Skip to Content
Last modified by Agnease on 2026/06/16 17:18
From version 16.57
edited by Agnease
on 2026/06/16 17:18
Change comment: There is no comment for this version
To version 16.34
edited by Agnease
on 2026/06/16 16:43
Change comment: There is no comment for this version

Summary

Details

Page properties
Content
... ... @@ -3,113 +3,33 @@
3 3   #set ($statusCode = 400)
4 4   #set ($message = 'The request could not be sent. Please try again or contact Agnease by email at alex@agnease.com.')
5 5  
6 - #set ($className = 'Agnease.Code.ContactRequest.ContactRequestClass')
7 - #set ($allowedProperties = [
8 - 'scope',
9 - 'alreadyUseXWiki',
10 - 'name',
11 - 'email',
12 - 'hosting',
13 - 'customDevelopment',
14 - 'timeline',
15 - 'users'
16 - ])
17 -
18 18   #set ($name = '')
19 19   #set ($email = '')
20 - #set ($scope = '')
21 21   #set ($contactWebsite = '')
22 - #set ($startedAtRaw = '')
23 23  
24 - ## Extract only the values we need for validation.
25 25   #foreach ($parameterName in $request.parameterNames)
26 - #set ($propertyParts = $parameterName.split('_0_'))
27 - #if ($propertyParts.size() > 1)
28 - #set ($propertyName = $propertyParts[1])
29 - #set ($propertyValue = $stringtool.trim($request.get($parameterName)))
30 -
31 - #if ($propertyName == 'name')
32 - #set ($name = $propertyValue)
33 - #elseif ($propertyName == 'email')
34 - #set ($email = $propertyValue)
35 - #elseif ($propertyName == 'scope')
36 - #set ($scope = $propertyValue)
37 - #elseif ($propertyName == 'contactWebsite')
38 - #set ($contactWebsite = $propertyValue)
39 - #elseif ($propertyName == 'contactStartedAt')
40 - #set ($startedAtRaw = $propertyValue)
41 - #end
11 + #set ($propertyName = $parameterName.split('_0_')[1])
12 + #if ($propertyName == 'name')
13 + #set ($name = $stringtool.trim($request.get($parameterName)))
14 + #elseif ($propertyName == 'email')
15 + #set ($email = $stringtool.trim($request.get($parameterName)))
16 + #elseif ($propertyName == 'contactWebsite')
17 + #set ($contactWebsite = $stringtool.trim($request.get($parameterName)))
42 42   #end
43 43   #end
44 44  
45 - #set ($spamScore = 0)
46 -
47 - ## Honeypot: real users should never fill this field.
48 - #if ("$!contactWebsite" != '')
49 - #set ($spamScore = $spamScore + 5)
50 - #end
51 -
52 - ## Submission timing check.
53 - #if ("$!startedAtRaw" == '')
54 - ## The field is expected from the real form, so missing it is suspicious.
55 - #set ($spamScore = $spamScore + 2)
56 - #else
57 - #set ($startedAt = $numbertool.toNumber($startedAtRaw))
58 - #if ("$!startedAt" == '')
59 - #set ($spamScore = $spamScore + 2)
60 - #else
61 - #set ($now = $datetool.systemDate.time)
62 - #set ($elapsed = $now - $startedAt)
63 -
64 - ## Reject very fast submissions.
65 - #if ($elapsed > 0 && $elapsed < 10000)
66 - #set ($spamScore = $spamScore + 3)
67 - #end
68 - #end
69 - #end
70 -
71 - ## Random-looking name: long single token.
72 - #if ($name.length() >= 16 && !$name.contains(' '))
73 - #set ($spamScore = $spamScore + 2)
74 - #end
75 -
76 - ## Random-looking project description: long single token.
77 - #if ($scope.length() >= 12 && !$scope.contains(' '))
78 - #set ($spamScore = $spamScore + 2)
79 - #end
80 -
81 - ## Suspicious email local part with many dots and tiny fragments.
82 - #set ($emailParts = $email.split('@'))
83 - #if ($emailParts.size() == 2)
84 - #set ($localPart = $emailParts[0])
85 - #set ($localFragments = $localPart.split('\.'))
86 - #set ($dotCount = $localFragments.size() - 1)
87 - #set ($oneCharFragments = 0)
88 -
89 - #foreach ($fragment in $localFragments)
90 - #if ($fragment.length() == 1)
91 - #set ($oneCharFragments = $oneCharFragments + 1)
92 - #end
93 - #end
94 -
95 - #if ($dotCount >= 4 && $oneCharFragments >= 3)
96 - #set ($spamScore = $spamScore + 2)
97 - #end
98 - #else
99 - #set ($spamScore = $spamScore + 2)
100 - #end
101 -
102 - ## Human-facing validation.
103 - #if ("$!name" == '' && "$!email" == '')
21 + #if ("$!contactWebsite.trim()" != '')
22 + #set ($statusCode = 400)
23 + #set ($message = 'The request could not be sent. Please try again or contact Agnease by email.')
24 + #elseif ("$!name" == '' && "$!email" == '')
25 + #set ($statusCode = 400)
104 104   #set ($message = 'Please enter your name and email.')
105 105   #elseif ("$!name" == '')
28 + #set ($statusCode = 400)
106 106   #set ($message = 'Please enter your name.')
107 107   #elseif ("$!email" == '')
31 + #set ($statusCode = 400)
108 108   #set ($message = 'Please enter your email address.')
109 - #elseif ("$!scope" == '' || $scope.length() < 30)
110 - #set ($message = 'Please add a short description of your XWiki project, question or issue.')
111 - #elseif ($spamScore >= 3)
112 - #set ($message = 'The request could not be sent. Please add a clearer description of your XWiki request or contact Agnease by email.')
113 113   #else
114 114   #try('contactException')
115 115   #set ($now = $datetool.get('yyyyMMddHHmm'))
... ... @@ -116,18 +116,11 @@
116 116   #set ($random = $mathtool.random(100000, 999999))
117 117   #set ($uniqueName = "ContactRequest-${now}-${random}")
118 118   #set ($contactRequestDoc = $xwiki.getDocumentAsAuthor('ContactRequests.' + $uniqueName))
119 - #set ($contactRequestObj = $contactRequestDoc.getObject($className, true))
39 + #set ($contactRequestObj = $contactRequestDoc.getObject('Agnease.Code.ContactRequest.ContactRequestClass', true))
120 120  
121 - ## Save only known ContactRequest fields.
122 122   #foreach ($parameterName in $request.parameterNames)
123 - #set ($propertyParts = $parameterName.split('_0_'))
124 - #if ($propertyParts.size() > 1)
125 - #set ($propertyName = $propertyParts[1])
126 -
127 - #if ($allowedProperties.contains($propertyName))
128 - #set ($discard = $contactRequestObj.set($propertyName, $request.get($parameterName)))
129 - #end
130 - #end
42 + #set ($propertyName = $parameterName.split('_0_')[1])
43 + #set ($discard = $contactRequestObj.set($propertyName, $request.get($parameterName)))
131 131   #end
132 132  
133 133   #set ($discard = $contactRequestDoc.saveAsAuthor())
... ... @@ -203,7 +203,6 @@
203 203   tabindex="-1"
204 204   />
205 205   </div>
206 - <input type="hidden" name="Agnease.Code.ContactRequest.ContactRequestClass_0_contactStartedAt" value="$datetool.systemDate.time" />
207 207   <input id="contactSubmit" type="submit" class="btn btn-primary" value="Send my request">
208 208   </form>
209 209   #end