├── LICENSE ├── README.md ├── app ├── code │ └── community │ │ └── Hackathon │ │ └── HoneySpam │ │ ├── Block │ │ └── Honeypot.php │ │ ├── Exception.php │ │ ├── Helper │ │ └── Data.php │ │ ├── Model │ │ ├── Checker.php │ │ └── Observer.php │ │ ├── controllers │ │ ├── ErrorController.php │ │ └── IndexController.php │ │ └── etc │ │ ├── adminhtml.xml │ │ ├── config.xml │ │ └── system.xml ├── design │ └── frontend │ │ └── base │ │ └── default │ │ ├── layout │ │ └── honeyspam.xml │ │ └── template │ │ └── hackathon │ │ └── honeyspam │ │ ├── error.phtml │ │ └── honeypot.phtml └── etc │ └── modules │ └── Hackathon_HoneySpam.xml ├── composer.json ├── js └── hackathon │ └── HoneySpam │ └── honeyspam.js └── modman /LICENSE: -------------------------------------------------------------------------------- 1 | Open Software License ("OSL") v. 3.0 2 | 3 | This Open Software License (the "License") applies to any original work of authorship (the "Original Work") whose owner (the "Licensor") has placed the following licensing notice adjacent to the copyright notice for the Original Work: 4 | 5 | Licensed under the Open Software License version 3.0 6 | 7 | 1. Grant of Copyright License. Licensor grants You a worldwide, royalty-free, non-exclusive, sublicensable license, for the duration of the copyright, to do the following: 8 | 9 | 1. to reproduce the Original Work in copies, either alone or as part of a collective work; 10 | 11 | 2. to translate, adapt, alter, transform, modify, or arrange the Original Work, thereby creating derivative works ("Derivative Works") based upon the Original Work; 12 | 13 | 3. to distribute or communicate copies of the Original Work and Derivative Works to the public, with the proviso that copies of Original Work or Derivative Works that You distribute or communicate shall be licensed under this Open Software License; 14 | 15 | 4. to perform the Original Work publicly; and 16 | 17 | 5. to display the Original Work publicly. 18 | 19 | 2. Grant of Patent License. Licensor grants You a worldwide, royalty-free, non-exclusive, sublicensable license, under patent claims owned or controlled by the Licensor that are embodied in the Original Work as furnished by the Licensor, for the duration of the patents, to make, use, sell, offer for sale, have made, and import the Original Work and Derivative Works. 20 | 21 | 3. Grant of Source Code License. The term "Source Code" means the preferred form of the Original Work for making modifications to it and all available documentation describing how to modify the Original Work. Licensor agrees to provide a machine-readable copy of the Source Code of the Original Work along with each copy of the Original Work that Licensor distributes. Licensor reserves the right to satisfy this obligation by placing a machine-readable copy of the Source Code in an information repository reasonably calculated to permit inexpensive and convenient access by You for as long as Licensor continues to distribute the Original Work. 22 | 23 | 4. Exclusions From License Grant. Neither the names of Licensor, nor the names of any contributors to the Original Work, nor any of their trademarks or service marks, may be used to endorse or promote products derived from this Original Work without express prior permission of the Licensor. Except as expressly stated herein, nothing in this License grants any license to Licensor's trademarks, copyrights, patents, trade secrets or any other intellectual property. No patent license is granted to make, use, sell, offer for sale, have made, or import embodiments of any patent claims other than the licensed claims defined in Section 2. No license is granted to the trademarks of Licensor even if such marks are included in the Original Work. Nothing in this License shall be interpreted to prohibit Licensor from licensing under terms different from this License any Original Work that Licensor otherwise would have a right to license. 24 | 25 | 5. External Deployment. The term "External Deployment" means the use, distribution, or communication of the Original Work or Derivative Works in any way such that the Original Work or Derivative Works may be used by anyone other than You, whether those works are distributed or communicated to those persons or made available as an application intended for use over a network. As an express condition for the grants of license hereunder, You must treat any External Deployment by You of the Original Work or a Derivative Work as a distribution under section 1(c). 