Really single anti-bot thingy

author: nathan <nathansmith@disroot.org> 2025-08-31 18:28:54 +0000
committer: nathan <nathansmith@disroot.org> 2025-08-31 18:28:54 +0000
commit: 3358ef733678ffd42a057a1cce900620d0a04dfe (patch)
tree: f22316409885dddafb3b2900cb881cd6e5b39a45 /org/cgi-bin
parent: 57be320e2e0c6b4b067b17e6d7db86f90aed4d1f (diff)
download: shittyweb-3358ef733678ffd42a057a1cce900620d0a04dfe.tar.gz
shittyweb-3358ef733678ffd42a057a1cce900620d0a04dfe.tar.bz2
shittyweb-3358ef733678ffd42a057a1cce900620d0a04dfe.zip
1 files changed, 52 insertions, 24 deletions
diff --git a/org/cgi-bin/guest-book.cgi b/org/cgi-bin/guest-book.cgi
index dfbe38f..9fb71bc 100755
--- a/org/cgi-bin/guest-book.cgi
+++ b/org/cgi-bin/guest-book.cgi
@@ -8,6 +8,7 @@
 (use-modules (json))
 
 (define guest-book-json-file "guest-book.json")
+(define test-number-max 100)
 
 (define (decode-hex hex)
   (string (integer->char
@@ -57,6 +58,17 @@
     (close-output-port output)
     sanitized))
 
+(define (number-to-entity number)
+  (letrec ((process-digits
+            (lambda (digits)
+              (if (eq? digits '())
+                  ""
+                  (string-append "&#"
+                                 (number->string (char->integer (car digits)))
+                                 ";"
+                                 (process-digits (cdr digits)))))))
+    (process-digits (string->list (number->string number)))))
+
 (define (write-guest-to-json name url message)
   (let ((guest-book '())
         (guest `(("name" . ,name)
@@ -113,11 +125,18 @@
     (if form
         (let ((name (sanitize-input (cdr (list-ref form 0))))
               (url (sanitize-input (cdr (list-ref form 1))))
-              (message (sanitize-input (cdr (list-ref form 2)))))
+              (message (sanitize-input (cdr (list-ref form 2))))
+              (answer (string->number (sanitize-input (cdr (list-ref form
+                                                                     3)))))
+              (first (string->number (sanitize-input (cdr (list-ref form 4)))))
+              (second (string->number (sanitize-input (cdr (list-ref form
+                                                                     5))))))
           (cond ((string= name "") ;; No name given
                  (display "<p>name is required</p>"))
                 ((string= message "") ;; No message given
                  (display "<p>please write a silly something (:</p>"))
+                ((not (= (+ first second) answer))
+                 (display "<p>You suck at math lol</p>"))
                 (else
                  (write-guest-to-json name url message)))))))
 
@@ -134,7 +153,10 @@
 
 ;; Display pretty much everything
 (define (display-guest-book)
-  (display "Content-Type: text/html\n\n\
+  (set! *random-state* (seed->random-state (time-second (current-time))))
+  (let ((first-test-number (number-to-entity (random test-number-max)))
+        (second-test-number (number-to-entity (random test-number-max))))
+    (format #t "Content-Type: text/html\n\n\
 <!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\"\n\
 \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\n\
 <html xmlns=\"http://www.w3.org/1999/xhtml\" lang=\"en\" xml:lang=\"en\">\n\
@@ -160,35 +182,41 @@
       <br />\n\
       <textarea type = \"text\" name = \"message\" rows = \"4\"\n\
       cols = \"40\" maxlength=\"512\"></textarea>\n\
+      <br /><br />\n\
+      <lable for = \"answer\">Answer ~a plus ~a</lable>\n\
+      <input type = \"number\" name = \"answer\"/>\n\
+      <input type = \"hidden\" name =\"first\" value = \"~a\">\n\
+      <input type = \"hidden\" name =\"second\" value = \"~a\">\n\
       <br />\n\
       <input type = \"submit\" value = \"Fucking submit\">\n\
       <b>You can't delete/edit it afterwards</b>\n\
     </form>\n\
     <p>\n\
       <b>Be nice! Dont be a fucking ass.</b>\n\
-    </p>\n")
-  (handle-fields)
-  (display "  </div>\n  <br />\n")
-
-  ;; Try to read the guest book json
-  (with-exception-handler
-      (lambda (error)
-        (display "  <div class=\"container\">\n\
+    </p>\n" first-test-number second-test-number first-test-number
+    second-test-number)
+    (handle-fields)
+    (display "  </div>\n  <br />\n")
+
+    ;; Try to read the guest book json
+    (with-exception-handler
+        (lambda (error)
+          (display "  <div class=\"container\">\n\
       <p>No guest(s) have been added ): But you can be the first!</p>\n\
-  </div>\n"))
-    (lambda ()
-      (call-with-input-file guest-book-json-file
-        (lambda (fp)
-          (letrec ((guest-book (json->scm fp))
-                   (guest-loop
-                    (lambda (index)
-                      (display-guest (vector-ref guest-book index))
-                      (if (> index 0)
-                          (guest-loop (- index 1))))))
-            (guest-loop (- (vector-length guest-book) 1))))))
-    #:unwind? #t)
-
-  (display "</body>\n</html>\n"))
+    </div>\n"))
+      (lambda ()
+        (call-with-input-file guest-book-json-file
+          (lambda (fp)
+            (letrec ((guest-book (json->scm fp))
+                     (guest-loop
+                      (lambda (index)
+                        (display-guest (vector-ref guest-book index))
+                        (if (> index 0)
+                            (guest-loop (- index 1))))))
+              (guest-loop (- (vector-length guest-book) 1))))))
+      #:unwind? #t)
+
+    (display "</body>\n</html>\n")))
 
 (define (main args)
   (display-guest-book))
author	nathan <nathansmith@disroot.org>	2025-08-31 18:28:54 +0000
committer	nathan <nathansmith@disroot.org>	2025-08-31 18:28:54 +0000
commit	3358ef733678ffd42a057a1cce900620d0a04dfe (patch)
tree	f22316409885dddafb3b2900cb881cd6e5b39a45 /org/cgi-bin
parent	57be320e2e0c6b4b067b17e6d7db86f90aed4d1f (diff)
download	shittyweb-3358ef733678ffd42a057a1cce900620d0a04dfe.tar.gz shittyweb-3358ef733678ffd42a057a1cce900620d0a04dfe.tar.bz2 shittyweb-3358ef733678ffd42a057a1cce900620d0a04dfe.zip