Solved

Bad words filter

Posted on 2003-10-21
19
225 Views
Last Modified: 2010-03-04
The script receives datas from another script and prints out.
I want to reject all the information sent to this script when it contains bad words.

The script begins with;

use strict;
use CGI qw(:standart);
use Fcntl qw(:DEFAULT);
use POSIX qw(strftime);

my $q = new CGI;


print "Content-Type: text/html\n\n";

#read input parameters
my $username    = $q->param("username");
my $firstname     = $q->param("firstname");
my $telephone   = $q->param("telephone");
my $zipcode     = $q->param("zipcode");
my $areacode     = $q->param("areacode");
my $country     = $q->param("country");
my $street     = $q->param("street");
0
Comment
Question by:tilmes
  • 10
  • 9
19 Comments
 
LVL 5

Expert Comment

by:fantasy1001
ID: 9596732
Example:
$input = $username . $firstname . $telephone . $zipcode . $areacode . $country . $street;
foreach (@badword){
   if($input =~ /$_/){
      --- ignore your script because bad words found
   }
}
0
 
LVL 5

Expert Comment

by:fantasy1001
ID: 9596738
should be more specified:

if $input =~ /\b$_\b/i
0
 

Author Comment

by:tilmes
ID: 9596825
Where can i write those bad words (@badword) in this code?
(e.g. sucks, advertisement,....)
0
 
LVL 5

Expert Comment

by:fantasy1001
ID: 9596833
Yes, for example:

@bad_words = ("aaaa","bbb","ccccccc","dddddd","eeeee","ffff");
0
 

Author Comment

by:tilmes
ID: 9596888
Hello
i get an error 500 with this code

$input = $username, $firstname, $telephone, $zipcode, $areacode, $country,
@badword = ("Networkmarketing", "Nebenjob");
foreach (@badword){
   if($input =~ /$_/){
      --- ignore your script because bad words found
   }
}
0
 
LVL 5

Expert Comment

by:fantasy1001
ID: 9596906
Put code after this
#read input parameters
my $username    = $q->param("username");
my $firstname     = $q->param("firstname");
my $telephone   = $q->param("telephone");
my $zipcode     = $q->param("zipcode");
my $areacode     = $q->param("areacode");
my $country     = $q->param("country");
my $street     = $q->param("street");

$input = $username . $firstname . $telephone . $zipcode . $areacode . $country;   #ATTENTION
@badword = ("Networkmarketing", "Nebenjob");
foreach (@badword){
   if($input =~ /\b$_\b/i){
      ## Do what ever you want if the bad word was found
   }
}

notice that the ATTENTION part is join by "." not comma
0
 
LVL 5

Expert Comment

by:fantasy1001
ID: 9596923
Also, remember to declare my $input, @badword first.
0
 

Author Comment

by:tilmes
ID: 9596944
thnaks for the change.
It gets still same error, i copyed code below.


$input = $username. $firstname. $telephone. $zipcode. $areacode. $country;
@badword = ("Networkmarketing", "Internetdienste", "MLM");
foreach (@badword){
   if($input =~ /\b$_\b/i){
      ## Do what ever you want if the bad word was found
   }
}
0
 
LVL 5

Expert Comment

by:fantasy1001
ID: 9596974
Can you please specify what is the error after the "error 500". Normally this is related to the web system, and not the script. Thanks & Cheers
0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 

Author Comment

by:tilmes
ID: 9596998
If not bothers you,
could you please complete this code? This code do not have an error.
I don't know if this works or what should be in # put your code to implement rejection here

my @badwordlist = qw(Networkmarketing, Nebenjob, pc-job, vitasoma-wellness, MLM);
my $badpattern = join '|', @badwordlist;

my $checkparm = join ' ', $username, $firstname, $telephone, $zipcode, $areacode, $country;

if( $checkparm =~ /$badpattern/ ) {
   # put your code to implement rejection here
 } else {
   # put code to continue processing here
 }
0
 
LVL 5

Expert Comment

by:fantasy1001
ID: 9597022
the $badpattern contain all the bad words linked together already. So your code pretty much do nothing at all.
Ok, let me clarify something first:

What do you want to do if there is bad words in whether one of the following: $username, $firstname, $telephone, $zipcode, $areacode, $country?