26 | 27 | 6. Attribution Rights. You must retain, in the Source Code of any Derivative Works that You create, all copyright, patent, or trademark notices from the Source Code of the Original Work, as well as any notices of licensing and any descriptive text identified therein as an "Attribution Notice." You must cause the Source Code for any Derivative Works that You create to carry a prominent Attribution Notice reasonably calculated to inform recipients that You have modified the Original Work. 28 | 29 | 7. Warranty of Provenance and Disclaimer of Warranty. Licensor warrants that the copyright in and to the Original Work and the patent rights granted herein by Licensor are owned by the Licensor or are sublicensed to You under the terms of this License with the permission of the contributor(s) of those copyrights and patent rights. Except as expressly stated in the immediately preceding sentence, the Original Work is provided under this License on an "AS IS" BASIS and WITHOUT WARRANTY, either express or implied, including, without limitation, the warranties of non-infringement, merchantability or fitness for a particular purpose. THE ENTIRE RISK AS TO THE QUALITY OF THE ORIGINAL WORK IS WITH YOU. This DISCLAIMER OF WARRANTY constitutes an essential part of this License. No license to the Original Work is granted by this License except under this disclaimer. 30 | 31 | 8. Limitation of Liability. Under no circumstances and under no legal theory, whether in tort (including negligence), contract, or otherwise, shall the Licensor be liable to anyone for any indirect, special, incidental, or consequential damages of any character arising as a result of this License or the use of the Original Work including, without limitation, damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses. This limitation of liability shall not apply to the extent applicable law prohibits such limitation. 32 | 33 | 9. Acceptance and Termination. If, at any time, You expressly assented to this License, that assent indicates your clear and irrevocable acceptance of this License and all of its terms and conditions. If You distribute or communicate copies of the Original Work or a Derivative Work, You must make a reasonable effort under the circumstances to obtain the express assent of recipients to the terms of this License. This License conditions your rights to undertake the activities listed in Section 1, including your right to create Derivative Works based upon the Original Work, and doing so without honoring these terms and conditions is prohibited by copyright law and international treaty. Nothing in this License is intended to affect copyright exceptions and limitations (including 'fair use' or 'fair dealing'). This License shall terminate immediately and You may no longer exercise any of the rights granted to You by this License upon your failure to honor the conditions in Section 1(c). 34 | 35 | 10. Termination for Patent Action. This License shall terminate automatically and You may no longer exercise any of the rights granted to You by this License as of the date You commence an action, including a cross-claim or counterclaim, against Licensor or any licensee alleging that the Original Work infringes a patent. This termination provision shall not apply for an action alleging patent infringement by combinations of the Original Work with other software or hardware. 36 | 37 | 11. Jurisdiction, Venue and Governing Law. Any action or suit relating to this License may be brought only in the courts of a jurisdiction wherein the Licensor resides or in which Licensor conducts its primary business, and under the laws of that jurisdiction excluding its conflict-of-law provisions. The application of the United Nations Convention on Contracts for the International Sale of Goods is expressly excluded. Any use of the Original Work outside the scope of this License or after its termination shall be subject to the requirements and penalties of copyright or patent law in the appropriate jurisdiction. This section shall survive the termination of this License. 38 | 39 | 12. Attorneys' Fees. In any action to enforce the terms of this License or seeking damages relating thereto, the prevailing party shall be entitled to recover its costs and expenses, including, without limitation, reasonable attorneys' fees and costs incurred in connection with such action, including any appeal of such action. This section shall survive the termination of this License. 