HoneyPot - Code Metrics - Inspection of "Merge pull request #27 from thinktomorrow/analysis..." - thinktomorrow/chief - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — ft/package ( 5ee474...180175 )

by Philippe

created 2018-05-29 12:30 UTC

HoneyPot A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	45
Duplicated Lines	0 %

Test Coverage

Coverage

Importance

Changes

Metric	Value
dl	0
loc	45
ccs	0
cts	11
cp	0
rs	10
c	0
b	0
f	0
wmc	7

3 Methods

Rating	Name	Size	Complexity
A	handle()	6	1
A	timer()	4	3
A	honeypot()	4	3

<?php

namespace Thinktomorrow\Chief\App\Http\Middleware;

use Closure;
use Illuminate\Http\Request;

class HoneyPot
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        $this->honeypot($request);
        $this->timer($request);

        return $next($request);
    }

    /**
     * Honeypot field protection
     *
     * A hidden field in the comment form is tagged as honeypot.
     * Should this field be filled with data or if this field is removed
     * from the input, We can assume the submit is forged.
     *
     * A field with the attribute key of your_name is assumed
     */
    private function honeypot(Request $request)
    {
        if (!$request->exists('your_name') or $request->has('your_name')) {
            abort('403', 'Request blocked due to assumed spam attempt. Honeypot field was filled in.');
        }
    }

    /**
     * Timer lock
     *
     * Should the request be performed in less then 3 seconds
     * A automatic spam submit is assumed.
     * Validation is performed by setting a timestamp
     * at the time of the comment form creation
     */
    private function timer(Request $request)
    {
        if (!$request->exists('_timer') or (time()-2) <= $request->get('_timer')) {
            abort('403', 'Request blocked due to assumed spam attempt. Submission happened too fast.');
        }
    }
}


1			<?php
2
3			namespace Thinktomorrow\Chief\App\Http\Middleware;
4
5			use Closure;
6			use Illuminate\Http\Request;
7
8			class HoneyPot
9			{
10			/**
11			* Handle an incoming request.
12			*
13			* @param \Illuminate\Http\Request $request
14			* @param \Closure $next
15			* @return mixed
16			*/
17			public function handle($request, Closure $next)
18			{
19			$this->honeypot($request);
20			$this->timer($request);
21
22			return $next($request);
23			}
24
25			/**
26			* Honeypot field protection
27			*
28			* A hidden field in the comment form is tagged as honeypot.
29			* Should this field be filled with data or if this field is removed
30			* from the input, We can assume the submit is forged.
31			*
32			* A field with the attribute key of your_name is assumed
33			*/
34			private function honeypot(Request $request)
35			{
36			if (!$request->exists('your_name') or $request->has('your_name')) {
37			abort('403', 'Request blocked due to assumed spam attempt. Honeypot field was filled in.');
38			}
39			}
40
41			/**
42			* Timer lock
43			*
44			* Should the request be performed in less then 3 seconds
45			* A automatic spam submit is assumed.
46			* Validation is performed by setting a timestamp
47			* at the time of the comment form creation
48			*/
49			private function timer(Request $request)
50			{
51			if (!$request->exists('_timer') or (time()-2) <= $request->get('_timer')) {
52			abort('403', 'Request blocked due to assumed spam attempt. Submission happened too fast.');
53			}
54			}
55			}
56

thinktomorrow / chief

Push — ft/package ( 5ee474...180175 )

HoneyPot A

Complexity

Size/Duplication

Test Coverage

Importance

3 Methods

Duplication Side-by-Side

Filter issues like