MailyGo/forms.go

package main

import (
	"html"
	"net/http"
	"net/url"

	"github.com/microcosm-cc/bluemonday"
)

type FormValues map[string][]string

func FormHandler(w http.ResponseWriter, r *http.Request) {
	if r.Method == http.MethodGet {
		_, _ = w.Write([]byte("MailyGo works!"))
		return
	}
	if r.Method != http.MethodPost {
		w.WriteHeader(http.StatusMethodNotAllowed)
		_, _ = w.Write([]byte("The HTTP method is not allowed, make a POST request"))
		return
	}
	_ = r.ParseForm()
	sanitizedForm := sanitizeForm(&r.PostForm)
	go func() {
		if !isBot(sanitizedForm) {
			sendForm(sanitizedForm)
		}
	}()
	sendResponse(sanitizedForm, w)
	return
}

func sanitizeForm(values *url.Values) *FormValues {
	p := bluemonday.StrictPolicy()
	sanitizedForm := make(FormValues)
	for key, values := range *values {
		var sanitizedValues []string
		for _, value := range values {
			sanitizedValues = append(sanitizedValues, html.UnescapeString(p.Sanitize(value)))
		}
		sanitizedForm[html.UnescapeString(p.Sanitize(key))] = sanitizedValues
	}
	return &sanitizedForm
}

func isBot(values *FormValues) bool {
	for _, honeyPot := range appConfig.HoneyPots {
		if len((*values)[honeyPot]) > 0 {
			for _, value := range (*values)[honeyPot] {
				if value != "" {
					return true
				}
			}
		}
	}
	return checkValues(values)
}

func sendResponse(values *FormValues, w http.ResponseWriter) {
	if len((*values)["_redirectTo"]) == 1 && (*values)["_redirectTo"][0] != "" {
		w.Header().Add("Location", (*values)["_redirectTo"][0])
		w.WriteHeader(http.StatusSeeOther)
		_, _ = w.Write([]byte("Go to " + (*values)["_redirectTo"][0]))
		return
	} else {
		w.WriteHeader(http.StatusCreated)
		_, _ = w.Write([]byte("Submitted form"))
		return
	}
}