40 | 41 | 13. Miscellaneous. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. 42 | 43 | 14. Definition of "You" in This License. "You" throughout this License, whether in upper or lower case, means an individual or a legal entity exercising rights under, and complying with all of the terms of, this License. For legal entities, "You" includes any entity that controls, is controlled by, or is under common control with you. For purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. 44 | 45 | 15. Right to Use. You may use the Original Work in all ways not otherwise restricted or conditioned by this License or by law, and Licensor promises not to interfere with or be responsible for such uses by You. 46 | 47 | 16. Modification of This License. This License is Copyright © 2005 Lawrence Rosen. Permission is granted to copy, distribute, or communicate this License without modification. Nothing in this License permits You to modify this License as applied to the Original Work or to Derivative Works. However, You may modify the text of this License and copy, distribute or communicate your modified version (the "Modified License") and apply it to other original works of authorship subject to the following conditions: (i) You may not indicate in any way that your Modified License is the "Open Software License" or "OSL" and you may not use those names in the name of your Modified License; (ii) You must replace the notice specified in the first paragraph above with the notice "Licensed under " or with a notice of your own that is not confusingly similar to the notice in this License; and (iii) You may not claim that your original works are open source software unless your Modified License has been approved by Open Source Initiative (OSI) and You comply with its license review and certification process. -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # About Hackathon Magento Honey Spam 2 | 3 | This Magento Extension adds a field which is hidden with JavaScript to the Customer Register and the Product Review Form 4 | which looks like the URL Field of a Wordpress Comment Form. If this field gets filled and the Form is send, there 5 | appears a error message and nothing will be saved. 6 | 7 | There is also a check if this form is too fast transmitted, a human normally takes a couple of Seconds or more. 8 | 9 | You can enable and disable the functionalities or set the time how long it should take to transmit this forms in the 10 | Magento Admin Backend. 11 | 12 | Freshly added: Regex-checking on all input-fields to determine a loose index for spam-level. It is not the most accurate 13 | thing at all, but it may prevent the low-end spam ("broadband spam"). You also can enable/disable this feature in the 14 | backend and set a maximum spam index trust level. 15 | 16 | ## Compatibility 17 | This module should work on Magento 1.9.x (not tested on previous versions) 18 | 19 | That said, honeyspam unfortunately doesn't work well anymore, so you might want to look into other alternatives like captchas 🤢 20 | 21 | ## Installation 22 | 23 | ### Compiler 24 | 25 | Please disable Compiler. In our experience it doens't give performance wins and costs a lot of time while debugging. 26 | 27 | ### Installation with modman 28 | 29 | Clone it within modman via `https://` or `git://`: 30 | 31 | modman clone https://github.com/magento-hackathon/HoneySpam.git 32 | modman clone git@github.com:magento-hackathon/HoneySpam.git 33 | 34 | ### Installation without modman 35 | 36 | Copy all the files in your magento root directory 37 | 38 | ### After installation 39 | 40 | Clean the cache after installation! 41 | 42 | #### Contacts form modifications 43 | 44 | Copy the file `app/design/frontend/{base_or_rwd}/default/template/contacts/form.phtml` to your own theme and insert the 45 | code 46 | 47 | getChildHtml('form_fields_before') ?> 48 | 49 | within the `
...
` tag. 50 | 51 | #### Newsletter Subscription Form Modifications 52 | 53 | Copy the file `app/design/frontend/{base_or_rwd}/default/template/newsletter/subscribe.phtml` to your own theme and 54 | insert the code 55 | 56 | getChildHtml('form_fields_before') ?> 57 | 58 | within the `
...
