Form Data Filtering
This is a discussion on Form Data Filtering within the PHP General forums, part of the PHP Programming Forums category; Hello, I 'm checking form data for profanity but it only works if the $_POST['var'] is lowercase I was ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
06-15-2007
|
|||
|
|||
Form Data Filtering
Hello,
I 'm checking form data for profanity but it only works if the $_POST['var'] is lowercase I was wondering if anyone knew how I could catch the profanity no matter what case it was. No matter if it was BAD or bad or mixed like BaD? Instead of the long way: if ($value == "fuck" || $value == "shit" || $value == "whore" || $value == "shit" || $value == "bullshit" || $value == "ass" || $value == "asshole" || $value == "piss" || $value == "bitch" || $value == "bastard" || $value == "motherfucker" || $value == "pussy" || $value == "cunt" || $value == "slut" || $value == "hell" || $value == "goddamn" || $value == "skank" || $value == "Tit" || $value == "dick" || $value == "hoe") { $profanity[$field] = "bad"; } Any suggestions welcome. 
|
|
06-15-2007
|
|||
|
|||
|
Re: [PHP] Form Data Filtering
kvigor wrote:
> Hello, > > I 'm checking form data for profanity but it only works if the > $_POST['var'] is lowercase I was wondering if anyone knew how I could catch > the profanity no matter what case it was. No matter if it was BAD or bad or > mixed like BaD? Use strcasecmp() or perhaps better, stripos(). -- Richard Heyes 0844 801 1072 http://www.websupportsolutions.co.uk Knowledge Base and HelpDesk software
|
|
06-15-2007
|
|||
|
|||
|
Re: Form Data Filtering
kvigor wrote:
> Hello, > > I 'm checking form data for profanity but it only works if the > $_POST['var'] is lowercase I was wondering if anyone knew how I could catch > the profanity no matter what case it was. No matter if it was BAD or bad or > mixed like BaD? > > Instead of the long way: > > if ($value == "fuck" || $value == "shit" || $value == "whore" || $value == > "shit" || $value == "bullshit" || $value == "ass" || $value == "asshole" || > $value == "piss" || $value == "bitch" || $value == "bastard" || $value == > "motherfucker" || $value == "pussy" || $value == "cunt" || $value == "slut" > || $value == "hell" || $value == "goddamn" || $value == "skank" || $value == > "Tit" || $value == "dick" || $value == "hoe") > { > $profanity[$field] = "bad"; > } > > Any suggestions welcome. I find it hilarious how you've just posted as many dodgy words as you could to the list :) But try... $bad_words = array("word1", "word2", "word3"); if(in_array(strtolower($_POST['val']), $bad_words)){ $_POST['val'] = "bad"; } Darren
|
|
06-15-2007
|
|||
|
|||
|
Re: Form Data Filtering
""kvigor"" <k3cheese@insightbb.com> schrieb im Newsbeitrag news:F1.A3.42977.060A2764@pb1.pair.com... > Hello, > > I 'm checking form data for profanity but it only works if the > $_POST['var'] is lowercase I was wondering if anyone knew how I could > catch the profanity no matter what case it was. No matter if it was BAD or > bad or mixed like BaD? > > Instead of the long way: > > if ($value == "fuck" || $value == "shit" || $value == "whore" || $value == > "shit" || $value == "bullshit" || $value == "ass" || $value == "asshole" > || $value == "piss" || $value == "bitch" || $value == "bastard" || $value > == "motherfucker" || $value == "pussy" || $value == "cunt" || $value == > "slut" || $value == "hell" || $value == "goddamn" || $value == "skank" || > $value == "Tit" || $value == "dick" || $value == "hoe") > { > $profanity[$field] = "bad"; > } > > Any suggestions welcome. Hi Have you tried eregi()? That might work for you. Cheers Chris
|
|
06-15-2007
|
|||
|
|||
|
Re: [PHP] Form Data Filtering
kvigor wrote:
> I 'm checking form data for profanity but it only works if the > $_POST['var'] is lowercase I was wondering if anyone knew how I could catch > the profanity no matter what case it was. No matter if it was BAD or bad or > mixed like BaD? > > Instead of the long way: > > if ($value == "fuck" || $value == "shit" || $value == "whore" || $value == > "shit" || $value == "bullshit" || $value == "ass" || $value == "asshole" || > $value == "piss" || $value == "bitch" || $value == "bastard" || $value == > "motherfucker" || $value == "pussy" || $value == "cunt" || $value == "slut" > || $value == "hell" || $value == "goddamn" || $value == "skank" || $value == > "Tit" || $value == "dick" || $value == "hoe") > { > $profanity[$field] = "bad"; > } Now that's some bad code cheesy! > Any suggestions welcome. Try this on for size... $badwords = array('fuck', 'shit', 'whore', etc...); if (in_array(strtolower($value), $badwords)) { $profanity[$field] = 'bad'; } -Stut
|
|
06-15-2007
|
|||
|
|||
|
Re: [PHP] Re: Form Data Filtering
> Have you tried eregi()?
