A small stupid thing, can someone include it in a pull request? It is so small and easy you can just add it to an existing pull request.
You can reduce server load AND reduce the effectiveness of ddos attacks by making every form input field except name "required". On top.html, put "required" in every field besides name. For example---
If a user forgets to put in the captcha- there will be a dialog box that pops up and tells the person that they forgot captcha. Same for post body, file, subject. Of course, making NAME required prevents people from using the default "anonymous" function, so the NAME field should probably not be marked as "required".
How does this help with ddos attacks? Say someone had half a million computers, and they used bots to repeatedly post at the
same time - and what if they left the "captcha" field empty on purpose. THis could strain the captcha check part of the code- as the server would be repeatedly sending the page that says you need captcha filled out. With the "Required" input, the server should never have to experience this heavy server load, because each browser does the work and checks for captcha before the submit button can even be pressed. So, in general, it is a good idea to simply mark the input fields in top.html as "required"- and note that it also prevents a poster from having to go back to the form input and try to repost. It is simply more efficient and makes less server load- less server requests- less work for the server.
Lastly, remember that in top.html there are 2 forms shown, one for reg posting and one for replies, so you have to add the "required" to the input tags in both areas. That my first contribution to the code, by the way :)
A small stupid thing, can someone include it in a pull request? It is so small and easy you can just add it to an existing pull request.
You can reduce server load AND reduce the effectiveness of ddos attacks by making every form input field except name "required". On top.html, put "required" in every field besides name. For example---
<input type="text" id="comment" name="comment" required>If a user forgets to put in the captcha- there will be a dialog box that pops up and tells the person that they forgot captcha. Same for post body, file, subject. Of course, making NAME required prevents people from using the default "anonymous" function, so the NAME field should probably not be marked as "required".
How does this help with ddos attacks? Say someone had half a million computers, and they used bots to repeatedly post at the same time - and what if they left the "captcha" field empty on purpose. THis could strain the captcha check part of the code- as the server would be repeatedly sending the page that says you need captcha filled out. With the "Required" input, the server should never have to experience this heavy server load, because each browser does the work and checks for captcha before the submit button can even be pressed. So, in general, it is a good idea to simply mark the input fields in top.html as "required"- and note that it also prevents a poster from having to go back to the form input and try to repost. It is simply more efficient and makes less server load- less server requests- less work for the server.
Lastly, remember that in top.html there are 2 forms shown, one for reg posting and one for replies, so you have to add the "required" to the input tags in both areas. That my first contribution to the code, by the way :)