diff --git a/app/controllers/accessibility/forms.php b/app/controllers/accessibility/forms.php
index 6217b91c53eac272593c77d4fc726adf5c2bd799..f4f9adf7ef7cc8a4be951fe593b6252675f43fa3 100644
--- a/app/controllers/accessibility/forms.php
+++ b/app/controllers/accessibility/forms.php
@@ -91,6 +91,24 @@ class Accessibility_FormsController extends StudipController
)
);
+ // Add a honeypot value and timestamp
+ $personal_data_part->addInput(
+ new \Studip\Forms\TextInput(
+ 'homepage',
+ _('Homepage'),
+ '',
+ [
+ 'aria-hidden' => 'true',
+ 'class' => 'sr-only',
+ 'placeholder' => _('Dieses Feld nicht ausfüllen'),
+ 'title' => _('Dieses Feld nicht ausfüllen'),
+ ]
+ )
+ );
+ $this->form->addInput(
+ new \Studip\Forms\HiddenInput('time', '', time())
+ );
+
$personal_data_part->addText(sprintf('<p>%s</p>',
_('Informationen zum Datenschutz dieses Formulars finden Sie in der Datenschutzerklärung.')));
@@ -118,6 +136,13 @@ class Accessibility_FormsController extends StudipController
$this->form->setURL($this->report_barrierURL());
$this->form->addStoreCallback(
function ($form, $form_values) {
+ if (
+ $form_values['time'] >= time() - 2
+ || !empty($form_values['homepage'])
+ ) {
+ return 0;
+ }
+
$recipients = Config::get()->ACCESSIBILITY_RECEIVER_EMAIL;
if (empty($recipients)) {
//Fallback: Use the UNI_CONTACT mail address:
diff --git a/db/migrations/5.3.22_add_report_barrier_mode_configuration.php b/db/migrations/5.3.22_add_report_barrier_mode_configuration.php
new file mode 100644
index 0000000000000000000000000000000000000000..8acccd3cc75bee5d306e954293a4398ee3ef815e
--- /dev/null
+++ b/db/migrations/5.3.22_add_report_barrier_mode_configuration.php
@@ -0,0 +1,31 @@
+<?php
+final class AddReportBarrierModeConfiguration extends Migration
+{
+ public function description()
+ {
+ return 'Adds the configuration option REPORT_BARRIER_MODE';
+ }
+
+ protected function up()
+ {
+ $query = "INSERT IGNORE INTO `config` (
+ `field`, `value`, `type`, `range`,
+ `section`, `description`,
+ `mkdate`, `chdate`
+ ) VALUES (
+ 'REPORT_BARRIER_MODE', 'on', 'string', 'global',
+ 'accessibility', 'Einstellungen zum Formular zu Melden einer Barriere (\"on\" = immer an, \"logged-in\" = nur für angemeldete Personen, \"off\" = ausgeschaltet)',
+ UNIX_TIMESTAMP(), UNIX_TIMESTAMP()
+ )";
+ DBManager::get()->exec($query);
+ }
+
+ protected function down()
+ {
+ $query = "DELETE config, config_values
+ FROM `config`
+ LEFT JOIN `config_values` USING(`field`)
+ WHERE `field` = 'REPORT_BARRIER_MODE'";
+ DBManager::get()->exec($query);
+ }
+}
diff --git a/lib/navigation/FooterNavigation.php b/lib/navigation/FooterNavigation.php
index 800da377d59b6361badd52c38fa40325fe5190f6..e9e41c84d1b9a17abec528e0faa24ad89b84737b 100644
--- a/lib/navigation/FooterNavigation.php
+++ b/lib/navigation/FooterNavigation.php
@@ -60,15 +60,23 @@ class FooterNavigation extends Navigation
);
}
- $this->addSubNavigation(
- 'report_barrier',
- new Navigation(
- _('Barriere melden'),
- URLHelper::getURL(
- 'dispatch.php/accessibility/forms/report_barrier',
- ['page' => Request::url(), 'cancel_login' => '1']
- )
+ if (
+ Config::get()->REPORT_BARRIER_MODE === 'on'
+ || (
+ Config::get()->REPORT_BARRIER_MODE === 'logged-in'
+ && User::findCurrent()
)
- );
+ ) {
+ $this->addSubNavigation(
+ 'report_barrier',
+ new Navigation(
+ _('Barriere melden'),
+ URLHelper::getURL(
+ 'dispatch.php/accessibility/forms/report_barrier',
+ ['page' => Request::url(), 'cancel_login' => '1']
+ )
+ )
+ );
+ }
}
}
diff --git a/resources/assets/stylesheets/studip.scss b/resources/assets/stylesheets/studip.scss
index be72f0ab70b1977934e53f19588f34fd452cc8a6..bc4d3fb61219efa0b8dcf99fde180064f18fd63d 100644
--- a/resources/assets/stylesheets/studip.scss
+++ b/resources/assets/stylesheets/studip.scss
@@ -139,3 +139,10 @@ div.indent { margin-left: 2em; }
}
}
}
+
+// Hide honeypot field from report barrier form
+body#accessibility-forms-report_barrier {
+ .formpart[data-form-input-for="homepage"] {
+ @extend .sr-only;
+ }
+}
diff --git a/templates/forms/datetimepicker_input.php b/templates/forms/datetimepicker_input.php
index f2d6b9271b9a450ee40074c33465b6824165b670..44c6d21ef153ec51bc414878762b25bcc682f0e1 100644
--- a/templates/forms/datetimepicker_input.php
+++ b/templates/forms/datetimepicker_input.php
@@ -1,4 +1,4 @@
-<div class="formpart">
