Initial commit

Author: easeq

Block/Adminhtml/Form/Field/CustomForms.php

@@ -0,0 +1,28 @@
+<?php
+/**
+ * @category  HS
+ *
+ * @copyright Copyright (c) 2015 Hungersoft (http://www.hungersoft.com)
+ * @license   http://www.hungersoft.com/license.txt Hungersoft General License
+ */
+
+namespace HS\Honeypot\Block\Adminhtml\Form\Field;
+
+use Magento\Config\Block\System\Config\Form\Field\FieldArray\AbstractFieldArray;
+
+/**
+ * Class AdditionalEmail.
+ */
+class CustomForms extends AbstractFieldArray
+{
+    /**
+     * {@inheritdoc}
+     */
+    protected function _prepareToRender()
+    {
+        $this->addColumn('selector', ['label' => __('Selector'), 'class' => 'required-entry']);
+        $this->addColumn('action', ['label' => __('Form Action'), 'class' => 'required-entry']);
+        $this->_addAfter = false;
+        $this->_addButtonLabel = __('Add Form');
+    }
+}

Helper/Data.php

@@ -0,0 +1,159 @@
+<?php
+/**
+ * Copyright 2019 Hungersoft (http://www.hungersoft.com).
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+namespace HS\Honeypot\Helper;
+
+use Magento\Store\Model\ScopeInterface;
+use Magento\Framework\App\Helper\AbstractHelper;
+use HS\Honeypot\Model\System\Config\Source\Forms;
+
+class Data extends AbstractHelper
+{
+    const CONFIG_ENABLED = 'hs_honeypot/general/enabled';
+    const CONFIG_FORMS = 'hs_honeypot/general/forms';
+    const CONFIG_CUSTOM_FORMS = 'hs_honeypot/general/custom_forms';
+
+    private $formActionSelectors = [
+        Forms::TYPE_LOGIN => 'body.customer-account-login #login-form.form.form-login',
+        Forms::TYPE_CREATE => 'body.customer-account-create #form-validate.form-create-account',
+        Forms::TYPE_FORGOT => '#form-validate.form.password.forget',
+        Forms::TYPE_CONTACT => '#contact-form',
+        Forms::TYPE_CHANGE_PASSWORD => '#form-validate.form.form-edit-account',
+        Forms::TYPE_PRODUCT_REVIEW => '#review-form',
+    ];
+
+    /**
+     * Currently selected store ID if applicable.
+     *
+     * @var int
+     */
+    protected $_storeId = null;
+
+    /**
+     * Get config value by path.
+     *
+     * @param string $path
+     *
+     * @return mixed
+     */
+    public function getConfigValue($path)
+    {
+        return $this->scopeConfig->getValue($path, ScopeInterface::SCOPE_STORE);
+    }
+
+    /**
+     * Get config flag by path.
+     *
+     * @param string $path
+     *
+     * @return bool
+     */
+    public function getConfigFlag($path)
+    {
+        return $this->scopeConfig->isSetFlag($path, ScopeInterface::SCOPE_STORE, $this->_storeId);
+    }
+
+    /**
+     * Return true if active and false otherwise.
+     *
+     * @return bool
+     */
+    public function isEnabled()
+    {
+        return $this->getConfigFlag(self::CONFIG_ENABLED);
+    }
+
+    /**
+     * Get selected forms.
+     *
+     * @return array
+     */
+    public function getForms($store = null)
+    {
+        $forms = $this->scopeConfig->getValue(
+            self::CONFIG_FORMS,
+            \Magento\Store\Model\ScopeInterface::SCOPE_STORE,
+            $store
+        );
+
+        $forms = explode(',', $forms) ?: [];
+        if (!is_array($forms)) {
+            return [trim($forms)];
+        }
+
+        return array_map('trim', $forms);
+    }
+
+    /**
+     * Get selected forms.
+     *
+     * @return array
+     */
+    public function getCustomForms()
+    {
+        $data = $this->scopeConfig->getValue(
+            self::CONFIG_CUSTOM_FORMS,
+            \Magento\Store\Model\ScopeInterface::SCOPE_STORE
+        );
+
+        return json_decode($data, true) ?: [];
+    }
+
+    /**
+     * Get css selectors for the selected forms.
+     *
+     * @return array
+     */
+    public function getSelectedFormSelectors()
+    {
+        $forms = $this->getForms();
+        $finalForms = [];
+        foreach ($forms as $action) {
+            if (isset($this->formActionSelectors[$action])) {
+                $finalForms[] = $this->formActionSelectors[$action];
+            }
+        }
+
+        return $finalForms;
+    }
+
+    /**
+     * Get selected forms paths.
+     *
+     * @return array
+     */
+    public function getFormSelectors()
+    {
+        $forms = $this->getSelectedFormSelectors();
+        $customForms = array_column($this->getCustomForms(), 'selector');
+
+        return array_merge($forms, $customForms);
+    }
+
+    /**
+     * Get selected form actions.
+     *
+     * @return array
+     */
+    public function getFormActions()
+    {
+        $forms = $this->getForms();
+        $customForms = array_column($this->getCustomForms(), 'action');
+
+        return array_merge($forms, $customForms);
+    }
+}

