[Lisppaste-cvs] CVS lisppaste2
bmastenbrook
bmastenbrook at common-lisp.net
Tue Jan 16 01:10:44 UTC 2007
Update of /project/lisppaste/cvsroot/lisppaste2
In directory clnet:/tmp/cvs-serv9580
Modified Files:
web-server.lisp
Log Message:
Captchas should only be entered once an hour
--- /project/lisppaste/cvsroot/lisppaste2/web-server.lisp 2007/01/16 00:56:31 1.88
+++ /project/lisppaste/cvsroot/lisppaste2/web-server.lisp 2007/01/16 01:10:44 1.89
@@ -1,4 +1,4 @@
-;;;; $Id: web-server.lisp,v 1.88 2007/01/16 00:56:31 bmastenbrook Exp $
+;;;; $Id: web-server.lisp,v 1.89 2007/01/16 01:10:44 bmastenbrook Exp $
;;;; $Source: /project/lisppaste/cvsroot/lisppaste2/web-server.lisp,v $
;;;; See the LICENSE file for licensing information.
@@ -86,12 +86,16 @@
(remhash host *referer-hash*)
(incf (gethash "Google" *referer-hash* 0) count)))))
+(defvar *show-captcha* t)
+
(defmethod handle-request-response :around ((handler lisppaste-basic-handler) method request)
(with-open-file (*trace-output* (times-file-for-class handler)
:direction :output
:if-exists :append :if-does-not-exist :create)
+ (expire-authorization-tokens)
(unwind-protect
- (call-next-method)
+ (let ((*show-captcha* (not (is-authorized request))))
+ (call-next-method))
(force-output *trace-output*))))
(defun make-css ()
@@ -677,15 +681,16 @@
(<tr>
(<th align="left" width="0%" nowrap="nowrap"> "Enter a title:")
(<td> <input type="text" name="title" value=?default-title />))
- (<tr>
- (<th align="left" width="0%" nowrap="nowrap"> "Captcha:")
- (<td>
- (multiple-value-bind (captcha captchaid)
- (make-captcha 8)
- (list
- captcha
- <input type="text" name="captcha" />
- <input type="hidden" name="captchaid" value=?captchaid />))))
+ (when *show-captcha*
+ (<tr>
+ (<th align="left" width="0%" nowrap="nowrap"> "Captcha:")
+ (<td>
+ (multiple-value-bind (captcha captchaid)
+ (make-captcha 8)
+ (list
+ captcha
+ <input type="text" name="captcha" />
+ <input type="hidden" name="captchaid" value=?captchaid />)))))
(unless annotate
(<tr>
(<th align="left" width="0%" nowrap="nowrap">
@@ -765,20 +770,26 @@
(annotate-paste (if annotate-number (find annotate-number *pastes* :key #'paste-number)))
(channel (body-param "channel" (request-body request)))
(captcha (body-param "captcha" (request-body request)))
- (captchaid (body-param "captchaid" (request-body request))))
- (if (> (length channel) 1)
- (request-send-headers request :expires 0
- :set-cookie (format nil "CHANNEL=~A; path=/"
- (or (and *no-channel-pastes*
- (string-equal channel "none")
- "None")
- (subseq channel 1))))
- (request-send-headers request :expires 0))
+ (captchaid (body-param "captchaid" (request-body request)))
+ (correct (and captcha captchaid (captcha-entered-correctly-p captcha 8 captchaid))))
+ (let ((cookies nil))
+ (when (> (length channel) 1)
+ (push (format nil "CHANNEL=~A; path=/"
+ (or (and *no-channel-pastes*
+ (string-equal channel "none")
+ "None")
+ (subseq channel 1))) cookies))
+ (when correct
+ (push (make-authorization-token) cookies))
+ (if cookies
+ (request-send-headers request :expires 0
+ :set-cookie cookies)
+ (request-send-headers request :expires 0)))
(expire-used-captchas)
(cond
- ((captcha-used captchaid)
+ ((and (> (length captchaid) 0) (captcha-used captchaid))
(new-paste-form request :message "This captcha has been used already. Did you use the back button?" :default-channel channel :annotate annotate-paste :default-user username :default-title title :default-contents text))
- ((not (captcha-entered-correctly-p captcha 8 captchaid))
+ ((and *show-captcha* (not correct))
(new-paste-form request :message "You entered the captcha incorrectly." :default-channel channel :annotate annotate-paste :default-user username :default-title title :default-contents text))
((> (length text) *paste-maximum-size*)
(new-paste-form request :message "Paste too large." :default-channel channel :annotate annotate-paste :default-user username :default-title title))
More information about the Lisppaste-cvs
mailing list