存在属性时重定向？ [英] Redirect when attribute is present?

问题描述

要创建蜜罐字段，我在 User 模型中添加了一个虚拟属性，如果填写该属性，会将用户返回到根页面：

To create Honey pots fields I added to my User model a virtual attribute that if filled in will send the user back to the root page:

class User < ActiveRecord::Base
  attr_accessible :email, :password, :remember_me, :username, :fake_field
  attr_accessor :fake_field
  devise :database_authenticatable, :registerable............
  before_create :setup_default_role_for_new_users

  ROLES = %w[admin default banned]

  def self.fake_field(string)
  end

  private

  def setup_default_role_for_new_users
    if self.fake_field.present?
        redirect_to root_url
    end
    if self.role.blank?
      self.role = "default"
    end
  end
end

该表单可用于注册，但填写 fake_field 时，我得到：

The form works for signing up but when filling in the fake_field I get :

undefined local variable or method `root_url' for #<User:0x5a06618>

这样可以吗？这不会为该机器人渲染404吗？

Is this ok? Wouldn't this render a 404 for the bot?

理想情况下，我想让机器人进入404错误页面。

Ideally I would want to the bots to land the 404 error page.

推荐答案

我同意MasterBlaster，这是控制器的任务。您的模型中也不需要 fake_field 属性。

I agree with MasterBlaster, this is a task for a controller. You also don't need a fake_field attribute in your model.

如果要在蜜罐上创建蜜罐表单，只需添加

If you want to create a honeypot on your form, just add

<％= text_field_tag：email_confirmation，：style => display：none％>

该表单。

然后将其添加到您要检查机器人是否试图输入的控制器方法中。

Then add this in your controller's method where you want to check if a bot is trying to enter:

class UsersController < ApplicationController

    def create
      render :status => 200 and return unless params[:email_confirmation].blank?
      # (your code)
      # ...        
   end

end

我还建议您将蜜罐字段重命名为更聪明的名称（例如，电子邮件确认），因为机器人倾向于在查找假字段时非常聪明。

I also kindly suggest you to rename your honeypot field to something more clever ("email confirmation" for instance) since bots tend to be quite clever on finding "fake" fields.

编辑

您也不需要通知机器人其操作未成功，不需要礼貌。用一个很好的 200（确定）进行响应。我已经相应更新了我的帖子。

You also don't need to inform a bot that his action was unsuccessful, there's no need to be polite. Respond with a nice 200 (OK). I've updated my post accordingly.

这篇关于存在属性时重定向？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！