Added form plugin honeypot to webgui_newsletter. It can be used with:

<tmpl_var subscriptionForm_form>
<tmpl_var form_honeypot>
<tmpl_var form_honeypot_id>

It's used by default now.

lib/WebGUI/Asset/Wobject/NewsletterCollection.pm

@@ -34,6 +34,13 @@ sub definition {
             tab             => 'display',
             defaultValue    => 1,
         },
+        useHoneypot => {
+            fieldType       => 'yesNo',
+            label           => $i18n->get('useHoneypot label'),
+            hoverHelp       => $i18n->get('useHoneypot description'),
+            tab             => 'security',
+            defaultValue    => 1,
+        },
     );
 
     push @{ $definition }, {
@@ -175,4 +182,3 @@ sub view {
 }
 
 1;
-

lib/WebGUI/AssetAspect/Subscriber.pm

@@ -12,6 +12,7 @@ use WebGUI::Mail::Send;
 use WebGUI::Group;
 use WebGUI::Asset;
 use WebGUI::Form;
+use WebGUI::Form::Honeypot;
 use WebGUI::User::SpecialState;
 use WebGUI::International;
 use Tie::IxHash;
@@ -192,6 +193,44 @@ sub isSubscribed {
 }
 
 #----------------------------------------------------------------------------
+=head2 appendSubscriptionFormVars
+
+=head3 honeyPot
+Part of the form vars are the honeyPot variables. This is a form plugin that
+is used in NewsletterCollection.pm to activate the use of a honeypot or not,
+in this module, AssetAspect/Subscriber.pm, to check the honeypot and to
+display the form values and in i18n.
+
+There are the following form vars:
+
+=head4 subscriptionForm_emailBox
+This renders both the emailbox, subscribe/unsubscribe radio buttons and the
+honeypot form inputs:
+    <input id="email_formId" name="email" value="" size="30" maxlength="255" type="text">
+    <fieldset style="border:none;margin:0;padding:0">
+        <label>
+            <input name="action" value="subscribe" id="action1" type="radio">Inschrijven
+        </label>
+        <label>
+            <input name="action" value="unsubscribe" id="action2" type="radio">Uitschrijven
+        </label>
+    </fieldset>
+    <input name="hp_timestamp" value="1540249684" type="hidden">
+    <input id="d28a72b5e1a47804be42367afaf56b4d_hp" class="honeypot" name="hp_surname" value="" size="30" maxlength="255" type="text">
+
+You can easily make the honeypot input field invisible with some css for
+class honeypot.
+
+=head4 form_honeypot
+Renders these fields:
+    <input name="hp_timestamp" value="1540249684" type="hidden">
+    <input id="d28a72b5e1a47804be42367afaf56b4d_hp" class="honeypot" name="hp_surname" value="" size="30" maxlength="255" type="text">
+
+=head4 form_honeypot_id
+Gives you the id for the honeypot input. This makes it easy to create a label:
+
+
+=cut
 sub appendSubscriptionFormVars {
     my $self    = shift;
     my $var     = shift || {};
@@ -216,6 +255,10 @@ sub appendSubscriptionFormVars {
         . WebGUI::Form::submit( $session, { value => $i18n->get('unsubscribe') } )
         . $formFooter
         ;
+    # honeypot is connected to the emailbox, that is displayed on anonymous subscription
+    # and only if set to useHoneyPot in definition/display
+    my $honeypot = WebGUI::Form::Honeypot->new( $self->session, { name => 'hp' } );
+    my $honeypot_form = $self->get('useHoneypot') ? $honeypot->toHtml : '';
     my $emailBox =
         $formHeader
         . WebGUI::Form::email( $session, { name => 'email', value => '' } )
@@ -226,6 +269,7 @@ sub appendSubscriptionFormVars {
                 unsubscribe => $i18n->get('unsubscribe'),
             }
         } )
+        . $honeypot_form
         . WebGUI::Form::submit( $session )
         . $formFooter
         ;
@@ -250,6 +294,8 @@ sub appendSubscriptionFormVars {
     $var->{ user_canSubscribe                   } = $self->canSubscribe;
     $var->{ user_canUnsubscribe                 } = $self->canUnsubscribe;
     $var->{ user_isRegistered                   } = $session->user->isRegistered;
+    $var->{ form_honeypot                       } = $honeypot->toHtml;
+    $var->{ form_honeypot_id                    } = $honeypot->get('id');
 
     return $var;
 }
@@ -350,6 +396,12 @@ sub sendSubscriptionConfirmation {
     my $session = $self->session;
     my $i18n    = WebGUI::International->new( $session, 'AssetAspect_Subscriber' );
 