+<div class="formpart" data-form-input-for="<?= htmlReady($name) ?>">
<label<?= ($this->required ? ' class="studiprequired"' : '') ?> for="<?= $id ?>">
<span class="textlabel">
<?= htmlReady($this->title) ?>
diff --git a/templates/forms/i18n_formatted_input.php b/templates/forms/i18n_formatted_input.php
index 6466731b1a717605510b73e15a872f36b915a820..7a92da77747a31385f02e0431421626504eb7f01 100644
--- a/templates/forms/i18n_formatted_input.php
+++ b/templates/forms/i18n_formatted_input.php
@@ -1,4 +1,4 @@
-<div class="formpart">
+<div class="formpart" data-form-input-for="<?= htmlReady($name) ?>">
<label<?= ($this->required ? ' class="studiprequired"' : '') ?> for="<?= $id ?>">
<span class="textlabel">
<?= htmlReady($this->title) ?>
diff --git a/templates/forms/i18n_text_input.php b/templates/forms/i18n_text_input.php
index 5e99cd1cb517204fd6b832e845530f80653b4bc4..b5189626c383077a1759ec12f1922ac153bdf822 100644
--- a/templates/forms/i18n_text_input.php
+++ b/templates/forms/i18n_text_input.php
@@ -1,4 +1,4 @@
-<div class="formpart">
+<div class="formpart" data-form-input-for="<?= htmlReady($name) ?>">
<label<?= ($this->required ? ' class="studiprequired"' : '') ?> for="<?= $id ?>">
<span class="textlabel">
<?= htmlReady($this->title) ?>
diff --git a/templates/forms/i18n_textarea_input.php b/templates/forms/i18n_textarea_input.php
index d9b2ff3f809adf43d42954c527656d4ef4ff1fff..01110c665aa2232a3956769b07f3deb0281a8355 100644
--- a/templates/forms/i18n_textarea_input.php
+++ b/templates/forms/i18n_textarea_input.php
@@ -1,4 +1,4 @@
-<div class="formpart">
+<div class="formpart" data-form-input-for="<?= htmlReady($name) ?>">
<label<?= ($this->required ? ' class="studiprequired"' : '') ?> for="<?= $id ?>">
<span class="textlabel">
<?= htmlReady($this->title) ?>
diff --git a/templates/forms/multiselect_input.php b/templates/forms/multiselect_input.php
index cd9aec6391dd90532d910972a475f71e3bf2bf2a..a01ff505ffcd8d768851152b284b491ac7e9e34c 100644
--- a/templates/forms/multiselect_input.php
+++ b/templates/forms/multiselect_input.php
@@ -1,4 +1,4 @@
-<div class="formpart">
+<div class="formpart" data-form-input-for="<?= htmlReady($name) ?>">
<label<?= ($this->required ? ' class="studiprequired"' : '') ?> for="<?= $id ?>">
<span class="textlabel">
<?= htmlReady($this->title) ?>
diff --git a/templates/forms/quicksearch_input.php b/templates/forms/quicksearch_input.php
index 5a8fadd218eb23307a1bab40c419f98dfcd430d9..6fbaff15b0f115b36e199932bc534f89ec5cda05 100644
--- a/templates/forms/quicksearch_input.php
+++ b/templates/forms/quicksearch_input.php
@@ -1,4 +1,4 @@
-<div class="formpart">
+<div class="formpart" data-form-input-for="<?= htmlReady($name) ?>">
<label<?= ($this->required ? ' class="studiprequired"' : '') ?> for="<?= $id ?>">
<span class="textlabel">
<?= htmlReady($this->title) ?>
diff --git a/templates/forms/select_input.php b/templates/forms/select_input.php
index 64f81400ef51fbc21d167a0a3284d5c4bf867709..07a03ca906d771c4d546fb070f2e99bbbc4f09ac 100644
--- a/templates/forms/select_input.php
+++ b/templates/forms/select_input.php
@@ -1,4 +1,4 @@
-<div class="formpart">
+<div class="formpart" data-form-input-for="<?= htmlReady($name) ?>">
<label<?= ($this->required ? ' class="studiprequired"' : '') ?> for="<?= $id ?>">
<span class="textlabel">
<?= htmlReady($this->title) ?>
diff --git a/templates/forms/text_input.php b/templates/forms/text_input.php
index 546a125766ad5f0604db6def06d5d9ce1010c759..ae93758d14bff316d87ccf95510fbd147af43008 100644
--- a/templates/forms/text_input.php
+++ b/templates/forms/text_input.php
@@ -1,4 +1,4 @@
-<div class="formpart">
+<div class="formpart" data-form-input-for="<?= htmlReady($name) ?>">
<label<?= ($this->required ? ' class="studiprequired"' : '') ?> for="<?= $id ?>">
<span class="textlabel">
<?= htmlReady($this->title) ?>
diff --git a/templates/forms/wysiwyg_input.php b/templates/forms/wysiwyg_input.php
index 989bb5c731493d580c58435af0d7681b84ffa3b4..2fd0c901f151022119345166cbd5db99af85e68a 100644
--- a/templates/forms/wysiwyg_input.php
+++ b/templates/forms/wysiwyg_input.php
@@ -1,4 +1,4 @@
-<div class="formpart">
+<div class="formpart" data-form-input-for="<?= htmlReady($name) ?>">
<label<?= ($this->required ? ' class="studiprequired"' : '') ?> for="<?= $id ?>">
<span class="textlabel">
<?= htmlReady($this->title) ?>