1C: Bitrix, protection of arbitrary forms from spam
The Antispam module without CAPTCHA from CleanTalk for 1C: Bitrix makes it possible, in addition to protecting the described forms, to easily protect any form. The module methods were written specifically with a view to the possible expansion of the functional. Here I will give an example of how to do this.
Suppose you need to make a check for spam forms with the following fields:
email, nickname, title and message.
All that is needed is to place the call code of the CleantalkAntispam :: CheckAllBefore method with the necessary parameters in /bitrix/php_interface/init.php .
/bitrix/php_interface/init.php
')
Actually, the code is very simple: collecting parameters from a form, calling a check, analyzing the result. This is the way all methods of the module itself for checking forms are made. If you need to add protection for the next necessary form for customers, we simply add a method similar to the one given. This can be seen by looking at the module code itself.
The $ WEB_FORM_ID parameter is not checked, it can be added if necessary.
Note that when checking inside the CleantalkAntispam :: CheckAllBefore () function, a JavaScript test is used. The test code is installed automatically on the site pages when the module is turned on (including in the module settings), and calling CleantalkAntispam :: CheckAllBefore () is also needed when the module is turned on, otherwise the JavaScript test will fail.
Also note that the $ aResult ['stop_queue'] response flag is not parsed here. This flag speaks of obvious spam and is used, for example, in approving comments: if it is set, the comment is rejected; if cleared, it is sent to manual moderation. You can easily add such a check yourself. Detailed information about the CleanTalk API is here .
Suppose you need to make a check for spam forms with the following fields:
email, nickname, title and message.
All that is needed is to place the call code of the CleantalkAntispam :: CheckAllBefore method with the necessary parameters in /bitrix/php_interface/init.php .
/bitrix/php_interface/init.php
<?php /* You can place here your functions and event handlers AddEventHandler("module", "EventName", "FunctionName"); function FunctionName(params) { //code } */ AddEventHandler('form', 'onBeforeResultAdd', 'my_onBeforeResultAdd'); CModule::IncludeModule('cleantalk.antispam'); function my_onBeforeResultAdd($WEB_FORM_ID, $arFields, $arrVALUES) { $ct_status = COption::GetOptionString('cleantalk.antispam', 'status', '0'); if ($ct_status == 1) { global $APPLICATION; $aParams = array(); $aParams['type'] = 'comment'; $aParams['sender_email'] = isset($arrVALUES['email']) ? $arrVALUES['email'] : ''; $aParams['sender_nickname'] = isset($arrVALUES['nickname']) ? $arrVALUES['nickname'] : ''; $aParams['message_title'] = isset($arrVALUES['title']) ? $arrVALUES['title'] : ''; $aParams['message_body'] = isset($arrVALUES['message']) ? $arrVALUES['message'] : ''; $aResult = CleantalkAntispam::CheckAllBefore($aParams, FALSE); if (isset($aResult) && is_array($aResult)) { if ($aResult['errno'] == 0) { if ($aResult['allow'] == 1) { //Not spammer - just return; return; } else { if (preg_match('//u', $aResult['ct_result_comment'])) { $err_str=preg_replace('/^[^\*]*?\*\*\*|\*\*\*[^\*]*?$/iu','',$aResult['ct_result_comment']); $err_str=preg_replace('/<[^<>]*>/iu', '', $err_str); } else { $err_str=preg_replace('/^[^\*]*?\*\*\*|\*\*\*[^\*]*?$/i','',$aResult['ct_result_comment']); $err_str=preg_replace('/<[^<>]*>/i', '', $err_str); } $APPLICATION->ThrowException($err_str); return false; } } } } } ?> ')
Actually, the code is very simple: collecting parameters from a form, calling a check, analyzing the result. This is the way all methods of the module itself for checking forms are made. If you need to add protection for the next necessary form for customers, we simply add a method similar to the one given. This can be seen by looking at the module code itself.
The $ WEB_FORM_ID parameter is not checked, it can be added if necessary.
Note that when checking inside the CleantalkAntispam :: CheckAllBefore () function, a JavaScript test is used. The test code is installed automatically on the site pages when the module is turned on (including in the module settings), and calling CleantalkAntispam :: CheckAllBefore () is also needed when the module is turned on, otherwise the JavaScript test will fail.
Also note that the $ aResult ['stop_queue'] response flag is not parsed here. This flag speaks of obvious spam and is used, for example, in approving comments: if it is set, the comment is rejected; if cleared, it is sent to manual moderation. You can easily add such a check yourself. Detailed information about the CleanTalk API is here .
Source: https://habr.com/ru/post/302800/
All Articles