \Aldine\Helpers\handle_contact_form_submission();
 		<?php endif; ?>
 		<?php wp_nonce_field( 'pb_root_contact_form', 'pb_root_contact_form_nonce' ); ?>
 		<input type="hidden" name="submitted" value="1">
+		<p class="form__row" style="display:none;">
+			<input type="text" name="firstname" id="firstname"/>
+			<label for="firstname">
+				<?php _e( 'Keep this field blank (required)', 'pressbooks-aldine' ); ?>
+			</label>
+		</p>
 		<p class="form__row">
 			<input id="contact-name" 
 			<?php