From f51452a2c41b64b12f5db3180c48c4958f8a2c65 Mon Sep 17 00:00:00 2001
From: "Adam T. Carpenter" <atc@53hor.net>
Date: Sun, 24 Apr 2022 17:28:59 -0400
Subject: feat: enable honeypot on form submissions and prevent automatic
submissions by bots
---
header.php | 13 +++++++++++--
index.php | 48 +++++++++++++++++++++++++++++++-----------------
2 files changed, 42 insertions(+), 19 deletions(-)
diff --git a/header.php b/header.php
index 42925fa..5c40495 100644
--- a/header.php
+++ b/header.php
@@ -169,11 +169,20 @@
resize: none;
}
+ /* honeypot */
+ textarea#beehive {
+ display: none;
+ }
+
table {
width: 100%;
border-collapse: collapse;
}
+ table caption {
+ text-align: left;
+ }
+
table th {
text-align: right;
color: var(--darkteal);
@@ -280,7 +289,7 @@
<a href="/policies">Policies</a>
<a href="/#pricing">Pricing</a>
<a href="/#offerings">Offerings</a>
- <a href="/#"><img src="/assets/logo-simple.png" /></a>
+ <a href="/#"><img alt="logo" src="/assets/logo-simple.png" /></a>
</nav>
- <main>
+ <main>
\ No newline at end of file
diff --git a/index.php b/index.php
index e24473d..64f369e 100644
--- a/index.php
+++ b/index.php
@@ -1,9 +1,21 @@
-<?php include('header.php'); ?>
+<?php
+// honeypot handling for form bots
+session_start();
+
+if ($_SERVER['REQUEST_METHOD'] == 'GET') {
+ $_SESSION['beehive'] = true;
+} else if (empty($_SESSION['beehive']) || !$_SESSION['beehive'] || !empty($_POST['beehive'])) {
+ header('location: http://0.0.0.0/');
+ die;
+} else {
+ include('header.php');
+}
+?>
<!--banner-->
<section class="banner">
<h1>CARPENTER TUTORING</h1>
<h2>
- <b>Discovering <em>your</em> path to success</b>
+ <strong>Discovering <em>your</em> path to success</strong>
</h2>
<div class="buttons">
@@ -46,7 +58,7 @@
<picture>
<source srcset="/assets/signature.webp" type="image/webp" />
<source srcset="/assets/signature.png" type="image/png" />
- <img src="/assets/signature.png" />
+ <img alt="Amy's signature" src="/assets/signature.png" />
</picture>
</figure>
@@ -56,7 +68,7 @@
<picture>
<source srcset="/assets/amy.webp" type="image/webp" />
<source srcset="/assets/amy.png" type="image/png" />
- <img src="/assets/amy.png" />
+ <img alt="Amy Carpenter" src="/assets/amy.png" />
</picture>
<figcaption>Amy Carpenter, M.Ed.</figcaption>
</figure>
@@ -143,15 +155,15 @@
Both evaluations are based on materials submitted through an online
portal. Letters are returned within a week of your notice that all documents
have been uploaded.</p>
- <p> <b>$35 option</b>: Considers math and language arts materials,
+ <p> <strong>$35 option</strong>: Considers math and language arts materials,
satisfies proof of progress with a personalized letter and evaluator
credentials </p>
- <p><b>$70+ option</b>: Considers math and language arts materials
+ <p><strong>$70+ option</strong>: Considers math and language arts materials
satisfies proof of progress with a
personalized letter and evaluator credentials, provides homeschool families
with a separate document detailing identified areas of strength, areas of
weakness, and recommendations for addressing weaknesses.
- <b>Other subjects may be added on for $10 each</b>.
+ <strong>Other subjects may be added on for $10 each</strong>.
</p>
<a href="#offerings" class="button"><img src="/assets/icons/close-box.svg" alt="close" />Close</a>
</div>
@@ -305,9 +317,10 @@
<!-- pricing -->
<section class="quiet" id="pricing">
- <h2>Pricing Guide</h2>
-
<table>
+ <caption>
+ <h2>Pricing Guide</h2>
+ </caption>
<tbody>
<tr>
<td></td>
@@ -316,7 +329,7 @@
</tr>
<tr>
- <th>
+ <th scope="col">
<a href="#offering-subject-tutoring">Subject</a>, <a href="#offering-time-management">Time Management</a>, <a href="#offering-study-skills">Study Skills Tutoring</a>, <a href="#offering-music-lessons">Music Lessons</a>
</th>
<td>$50/hr</td>
@@ -324,7 +337,7 @@
</tr>
<tr>
- <th>
+ <th scope="col">
<a href="#offering-academic-coaching">Academic Coaching</a>, <a href="#offering-dissertation-coaching">Dissertation Coaching</a>, <a href="#offering-test-prep">Test Prep</a>, <a href="#offering-college-prep">College
Application Assistance</a>
</th>
@@ -333,16 +346,16 @@
</tr>
<tr>
- <th>Small Group Sessions, Group Lessons</th>
+ <th scope="col">Small Group Sessions, Group Lessons</th>
<td>$30/hr</td>
<td>$40/hr</td>
</tr>
<tr>
- <th><a href="#offering-evals">Simplified Homeschool Evaluations</a></th>
+ <th scope="col"><a href="#offering-evals">Simplified Homeschool Evaluations</a></th>
<td colspan="2">$35</td>
</tr>
<tr>
- <th><a href="#offering-evals">Detailed Homeschool Evaluations</a></th>
+ <th scope="col"><a href="#offering-evals">Detailed Homeschool Evaluations</a></th>
<td colspan="2">$70+</td>
</tr>
</tbody>
@@ -359,7 +372,6 @@
<section id="contact">
<form class="card" action="/#contact" method="post">
<h2>Contact</h2>
-
<label for="name">Name</label>
<input name="name" type="text" id="name" placeholder="Jane Doe" required />
@@ -369,6 +381,8 @@
<label for="body">Question/Comment</label>
<textarea name="body" id="body" placeholder="Briefly describe your inquiry, including any services or areas of study you're interested in." required></textarea>
+ <textarea name="beehive" id="beehive" placeholder="Please leave this field blank."></textarea>
+
<button type="submit" class="button"><img src="/assets/icons/send-circle.svg" alt="send" />Send</button>
<?php
@@ -380,7 +394,7 @@
require('/usr/local/share/phpmailer/Exception.php');
// handle form submission
- if (empty($_POST['content']) && isset($_POST['name'], $_POST['email'], $_POST['body'])) {
+ if (isset($_POST['name'], $_POST['email'], $_POST['body'])) {
$body = substr(strip_tags($_POST['body']), 0, 16384);
$name = substr(strip_tags($_POST['name']), 0, 255);
@@ -478,4 +492,4 @@
</div>
</section>
-<?php include('footer.php'); ?>
+<?php include('footer.php'); ?>
\ No newline at end of file
--
cgit v1.2.3