commit 8d270428526e4fa0f5396709b7e45022b38032de
parent eee8b30c64644cf18d5b3dcb3e4ff8d589820fb5
Author: Dan Callaghan <djc@djc.id.au>
Date: Wed, 17 Sep 2008 23:27:43 +1000
better CAPTCHA error responses
Diffstat:
2 files changed, 6 insertions(+), 3 deletions(-)
diff --git a/TODO b/TODO
@@ -21,7 +21,6 @@
- better means of generating URLs?
- have almost completely ditched colubrid, just need to replace StaticExports for testing then rm it
- use encoding from config for blog.py instead of hard-coding utf8
-- handle reCAPTCHA errors (including no captcha fields submitted!!!)
- invalid offsets (displays every entry at max and 500's on invalid such as alpha)
- config option to add next/prev links to page (as well as the link rels)
- markdown typography/smartypants
diff --git a/app.py b/app.py
@@ -167,13 +167,17 @@ class Constance(object):
if self.config.getboolean('blog', 'require_captcha'):
# first verify the captcha
+ if ('recaptcha_challenge_field' not in self.form or
+ 'recaptcha_response_field' not in self.form):
+ raise ForbiddenError('CAPTCHA form values missing. Are you a bot?')
captcha_response = captcha.submit(
self.form['recaptcha_challenge_field'],
self.form['recaptcha_response_field'],
self.config.get('blog', 'recaptcha_privkey'),
self.environ['REMOTE_ADDR'])
if not captcha_response.is_valid:
- raise ValueError(captcha_response.error_code) # XXX handle better
+ raise ForbiddenError('You failed the CAPTCHA. Please try submitting again. '
+ '(reCAPTCHA error code: %s)' % captcha_response.error_code)
try:
metadata = {}
@@ -190,7 +194,7 @@ class Constance(object):
raise HTTPFound('%s/%s/' % (self.environ.get('APP_URI', ''),
id.encode(self.encoding)))
except blog.CommentingForbiddenError:
- raise ForbiddenError()
+ raise ForbiddenError('Commenting is disabled for this entry.')
def tag(self, tag):
with_tag = [e for e in self.blog_entries if tag in e.tags]