You are here

function _botcha_admin_settings in BOTCHA Spam Prevention 7

Same name and namespace in other branches
  1. 6 botcha.pages.inc \_botcha_admin_settings()

Module settings form.

1 call to _botcha_admin_settings()
botcha_admin_settings in ./botcha.pages.inc

File

./botcha.pages.inc, line 27
Implementation of botcha administration forms.

Code

function _botcha_admin_settings(&$form_state) {
  module_load_include('inc', 'botcha');
  $form = array();
  $form['botcha_secret'] = array(
    '#type' => 'textfield',
    '#title' => t('Secret key'),
    '#default_value' => variable_get('botcha_secret', botcha_generate_secret_key()),
    '#description' => t('It is recommended to enter some random text into the secret key. This setting makes your site\'s BOTCHA challenges unique and harder to break.') . '<br />' . t('If you leave this field empty and save configuration, a new random key will be generated for you.'),
  );

  // Configuration of which forms to protect, with what recipe.
  $form['botcha_form_protection'] = array(
    '#type' => 'fieldset',
    '#title' => t('Form protection'),
    '#description' => t('Select which forms to protect with BOTCHA'),
  );
  if (botcha_is_captcha_installed()) {

    // Checkbox to put BOTCHA on same forms as CAPTCHA.
    $form['botcha_form_protection']['botcha_on_captcha_forms'] = array(
      '#type' => 'checkbox',
      '#title' => t('Add BOTCHA to forms selected for CAPTCHA'),
      '#default_value' => variable_get('botcha_on_captcha_forms', TRUE),
      '#description' => t('This option makes it easy to manage BOTCHA settings on forms. When enabled, all forms that are configured to have CAPTCHA on them (<a href="@captcha">see configuration</a>) will also be selected for BOTCHA protection.!more', array(
        '@captcha' => url('admin/config/people/captcha'),
        '!more' => module_exists('captcha') ? '' : '<br />' . t('<b>Note:</b> <a href="@captcha_home">CAPTCHA module</a> is not installed. This setting will have no effect.', array(
          '@captcha_home' => 'http://drupal.org/project/captcha',
        )),
      )),
    );
  }

  // List known form_ids.
  $form['botcha_form_protection']['botcha_form_id_overview'] = array(
    '#theme' => 'botcha_admin_settings_botcha_points',
    '#tree' => TRUE,
  );
  $form['botcha_form_protection']['botcha_form_id_overview']['botcha_botcha_points'] = array();
  $botcha_type_options = _botcha_available_cookbooks();
  $result = db_select('botcha_points', 'cp')
    ->fields('cp')
    ->orderBy('form_id')
    ->execute();
  foreach ($result as $botcha_point) {
    $form['botcha_form_protection']['botcha_form_id_overview']['botcha_botcha_points'][$botcha_point->form_id] = array();
    $form['botcha_form_protection']['botcha_form_id_overview']['botcha_botcha_points'][$botcha_point->form_id]['form_id'] = array(
      '#markup' => $botcha_point->form_id,
    );

    // Select widget for BOTCHA type.
    if (isset($botcha_point->botcha_type) && $botcha_point->botcha_type) {
      $botcha_type = $botcha_point->botcha_type;
    }
    else {
      $botcha_type = 'none';
    }
    $form['botcha_form_protection']['botcha_form_id_overview']['botcha_botcha_points'][$botcha_point->form_id]['botcha_type'] = array(
      '#type' => 'select',
      '#default_value' => $botcha_type,
      '#options' => $botcha_type_options,
    );

    // Additional operations.
    $form['botcha_form_protection']['botcha_form_id_overview']['botcha_botcha_points'][$botcha_point->form_id]['operations'] = array(
      '#markup' => implode(", ", array(
        l(t('delete'), "admin/config/people/botcha/botcha_point/{$botcha_point->form_id}/delete"),
      )),
    );
  }

  // Form items for new form_id.
  $form['botcha_form_protection']['botcha_form_id_overview']['botcha_new_botcha_point'] = array();

  // Textfield for form_id.
  $form['botcha_form_protection']['botcha_form_id_overview']['botcha_new_botcha_point']['form_id'] = array(
    '#type' => 'textfield',
    '#size' => 16,
  );

  // Select widget for BOTCHA type.
  $form['botcha_form_protection']['botcha_form_id_overview']['botcha_new_botcha_point']['botcha_type'] = array(
    '#type' => 'select',
    '#default_value' => 'default',
    '#options' => $botcha_type_options,
  );