` tag. 59 | 60 | ## Testing 61 | 62 | After the Installation you should be able to find a input field with the id="url" in the Customer Register and in the 63 | Product Review Form, which should be hidden with our JS. 64 | 65 | ## Further Information 66 | 67 | ### Core Contributors 68 | 69 | - kortwotze 70 | - Celldweller 71 | - Andreas Emer 72 | - Bastian Ike 73 | - Fabian Blechschmidt 74 | - Sven Reichel 75 | 76 | ### Current Status of Project 77 | 78 | Complete and working. 79 | 80 | If you found errors or have ideas, [open an issue](https://github.com/magento-hackathon/HoneySpam/issues) on github or a 81 | pull request! 82 | -------------------------------------------------------------------------------- /app/code/community/Hackathon/HoneySpam/Block/Honeypot.php: -------------------------------------------------------------------------------- 1 | 19 | * @author Fabian Blechschmidt 20 | * @author Sascha Wohlgemuth 21 | * @author Bastian Ike 22 | * @author Peter Ukener 23 | * @copyright 2012 Magento Hackathon 24 | * @license http://opensource.org/licenses/osl-3.0.php Open Software License (OSL 3.0) 25 | * @link http://www.magento-hackathon.de/ 26 | */ 27 | class Hackathon_HoneySpam_Block_Honeypot extends Mage_Core_Block_Template 28 | { 29 | protected $_template = 'hackathon/honeyspam/honeypot.phtml'; 30 | 31 | /** 32 | * @return string 33 | */ 34 | public function getHoneypotName() 35 | { 36 | /* @var Hackathon_HoneySpam_Helper_Data $helper */ 37 | $helper = Mage::helper('hackathon_honeyspam'); 38 | return $helper->getHoneypotName(); 39 | } 40 | 41 | protected function _construct() 42 | { 43 | parent::_construct(); 44 | } 45 | 46 | 47 | } 48 | -------------------------------------------------------------------------------- /app/code/community/Hackathon/HoneySpam/Exception.php: -------------------------------------------------------------------------------- 1 | _resultCallback = self::RESULT_REDIRECT; 8 | $this->_resultCallbackParams = [$path, $arguments]; 9 | return $this; 10 | } 11 | } 12 | -------------------------------------------------------------------------------- /app/code/community/Hackathon/HoneySpam/Helper/Data.php: -------------------------------------------------------------------------------- 1 | 19 | * @author Fabian Blechschmidt 20 | * @author Sascha Wohlgemuth 21 | * @author Bastian Ike 22 | * @author Peter Ukener 23 | * @copyright 2012 Magento Hackathon 24 | * @license http://opensource.org/licenses/osl-3.0.php Open Software License (OSL 3.0) 25 | * @link http://www.magento-hackathon.de/ 26 | */ 27 | class Hackathon_HoneySpam_Helper_Data extends Mage_Core_Helper_Abstract 28 | { 29 | const CONFIG_PATH_INPUT_NAME = 'hackathon/honeyspam/honeypotName'; 30 | const CONFIG_PATH_ENABLE_POT = 'hackathon/honeyspam/enableHoneypotName'; 31 | const CONFIG_PATH_ENABLE_TIME = 'hackathon/honeyspam/enableHoneypotAccountCreateTime'; 32 | const CONFIG_PATH_ENABLE_SPAM = 'hackathon/honeyspam/enableSpamIndexing'; 33 | const CONFIG_PATH_INDEX_LEVEL = 'hackathon/honeyspam/spamIndexLevel'; 34 | const CONFIG_PATH_CREATE_TIME = 'hackathon/honeyspam/honeypotAccountCreateTime'; 35 | const CONFIG_PATH_ENABLE_LOG = 'hackathon/honeyspam/enableLogging'; 36 | const CONFIG_PATH_LOG_FILE = 'hackathon/honeyspam/logfile'; 37 | 38 | /** 39 | * @return bool 40 | */ 41 | public function isHoneypotNameEnabled() 42 | { 43 | return Mage::getStoreConfigFlag(self::CONFIG_PATH_ENABLE_POT); 44 | } 45 | 46 | /** 47 | * @return bool 48 | */ 49 | public function isSpamIndexingEnabled() 50 | { 51 | return Mage::getStoreConfigFlag(self::CONFIG_PATH_ENABLE_SPAM); 52 | } 53 | 54 | /** 55 | * @return bool 56 | */ 57 | public function isHoneypotAccountCreateTimeEnabled() 58 | { 59 | return Mage::getStoreConfigFlag(self::CONFIG_PATH_ENABLE_TIME); 60 | } 61 | 62 | /** 63 | * @return string 64 | */ 65 | public function getSpamIndexLevel() 66 | { 67 | return Mage::getStoreConfig(self::CONFIG_PATH_INDEX_LEVEL); 68 | } 69 | 70 | /** 71 | * @return string 72 | */ 73 | public function getHoneypotAccountCreateTime() 74 | { 75 | return Mage::getStoreConfig(self::CONFIG_PATH_CREATE_TIME); 76 | } 77 | 78 | /** 79 | * @param string $message 80 | * @param int $level 81 | */ 82 | public function log($message, $level = Zend_Log::INFO) 83 | { 84 | if ($this->isLoggingEnabled()) { 85 | Mage::log($message, $level, $this->getLogFilename()); 86 | } 87 | } 88 | 89 | /** 90 | * @return bool 91 | */ 92 | public function isLoggingEnabled() 93 | { 94 | return Mage::getStoreConfigFlag(self::CONFIG_PATH_ENABLE_LOG); 95 | } 96 | 97 | /** 98 | * @return