Do you want to just set the field which containing bad word to empty? for example, if 'stupid' was found in the $username, just set it to ""

0
 

Author Comment

by:tilmes
ID: 9597052
Hello fantasy1001,

thanks for your kindly info.
if there found bad words in whether one of the following: $username, $firstname, $telephone, $zipcode, $areacode, $country
should reject all the datas from which was sent.
I don't want to print out at all.
It is not a good idea leave the $username, just set it to ""
If it is found, skip just all the datas.
0
 
LVL 5

Expert Comment

by:fantasy1001
ID: 9597301
I will stick to the code I gave you in the morning:

my $input, $badfound;
my @badword;

$input = $username. $firstname. $telephone. $zipcode. $areacode. $country;
@badword = ("Networkmarketing", "Internetdienste", "MLM");
foreach (@badword){
   if($input =~ /\b$_\b/i){
      $badfound = 1;
   }
}

# if you are updating the database/ or processing it
if (not $badfound) {
   # put all your database coding below here
   #--------------------
}
0
 

Author Comment

by:tilmes
ID: 9597350
It still get an error which is related to the web system, i guess. Thanks
If i test with a syntay checker, it doesn't get any error, but in server does not work.
0
 

Author Comment

by:tilmes
ID: 9597362
i changed like this;

#!/usr/bin/perl
#
use strict;
use CGI qw(:standart);
use Fcntl qw(:DEFAULT);

my $q = new CGI;

print "Content-Type: text/html\n\n";

#read input parameters
my $username    = $q->param("username");
my $firstname      = $q->param("firstname");
my $telephone   = $q->param("telephone");
my $zipcode      = $q->param("zipcode");
my $areacode      = $q->param("areacode");
my $country      = $q->param("country");
my $street      = $q->param("street");
my $town      = $q->param("town");
my $email      = $q->param("email");
my $fax            = $q->param("fax");
my $link      = $q->param("link");
my $category      = $q->param("category");
my $subcategory = $q->param("subcategory");
my $adverttype  = $q->param("adverttype");
my $busitype      = $q->param("busitype");
my $advertheader= $q->param("advertheader");
my $advertbody      = $q->param("advertbody");
my $adults_only      = $q->param("adults_only");
my $advertID      = $q->param("advertID");

my $input, $badfound;
my @badword;

$input = $username. $firstname. $telephone. $zipcode. $areacode. $country;
@badword = ("Networkmarketing", "Internetdienste", "MLM");
foreach (@badword){
   if($input =~ /\b$_\b/i){
      $badfound = 1;
   }
}
# Get the current time.
my($date) = scalar(localtime());

# Append the data to a file.
open(F, ">>anzsch.txt");
print F "From $0 at $date\n";
#for $key (keys %CGI) {
#  print F "$key => $CGI{$key}\n";
#}
print F "Name: $username \n";
print F "Vorname: $firstname \n";
print F "Telefon: $telephone \n";
print F "PLZ: $zipcode \n";
print F "Vorwahl: $areacode \n";
print F "Land-Vorwahl: $country \n";
print F "Strasse: $street \n";
print F "Stadt: $town \n";
print F "Email: $email \n";
print F "Fax: $fax \n";
print F "URL: $link \n";
print F "Kategorie: $category \n";
print F "Unterkategorie: $subcategory \n";
print F "Suchen-Bieten: $adverttype \n";
print F "Privat-Gesch: $busitype \n";
print F "Anzeigenkopf: $advertheader \n";
print F "Anzeigentext: $advertbody \n";
print F "Nur für Erwachsene: $adults_only \n";
print F "ID der Anzeige: $advertID \n";
close(F);

print "<pre>\n";
receiveAdsImage($q);
print "</pre>\n";

exit;
0
 
LVL 5

Accepted Solution

by:
fantasy1001 earned 70 total points
ID: 9597415
You have to make sure your code is functioning before adding the badword part:
#!/usr/bin/perl
#
use strict;
use CGI qw(:standart);
use Fcntl qw(:DEFAULT);

my $q = new CGI;

print "Content-Type: text/html\n\n";

