diff options
| author |   Michał Górny <mgorny@gentoo.org> | 2021-08-19 19:21:48 +0200 |
|---|---|---|
| committer | Michał Górny <mgorny@gentoo.org> | 2021-08-21 09:26:57 +0200 |
| commit | fcc197db4063b60433d29af0b2173be09271bbb6 (patch) | |
| tree | e909e7b4b25b8c607968b53a89355249dc97b72b | |
| parent | Bug 1645768 - Please add 'See Also' support for GitLab (diff) | |
| download | bugzilla-fcc197db4063b60433d29af0b2173be09271bbb6.tar.gz bugzilla-fcc197db4063b60433d29af0b2173be09271bbb6.tar.bz2 bugzilla-fcc197db4063b60433d29af0b2173be09271bbb6.zip | |
Add an extension to block spam from new accountsgentoo-5.0.6.14
Signed-off-by: Michał Górny <mgorny@gentoo.org>
4 files changed, 98 insertions, 0 deletions
diff --git a/extensions/NewAcctAntiSpam/Config.pm b/extensions/NewAcctAntiSpam/Config.pm new file mode 100644 index 000000000..730dadfd8 --- /dev/null +++ b/extensions/NewAcctAntiSpam/Config.pm @@ -0,0 +1,11 @@ +package Bugzilla::Extension::NewAcctAntiSpam; + +use strict; +use warnings; + +use constant NAME => 'NewAcctAntiSpam'; +use constant REQUIRED_MODULES => []; +use constant OPTIONAL_MODULES => []; + +__PACKAGE__->NAME; + diff --git a/extensions/NewAcctAntiSpam/Extension.pm b/extensions/NewAcctAntiSpam/Extension.pm new file mode 100644 index 000000000..b779269e1 --- /dev/null +++ b/extensions/NewAcctAntiSpam/Extension.pm @@ -0,0 +1,78 @@ +package Bugzilla::Extension::NewAcctAntiSpam; + +use strict; +use warnings; + +use base qw(Bugzilla::Extension); + +use DateTime; + +use Bugzilla::Error; +use Bugzilla::Util qw(remote_ip datetime_from); + +BEGIN { + *Bugzilla::User::acct_created_ts = \&_user_acct_created_ts; + *Bugzilla::User::set_acct_created_ts = \&_user_set_acct_created_ts; +} + +sub _user_acct_created_ts { $_[0]->{acct_created_ts} } + +sub _user_set_acct_created_ts { + my ($self, $value) = @_; + $self->set('acct_created_ts', $_[1]); + + Bugzilla->dbh->do("UPDATE profiles SET acct_created_ts = ? WHERE userid = ?", + undef, $value, $self->id); + Bugzilla->memcached->clear({table => 'profiles', id => $self->id}); +} + +sub object_end_of_create { + my ($self, $args) = @_; + my $object = $args->{object} or return; + return if exists $args->{changes} && !scalar(keys %{$args->{changes}}); + + if ($object->isa('Bugzilla::User')) { + my $now = DateTime->now->datetime(' '); + $object->set_acct_created_ts($now); + } +} + +sub object_end_of_create_validators { + my ($self, $args) = @_; + if ($args->{class} eq 'Bugzilla::Comment') { + if ($args->{params}->{thetext} =~ /https?:\/\//i) { + my $user = Bugzilla->user; + my $created = $user->acct_created_ts; + if ($created) { + my $dayafter = (datetime_from($created) + + DateTime::Duration->new(days => 1)); + if (DateTime->now < $dayafter) { + ThrowUserError('antispam_comment_blocked'); + } + } + } + } +} + +sub object_columns { + my ($self, $args) = @_; + my ($class, $columns) = @$args{qw(class columns)}; + if ($class->isa('Bugzilla::User')) { + push(@$columns, qw(acct_created_ts)); + } +} + +sub object_update_columns { + my ($self, $args) = @_; + my ($object, $columns) = @$args{qw(object columns)}; + if ($object->isa('Bugzilla::User')) { + push(@$columns, qw(acct_created_ts)); + } +} + +sub install_update_db { + my $dbh = Bugzilla->dbh; + $dbh->bz_add_column('profiles', 'acct_created_ts', {TYPE => 'DATETIME'}); +} + +__PACKAGE__->NAME; diff --git a/extensions/NewAcctAntiSpam/template/en/default/hook/global/user-error-errors.html.tmpl b/extensions/NewAcctAntiSpam/template/en/default/hook/global/user-error-errors.html.tmpl new file mode 100644 index 000000000..cddf69008 --- /dev/null +++ b/extensions/NewAcctAntiSpam/template/en/default/hook/global/user-error-errors.html.tmpl @@ -0,0 +1,5 @@ +[% IF error == "antispam_comment_blocked" %] + [% title = "Comment Blocked" %] + New accounts are forbidden from posting URLs in bug comments. Please wait + at least 24 hours before posting URLs. We are sorry for the inconvenience. +[% END %] diff --git a/template/en/default/account/create.html.tmpl b/template/en/default/account/create.html.tmpl index fe266e7e0..d9a138369 100644 --- a/template/en/default/account/create.html.tmpl +++ b/template/en/default/account/create.html.tmpl @@ -65,6 +65,10 @@ <b>Please do not use temporary/throwaway email addresses to register, they cause too many mail bounces later when developers follow up bugs.</b> </p> +<p class="warning"> +To prevent spam, new accounts are forbidden from posting URLs in comments +for the first 24 hours. We are sorry for the inconvenience. +</p> [% END %] <form id="account_creation_form" method="get" action="createaccount.cgi"> |