string 99 | */ 100 | public function getLogFilename() 101 | { 102 | return Mage::getStoreConfig(self::CONFIG_PATH_LOG_FILE); 103 | } 104 | 105 | /** 106 | * @return bool 107 | */ 108 | public function isHoneypotFilled() 109 | { 110 | return strlen($this->_getRequest()->getParam($this->getHoneypotName())); 111 | } 112 | 113 | /** 114 | * @return string 115 | */ 116 | public function getHoneypotName() 117 | { 118 | return Mage::getStoreConfig(self::CONFIG_PATH_INPUT_NAME); 119 | } 120 | 121 | /** 122 | * @return array 123 | */ 124 | public function getRequestParams() 125 | { 126 | return $this->_getRequest()->getParams(); 127 | } 128 | } 129 | -------------------------------------------------------------------------------- /app/code/community/Hackathon/HoneySpam/Model/Checker.php: -------------------------------------------------------------------------------- 1 | 18 | * @author Fabian Blechschmidt 19 | * @author Sascha Wohlgemuth 20 | * @author Bastian Ike 21 | * @author Peter Ukener 22 | * @copyright 2012 Magento Hackathon 23 | * @license http://opensource.org/licenses/osl-3.0.php Open Software License (OSL 3.0) 24 | * @link http://www.magento-hackathon.de/ 25 | */ 26 | 27 | class Hackathon_HoneySpam_Model_Checker extends Mage_Core_Model_Abstract 28 | { 29 | /** 30 | * @param array $params 31 | * @return int 32 | */ 33 | public function init($params) 34 | { 35 | $firstname = $params['firstname']; 36 | $lastname = $params['lastname']; 37 | $emailprefix = explode('@', $params['email']); 38 | $emailprefix = $emailprefix[0]; 39 | 40 | $params = [$firstname, $lastname, $emailprefix]; 41 | 42 | return $this->check($firstname, $lastname, $emailprefix, $params); 43 | } 44 | 45 | /** 46 | * @param string $firstname 47 | * @param string $lastname 48 | * @param string $emailprefix 49 | * @param array $params 50 | * @return int 51 | */ 52 | public function check($firstname, $lastname, $emailprefix, $params) 53 | { 54 | /* @var Hackathon_HoneySpam_Helper_Data $helper */ 55 | $helper = Mage::helper('hackathon_honeyspam'); 56 | 57 | $_index = 0; 58 | 59 | // Two fields identical 60 | if ($firstname == $lastname) { 61 | $_index += 1; 62 | // the third one? 63 | if ($lastname == $emailprefix) { 64 | $_index += 2; 65 | } 66 | // Two fields... 67 | } elseif ($firstname == $emailprefix) { 68 | $_index += 1; 69 | if ($lastname == $firstname) { 70 | // the third one? 71 | $_index += 2; 72 | } 73 | } elseif ($lastname == $emailprefix) { 74 | $_index += 1; 75 | if ($firstname == $lastname) { 76 | $_index += 2; 77 | } 78 | } 79 | 80 | /** 81 | * 82 | * This loop checks all parameters seperately on 83 | * different aspects such as length or content 84 | * 85 | **/ 86 | 87 | foreach ($params as $param) { 88 | if (strlen($param) >= 15) { // item has more than 15 chars = spam possibility increases a little 89 | $_index += 1; 90 | $helper->log("SPAM: " . $param . " has more than 15 Characters"); 91 | } 92 | 93 | if (is_numeric($param)) { // Param contains numbers only == spam (heavy rating!) 94 | $_index += 2.5; 95 | $helper->log("SPAM: " . $param . " contains only numbers"); 96 | } 97 | 98 | if (preg_match("([b-df-hj-np-tv-z]{3})", $param, $matches)) { // More than 3 consecutive consonants == Spam! 99 | if (!($matches[0] == "rrm")) { // Herrmann is okay 100 | $_index += 1; 101 | $helper->log("SPAM: " . $param . " contains 3 or more consecutive consonants"); 102 | } 103 | } 104 | 105 | if (preg_match("([aeiou]{3})", $param, $matches)) { // More than 3 consecutive vowels == spam 106 | if (!($matches[0] == "eie")) { 107 | $_index += 1; 108 | $helper->log("matches: " . $matches[0]); // Meier is okay 109 | $helper->log("SPAM: " . $param . " contains 3 consecutive vowels"); 110 | } 111 | } 112 | 113 | if (preg_match("([A-Z]{2,})", 114 | substr($param, -4))) { // At least two CAPITALS at the end of a string == Spam! 115 | $_index += 1; 116 | $helper->log("SPAM: " . $param . " has at least 2 CAPITAL letters at the end"); 117 | } 118 | 119 | if (preg_match_all("([A-Z])", $param, $matches) > 3) { // Param contains more than 3 Capital letters at all 120 | $_index += 1; 121 | $helper->log("SPAM: " . $param . " contains more than 3 CAPITALS at all"); 122 | } 123 | 124 | if (preg_match("([a-z])", substr($param, 1, 1)) 125 | && preg_match("([A-Z])", substr($param, 1, 1))) { // Param starts with a lowercase+uppercase 126 | $_index += 1; 127 | $helper->log("SPAM: " . $param . " starts with a combination