You don't need the regex functions, they're slow and you should be using PCRE instead (IMO). -- Richard Heyes 0844 801 1072 http://www.websupportsolutions.co.uk Knowledge Base and HelpDesk software
|
|
06-15-2007
|
|||
|
|||
|
Re: [PHP] Re: Form Data Filtering
On 6/15/07, Chris <christian@chftp.com> wrote:
> > ""kvigor"" <k3cheese@insightbb.com> schrieb im Newsbeitrag > news:F1.A3.42977.060A2764@pb1.pair.com... > > Hello, > > > > I 'm checking form data for profanity but it only works if the > > $_POST['var'] is lowercase I was wondering if anyone knew how I could > > catch the profanity no matter what case it was. No matter if it was BAD or > > bad or mixed like BaD? > > > > Instead of the long way: > > > > if ($value == "fuck" || $value == "shit" || $value == "whore" || $value == > > "shit" || $value == "bullshit" || $value == "ass" || $value == "asshole" > > || $value == "piss" || $value == "bitch" || $value == "bastard" || $value > > == "motherfucker" || $value == "pussy" || $value == "cunt" || $value == > > "slut" || $value == "hell" || $value == "goddamn" || $value == "skank" || > > $value == "Tit" || $value == "dick" || $value == "hoe") > > { > > $profanity[$field] = "bad"; > > } > > > > Any suggestions welcome. > > > > Hi > > Have you tried eregi()? > > That might work for you. > > Cheers > > Chris > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > Try this. It uses str_ireplace();, which - as of PHP 4.3.3 - can accept arrays. It will also replace parts of words, so if you have shit, ShIt, BULLShIT, ShitFuckCocksuckerPissbag, et cetera (this is fun!), it will replace the offending part of the words with asterisks. HOWEVER, keep in mind that legitimate words such as pass, cockroach, peacock, or saltwater will also be filtered, so you may want to make some adjustments or concessions. As Richard always says, "your mileage may vary." <? $myarr = array('fuck','shit','piss'); $str = "This is fUckInG BULLShIT!"; $str = str_ireplace($myarr,'****',$str); echo $str."\n"; ?> -- Daniel P. Brown [office] (570-) 587-7080 Ext. 272 [mobile] (570-) 766-8107
|
|
06-15-2007
|
|||
|
|||
|
Re: [PHP] Re: Form Data Filtering
I use something like this:
$_SESSION['profane'] = false; foreach ($_POST as $value) { foreach ($swearbox as $profanity) { if (preg_match("/$profanity/i", $value)) { $errors = true; $_SESSION['profane'] = true; mail(TECHEMAIL, 'profane content attack attempt on DJST', "Word: $value From: {$_SERVER['REMOTE_ADDRESS']} Time: " . date('d F Y G:i:s', time()-TIMEDIFF), 'whoops@dontjustsitthere.co.uk'); } } } // second pass - words that are offensive in isolation but could be part of acceptable words above foreach ($_POST as $value) { foreach ($refined_swearbox as $profanity) { if (preg_match("/\b$profanity\b/i", $value)) { $errors = true; $_SESSION['profane'] = true; mail(TECHEMAIL, 'profane content attack attempt on DJST', "Word: $value From: {$_SERVER['REMOTE_ADDRESS']} Time: " . date('d F Y G:i:s', time()-TIMEDIFF), 'whoops@dontjustsitthere.co.uk'); } } }
|
|
06-15-2007
|
|||
|
|||
|
Re: [PHP] Re: Form Data Filtering
2007. 06. 15, pĂ©ntek keltezĂ©ssel 15.48-kor Dave Goodchild ezt Ă*rta:
> I use something like this: > > $_SESSION['profane'] = false; > > foreach ($_POST as $value) { > foreach ($swearbox as $profanity) { > if (preg_match("/$profanity/i", $value)) { > $errors = true; > $_SESSION['profane'] = true; > mail(TECHEMAIL, 'profane content attack attempt on DJST', "Word: > $value From: {$_SERVER['REMOTE_ADDRESS']} Time: " . date('d F Y G:i:s', > time()-TIMEDIFF), 'whoops@dontjustsitthere.co.uk'); > } > } > } > > // second pass - words that are offensive in isolation but could be part of > acceptable words above > > foreach ($_POST as $value) { > foreach ($refined_swearbox as $profanity) { > if (preg_match("/\b$profanity\b/i", $value)) { > $errors = true; > $_SESSION['profane'] = true; > mail(TECHEMAIL, 'profane content attack attempt on DJST', "Word: > $value From: {$_SERVER['REMOTE_ADDRESS']} Time: " . date('d F Y G:i:s', > time()-TIMEDIFF), 'whoops@dontjustsitthere.co.uk'); > } > } > } and you get 1000 emails if I paste 'fuck' 1000 times into your comment box? ;) greets Zoltán Németh
|
|
06-15-2007
|
|||
|
|||
|
Re: [PHP] Re: Form Data Filtering
No, because extra processing is done on the other side - now
fuckfuckfuckfuckfuckfuckfuckfuckfuckfuckfuckfuckfu ckfuckfuckfuckfuckfuckfuckfuckfuckfuckfuckfuckfuck fuckfuckfuckfuckfuckfuckfuckfuckfuckfuckfuckfuckfu ckfuckfuckfuckfuckfuckfuckfuckfuckfuckfuckfuckfuck fuckfuckfuckfuckfuckfuckfuckfuckfuckfuckfuckfuckfu ckfuckfuckfuckfuckfuckfuckfuckfuckfuckfuckfuckfuck fuckfuckfuckfuckfuckfuckfuckfuckfuckfuckfuckfuckfu ckfuckfuckfuckfuckfuckfuckfuckfuckfuckfuckfuckfuck fuck off
|
 |
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
All times are GMT +1. The time now is 02:24 PM.
