From f51452a2c41b64b12f5db3180c48c4958f8a2c65 Mon Sep 17 00:00:00 2001
From: "Adam T. Carpenter" <atc@53hor.net>
Date: Sun, 24 Apr 2022 17:28:59 -0400
Subject: feat: enable honeypot on form submissions and prevent automatic
 submissions by bots

---
 header.php | 13 +++++++++++--
 index.php  | 48 +++++++++++++++++++++++++++++++-----------------
 2 files changed, 42 insertions(+), 19 deletions(-)

diff --git a/header.php b/header.php
index 42925fa..5c40495 100644
--- a/header.php
+++ b/header.php
@@ -169,11 +169,20 @@
 			resize: none;
 		}
 
+		/* honeypot */
+		textarea#beehive {
+			display: none;
+		}
+
 		table {
 			width: 100%;
 			border-collapse: collapse;
 		}
 
+		table caption {
+			text-align: left;
+		}
+
 		table th {
 			text-align: right;
 			color: var(--darkteal);
@@ -280,7 +289,7 @@
 		<a href="/policies">Policies</a>
 		<a href="/#pricing">Pricing</a>
 		<a href="/#offerings">Offerings</a>
-		<a href="/#"><img src="/assets/logo-simple.png" /></a>
+		<a href="/#"><img alt="logo" src="/assets/logo-simple.png" /></a>
 	</nav>
 
-	<main>
+	<main>
\ No newline at end of file
diff --git a/index.php b/index.php
index e24473d..64f369e 100644
--- a/index.php
+++ b/index.php
@@ -1,9 +1,21 @@
-<?php include('header.php'); ?>
+<?php
+// honeypot handling for form bots
+session_start();
+
+if ($_SERVER['REQUEST_METHOD'] == 'GET') {
+	$_SESSION['beehive'] = true;
+} else if (empty($_SESSION['beehive']) || !$_SESSION['beehive'] || !empty($_POST['beehive'])) {
+	header('location: http://0.0.0.0/');
+	die;
+} else {
+	include('header.php');
+}
+?>
 <!--banner-->
 <section class="banner">
 	<h1>CARPENTER TUTORING</h1>
 	<h2>
-		<b>Discovering <em>your</em> path to success</b>
+		<strong>Discovering <em>your</em> path to success</strong>
 	</h2>
 
 	<div class="buttons">
@@ -46,7 +58,7 @@
 			<picture>
 				<source srcset="/assets/signature.webp" type="image/webp" />
 				<source srcset="/assets/signature.png" type="image/png" />
-				<img src="/assets/signature.png" />
+				<img alt="Amy's signature" src="/assets/signature.png" />
 			</picture>
 		</figure>
 
@@ -56,7 +68,7 @@
 		<picture>
 			<source srcset="/assets/amy.webp" type="image/webp" />
 			<source srcset="/assets/amy.png" type="image/png" />
-			<img src="/assets/amy.png" />
+			<img alt="Amy Carpenter" src="/assets/amy.png" />
 		</picture>
 		<figcaption>Amy Carpenter, M.Ed.</figcaption>
 	</figure>
@@ -143,15 +155,15 @@
 			Both evaluations are based on materials submitted through an online
 			portal. Letters are returned within a week of your notice that all documents
 			have been uploaded.</p>
-		<p> <b>$35 option</b>: Considers math and language arts materials,
+		<p> <strong>$35 option</strong>: Considers math and language arts materials,
 			satisfies proof of progress with a personalized letter and evaluator
 			credentials </p>
-		<p><b>$70+ option</b>: Considers math and language arts materials
+		<p><strong>$70+ option</strong>: Considers math and language arts materials
 			satisfies proof of progress with a
 			personalized letter and evaluator credentials, provides homeschool families
 			with a separate document detailing identified areas of strength, areas of
 			weakness, and recommendations for addressing weaknesses.
-			<b>Other subjects may be added on for $10 each</b>.
+			<strong>Other subjects may be added on for $10 each</strong>.
 		</p>
 		<a href="#offerings" class="button"><img src="/assets/icons/close-box.svg" alt="close" />Close</a>
 	</div>
@@ -305,9 +317,10 @@
 
 <!-- pricing -->
 <section class="quiet" id="pricing">
-	<h2>Pricing Guide</h2>
-
 	<table>
+		<caption>
+			<h2>Pricing Guide</h2>
+		</caption>
 		<tbody>
 			<tr>
 				<td></td>
@@ -316,7 +329,7 @@
 			</tr>
 
 			<tr>
-				<th>
+				<th scope="col">
 					<a href="#offering-subject-tutoring">Subject</a>, <a href="#offering-time-management">Time Management</a>, <a href="#offering-study-skills">Study Skills Tutoring</a>, <a href="#offering-music-lessons">Music Lessons</a>
 				</th>
 				<td>$50/hr</td>
@@ -324,7 +337,7 @@
 			</tr>
 
 			<tr>
-				<th>
+				<th scope="col">
 					<a href="#offering-academic-coaching">Academic Coaching</a>, <a href="#offering-dissertation-coaching">Dissertation Coaching</a>, <a href="#offering-test-prep">Test Prep</a>, <a href="#offering-college-prep">College
 						Application Assistance</a>
 				</th>
@@ -333,16 +346,16 @@
 			</tr>
 
 			<tr>
-				<th>Small Group Sessions, Group Lessons</th>
+				<th scope="col">Small Group Sessions, Group Lessons</th>
 				<td>$30/hr</td>
 				<td>$40/hr</td>
 			</tr>
 			<tr>
-				<th><a href="#offering-evals">Simplified Homeschool Evaluations</a></th>
+				<th scope="col"><a href="#offering-evals">Simplified Homeschool Evaluations</a></th>
 				<td colspan="2">$35</td>
 			</tr>
 			<tr>
-				<th><a href="#offering-evals">Detailed Homeschool Evaluations</a></th>
+				<th scope="col"><a href="#offering-evals">Detailed Homeschool Evaluations</a></th>
 				<td colspan="2">$70+</td>
 			</tr>
 		</tbody>
@@ -359,7 +372,6 @@
 <section id="contact">
 	<form class="card" action="/#contact" method="post">
 		<h2>Contact</h2>
-
 		<label for="name">Name</label>
 		<input name="name" type="text" id="name" placeholder="Jane Doe" required />
 
@@ -369,6 +381,8 @@
 		<label for="body">Question/Comment</label>
 		<textarea name="body" id="body" placeholder="Briefly describe your inquiry, including any services or areas of study you're interested in." required></textarea>
 
+		<textarea name="beehive" id="beehive" placeholder="Please leave this field blank."></textarea>
+
 		<button type="submit" class="button"><img src="/assets/icons/send-circle.svg" alt="send" />Send</button>
 
 		<?php
@@ -380,7 +394,7 @@
 		require('/usr/local/share/phpmailer/Exception.php');
 
 		// handle form submission
-		if (empty($_POST['content']) && isset($_POST['name'], $_POST['email'], $_POST['body'])) {
+		if (isset($_POST['name'], $_POST['email'], $_POST['body'])) {
 			$body = substr(strip_tags($_POST['body']), 0, 16384);
 			$name = substr(strip_tags($_POST['name']), 0, 255);
 
@@ -478,4 +492,4 @@
 	</div>
 
 </section>
-<?php include('footer.php'); ?>
+<?php include('footer.php'); ?>
\ No newline at end of file
-- 
cgit v1.2.3