+    my $honeypot = $session->form->honeypot( 'hp' );
+    if ( $self->get('useHoneypot') && $honeypot ) {
+        $session->log->warn( "Honeypot triggered: $honeypot" );
+        return;
+    }
+
     my $var     = $self->getEmailVars( $user );
     my $url     = $session->url->getSiteURL . $self->getUrl( "func=confirmMutation;code=$code" );
 
@@ -389,6 +441,12 @@ sub sendNoMutationEmail {
     my $session = $self->session;
     my $i18n    = WebGUI::International->new( $session, 'AssetAspect_Subscriber' );
 
+    my $honeypot = $session->form->honeypot( 'hp' );
+    if ( $self->get('useHoneypot') && $honeypot ) {
+        $session->log->warn( "Honeypot triggered: $honeypot" );
+        return;
+    }
+
     my $var     = $self->getEmailVars( $user );
     $var->{ actionIsSubscribe   } = $action eq 'subscribe';
 
@@ -678,4 +736,3 @@ sub www_unsubscribe {
 }
 
 1;
-

lib/WebGUI/i18n/Dutch/Asset_NewsletterCollection.pm

@@ -6,14 +6,26 @@ our $I18N = {
     assetName => {
         message => 'Nieuwsbrief collectie',
     },
+    'subscribe' => {
+        message => 'inschrijven',
+    },
+    'unsubscribe' => {
+        message => 'uitschrijven',
+    },
     'template' => {
         message => 'Sjabloon',
     },
     'number of recent issues' => {
-        message => 'Aantal recente uitgaven',
+        message => 'Aantal recente nieuwsbrieven',
+    },
+    'useHoneypot label' => {
+        message => q|Gebruik honeypot|,
+        lastUpdated => 0,
+    },
+    'useHoneypot description' => {
+        message => q|Gebruik honeypot om spam te voorkomen.|,
+        lastUpdated => 0,
     },    
-    
 };
 
 1;
-

lib/WebGUI/i18n/English/Asset_NewsletterCollection.pm

@@ -18,7 +18,14 @@ our $I18N = {
     'number of recent issues' => {
         message => 'Number of recent issues',
     },
-    
+    'useHoneypot label' => {
+        message => q|Use honeypot|,
+        lastUpdated => 0,
+    },
+    'useHoneypot description' => {
+        message => q|Use honeypot to verify humanity.|,
+        lastUpdated => 0,
+    },    
 };
 
 1;

sbin/install_newsletter.pl

@@ -36,10 +36,11 @@ addListNameColumn( $session );
 addRegistrationSteps( $session );
 addConfirmationTemplateColumn( $session );
 addSentToIndex( $session );
+addUseHoneypotColumn( $session );
 
 finish($session);
 
-#----------------------------------------------------------------------------
+#-------------------------------------------------------------------------------
 sub addConfirmationTemplateColumn {
     my $session = shift;
     my $db      = $session->db;
@@ -167,6 +168,7 @@ sub installNewsletterCollection {
         create table if not exists NewsletterCollection (
             assetId                     char(22)    binary  not null,
             revisionDate                bigint(20)          not null,
+            useHoneypot                 tinyint(1)          default 0,
             primary key( assetId, revisionDate )
         );
 EOSQL
@@ -352,7 +354,27 @@ sub addRegistrationSteps {
     print "Done.\n";
 
 }
+#----------------------------------------------------------------------------
+sub addUseHoneypotColumn {
+    my $session = shift;
 
+    my $db      = $session->db;
+
+    print "\tAdding useHoneypot column...";
+
+    my @columns = $db->buildArray( 'show columns from NewsletterCollection' );
+
+   if ( ! grep { $_ eq 'useHoneypot' } @columns ) {
+       $db->write( 'alter table NewsletterCollection add column useHoneypot tinyint(1) default 0' );
+       $db->write( 'update NewsletterCollection set useHoneypot = 0 where useHoneypot is null' );
+
+       print "Done\n";
+
+   }
+   else {
+       print "Skipping\n";
+   }
+}
 #----------------------------------------------------------------------------
 sub start {
     my $webguiRoot  = shift;