  // Field for the BOTCHA administration mode.
  $form['botcha_form_protection']['botcha_administration_mode'] = array(
    '#type' => 'checkbox',
    '#title' => t('Add BOTCHA administration links to forms'),
    '#default_value' => variable_get('botcha_administration_mode', FALSE),
    '#description' => t('This option makes it easy to manage BOTCHA settings on forms. When enabled, users with the "%adminbotcha" permission will see a fieldset with BOTCHA administration links on all forms, except on administrative pages.', array(
      '%adminbotcha' => t('administer BOTCHA settings'),
    )),
  );

  // Field for the BOTCHAs on admin pages.
  $form['botcha_form_protection']['botcha_allow_on_admin_pages'] = array(
    '#type' => 'checkbox',
    '#title' => t('Allow BOTCHAs and BOTCHA administration links on administrative pages'),
    '#default_value' => variable_get('botcha_allow_on_admin_pages', FALSE),
    '#description' => t('This option makes it possible to add BOTCHAs to forms on administrative pages. BOTCHAs are disabled by default on administrative pages (which shouldn\'t be accessible to untrusted users normally) to avoid the related overhead. In some situations, e.g. in the case of demo sites, it can be usefull to allow BOTCHAs on administrative pages.'),
  );

  // BOTCHA Statistics & Logging
  $form['botcha_statistics'] = array(
    '#type' => 'fieldset',
    '#title' => t('Statistics & logging'),
    '#description' => t('BOTCHA collects statistics of form submissions and it can report different events into the system log.'),
  );
  $dblog_link = l(t('log'), 'admin/reports/dblog');
  $form['botcha_statistics']['botcha_loglevel'] = array(
    '#type' => 'select',
    '#title' => t('Log level'),
    '#default_value' => variable_get('botcha_loglevel', 1),
    '#options' => array(
      0 => t('0: no log'),
      1 => t('1: blocked/bad submissions only'),
      2 => t('2: ... and why blocked'),
      3 => t('3: ... and good submissions'),
      4 => t('4: ... and protected forms'),
      5 => t('5: ... and extra submission details'),
      6 => t('6: ... and misc development items'),
    ),
    '#description' => t('Select what information to report into the !log.' . ' Please note!: Using BOTCHA logging setting could cause at high' . ' levels putting vulnerable data into logs. We have some basic' . ' escaping (e.g., for password field) - but any other data could' . ' be found in raw format. Please be careful with logging level' . ' setting!', array(
      '!log' => $dblog_link,
    )),
  );

  // Button for resetting the BOTCHA statistics.
  $form['botcha_statistics']['botcha_statistics_group'] = array(
    '#type' => 'item',
    '#title' => t('BOTCHA statistics'),
    '#description' => t('Reset all accumulated statistics of form submissions.'),
  );

  // Show statistic counters.
  $block_cnt = variable_get('botcha_form_blocked_counter', 0);
  $build_cnt = variable_get('botcha_form_passed_counter', 0) + $block_cnt;
  $form['botcha_statistics']['botcha_statistics_group']['botcha_statistics'] = array(
    '#type' => 'item',
    '#value' => format_plural($block_cnt, 'Already 1 blocked form submission', 'Already @count blocked form submissions') . ($build_cnt > 0 ? ' ' . t('(!percent% of total !build_cnt processed)', array(
      '!percent' => sprintf("%0.3f", 100 * $block_cnt / $build_cnt),
      '!build_cnt' => $build_cnt,
    )) : ''),
  );
  $form['botcha_statistics']['botcha_statistics_group']['botcha_statistics_reset'] = array(
    '#type' => 'button',
    '#value' => t('Reset BOTCHA statistics'),
    '#submit' => array(
      'botcha_statistics_reset',
    ),
  );

  // Handle the button for resetting the BOTCHA statistics.
  // This is done here instead of in a submit handler because the button is
  // not a submitting button.
  if (isset($form_state['input']['op']) && $form_state['input']['op'] == $form['botcha_statistics']['botcha_statistics_group']['botcha_statistics_reset']['#value']) {
    variable_set('botcha_form_passed_counter', 0);
    variable_set('botcha_form_blocked_counter', 0);
    drupal_set_message(t('BOTCHA statistics have been reset.'));
  }
  return $form;
}