From 5bd6ab7611bb1e12a04de3a1ccd2b5239c05cb05 Mon Sep 17 00:00:00 2001 From: rubenwardy Date: Mon, 13 Jun 2022 17:10:07 +0100 Subject: [PATCH] Disable reports from anonymous users --- app/blueprints/report/__init__.py | 4 ++-- app/templates/report/index.html | 19 ++++++++++++++++++- 2 files changed, 20 insertions(+), 3 deletions(-) diff --git a/app/blueprints/report/__init__.py b/app/blueprints/report/__init__.py index bf8a999d..ef9f5956 100644 --- a/app/blueprints/report/__init__.py +++ b/app/blueprints/report/__init__.py @@ -43,8 +43,8 @@ def report(): if url: url = abs_url_samesite(url) - form = ReportForm(formdata=request.form) - if form.validate_on_submit(): + form = ReportForm(formdata=request.form) if current_user.is_authenticated else None + if form and form.validate_on_submit(): if current_user.is_authenticated: user_info = f"{current_user.username}" else: diff --git a/app/templates/report/index.html b/app/templates/report/index.html index c18d377e..7306b741 100644 --- a/app/templates/report/index.html +++ b/app/templates/report/index.html @@ -6,9 +6,23 @@ {% block content %} -{% from "macros/forms.html" import render_field, render_submit_field, render_checkbox_field %}

{{ _("Report") }}

+{% if not form %} + +

+ {{ _("Due to spam, we no longer accept reports from anonymous users on this form.") }} + {{ _("Please sign in or contact the admin in another way") }} +

+

+ Login + Contact the admin +

+ +{% else %} + +{% from "macros/forms.html" import render_field, render_submit_field, render_checkbox_field %} +
{{ form.hidden_tag() }} {% if url %} @@ -17,6 +31,7 @@

{% endif %} {{ render_field(form.message, hint=_("What are you reporting? Why are you reporting it?")) }} + {{ render_field(form.not_a_request) }} {{ render_submit_field(form.submit) }}

@@ -30,4 +45,6 @@

+{% endif %} + {% endblock %}