lc/uc. E.g. aJohn, bSmith..."); 128 | } 129 | } 130 | 131 | return $_index; 132 | } 133 | } 134 | -------------------------------------------------------------------------------- /app/code/community/Hackathon/HoneySpam/Model/Observer.php: -------------------------------------------------------------------------------- 1 | 19 | * @author Fabian Blechschmidt 20 | * @author Sascha Wohlgemuth 21 | * @author Bastian Ike 22 | * @author Peter Ukener 23 | * @copyright 2012 Magento Hackathon 24 | * @license http://opensource.org/licenses/osl-3.0.php Open Software License (OSL 3.0) 25 | * @link http://www.magento-hackathon.de/ 26 | */ 27 | class Hackathon_HoneySpam_Model_Observer 28 | { 29 | /** 30 | * call rules 31 | * 32 | * @throws Hackathon_HoneySpam_Exception 33 | */ 34 | public function checkHoneypotCustomerAccountCreatepost() 35 | { 36 | $helper = $this->getHelper(); 37 | if ($helper->isHoneypotNameEnabled()) { 38 | $this->_checkHoneypot(); 39 | } 40 | 41 | if ($helper->isHoneypotAccountCreateTimeEnabled()) { 42 | $this->_checkTimestamp(); 43 | } 44 | 45 | if ($helper->isSpamIndexingEnabled()) { 46 | $this->_indexLoginParams(); 47 | } 48 | } 49 | 50 | /** 51 | * @return Hackathon_HoneySpam_Helper_Data 52 | */ 53 | private function getHelper() 54 | { 55 | return Mage::helper('hackathon_honeyspam'); 56 | } 57 | 58 | /** 59 | * validate honeypot field 60 | * 61 | * @throws Hackathon_HoneySpam_Exception 62 | */ 63 | protected function _checkHoneypot() 64 | { 65 | $helper = $this->getHelper(); 66 | if ($helper->isHoneypotFilled()) { 67 | $helper->log('Honeypot Input filled. Aborted.', Zend_Log::WARN); 68 | 69 | $e = new Hackathon_HoneySpam_Exception(); 70 | $e->prepareRedirect('honeyspam/error/index'); 71 | throw $e; 72 | } 73 | } 74 | 75 | /** 76 | * validate time 77 | * 78 | * @throws Hackathon_HoneySpam_Exception 79 | */ 80 | protected function _checkTimestamp() 81 | { 82 | $helper = $this->getHelper(); 83 | $session = $this->getCustomerSession(); 84 | 85 | if (!$session->getData('account_create_time', false) 86 | || ($session->getData('account_create_time') > (time() - $helper->getHoneypotAccountCreateTime())) 87 | ) { 88 | $helper->log('Honeypot Timestamp filled. Aborted.', Zend_Log::WARN); 89 | 90 | $e = new Hackathon_HoneySpam_Exception(); 91 | $e->prepareRedirect('honeyspam/error/index'); 92 | throw $e; 93 | } 94 | } 95 | 96 | /** 97 | * @return Mage_Customer_Model_Session 98 | */ 99 | private function getCustomerSession() 100 | { 101 | return Mage::getSingleton('customer/session'); 102 | } 103 | 104 | /** 105 | * Invoke indexing 106 | * 107 | * @throws Hackathon_HoneySpam_Exception 108 | */ 109 | protected function _indexLoginParams() 110 | { 111 | $helper = $this->getHelper(); 112 | $return = $this->getCheckerModel()->init($helper->getRequestParams()); 113 | if ($return >= $helper->getSpamIndexLevel()) { 114 | $helper->log("Honeypot spam index at $return. Aborted.", Zend_Log::WARN); 115 | 116 | $e = new Hackathon_HoneySpam_Exception(); 117 | $e->prepareRedirect('honeyspam/error/index'); 118 | throw $e; 119 | } 120 | } 121 | 122 | /** 123 | * @return Hackathon_HoneySpam_Model_Checker 124 | */ 125 | private function getCheckerModel() 126 | { 127 | return Mage::getModel('hackathon_honeyspam/checker'); 128 | } 129 | 130 | /** 131 | * @throws Hackathon_HoneySpam_Exception 132 | */ 133 | public function checkHoneypot() 134 | { 135 | if ($this->getHelper()->isHoneypotNameEnabled()) { 136 | $this->_checkHoneypot(); 137 | } 138 | } 139 | 140 | /** 141 | * set access timestamp 142 | */ 143 | public function checkHoneypotCustomerAccountCreate() 144 | { 145 | $this->getCustomerSession()->setData('account_create_time', time()); 146 | } 147 | } 148 | -------------------------------------------------------------------------------- /app/code/community/Hackathon/HoneySpam/controllers/ErrorController.php: -------------------------------------------------------------------------------- 1 | 19 | * @author Fabian Blechschmidt 20 | * @author Sascha Wohlgemuth 21 | * @author Bastian Ike 22 | * @author Peter Ukener 23 | * @copyright 2012 Magento Hackathon 24 | * @license http://opensource.org/licenses/osl-3.0.php Open Software License (OSL 3.0) 25 | * @link http://www.magento-hackathon.de/ 26 | */ 27 | class Hackathon_HoneySpam_ErrorController extends Mage_Core_Controller_Front_Action 28 | { 29 | public function indexAction() 30 | { 31 | $this->loadLayout(); 32 | $this->renderLayout(); 33 | } 34 | } 35 | -------------------------------------------------------------------------------- /app/code/community/Hackathon/HoneySpam/controllers/IndexController.php: -------------------------------------------------------------------------------- 1 | 19 | * @author Fabian Blechschmidt 20 | * @author Sascha Wohlgemuth 21 | * @author Bastian Ike 22 | * @author Peter Ukener 23 | * @copyright 2012 Magento Hackathon 24 | * @license http://opensource.org/licenses/osl-3.0.php Open Software License (OSL 3.0) 25 | * @link http://www.magento-hackathon.de/ 26 | */ 27 | class Hackathon_HoneySpam_IndexController extends Mage_Core_Controller_Front_Action 28 | { 29 | public function indexAction() 30 | { 31 | $this->_redirect('honeyspam/error/'); 32 | } 33 | } 34 | -------------------------------------------------------------------------------- /app/code/community/Hackathon/HoneySpam/etc/adminhtml.xml: -------------------------------------------------------------------------------- 1 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | Hackathon HoneySpam Configuration 38 | 50 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | -------------------------------------------------------------------------------- /app/code/community/Hackathon/HoneySpam/etc/config.xml: -------------------------------------------------------------------------------- 1 | 27 | 28 | 29 | 30 | 1.3.0 31 | 32 | 33 | 34 | 35 | 36 | Hackathon_HoneySpam_Model 37 | 38 | 39 | 40 | 41 | Hackathon_HoneySpam_Block 42 | 43 | 44 | 45 | 46 | Hackathon_HoneySpam_Helper 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | hackathon_honeyspam/observer 56 | checkHoneypotCustomerAccountCreatepost 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | hackathon_honeyspam/observer 65 | checkHoneypot 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | hackathon_honeyspam/observer 74 | checkHoneypotCustomerAccountCreate 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | hackathon_honeyspam/observer 83 | checkHoneypot 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | hackathon_honeyspam/observer 92 | checkHoneypot 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | hackathon_honeyspam/observer 101 | checkHoneypot 102 | 103 | 104 | 105 | 106 | 107 | 108 | 109 | honeyspam.xml 110 | 111 | 112 | 113 | 114 | 115 | standard 116 | 117 | Hackathon_HoneySpam 118 | honeyspam 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 1 127 | 1 128 | 5 129 | url 130 | 2.5 131 | 0 132 | honeyspam.log 133 | 134 | 135 | 136 | 137 | -------------------------------------------------------------------------------- /app/code/community/Hackathon/HoneySpam/etc/system.xml: -------------------------------------------------------------------------------- 1 | 2 | 28 | 29 | 30 | 32 | 33 | 100 34 | 35 | 36 | 37 | 38 | 40 | 41 | hackathon 42 | text 43 | 100 44 | 1 45 | 1 46 | 1 47 | 48 | 50 | 51 | 10 52 | 1 53 | 1 54 | 1 55 | 1 56 | 57 | 58 | 59 | select 60 | adminhtml/system_config_source_yesno 61 | 10 62 | 1 63 | 1 64 | 1 65 | 66 | 67 | 68 | 69 | Warning! Please make sure that the new value is not already used in a form on the page (e.g. name, email).]]> 70 | text 71 | 20 72 | validate-xml-identifier 73 | 1 74 | 1 75 | 1 76 | 77 | 1 78 | 79 | 80 | 81 | 82 | 83 | select 84 | adminhtml/system_config_source_yesno 85 | 30 86 | 1 87 | 1 88 | 1 89 | 90 | 91 | 92 | 93 | Time in seconds. 94 | text 95 | validate-digits 96 | 40 97 | 1 98 | 1 99 | 1 100 | 101 | 1 102 | 103 | 104 | 105 | 106 | 107 | select 108 | 50 109 | 1 110 | 1 111 | 1 112 | adminhtml/system_config_source_yesno 113 | 114 | 115 | 116 | 117 | An index of 2.5 should be enough to block average spam logins. The lower the level, the more spam gets through. 118 | text 119 | validate-number 120 | 60 121 | 1 122 | 1 123 | 1 124 | 125 | 1 126 | 127 | 128 | 129 | 130 | 131 | select 132 | adminhtml/system_config_source_yesno 133 | 70 134 | 1 135 | 1 136 | 1 137 | 138 | 139 | 140 | 141 | Allowed file extensions: log, txt, html, csv. 142 | text 143 | required-entry 144 | 80 145 | 1 146 | 1 147 | 1 148 | 149 | 150 | 151 | 152 | 153 | 154 | 155 | -------------------------------------------------------------------------------- /app/design/frontend/base/default/layout/honeyspam.xml: -------------------------------------------------------------------------------- 1 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 38 | 39 | 43 | 44 | honeyspam.honeypot 45 | 46 | 47 | 48 | 49 | 50 | 54 | 55 | honeyspam.honeypot 