Model/System/Config/Source/Forms.php

@@ -0,0 +1,52 @@
+<?php
+/**
+ * @category  HS
+ *
+ * @copyright Copyright (c) 2015 Hungersoft (http://www.hungersoft.com)
+ * @license   http://www.hungersoft.com/license.txt Hungersoft General License
+ */
+
+namespace HS\Honeypot\Model\System\Config\Source;
+
+use Magento\Framework\Option\ArrayInterface;
+
+class Forms implements ArrayInterface
+{
+    const TYPE_LOGIN = 'customer_account_loginPost';
+    const TYPE_CREATE = 'customer_account_createpost';
+    const TYPE_FORGOT = 'customer_account_forgotpasswordpost';
+    const TYPE_CONTACT = 'contact_index_post';
+    const TYPE_CHANGE_PASSWORD = 'customer_account_editPost';
+    const TYPE_PRODUCT_REVIEW = 'review_product_post';
+
+    /**
+     * @return array
+     */
+    public function toOptionArray()
+    {
+        $options = [];
+        foreach ($this->getOptions() as $value => $label) {
+            $options[] = [
+                'value' => $value,
+                'label' => $label,
+            ];
+        }
+
+        return $options;
+    }
+
+    /**
+     * @return array
+     */
+    public function getOptions()
+    {
+        return [
+            self::TYPE_LOGIN => __('Login'),
+            self::TYPE_CREATE => __('Create User'),
+            self::TYPE_FORGOT => __('Forgot Password'),
+            self::TYPE_CONTACT => __('Contact Us'),
+            self::TYPE_CHANGE_PASSWORD => __('Change Password'),
+            self::TYPE_PRODUCT_REVIEW => __('Product Review'),
+        ];
+    }
+}

Observer/ActionPredispatch.php

@@ -0,0 +1,124 @@
+<?php
+/**
+ * Copyright 2019 Hungersoft (http://www.hungersoft.com).
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+namespace HS\Honeypot\Observer;
+
+use Magento\Framework\App\Request\Http;
+use HS\Honeypot\Helper\Data;
+use Magento\Framework\App\Action\Action;
+use Magento\Framework\App\ActionFlag;
+use Magento\Framework\App\Response\RedirectInterface;
+use Magento\Framework\App\ResponseInterface;
+use Magento\Framework\Message\ManagerInterface;
+
+class ActionPredispatch implements \Magento\Framework\Event\ObserverInterface
+{
+    /**
+     * @var Data
+     */
+    protected $helper;
+
+    /**
+     * @var Http
+     */
+    protected $request;
+
+    /**
+     * @var ResponseInterface
+     */
+    protected $response;
+
+    /**
+     * @var ActionFlag
+     */
+    private $actionFlag;
+
+    /**
+     * @var ManagerInterface
+     */
+    protected $messageManager;
+
+    /**
+     * @var RedirectInterface
+     */
+    protected $redirect;
+
+    /**
+     * @param Data              $helper
+     * @param Http              $request
+     * @param ActionFlag        $actionFlag
+     * @param ResponseInterface $response
+     * @param RedirectInterface $redirect
+     * @param ManagerInterface  $messageManager
+     */
+    public function __construct(
+        Data $helper,
+        Http $request,
+        ActionFlag $actionFlag,
+        ResponseInterface $response,
+        RedirectInterface $redirect,
+        ManagerInterface $messageManager
+    ) {
+        $this->helper = $helper;
+        $this->request = $request;
+        $this->redirect = $redirect;
+        $this->response = $response;
+        $this->actionFlag = $actionFlag;
+        $this->messageManager = $messageManager;
+    }
+
+    /**
+     * Execute observer.
+     *
+     * @param \Magento\Framework\Event\Observer $observer
+     */
+    public function execute(
+        \Magento\Framework\Event\Observer $observer
+    ) {
+        if (!$this->helper->isEnabled()
+            || !in_array($this->request->getFullActionName(), $this->helper->getFormActions())
+        ) {
+            return $this;
+        }
+
+        if ($this->request->getParam('hs_hid') !== '') {
+            $this->processError();
+        }
+    }
+
+    /**
+     * Process error.
+     *
+     * @return array | void
+     */
+    private function processError()
+    {
+        $message = __('Unauthorized form submission!');
+        if ($this->request->isAjax()) {
+            return [
+                'success' => false,
+                'error' => true,
+                'message' => $message,
+            ];
+        }
+
+        $this->messageManager->getMessages(true);
+        $this->messageManager->addErrorMessage($message);
+        $this->actionFlag->set('', Action::FLAG_NO_DISPATCH, true);
+        $this->response->setRedirect($this->redirect->getRefererUrl());
+    }
+}