Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Detect a bad words in PHP

Posted on 2003-10-31
6
Medium Priority
?
835 Views
Last Modified: 2011-10-03
Hello Experts;

I'm a newbie in PHP and knows nothing about it. I have this html code that
displays a form and a button. If I press on the button it shows a message
like "No Bad Words Allowed !".

<html>
<head>
<script language="JavaScript">
<!--  Begin
function askData() {
alert ("No Bad Words Allowed !"+"Sorry . . .");  
}
// End -->
</script></head>
<body><center>
<form>
<textarea name=comments rows=10 cols=50>
</textarea><br>
<input type=button value="Submit" onClick="askData()">
</form></center>
</body>
</html>

What I would like to do is to catch a bad words on the form, before it displays a message.
and prevent it to be submitted in my mysql database.

Can anyone complete this html code above and tract down the bad words and prevent it
from going to a mysql database, thanks in advance.

This is the senario :

If a user type in a bad word like "(Edited by Computer101)" on the form and press submit there will be a
message that will display my warning message and then prevent it from going to my
mysql database.

I'm gonna add an additional 100 pts. to anyone who can complete the codes.

0
Comment
Question by:Rosewell
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 3

Assisted Solution

by:y2kwacko
y2kwacko earned 80 total points
ID: 9662604
Rosewell,

This question should really be in the JavaScript section since that is what it is.  The following code will check for two words but you can easily add more words.

Begin Code
----------------------------------------------------------------
<html>
<head>
<script language="JavaScript">
<!--  Begin
function askData() {
 var myData = document.comments.strcomment.value;
 if (myData.indexOf("(Edited by Computer101)") > 0 || myData.indexOf("(Edited by Computer101)") > 0)
 {
   alert ("No Bad Words Allowed !"+"Sorry . . .");  
 }
}
// End -->
</script></head>
<body><center>
<form name="comments">
<textarea name=strcomment rows=10 cols=50>
</textarea><br>
<input type=button value="Submit" onClick="askData()">
</form></center>
</body>
</html>
----------------------------------------------------------------
End Code



You can easily add more words by editing the following line

Begin Code
----------------------------------------------------------------
 if (myData.indexOf("(Edited by Computer101)") > 0 || myData.indexOf("(Edited by Computer101)") > 0)
----------------------------------------------------------------
End Code

To add an additional word change it to

Begin Code
----------------------------------------------------------------
 if (myData.indexOf("(Edited by Computer101)") > 0 || myData.indexOf("(Edited by Computer101)") > 0 || myData.indexOf("(Edited by Computer101)") > 0)
----------------------------------------------------------------
End Code


If you have any more questions feel free to ask.

Regards,
Kevin
0
 
LVL 6

Expert Comment

by:aolXFT
ID: 9662846
Personally, I think the thing should be handled at PHP Level, and not through HTML/JS, since turning off/circumventing JS is pretty easy.

Something like

<?php

function clean_bad_words($str){
  $bad_words = array("(Edited by Computer101)", "(Edited by Computer101)", "boss", "(Edited by Computer101)", "work", "wanker");
  foreach($bad_words as $bad_word){
    if(strpos($str, $bad_word)){
      die("We don't like bad words here, Sorry")
    }
  }
  return $str;
}

?>

Alternatively you could just filter them out with something like

<?php

function clean_bad_words($str){
$bad_words = array("(Edited by Computer101)", "(Edited by Computer101)", "boss", "(Edited by Computer101)", "work", "wanker")
return str_replace($bad_words, "{bad_lang}", $str);
}

?>
0
 
LVL 6

Accepted Solution

by:
aolXFT earned 640 total points
ID: 9662873
HTML Form:
Sample:
###############################
<html>
<head>
<title>Bad Word Filter</title>
</head>
<body><center>
<form action="form_processer.php" method="post">
<textarea name="comments" rows="10" cols="50"></textarea><br />
<input type="submit" value="Submit">
</form>
</center>
</body>
</html>
################################
I've removed the JS, and set the action, and method parameters to form_processer.php, and post respectively.

I haven't seen what script you use to add the info the the database, or your database scheme, so I'm assuming that you have a simple one-field database(unlikely - but the solution can be scaled to a more likely scheme), and I'm assuming that the PHP script simply adds the info the the db, and prints a thank-you message.

################################
<?php

function clean_bad_words($str){ // cut'n'pasted from above
  $bad_words = array("(Edited by Computer101)", "(Edited by Computer101)", "boss", "(Edited by Computer101)", "work", "wanker");
  foreach($bad_words as $bad_word){
    if(strpos($str, $bad_word)){
      die("We don't like bad words here, Sorry")
    }
  }
  return $str;
}

$mysql_conn = mysql_connect("host", "username", "password");
mysql_select_db("db_name", $mysql_conn);

$comment = mysql_escape_string( clean_bad_words($_POST['comments']) );
mysql_query("insert into comments (comment) values($comment)";

echo "Thank you very much for your Comments";

?>
#####################################

I haven't tested this btw, so it may contain typos.


0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:Rosewell
ID: 9674090
Thanks a lot guys, I'm gonna try it all and pick the best solution :)
0
 
LVL 7

Assisted Solution

by:minnirok
minnirok earned 80 total points
ID: 9680650
Your initial approach uses JavaScript; while JavaScript and other client side methods can return error messages without having to involve the server, keep in mind that JavaScript can be turned off on the client side.  You'll want to verify the correctness of data on the server to close up this workaround.  Using strpos in PHP is a good start.
0
 
LVL 6

Assisted Solution

by:aolXFT
aolXFT earned 640 total points
ID: 9682032
I just noticed a bug in my code.

in the line containing "if(strpos($str, $bad_word)){" I just remembered that that function will evaluate to boolean 0, if the bad word is at the start. Therefore putting a bad word at the very start will allow you override the check.

You can fix this by changing the line in question to

if(strpos($str, $bad_word) === false){

0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Author Note: Since this E-E article was originally written, years ago, formal testing has come into common use in the world of PHP.  PHPUnit (http://en.wikipedia.org/wiki/PHPUnit) and similar technologies have enjoyed wide adoption, making it possib…
These days socially coordinated efforts have turned into a critical requirement for enterprises.
The viewer will learn how to dynamically set the form action using jQuery.
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question