Contact form validation and debugging

Permalink
I'm running C5 v8.3.2 and trying to add extra anti-spam validation to a contact form. I'm experienced in 'traditional' PHP but less so in the way that C5 hangs together.

What I'm wanting to achieve is to reject any forms which contain http:// or https:// in any fields and to that end I've copied controller.php from /concrete/blocks/form to /application/blocks/form and changed the namesapce command to be namespace Application\Block\Form;

I'm adding code to the function action_submit_form and I THINK I have an effect when I make changes to it but I'm not getting anywhere near where I need to be.

Additionally, my attempts to write to the log file cause no messages to appear. If I could do that I'd surely be able to sort out the rest of it!
To write to the log file I've tried things like \Log::addInfo('This is an informative message'); as well as telling the class to 'use Log;'. I feel there must be a lot more to getting debug messages to the log file from a controller.

So firstly, I'm I even working in the right place?
Secondly, how do I get messages into the log from this controller?
Thirdly, what else am I doing wrong?

A little guidance would be much appreciated!

 
mnakalay replied on at Permalink Best Answer Reply
mnakalay
Hello,

For the log you can use
\Log::addEntry("your message");


As for the anti-spam filter, first the form validates the fields (required, max length...) and then, as a second step, runs any anti-spam plugin installed on the text content.

What the form sends to the anti-spam plugins is the full text value of each field concatenated into one long string. So in your case that's actually good because you can test that directly for "https" and "http".

The way you are going, you can look for where the spam stuff is ran and add your check right there.

The better way would be to not override the form controller at all and build an anti-spam plugin instead.

If you want to go that road, here's a tutorial to do it:https://documentation.concrete5.org/developers/security/anti-spam-an...

Look at the bottom of the page where it says "Building Your Own Anti-Spam Provider"
You'll see it's not really complicated.

Hope that helps.
trentham replied on at Permalink Reply
Thanks for the pointers. I'll do some experimenting.
I had tried Log::addEntry with no success but that was when I had 'use Log;'. Maybe the /Log... will work better.

I agree that building an anti-spam plugin would seem a better option. I'm using a lot of code with the controller just to make a small change!

I'll see how I get on and will doubtless be back for more pointers! :-)
trentham replied on at Permalink Reply
I've made some useful progress with this though I found the controller I needed to over-ride was express_form, not form.

It's working, although, I feel, not terribly neat. I may look at doing it in a better way by working on an anti-spam plugin but for the moment it will keep my users happy.

Thanks for the initial pointers.
Gondwana replied on at Permalink Reply
Gondwana
You may well be able to adapt or plagiarise this:
https://www.concrete5.org/marketplace/addons/contact-form-no-links1...
trentham replied on at Permalink Reply
Thanks for the link. If nothing else it'll be worth studying the code.
Gondwana replied on at Permalink Reply
Gondwana
It won't be worth studying the code. I wrote it. ;)
trentham replied on at Permalink Reply
:-) though ALL code is worthy of examination!