From: bochard <git@bochard.net>
Date: Sat, 28 Feb 2026 05:43:46 +0000 (+0800)
Subject: added honeypot to guestbook and changed path for scripts and stylesheets
X-Git-Url: https://git.bochard.net/?a=commitdiff_plain;p=mysite.git

added honeypot to guestbook and changed path for scripts and stylesheets
---

diff --git a/guestbook.php b/guestbook.php
index b3ec37e..8085e52 100644
--- a/guestbook.php
+++ b/guestbook.php
@@ -4,7 +4,8 @@ head([
 	"title" => "guestbook",
 	"meta" => [
 		["name" => "description", "content" => "sign my guestbook"]
-	]
+	],
+	"css" => ["/stylesheet/guestbook.css"]
 ]);
 ?>
 
@@ -16,9 +17,6 @@ head([
 					<center><img src="/image/gif/guestbook.gif" width="200"></center>
 					
 					<?php
-						error_reporting(E_ALL);
-						ini_set("display_errors", 1);
-					
 						// load database config
 						$config = parse_ini_file(__DIR__ . '/../config/config.ini', true);
 						
@@ -34,12 +32,19 @@ head([
 						$conn->query("SET time_zone='+08:00';");
 						
 						// check connection
-						if($conn->connect_error){
+						if($conn->connect_error) {
 							die("Connection failed: {$conn->connect_error}");
 						}
 						
 						// entry submission
-						if ($_SERVER["REQUEST_METHOD"] == "POST"){
+						if ($_SERVER["REQUEST_METHOD"] == "POST") {
+							
+							// honeypot check
+							if(!empty($_POST['honeypot'])) {
+								header("Location: " . $_SERVER["PHP_SELF"]);
+								die();
+							};
+							
 							$name = htmlspecialchars($_POST['name'], ENT_QUOTES, "UTF-8");
 							$country = htmlspecialchars($_POST['country'], ENT_QUOTES, "UTF-8");
 							$website = htmlspecialchars($_POST['website'], ENT_QUOTES, "UTF-8");
@@ -52,13 +57,13 @@ head([
 											VALUES (?, ?, ?, ?, ?, ?);";
 							
 							$stmt = $conn->prepare($sql);
-							if(!$stmt){
+							if(!$stmt) {
 								die("Prepare failed: {$conn->error}");
 							}
 							
 							// s = string
 							$stmt->bind_param("ssssss", $name, $country, $website, $email, $comment, $ip_addr);
-							if(!$stmt->execute()){
+							if(!$stmt->execute()) {
 								die("Execute failed: {$stmt->error}");
 							}
 							
@@ -84,6 +89,7 @@ head([
 							<br>
 							<label for="website">My website: </label><input type="text" name="website" placeholder="optional">
 							<br>
+							<input type="text" class="honeypot" name="honeypot">
 							<label for="email">My e-mail: </label><input type="email" name="email" placeholder="only me can see, optional">
 							<br>
 							<label for="comment">Comment: </label><br><textarea name="comment" rows="10" cols="35" placeholder="..." required></textarea>
diff --git a/part/head.php b/part/head.php
index 3178666..763c9a7 100644
--- a/part/head.php
+++ b/part/head.php
@@ -44,7 +44,7 @@ function head(array $head = []) {
 	?>
 
 	<!-- stylesheets -->
-	<link rel="stylesheet" href="/part/stylesheet/root.css?v=<?= filemtime("{$_SERVER['DOCUMENT_ROOT']}/part/stylesheet/root.css");?>">
+	<link rel="stylesheet" href="/stylesheet/root.css?v=<?= filemtime("{$_SERVER['DOCUMENT_ROOT']}/stylesheet/root.css");?>">
 	<?php foreach($css as $file):?>
 		<?php
 			$filepath = $_SERVER['DOCUMENT_ROOT'] . $file;
@@ -55,7 +55,7 @@ function head(array $head = []) {
 	<?php endforeach;?>
 	
 	<!-- scripts -->
-	<script src="/part/script/root.js?v=<?= filemtime("{$_SERVER['DOCUMENT_ROOT']}/part/script/root.js");?>"></script>
+	<script src="/script/root.js?v=<?= filemtime("{$_SERVER['DOCUMENT_ROOT']}/script/root.js");?>"></script>
 	<?php foreach($js as $file):?>
 		<?php
 			$filepath = $_SERVER['DOCUMENT_ROOT'] . $file;
diff --git a/part/script/root.js b/part/script/root.js
deleted file mode 100644
index 7a661c2..0000000
--- a/part/script/root.js
+++ /dev/null
@@ -1 +0,0 @@
-console.log("hello, world!");
diff --git a/part/stylesheet/.htaccess b/part/stylesheet/.htaccess
deleted file mode 100644
index e8ad090..0000000
--- a/part/stylesheet/.htaccess
+++ /dev/null
@@ -1,2 +0,0 @@
-#Forbidden access
-Options -Indexes
diff --git a/part/stylesheet/root.css b/part/stylesheet/root.css
deleted file mode 100644
index b5ed499..0000000
--- a/part/stylesheet/root.css
+++ /dev/null
@@ -1,12 +0,0 @@
-@font-face {
-	font-family: EBGaramond;
-	src: url('/font/EBGaramond08-Regular.ttf');
-}
-body {
-	font-family: EBGaramond;
-	font-size: 16px;
-	line-height: 1.2;
-}
-a {
-	color: darkblue;
-}
diff --git a/script/root.js b/script/root.js
new file mode 100644
index 0000000..7a661c2
--- /dev/null
+++ b/script/root.js
@@ -0,0 +1 @@
+console.log("hello, world!");
diff --git a/stylesheet/.htaccess b/stylesheet/.htaccess
new file mode 100644
index 0000000..e8ad090
--- /dev/null
+++ b/stylesheet/.htaccess
@@ -0,0 +1,2 @@
+#Forbidden access
+Options -Indexes
diff --git a/stylesheet/guestbook.css b/stylesheet/guestbook.css
new file mode 100644
index 0000000..9b880bf
--- /dev/null
+++ b/stylesheet/guestbook.css
@@ -0,0 +1,3 @@
+.honeypot {
+	display: none;
+}
diff --git a/stylesheet/root.css b/stylesheet/root.css
new file mode 100644
index 0000000..b5ed499
--- /dev/null
+++ b/stylesheet/root.css
@@ -0,0 +1,12 @@
+@font-face {
+	font-family: EBGaramond;
+	src: url('/font/EBGaramond08-Regular.ttf');
+}
+body {
+	font-family: EBGaramond;
+	font-size: 16px;
+	line-height: 1.2;
+}
+a {
+	color: darkblue;
+}