Safeguarding the past, present and future of RISC OS for everyone
Account
News | Downloads | Bugs | Bounties | Forums | Library
You are currently browsing the Subversion repository.
Changesets can be listed by changeset number.
The Git repository is here.
  • Changesets
  • » Changeset 482

Changeset 482

Improved robot/spammer rejection code for signups

  • Comitted by: rool
  • Date: Sunday November 19 23:14:50 2023 (11 months ago)

Affected files:

  • Updated rool/rails/hub/trunk/app/controllers/account_controller.rb (diff)

rool/rails/hub/trunk/app/controllers/account_controller.rb:

prev.current 
layout 'default.html.erb'
  17 PROHIBITED_EMAIL_DOMAINS = %w{
  18 .cn
  19 .kr
  20 .ru
  21 }
  22
  23 GOOGLE_EMAIL_DOMAINS = %w{
  24 gmail.com
  25 googlemail.com
  26 google.com
  27 }
  28
  29 PROHIBITED_GOOGLE_PREFIXES = %w{
  30 johnnyjohnson3445
  31 }
  32
# Cache the logged in and out PNG images in RAM; they're only small.
@@logged_in_image = File.read("#{RAILS_ROOT}/public/images/icons/logged_in.png")
... ...
# Bulk assignment from the params hash is safe because the User object
# contains nothing that won't be overwritten anyway or isn't already
# protected by attr_accessible in the User model.
  137 #
  138 @user = User.new(params[:user])
  139 error = nil
122   @user = User.new(params[:user])
123   @user.email = @user.email.strip() if @user.email.present?
  141 if @user.email.blank?
  142 error = 'An e-mail address must be provided.'
  143 else
  144 @user.email = @user.email.strip()
  145 lower_email = @user.email.downcase()
  146 is_prohibited = PROHIBITED_EMAIL_DOMAINS.any? { | domain | lower_email.end_with?(domain) }
  147 is_google_domain = GOOGLE_EMAIL_DOMAINS.any? { | domain | lower_email.end_with?(domain) } unless is_prohibited
125   if ( @user.email.downcase.ends_with?( '.kr' ) || @user.email.downcase.ends_with?( '.cn' ) )
126   hubssolib_set_flash(:attention, 'Due to overwhelming spam volumes from some locations, self-signups for those locations are blocked. Please contact ROOL for assistence.')
  149 if is_google_domain
  150 canonical_lower_email = lower_email.gsub('.', '')
  151 lower_email_prefix = canonical_lower_email.gsub(/[+@].*$/, '')
  152 is_prohibited = PROHIBITED_GOOGLE_PREFIXES.any? { | prefix | prefix == lower_email_prefix }
  153 end
  154
  155 if is_prohibited
  156 error = 'Due to overwhelming spam volumes from some locations, self-signups for those locations are blocked. Please contact ROOL for assistance.'
  157 end
  158 end
  159
  160 if error.present?
  161 hubssolib_set_flash(:attention, error)
redirect_to :controller => 'tasks', :action => nil
128   return
  163 return # NOTE EARLY EXIT
end
# Are there any users yet? If not, grant this user admin permissions.

Search tickets

Social

Follow us on and

ROOL Store

Buy RISC OS Open merchandise here, including SD cards for Raspberry Pi and more.

Donate! Why?

Help ROOL make things happen – please consider donating!

RISC OS IPR

RISC OS is an Open Source operating system owned by RISC OS Developments Ltd and licensed primarily under the Apache 2.0 license.

Options

  • Tickets
  • New ticket
  • Milestones
  • Subversion: Changesets
  • Subversion: Browse
  • CVS: Revisions
  • CVS: Browse
  • Search

RSS feeds Rss

  • Changesets
  • Everything!
  • More feeds...
Contact Us  |  About Us

The RISC OS Open Collaboa theme is distantly based on the Collaboa default layout
Site design © RISC OS Open Limited 2024 except where indicated

Hosted by Arachsys

Powered by Collaboa
This site runs on Rails