56 | 57 | 58 | 59 | 60 | 61 | 65 | 66 | honeyspam.honeypot 67 | 68 | 69 | 70 | 71 | 72 | 73 | 76 | 77 | 78 | honeyspam.honeypot 79 | 80 | 81 | 82 | 83 | 84 | 87 | 88 | 89 | honeyspam.honeypot 90 | 91 | 92 | 93 | 94 | 95 | 98 | 99 | 100 | honeyspam.honeypot 101 | 102 | 103 | 104 | 105 | 106 | 109 | 110 | 114 | 115 | honeyspam.honeypot 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 126 | 127 | 128 | 129 | -------------------------------------------------------------------------------- /app/design/frontend/base/default/template/hackathon/honeyspam/error.phtml: -------------------------------------------------------------------------------- 1 | 18 | * @author Fabian Blechschmidt 19 | * @author Sascha Wohlgemuth 20 | * @author Bastian Ike 21 | * @author Peter Ukener 22 | * @copyright 2012 Magento Hackathon 23 | * @license http://opensource.org/licenses/osl-3.0.php Open Software License (OSL 3.0) 24 | * @link http://www.magento-hackathon.de/ 25 | */ 26 | ?> 27 | __('The form could not be sent because of SPAM detection!') ?> 28 | -------------------------------------------------------------------------------- /app/design/frontend/base/default/template/hackathon/honeyspam/honeypot.phtml: -------------------------------------------------------------------------------- 1 | 18 | * @author Fabian Blechschmidt 19 | * @author Sascha Wohlgemuth 20 | * @author Bastian Ike 21 | * @author Peter Ukener 22 | * @copyright 2012 Magento Hackathon 23 | * @license http://opensource.org/licenses/osl-3.0.php Open Software License (OSL 3.0) 24 | * @link http://www.magento-hackathon.de/ 25 | */ 26 | ?> 27 | 30 | 32 | -------------------------------------------------------------------------------- /app/etc/modules/Hackathon_HoneySpam.xml: -------------------------------------------------------------------------------- 1 | 27 | 28 | 29 | 30 | true 31 | community 32 | 33 | 34 | 35 | 36 | 37 | 38 | -------------------------------------------------------------------------------- /composer.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "magento-hackathon/honeyspam", 3 | "type": "magento-module", 4 | "description": "Spam protection module for various forms using honey pots.", 5 | "homepage": "https://github.com/magento-hackathon/HoneySpam", 6 | "license": "OSL-3.0", 7 | "require": { 8 | "php": ">=5.4", 9 | "magento-hackathon/magento-composer-installer": "*" 10 | } 11 | } 12 | 13 | -------------------------------------------------------------------------------- /js/hackathon/HoneySpam/honeyspam.js: -------------------------------------------------------------------------------- 1 | /** 2 | * Magento 3 | * 4 | * NOTICE OF LICENSE 5 | * 6 | * This source file is subject to the Open Software License (OSL 3.0) 7 | * that is bundled with this package in the file LICENSE.txt. 8 | * It is also available through the world-wide-web at this URL: 9 | * http://opensource.org/licenses/osl-3.0.php 10 | * If you did not receive a copy of the license and are unable to 11 | * obtain it through the world-wide-web, please send an email 12 | * to license@magentocommerce.com so we can send you a copy immediately. 13 | * 14 | * @category Hackathon 15 | * @package Hackathon_HoneySpam 16 | * @author Andreas Emer 17 | * @author Fabian Blechschmidt 18 | * @author Sascha Wohlgemuth 19 | * @author Bastian Ike 20 | * @author Peter Ukener 21 | * @copyright 2012 Magento Hackathon 22 | * @license http://opensource.org/licenses/osl-3.0.php Open Software License (OSL 3.0) 23 | * @link http://www.magento-hackathon.de/ 24 | */ 25 | 26 | document.addEventListener('DOMContentLoaded', function(event) { 27 | document.querySelectorAll('.mhhs-input').forEach(e => e.style.display = 'none'); 28 | }); 29 | -------------------------------------------------------------------------------- /modman: -------------------------------------------------------------------------------- 1 | app/code/community/Hackathon/HoneySpam app/code/community/Hackathon/HoneySpam 2 | app/design/frontend/base/default/template/hackathon/honeyspam app/design/frontend/base/default/template/hackathon/honeyspam 3 | app/design/frontend/base/default/layout/honeyspam.xml app/design/frontend/base/default/layout/honeyspam.xml 4 | app/etc/modules/Hackathon_HoneySpam.xml app/etc/modules/Hackathon_HoneySpam.xml 5 | js/hackathon/HoneySpam/honeyspam.js js/hackathon/HoneySpam/honeyspam.js --------------------------------------------------------------------------------