summaryrefslogtreecommitdiff
path: root/www
diff options
context:
space:
mode:
authorBenny Baumann <BenBE@geshi.org>2013-01-16 04:17:53 +0100
committerBenny Baumann <BenBE@geshi.org>2013-01-16 04:17:53 +0100
commit82dbce519b4a3abab2c2b2bd714ceb248542b941 (patch)
treefdf649b88a4047481ba60c3f6d39a94df7e64c19 /www
parentedf7b3cf0e846188d6c606dabeac9c3b4e4b71bf (diff)
parent2b28585e5f4f56f4766ac144d3470273893a457e (diff)
downloadcacert-devel-82dbce519b4a3abab2c2b2bd714ceb248542b941.tar.gz
cacert-devel-82dbce519b4a3abab2c2b2bd714ceb248542b941.tar.xz
cacert-devel-82dbce519b4a3abab2c2b2bd714ceb248542b941.zip
Merge branch 'bug-795' into release
Diffstat (limited to 'www')
-rw-r--r--www/account.php43
-rw-r--r--www/index.php40
-rw-r--r--www/styles/default.css4
3 files changed, 48 insertions, 39 deletions
diff --git a/www/account.php b/www/account.php
index 0b32c2c..c7f34a3 100644
--- a/www/account.php
+++ b/www/account.php
@@ -25,34 +25,35 @@
} else if($id == 19) {
include_once("../pages/account/19.php");
exit;
- } else if($oldid == 40 && $_REQUEST['process'] != "" && $_POST['support'] != "yes") {
- $who = stripslashes($_REQUEST['who']);
- $email = stripslashes($_REQUEST['email']);
- $subject = stripslashes($_REQUEST['subject']);
- $message = stripslashes($_REQUEST['message']);
-
- $message = "From: $who\nEmail: $email\nSubject: $subject\n\nMessage:\n".$message;
-
- sendmail("support@cacert.org", "[CAcert.org] ".$subject, $message, $email, $email, "", "CAcert Website");
- showheader(_("Welcome to CAcert.org"));
- echo _("Your message has been sent.");
- showfooter();
- exit;
- } else if($oldid == 40 && $_REQUEST['process'] != "" && $_POST['support'] == "yes") {
+ } else if($oldid == 40 && $_REQUEST['process'] != "") {
$who = stripslashes($_REQUEST['who']);
$email = stripslashes($_REQUEST['email']);
$subject = stripslashes($_REQUEST['subject']);
$message = stripslashes($_REQUEST['message']);
+ //check for spam via honeypot
+ if(!isset($_REQUEST['robotest']) || !empty($_REQUEST['robotest'])){
+ echo _("Form could not be sent.");
+ showfooter();
+ exit;
+ }
- $message = "From: $who\nEmail: $email\nSubject: $subject\n\nMessage:\n".$message;
+ $message = "From: $who\nEmail: $email\nSubject: $subject\n\nMessage:\n".$message;
+ if (isset($process[0])){
+ sendmail("cacert-support@lists.cacert.org", "[website form email]: ".$subject, $message, "website-form@cacert.org", "cacert-support@lists.cacert.org, $email", "", "CAcert-Website");
+ showheader(_("Welcome to CAcert.org"));
+ echo _("Your message has been sent to the general support list.");
+ showfooter();
+ exit;
+ }
+ if (isset($process[1])){
+ sendmail("support@cacert.org", "[CAcert.org] ".$subject, $message, $email, "", "", "CAcert Support");
+ showheader(_("Welcome to CAcert.org"));
+ echo _("Your message has been sent.");
+ showfooter();
+ exit;
+ }
- sendmail("cacert-support@lists.cacert.org", "[website form email]: ".$subject, $message, "website-form@cacert.org", "cacert-support@lists.cacert.org, $email", "", "CAcert Website");
-
- showheader(_("Welcome to CAcert.org"));
- echo _("Your message has been sent to the general support list.");
- showfooter();
- exit;
} else if($id == 51 && $_GET['img'] == "show") {
$query = "select * from `tverify` where `id`='".intval($_GET['photoid'])."' and `modified`=0";
$res = mysql_query($query);
diff --git a/www/index.php b/www/index.php
index 41b6d7a..35d22d7 100644
--- a/www/index.php
+++ b/www/index.php
@@ -563,6 +563,13 @@ require_once('../includes/lib/l10n.php');
$subject = stripslashes($_REQUEST['subject']);
$message = stripslashes($_REQUEST['message']);
$secrethash = $_REQUEST['secrethash2'];
+
+ //check for spam via honeypot
+ if(!isset($_REQUEST['robotest']) || !empty($_REQUEST['robotest'])){
+ echo _("Form could not be sent.");
+ showfooter();
+ exit;
+ }
if($_SESSION['_config']['secrethash'] != $secrethash || $secrethash == "" || $_SESSION['_config']['secrethash'] == "")
{
@@ -603,26 +610,23 @@ require_once('../includes/lib/l10n.php');
}
}
- if($oldid == 11 && $process != "" && $_REQUEST['support'] != "yes")
- {
- $message = "From: $who\nEmail: $email\nSubject: $subject\n\nMessage:\n".$message;
-
- sendmail("support@cacert.org", "[CAcert.org] ".$subject, $message, $email, "", "", "CAcert Support");
- showheader(_("Welcome to CAcert.org"));
- echo _("Your message has been sent.");
- showfooter();
- exit;
- }
-
- if($oldid == 11 && $process != "" && $_REQUEST['support'] == "yes")
+ if($oldid == 11 && $process != "")
{
$message = "From: $who\nEmail: $email\nSubject: $subject\n\nMessage:\n".$message;
-
- sendmail("cacert-support@lists.cacert.org", "[website form email]: ".$subject, $message, "website-form@cacert.org", "cacert-support@lists.cacert.org, $email", "", "CAcert-Website");
- showheader(_("Welcome to CAcert.org"));
- echo _("Your message has been sent to the general support list.");
- showfooter();
- exit;
+ if (isset($process[0])){
+ sendmail("cacert-support@lists.cacert.org", "[website form email]: ".$subject, $message, "website-form@cacert.org", "cacert-support@lists.cacert.org, $email", "", "CAcert-Website");
+ showheader(_("Welcome to CAcert.org"));
+ echo _("Your message has been sent to the general support list.");
+ showfooter();
+ exit;
+ }
+ if (isset($process[1])){
+ sendmail("support@cacert.org", "[CAcert.org] ".$subject, $message, $email, "", "", "CAcert Support");
+ showheader(_("Welcome to CAcert.org"));
+ echo _("Your message has been sent.");
+ showfooter();
+ exit;
+ }
}
if(!array_key_exists('signup',$_SESSION) || $_SESSION['signup']['year'] < 1900)
diff --git a/www/styles/default.css b/www/styles/default.css
index 9fdd85c..c97e429 100644
--- a/www/styles/default.css
+++ b/www/styles/default.css
@@ -651,3 +651,7 @@ div.footerbar {
padding: 10px 10px 10px 10px;
}
+/************ Honeypot ***********/
+
+.robotic { display: none; }
+