Webrocker Posted August 13, 2016 Share Posted August 13, 2016 (edited) Hi, I'd like to add an input field to the page comments that should act as a honey pot: if this field has a value, the comment will not be sent. From what I can tell from the documentation, currently the spam check is only possible with an external service or with JavaScript to apply a hidden input with a pre-defined name. To me relying on JS in order to enable a site's visitor to leave a comment seems wrong, so I'd like to go the other way: Hide the honeypot input visually so it won't get filled by (human) visitors. If a (dumb) bot fills in every input it finds with values, it'll tap also in the honey pot field -- and the spam comment will not be sent. Maybe this option could be added to the comment field's settings? Cheers, Tom Edited August 13, 2016 by cstevensjr Moved this to General Support as this is a problem (issue), not a module/plugin 2 Link to comment Share on other sites More sharing options...
Robin S Posted August 13, 2016 Share Posted August 13, 2016 +1 for that suggestion. In the meantime, if you wanted to add that feature to your site you could copy the FieldtypeComments module to your /site/modules/ folder and edit the methods in CommentForm.php (because unfortunately the methods aren't hookable). You would add the honeypot inputfield in renderFormNormal() and renderFormThread(). And then check that the inputfield is empty in processInput(), changing empty() to !empty()... if($key = $this->options['requireSecurityField']) { if(!empty($data[$key])) return false; } 3 Link to comment Share on other sites More sharing options...
Webrocker Posted August 14, 2016 Author Share Posted August 14, 2016 Thanks! I'll try to mod the module as you suggest. Link to comment Share on other sites More sharing options...
Webrocker Posted August 14, 2016 Author Share Posted August 14, 2016 Hi, I think I have a first working version, I just tested it on my site. Here's the code/commit on github, all changes are in /wire/modules/Fieldtype/FieldtypeComments/CommentForm.php https://github.com/iamwebrocker/ProcessWire/commit/85638d14a1843cb6c14b48aad20e4679ac6cf2b6?diff=unified&w=1 not sure if this'll suffice to create a pull request, but for my installation, it works :-)) The "HoneyPot" Field is customizable (name and label) via the form options (similar to what is stated in the documentation for the "securityField"). $formOpts = array( 'headline'=>'', 'labels' => array( 'text' => 'Your Thoughts', 'submit' => 'Leave a reply', 'canttouchthis' => 'Leave this empty' ), 'requireHoneypotField' => 'canttouchthis' ); $page->comments->renderForm($formOpts) this results for example in <p class="CommentFormHoneypot CommentForm_honeypot"> <label><span>Leave this empty</span> <input name="canttouchthis" value="" size="3" type="text"> </label> </p> cheers, Tom Link to comment Share on other sites More sharing options...
Webrocker Posted August 27, 2016 Author Share Posted August 27, 2016 ok, I took the plunge an created a pull request: https://github.com/ryancramerdesign/ProcessWire/pull/1979 (I think it is a good omen that its ID is one of my fav songs of the Smashing Pumpkins :-)) 2 Link to comment Share on other sites More sharing options...
Webrocker Posted November 4, 2016 Author Share Posted November 4, 2016 Hi, I'm excited -- this feature now has found its way into the recent code base Thank you @Robin S for the initial nudge and @ryan for adapting this. https://github.com/processwire/processwire/pull/18#issuecomment-258186824 3 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now