966c79a611f11fa5185cbb417f5bd74f5bf43d57 chinhli Mon Jul 1 14:24:13 2013 -0700 To DO 11139 Upgrade to hgUserSuggestion spam blocking. diff --git src/hg/hgUserSuggestion/hgUserSuggestion.c src/hg/hgUserSuggestion/hgUserSuggestion.c index 58e2c98..8d4e1e9 100644 --- src/hg/hgUserSuggestion/hgUserSuggestion.c +++ src/hg/hgUserSuggestion/hgUserSuggestion.c @@ -125,37 +125,32 @@ if (*c == '.') { if (c == domain || *(c - 1) == '.') return 0; count++; } if (*c <= ' ' || *c >= 127) return 0; if (strchr(rfc822_specials, *c)) return 0; } while (*++c); return (count >= 1); } boolean validateCategory(char *category) /* Validate the Category from the request */ { -const char *cat[5]; -cat[0] = "Tracks"; -cat[1] = "Genome Assemblies"; -cat[2] = "Browser Tools"; -cat[3] = "Command-line Utilities"; -cat[4] = "Others"; - +const char *cat[5] = {"Tracks", "Genome Assemblies", "Browser Tools", + "Command-line Utilities", "Others"}; int i; for(i=0;i<5;i++) { if (strcmp(cat[i], category)==0) return TRUE; } return FALSE; } /* javascript functions */ void printMainForm() /* Create the main suggestion form */ { hPrintf( " <FORM ACTION=\"../cgi-bin/hgUserSuggestion?do.suggestSendMail=1\" METHOD=\"POST\" ENCTYPE=\"multipart/form-data\" NAME=\"mainForm\" onLoad=\"document.forms.mainForm.name.focus()\">\n"); @@ -172,30 +167,31 @@ " <label for=\"name\">Your Name:</label><input type=\"text\" name=\"suggestName\" id=\"name\" size=\"50\"style=\"margin-left:20px\" maxlength=\"256\"/><BR><BR>\n" " <label for=\"email\">Your Email:</label><input type=\"text\" name=\"suggestEmail\" id=\"email\" size=\"50\" style=\"margin-left:70px\" maxlength=\"254\"/><BR><BR>\n" " <label for=\"confirmEmail\">Re-enter Your Email:</label><input type=\"text\" \n" " name=\"suggestCfmEmail\" id=\"cfmemail\" size=\"50\" style=\"margin-left:20px\" maxlength=\"254\"/><BR><BR>\n"); hPrintf( " <label for=\"category\">Category:</label><select name=\"suggestCategory\" id=\"category\" style=\"margin-left:20px\" maxlength=\"256\">\n" " <option selected>Tracks</option> \n" " <option>Genome Assemblies</option>\n" " <option>Browser Tools</option>\n" " <option>Command-line Utilities</option>\n" " <option>Others</option>\n" " </select><BR><BR>\n"); hPrintf( " <label for=\"summary\">Summary:</label><input type=\"text\" name=\"suggestSummary\" id=\"summary\" size=\"74\" style=\"margin-left:20px\" maxlength=\"256\"/><BR><BR>\n" " <label for=\"details\">Details:</label><BR><textarea name=\"suggestDetails\" id=\"details\" cols=\"100\" rows=\"15\" maxlength=\"4096\"></textarea><BR><BR>\n" + "<input type=\"text\" name=\"suggestWebsite\" style=\"display: none;\" />" " </div>\n"); hPrintf( " <p>\n" " <label for=\"code\">Enter the following value below: <span id=\"txtCaptchaDiv\" style=\"color:#F00\"></span><BR> \n" " <input type=\"hidden\" id=\"txtCaptcha\" /></label>\n" " <input type=\"text\" name=\"txtInput\" id=\"txtInput\" size=\"30\" />\n" " </p>\n"); hPrintf( " <div class=\"formControls\">\n" " <input id=\"sendButton\" type=\"button\" value=\"Send\" onclick=\"submitform()\"/> \n" " <input type=\"reset\" name=\"suggestClear\" value=\"Clear\" class=\"largeButton\"> \n" " </div>\n" " \n" " </FORM>\n\n"); } @@ -341,32 +337,44 @@ "<a href=\"../contacts.html#followup\">contacting us</a> and quoting your reference number:<BR><BR>%s<BR><BR>" "A copy of this information has also been sent to you at %s.<BR></p>", refID, userAddr); hPrintf( "<p><a href=\"hgUserSuggestion\">Click here if you wish to make additional suggestions.</a></p>"); hPrintf( "<p>" "<B>Your suggestion summary:</B><BR>" "%s<BR>" "<B>Your suggestion details:</B><BR>" "<pre>%s</pre>" "</p>", summary, details); } +void printInvalidForm() +/* display invalid form page */ +{ +hPrintf( + "<h2>Invalid Form.</h2>"); +hPrintf( + "<p>" + "The form is invalid. Please correct it and " + "<a href=\"javascript: history.go(-1)\">submit</a> again.</p>" + ); +} + void printInvalidCategory(char *invalidCategory) -/* display suggestion confirm page */ +/* display invalid category page */ { hPrintf( "<h2>Invalid Category.</h2>"); hPrintf( "<p>" "The category \"%s\" is invalid. Please correct it and " "<a href=\"javascript: history.go(-1)\">submit</a> again.</p>", invalidCategory); } void printInvalidEmailAddr(char *invalidEmailAddr) /* display suggestion confirm page */ { hPrintf( "<h2>Invalid email address format.</h2>"); @@ -427,36 +435,44 @@ //cartSaveSession(cart); } void submitSuggestion() /* send the suggestion to ,.. */ { /* parameters from hg.cong */ char *filter=filterKeyword(); /* values from cart */ char *sName=cartUsualString(cart,"suggestName",""); char *sEmail=cartUsualString(cart,"suggestEmail",""); char *sCategory=cartUsualString(cart,"suggestCategory",""); char *sSummary=cartUsualString(cart,"suggestSummary",""); char *sDetails=cartUsualString(cart,"suggestDetails",""); - +char *sWebsite=cartUsualString(cart,"suggestWebsite",""); char suggestID[512]; safef(suggestID, sizeof(suggestID),"%s %s", sEmail, now()); char subject[512]; safef(subject, sizeof(subject),"%s %s", filter, suggestID); +/* reject if the hidden field is not blank */ +if (isNotEmpty(sWebsite)) +{ + printInvalidForm(); + cartSetString(cart, "suggestWebsite", ""); + return; +} + /* reject suggestion if category is invalid */ if (!validateCategory(sCategory)) { printInvalidCategory(sCategory); return; } /* Send back suggestion only with valid user email address */ if (spc_email_isvalid(sEmail) != 0) { /* send back the suggestion */ sendSuggestionBack(sName, sEmail, sCategory, sSummary, sDetails, suggestID); /* send confirmation mail to user */ sendConfirmMail(sEmail,suggestID, sSummary, sDetails); /* display confirmation page */