zydronium/neocities
1
0
Fork 0
mirror of https://github.com/neocities/neocities.git synced 2025-04-25 01:32:36 +02:00
Code Issues Projects Releases Packages Wiki Activity

validate against throwaway email addresses

Browse source
This commit is contained in:
Kyle Drake 2016-05-15 01:53:55 -04:00
parent 6b88c8339d
commit 76cb669659
4 changed files with 29 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.gitignore vendored
View file

@ -18,3 +18,4 @@ files/sslsites.zip
.vagrant .vagrant
public/banned_sites public/banned_sites
public/deleted_sites public/deleted_sites
files/disposable_email_blacklist.conf

7
Rakefile
View file

@ -38,6 +38,13 @@ task :parse_logs => [:environment] do
Stat.parse_logfiles $config['logs_path'] Stat.parse_logfiles $config['logs_path']
end end
desc 'Update disposable email blacklist'
task :update_disposable_email_blacklist => [:environment] do
uri = URI.parse('https://raw.githubusercontent.com/martenson/disposable-email-domains/master/disposable_email_blacklist.conf')
File.write(Site::DISPOSABLE_EMAIL_BLACKLIST_PATH, Net::HTTP.get(uri))
end
desc 'Update banned IPs list' desc 'Update banned IPs list'
task :update_blocked_ips => [:environment] do task :update_blocked_ips => [:environment] do
uri = URI.parse('http://www.stopforumspam.com/downloads/listed_ip_90.zip') uri = URI.parse('http://www.stopforumspam.com/downloads/listed_ip_90.zip')

20
models/site.rb
View file

@ -122,6 +122,7 @@ class Site < Sequel::Model
) )
EMAIL_VALIDATION_CUTOFF_DATE = Time.parse('May 16, 2016') EMAIL_VALIDATION_CUTOFF_DATE = Time.parse('May 16, 2016')
DISPOSABLE_EMAIL_BLACKLIST_PATH = File.join(DIR_ROOT, 'files', 'disposable_email_blacklist.conf')
def self.newsletter_sites def self.newsletter_sites
Site.select(:email). Site.select(:email).
@ -540,6 +541,21 @@ class Site < Sequel::Model
!username.empty? && username.match(/^[a-zA-Z0-9_\-]+$/i) !username.empty? && username.match(/^[a-zA-Z0-9_\-]+$/i)
end end
def self.disposable_email?(email)
return false unless File.exist?(DISPOSABLE_EMAIL_BLACKLIST_PATH)
return false if email.blank?
email.strip!
disposable_email_domains = File.readlines DISPOSABLE_EMAIL_BLACKLIST_PATH
disposable_email_domains.each do |disposable_email_domain|
return true if email.match disposable_email_domain.strip
end
false
end
def okay_to_upload?(uploaded_file) def okay_to_upload?(uploaded_file)
return true if [:supporter].include?(plan_type.to_sym) return true if [:supporter].include?(plan_type.to_sym)
return false if self.class.possible_phishing?(uploaded_file) return false if self.class.possible_phishing?(uploaded_file)
@ -853,6 +869,10 @@ class Site < Sequel::Model
errors.add :email, 'Cannot use this email address.' errors.add :email, 'Cannot use this email address.'
end end
if parent? && new? && self.class.disposable_email?(values[:email])
errors.add :email, 'Cannot use a disposable email address.'
end
# Check for existing email if new or changing email. # Check for existing email if new or changing email.
if new? || @original_email if new? || @original_email
email_check = self.class.select(:id).filter(email: values[:email]) email_check = self.class.select(:id).filter(email: values[:email])

2
views/_index_signup_script.erb
View file

@ -28,7 +28,7 @@
}) })
}) })
$('input[type=text],input[type=password]').on('change focusout', function(obj) { $('input[type=text],input[type=password],input[type=email]').on('change focusout', function(obj) {
$.post('/create_validate', {field: obj.target.name, value: obj.target.value, is_education: $('input[name=is_education]')[0].value, csrf_token: '<%= csrf_token %>'}, function(res) { $.post('/create_validate', {field: obj.target.name, value: obj.target.value, is_education: $('input[name=is_education]')[0].value, csrf_token: '<%= csrf_token %>'}, function(res) {
if(res.result == 'ok') { if(res.result == 'ok') {
return $(obj.target).tooltip('hide') return $(obj.target).tooltip('hide')