#read input parameters
my $username    = $q->param("username");
my $firstname     = $q->param("firstname");
my $telephone   = $q->param("telephone");
my $zipcode     = $q->param("zipcode");
my $areacode     = $q->param("areacode");
my $country     = $q->param("country");
my $street     = $q->param("street");
my $town     = $q->param("town");
my $email     = $q->param("email");
my $fax          = $q->param("fax");
my $link     = $q->param("link");
my $category     = $q->param("category");
my $subcategory = $q->param("subcategory");
my $adverttype  = $q->param("adverttype");
my $busitype     = $q->param("busitype");
my $advertheader= $q->param("advertheader");
my $advertbody     = $q->param("advertbody");
my $adults_only     = $q->param("adults_only");
my $advertID     = $q->param("advertID");

my $input;
my @badword;

$input = $username. $firstname. $telephone. $zipcode. $areacode. $country;
@badword = ("Networkmarketing", "Internetdienste", "MLM");
foreach (@badword){
   if($input =~ /\b$_\b/i){
      exit;   # exit here if you want to stop the process --- ADD
   }
}

# Get the current time.
my($date) = scalar(localtime());

# Append the data to a file.
open(F, ">>anzsch.txt");
print F "From $0 at $date\n";
#for $key (keys %CGI) {
#  print F "$key => $CGI{$key}\n";
#}
print F "Name: $username \n";
print F "Vorname: $firstname \n";
print F "Telefon: $telephone \n";
print F "PLZ: $zipcode \n";
print F "Vorwahl: $areacode \n";
print F "Land-Vorwahl: $country \n";
print F "Strasse: $street \n";
print F "Stadt: $town \n";
print F "Email: $email \n";
print F "Fax: $fax \n";
print F "URL: $link \n";
print F "Kategorie: $category \n";
print F "Unterkategorie: $subcategory \n";
print F "Suchen-Bieten: $adverttype \n";
print F "Privat-Gesch: $busitype \n";
print F "Anzeigenkopf: $advertheader \n";
print F "Anzeigentext: $advertbody \n";
print F "Nur für Erwachsene: $adults_only \n";
print F "ID der Anzeige: $advertID \n";
close(F);

print "<pre>\n";
receiveAdsImage($q);
print "</pre>\n";
0
 

Author Comment

by:tilmes
ID: 9597458
Now it puts no error.
After become new datas from another script, i can see if this bad word filters.
Thanks :)
0
 

Author Comment

by:tilmes
ID: 9597655
Hello fantasy1001
the script got a new data which contains one of word in the list.
and it has printed out.
Could you please look at the script?
0
 
LVL 5

Expert Comment

by:fantasy1001
ID: 9597707
Sorry, I know the problem

change
$input = $username. $firstname. $telephone. $zipcode. $areacode. $country;

to

$input = join(" ", $username, $firstname, $telephone, $zipcode, $areacode, $country);

do you want to filter out 'sex' in 'nosexhere'

if then change
if($input =~ /\b$_\b/i){
to
if($input =~ /$_/i){
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Many time we need to work with multiple files all together. If its windows system then we can use some GUI based editor to accomplish our task. But what if you are on putty or have only CLI(Command Line Interface) as an option to  edit your files. I…
A year or so back I was asked to have a play with MongoDB; within half an hour I had downloaded (http://www.mongodb.org/downloads),  installed and started the daemon, and had a console window open. After an hour or two of playing at the command …
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now