commit 4b130ff6b7d0900c66efba4a0d27ca067d683e36
parent e69813d6d6227ee7ccefc42ae208e979304cf678
Author: Dan Callaghan <djc@djc.id.au>
Date: Tue, 16 Sep 2008 20:48:40 +1000
first go at protecting comments with reCAPTCHA
Diffstat:
3 files changed, 30 insertions(+), 2 deletions(-)
diff --git a/app.py b/app.py
@@ -8,6 +8,7 @@ from genshi.template import TemplateLoader
from colubrid import RegexApplication, HttpResponse
from colubrid.exceptions import PageNotFound, AccessDenied, HttpFound
from colubrid.server import StaticExports
+from recaptcha.client import captcha
import config
import blog
@@ -80,9 +81,20 @@ class Constance(RegexApplication):
def add_post_comment(self, id):
id = id.decode(self.charset) # shouldn't Colubrid do this?
+ entry = self.blog_entries[id]
+ form_data = self.request.form.as_dict()
+
+ if self.config.getboolean('blog', 'require_captcha'):
+ # first verify the captcha
+ captcha_response = captcha.submit(
+ form_data['recaptcha_challenge_field'],
+ form_data['recaptcha_response_field'],
+ self.config.get('blog', 'recaptcha_privkey'),
+ self.request.environ['REMOTE_ADDR'])
+ if not captcha_response.is_valid:
+ raise ValueError(captcha_response.error_code) # XXX handle better
+
try:
- entry = self.blog_entries[id]
- form_data = self.request.form.as_dict()
metadata = {}
metadata['From'] = form_data['from'] or 'Anonymous'
if form_data['author-url']:
diff --git a/config.defaults b/config.defaults
@@ -21,6 +21,15 @@ entries_in_feed = 20
# The directory containing blog entries.
dir = ./entries
+# Require reCAPTCHA verification for comment submission?
+require_captcha = False
+
+# If require_captcha is True, you must supply a valid public/private reCAPTCHA
+# key pair here. Otherwise they can be left blank.
+# See https://admin.recaptcha.net/recaptcha/createsite/
+recaptcha_pubkey =
+recaptcha_privkey =
+
[readinglog]
# The name of the file containing a YAML stream of readinglog entries.
diff --git a/templates/_entry.xml b/templates/_entry.xml
@@ -6,6 +6,7 @@
<?python
import blog
from viewutils import mini_markdown, tag_list
+from recaptcha.client import captcha
?>
<div class="entry" py:if="isinstance(entry, blog.BlogEntry)">
@@ -66,6 +67,12 @@ from viewutils import mini_markdown, tag_list
<label for="commentform-comment">Comment (use <a href="http://daringfireball.net/projects/markdown/syntax">Markdown</a>, no HTML)</label>
<textarea id="commentform-comment" name="comment" rows="7" cols="30"></textarea>
</p>
+ <py:if test="config.getboolean('blog', 'require_captcha')">
+ <script type="text/javascript">
+ RecaptchaOptions = {theme: 'white'};
+ </script>
+ ${Markup(captcha.displayhtml(config.get('blog', 'recaptcha_pubkey')))}
+ </py:if>
<p><button type="submit">Submit</button></p>
</form></div>
</div>