From d749b1a9c88e928a28bdb92fe1555cc62d455ada Mon Sep 17 00:00:00 2001
From: swag <swaggboi@slackware.uk>
Date: Tue, 13 Jun 2023 21:32:59 -0400
Subject: [PATCH] captcha for flag_remark

---
 lib/PostText/Controller/.#Thread.pm |  1 +
 lib/PostText/Controller/Remark.pm   | 30 +++++++++++++++++++----------
 lib/PostText/Controller/Thread.pm   |  2 +-
 t/remark.t                          |  7 ++++---
 t/thread.t                          |  6 ++++--
 templates/remark/flag.html.ep       | 17 ++++++++++++++++
 6 files changed, 47 insertions(+), 16 deletions(-)
 create mode 120000 lib/PostText/Controller/.#Thread.pm
 create mode 100644 templates/remark/flag.html.ep

diff --git a/lib/PostText/Controller/.#Thread.pm b/lib/PostText/Controller/.#Thread.pm
new file mode 120000
index 0000000..b567959
--- /dev/null
+++ b/lib/PostText/Controller/.#Thread.pm
@@ -0,0 +1 @@
+daniel@graymember.5691
\ No newline at end of file
diff --git a/lib/PostText/Controller/Remark.pm b/lib/PostText/Controller/Remark.pm
index 48bdb85..c640cc5 100644
--- a/lib/PostText/Controller/Remark.pm
+++ b/lib/PostText/Controller/Remark.pm
@@ -64,19 +64,29 @@ sub create($self) {
 }
 
 sub flag($self) {
-    my $remark_id    = $self->param('remark_id');
-    my $thread_id    = $self->remark->thread_id_for($remark_id);
-    my $redirect_url =
-        $self->url_for('single_thread', thread_id => $thread_id)
-            ->fragment('info')->to_abs;
+    my $remark_id = $self->param('remark_id');
+    my $v         = $self->validation;
 
+    $v->optional(captcha => 'trim')->size(4, 4)->like(qr/flag/i);
 
-    $self->remark->flag($remark_id);
-    $self->flash(
-        info => "Remark #$remark_id has been flagged for moderator. 🚩"
-        );
+    if ($v->is_valid) {
+        my $thread_id    = $self->remark->thread_id_for($remark_id);
+        my $redirect_url =
+            $self->url_for('single_thread', thread_id => $thread_id)
+                ->fragment('info')->to_abs;
 
-    $self->redirect_to($redirect_url);
+        $self->remark->flag($remark_id);
+        $self->flash(
+            info => "Remark #$remark_id has been flagged for moderator. 🚩"
+            );
+
+        return $self->redirect_to($redirect_url);
+    }
+    elsif ($v->has_error) {
+        $self->stash(status => 400)
+    }
+
+    return $self->render;
 }
 
 1;
diff --git a/lib/PostText/Controller/Thread.pm b/lib/PostText/Controller/Thread.pm
index 61b0db7..ed707b4 100644
--- a/lib/PostText/Controller/Thread.pm
+++ b/lib/PostText/Controller/Thread.pm
@@ -157,7 +157,7 @@ sub bump($self) {
         $self->stash(status => 400)
     }
 
-    $self->render;
+    return $self->render;
 }
 
 sub flag($self) {
diff --git a/t/remark.t b/t/remark.t
index cf91296..b53a999 100644
--- a/t/remark.t
+++ b/t/remark.t
@@ -48,9 +48,10 @@ subtest 'Flagging remark', sub {
         ->element_exists('a[href*="flag"]')
         ->text_like(h2 => qr/Remark #1/);
 
-    $t->get_ok('/remark/flag/1')->status_is(200)
-        ->element_exists('p[class="stash-with-info"]')
-        ->text_like(p => qr/Remark #1 has been flagged/);
+    $t->get_ok('/remark/flag/1'    )->status_is(200);
+    $t->get_ok('/remark/flag/65536')->status_is(404);
+    $t->get_ok('/remark/flag/1', form => {captcha => 'flag'})->status_is(200);
+    $t->get_ok('/remark/flag/1', form => {captcha => 'aaaa'})->status_is(400);
 };
 
 done_testing;
diff --git a/t/thread.t b/t/thread.t
index 844bc6c..0a84906 100644
--- a/t/thread.t
+++ b/t/thread.t
@@ -90,7 +90,8 @@ subtest 'Bumping thread', sub {
 
     $t->get_ok('/thread/bump/1'    )->status_is(200);
     $t->get_ok('/thread/bump/65536')->status_is(404);
-    $t->get_ok('/thread/bump/1', form => {captcha => 'bump'})->status_is(400);
+    $t->get_ok('/thread/bump/1', form => {captcha => 'bump'})->status_is(200);
+    $t->get_ok('/thread/bump/1', form => {captcha => 'aaaa'})->status_is(400);
 };
 
 subtest 'Flagging thread', sub {
@@ -104,7 +105,8 @@ subtest 'Flagging thread', sub {
 
     $t->get_ok('/thread/flag/1'    )->status_is(200);
     $t->get_ok('/thread/flag/65536')->status_is(404);
-    $t->get_ok('/thread/flag/1', form => {captcha => 'flag'})->status_is(400);
+    $t->get_ok('/thread/flag/1', form => {captcha => 'flag'})->status_is(200);
+    $t->get_ok('/thread/flag/1', form => {captcha => 'aaaa'})->status_is(400);
 };
 
 done_testing;
diff --git a/templates/remark/flag.html.ep b/templates/remark/flag.html.ep
new file mode 100644
index 0000000..fdbd601
--- /dev/null
+++ b/templates/remark/flag.html.ep
@@ -0,0 +1,17 @@
+% layout 'default';
+% title $remark_id ? "Flag Remark #$remark_id" : '?';
+<h2 class="page-title"><%= title %></h2>
+<% if ($remark_id) { =%>
+<form class="form-body">
+  <div class="form-field">
+    <% if (my $error = validation->error('captcha')) { =%>
+    <p class="field-with-error">Must be between <%= $error->[2] %>
+      and <%= $error->[3] %> characters.</p>
+    <% } =%>
+    <%= label_for captcha => "Enter the word 'flag' to confirm:" %>
+    <%= text_field captcha => id => 'captcha' %>
+  </div>
+  <button type="submit" class="form-button">Confirm</button>
+  </fieldset>
+</form>
+<% } =%>