diff --git a/honeypot.admin.inc b/honeypot.admin.inc index f75c715..cee85f9 100644 --- a/honeypot.admin.inc +++ b/honeypot.admin.inc @@ -101,7 +101,7 @@ function honeypot_admin_form($form) { $form['enabled_forms']['profile_forms'] = array('#value' => '
' . t('Profile Forms') . '
'); $form['enabled_forms']['honeypot_form_user_profile_form'] = array( '#type' => 'checkbox', - '#title' => t('Profile (all)'), + '#title' => t('Profile forms (all)'), '#default_value' => variable_get('honeypot_form_user_profile_form', 0), ); } diff --git a/honeypot.install b/honeypot.install index d8e3b91..5521273 100644 --- a/honeypot.install +++ b/honeypot.install @@ -10,7 +10,8 @@ * Implements hook_install(). */ function honeypot_install() { - drupal_install_schema('honeypot_user'); + // Create tables. + drupal_install_schema('honeypot'); drupal_set_message(t("Honeypot installed successfully. Please !link to protect your forms from spam bots.", array( '!link' => l(t('configure Honeypot'), 'admin/settings/honeypot') ))); @@ -28,28 +29,15 @@ function honeypot_uninstall() { } } // Remove tables. - drupal_uninstall_schema('honeypot_user'); + drupal_uninstall_schema('honeypot'); } /** - * Update Honeypot user registration form variable. + * Implementation of hook_schema(). */ -function honeypot_update_6100() { - // Get the existing value of the user registration form protection. - $user_registration_form_value = variable_get('honeypot_form_user_register_form', 0); - // Delete the old variable. - variable_del('honeypot_form_user_register_form'); - // Create a new variable with the value from the old variable. - variable_set('honeypot_form_user_register', $user_registration_form_value); - // Must at least return an empty array to prevent errors. - return array(); -} - -function honeypot_update_6200() { - $ret = array(); - - $table = array( - 'description' => 'Table that stores failed attempts to commit a form.', +function honeypot_schema() { + $schema['honeypot_user'] = array( + 'description' => 'Table that stores failed attempts to submit a form.', 'fields' => array( 'uid' => array( 'description' => 'Foreign key to {users}.uid; uniquely identifies a Drupal user to whom this ACL data applies.', @@ -69,16 +57,28 @@ function honeypot_update_6200() { 'timestamp' => array('timestamp'), ), ); - - db_create_table($ret, 'honeypot_user', $table); + return $schema; } /** - * Implementation of hook_schema(). + * Update Honeypot user registration form variable. */ -function honeypot_schema() { - $schema['honeypot_user'] = array( - 'description' => 'Table that stores failed attempts to commit a form.', +function honeypot_update_6100() { + // Get the existing value of the user registration form protection. + $user_registration_form_value = variable_get('honeypot_form_user_register_form', 0); + // Delete the old variable. + variable_del('honeypot_form_user_register_form'); + // Create a new variable with the value from the old variable. + variable_set('honeypot_form_user_register', $user_registration_form_value); + // Must at least return an empty array to prevent errors. + return array(); +} + +function honeypot_update_6200() { + $ret = array(); + + $table = array( + 'description' => 'Table that stores failed attempts to submit a form.', 'fields' => array( 'uid' => array( 'description' => 'Foreign key to {users}.uid; uniquely identifies a Drupal user to whom this ACL data applies.', @@ -98,6 +98,7 @@ function honeypot_schema() { 'timestamp' => array('timestamp'), ), ); - return $schema; -} + db_create_table($ret, 'honeypot_user', $table); + return $ret; +} diff --git a/honeypot.module b/honeypot.module index 5337575..14ca2c0 100644 --- a/honeypot.module +++ b/honeypot.module @@ -78,6 +78,7 @@ function honeypot_form_alter(&$form, &$form_state, $form_id) { * Implementation of hook_cron(). */ function honeypot_cron() { + // Delete {honeypot_user} entries older than the value of honeypot_expire. db_query('DELETE FROM {honeypot_user} WHERE timestamp < %d', time() - variable_get('honeypot_expire', 300)); } @@ -192,11 +193,11 @@ function _honeypot_time_restriction_validate($form, &$form_state) { // Get the time value. $honeypot_time = $form_state['values']['honeypot_time']; - // Get the honeypot_time_limit variable. + // Get the honeypot_time_limit. $time_limit = honeypot_get_time_limit(); - // Make sure the current time - (honeypot_time_limit + form time value) is - // greater than 0. If not, throw an error. + // Make sure current time - (time_limit + form time value) is greater than 0. + // If not, throw an error. if (time() < ($honeypot_time + $time_limit)) { _honeypot_log($form_state['values']['form_id'], 'honeypot_time'); $time_limit = honeypot_get_time_limit(); @@ -229,30 +230,38 @@ function _honeypot_log($form_id, $type) { /** - * Look up the time limit for the current user - * + * Look up the time limit for the current user. */ function honeypot_get_time_limit() { global $user; - if ($user->uid) { - $number = db_result(db_query("SELECT COUNT(*) FROM {honeypot_user} WHERE uid = %d", $user->uid)); - } - else { - $number = db_result(db_query("SELECT COUNT(*) FROM {flood} WHERE event = '%s' AND hostname = '%s' AND timestamp > %d", 'honeypot', ip_address(), time() - variable_get('honeypot_expire', 300))); + $honeypot_time_limit = variable_get('honeypot_time_limit', 5); + + // Only calculate time limit if honeypot_time_limit has a value > 0. + if ($honeypot_time_limit) { + // Get value from {honeypot_user} table for authenticated users. + if ($user->uid) { + $number = db_result(db_query("SELECT COUNT(*) FROM {honeypot_user} WHERE uid = %d", $user->uid)); + } + // Get value from {flood} table for anonymous users. + else { + $number = db_result(db_query("SELECT COUNT(*) FROM {flood} WHERE event = '%s' AND hostname = '%s' AND timestamp > %d", 'honeypot', ip_address(), time() - variable_get('honeypot_expire', 300))); + } + $honeypot_time_limit = $honeypot_time_limit + (int) exp($number); } - return variable_get('honeypot_time_limit', 5) + (int) exp($number); + return $honeypot_time_limit; } /** - * Log the failed submision with timestamp + * Log the failed submision with timestamp. */ function honeypot_log_failure() { global $user; + // Log failed submissions for authenticated users. if ($user->uid) { db_query('INSERT INTO {honeypot_user} (uid, timestamp) VALUES (%d, %d)', $user->uid, time()); } + // Register flood event for anonymous users. else { flood_register_event('honeypot'); } } -