Aaron Griffin wrote:
On Tue, Sep 29, 2009 at 10:18 AM, Chris Brannon <cmbrannon79@gmail.com> wrote:
It seems that someone is sending spam via out-of-date notifications for packages in the official repos. How do I clear the out-of-date flag on my packages these days? I can't seem to be able to do that with the new interface.
Yeah, this happens, and we haven't really found a good solution to this spam problem. I guess we could ban the IP address...
If anyone has an idea to solve the spam issue that's not super intrusive, the code (archweb_pub) is publicly available :)
This is a technique I've read somewhere, though I've never tried it on a live site. Super unobtrusive and quite elegant. Should catch most bots too. From 9f55ad4586905bb8f3565b8a363496c57242e2a1 Mon Sep 17 00:00:00 2001 From: Evangelos Foutras <foutrelis@gmail.com> Date: Wed, 30 Sep 2009 12:41:31 +0300 Subject: [PATCH] Add hidden field to prevent bots from flagging pkg Technique detailed at http://www.wwohn.com/captcha-alternatives/ (The first bullet under "Non interactive alternatives"). --- packages/views.py | 6 +++++- 1 files changed, 5 insertions(+), 1 deletions(-) diff --git a/packages/views.py b/packages/views.py index e5e2c8b..99bdbd6 100644 --- a/packages/views.py +++ b/packages/views.py @@ -136,6 +136,10 @@ class FlagForm(forms.Form): email = forms.EmailField(label='* E-mail Address') usermessage = forms.CharField(label='Message To Dev', widget=forms.Textarea, required=False) + # The field below is used to filter out bots that blindly fill out all input elements + website = forms.CharField(label='', + widget=forms.TextInput(attrs={'style': 'display:none;'}), + required=False) def flag(request, pkgid): pkg = get_object_or_404(Package, id=pkgid) @@ -146,7 +150,7 @@ def flag(request, pkgid): if request.POST: form = FlagForm(request.POST) - if form.is_valid(): + if form.is_valid() and form.cleaned_data['website'] == '': # flag all architectures pkgs = Package.objects.filter( pkgname=pkg.pkgname, repo=pkg.repo) -- 1.6.4.4