Quote from: dubbs at Feb 19, 2016, 03:15 PM

[...]

Hi Erwin,

Where in the ThreadReply.php file do you add the new line:

if (!empty($fields['nospam'])) return;

Cheers,

Hi Dubbs,

I am not able to check right now, but in the metioned file ("core/component/quip/controllers/web/ThreadReply.php") there sould be a bunch of "if" checks for checking form values etc. If you paste it somewhere you should be fine.

Let me know if it doesn't work.

[...]

Hi Erwin,

Where in the ThreadReply.php file do you add the new line:

if (!empty($fields['nospam'])) return;

Cheers,

Hi

Recently I put a website online with a quip guestbook and articles with quip integration. Past few days I got some spam on the guestbook (5 messages in a few days). So I checked why those were getting through the anti-spam, thinking a hidden field with the name 'nospam' might be to obvious. But I thought of checking if it actually worked, so I used Firebug to set a value for nospam and posted a message. I was baffled when the comment was actually posted.

So I checked the documentation, to see if maybe I set it up wrong, but there isn't really anything to setup about the anti spam method with an empty field. So I dug into the code and found the handlePost function in core/component/quip/controllers/web/ThreadReply.php. There is actually no mention of 'nospam' in that file, nor do I believe it is anywhere else.

So I added the following line after the for each:

if (!empty($fields['nospam'])) return;

I know this will be deleted as soon as there will be an update, but is this a proper fix so long as it isn't fixed in quip itself?

Erwin

if (!empty($fields['nospam'])) return;