Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Detect a bad words in PHP

Posted on 2003-10-31
6
Medium Priority
?
842 Views
Last Modified: 2011-10-03
Hello Experts;

I'm a newbie in PHP and knows nothing about it. I have this html code that
displays a form and a button. If I press on the button it shows a message
like "No Bad Words Allowed !".

<html>
<head>
<script language="JavaScript">
<!--  Begin
function askData() {
alert ("No Bad Words Allowed !"+"Sorry . . .");  
}
// End -->
</script></head>
<body><center>
<form>
<textarea name=comments rows=10 cols=50>
</textarea><br>
<input type=button value="Submit" onClick="askData()">
</form></center>
</body>
</html>

What I would like to do is to catch a bad words on the form, before it displays a message.
and prevent it to be submitted in my mysql database.

Can anyone complete this html code above and tract down the bad words and prevent it
from going to a mysql database, thanks in advance.

This is the senario :

If a user type in a bad word like "(Edited by Computer101)" on the form and press submit there will be a
message that will display my warning message and then prevent it from going to my
mysql database.

I'm gonna add an additional 100 pts. to anyone who can complete the codes.

0
Comment
Question by:Rosewell
6 Comments
 
LVL 3

Assisted Solution

by:y2kwacko
y2kwacko earned 80 total points
ID: 9662604
Rosewell,

This question should really be in the JavaScript section since that is what it is.  The following code will check for two words but you can easily add more words.

Begin Code
----------------------------------------------------------------
<html>
<head>
<script language="JavaScript">
<!--  Begin
function askData() {
 var myData = document.comments.strcomment.value;
 if (myData.indexOf("(Edited by Computer101)") > 0 || myData.indexOf("(Edited by Computer101)") > 0)
 {
   alert ("No Bad Words Allowed !"+"Sorry . . .");  
 }
}
// End -->
</script></head>
<body><center>
<form name="comments">
<textarea name=strcomment rows=10 cols=50>
</textarea><br>
<input type=button value="Submit" onClick="askData()">
</form></center>
</body>
</html>
----------------------------------------------------------------
End Code



You can easily add more words by editing the following line

Begin Code
----------------------------------------------------------------
 if (myData.indexOf("(Edited by Computer101)") > 0 || myData.indexOf("(Edited by Computer101)") > 0)
----------------------------------------------------------------
End Code

To add an additional word change it to

Begin Code
----------------------------------------------------------------
 if (myData.indexOf("(Edited by Computer101)") > 0 || myData.indexOf("(Edited by Computer101)") > 0 || myData.indexOf("(Edited by Computer101)") > 0)
----------------------------------------------------------------
End Code


If you have any more questions feel free to ask.

Regards,
Kevin
0
 
LVL 6

Expert Comment

by:aolXFT
ID: 9662846
Personally, I think the thing should be handled at PHP Level, and not through HTML/JS, since turning off/circumventing JS is pretty easy.

Something like

<?php

function clean_bad_words($str){
  $bad_words = array("(Edited by Computer101)", "(Edited by Computer101)", "boss", "(Edited by Computer101)", "work", "wanker");
  foreach($bad_words as $bad_word){
    if(strpos($str, $bad_word)){
      die("We don't like bad words here, Sorry")
    }
  }
  return $str;
}

?>

Alternatively you could just filter them out with something like

<?php

function clean_bad_words($str){
$bad_words = array("(Edited by Computer101)", "(Edited by Computer101)", "boss", "(Edited by Computer101)", "work", "wanker")
return str_replace($bad_words, "{bad_lang}", $str);
}

?>
0
 
LVL 6

Accepted Solution

by:
aolXFT earned 640 total points
ID: 9662873
HTML Form:
Sample:
###############################
<html>
<head>
<title>Bad Word Filter</title>
</head>
<body><center>
<form action="form_processer.php" method="post">
<textarea name="comments" rows="10" cols="50"></textarea><br />
<input type="submit" value="Submit">
</form>
</center>
</body>
</html>
################################
I've removed the JS, and set the action, and method parameters to form_processer.php, and post respectively.

I haven't seen what script you use to add the info the the database, or your database scheme, so I'm assuming that you have a simple one-field database(unlikely - but the solution can be scaled to a more likely scheme), and I'm assuming that the PHP script simply adds the info the the db, and prints a thank-you message.

################################
<?php

function clean_bad_words($str){ // cut'n'pasted from above
  $bad_words = array("(Edited by Computer101)", "(Edited by Computer101)", "boss", "(Edited by Computer101)", "work", "wanker");
  foreach($bad_words as $bad_word){
    if(strpos($str, $bad_word)){
      die("We don't like bad words here, Sorry")
    }
  }
  return $str;
}

$mysql_conn = mysql_connect("host", "username", "password");
mysql_select_db("db_name", $mysql_conn);

$comment = mysql_escape_string( clean_bad_words($_POST['comments']) );
mysql_query("insert into comments (comment) values($comment)";

echo "Thank you very much for your Comments";

?>
#####################################

I haven't tested this btw, so it may contain typos.


0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 

Author Comment

by:Rosewell
ID: 9674090
Thanks a lot guys, I'm gonna try it all and pick the best solution :)
0
 
LVL 7

Assisted Solution

by:minnirok
minnirok earned 80 total points
ID: 9680650
Your initial approach uses JavaScript; while JavaScript and other client side methods can return error messages without having to involve the server, keep in mind that JavaScript can be turned off on the client side.  You'll want to verify the correctness of data on the server to close up this workaround.  Using strpos in PHP is a good start.
0
 
LVL 6

Assisted Solution

by:aolXFT
aolXFT earned 640 total points
ID: 9682032
I just noticed a bug in my code.

in the line containing "if(strpos($str, $bad_word)){" I just remembered that that function will evaluate to boolean 0, if the bad word is at the start. Therefore putting a bad word at the very start will allow you override the check.

You can fix this by changing the line in question to

if(strpos($str, $bad_word) === false){

0

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I imagine that there are some, like me, who require a way of getting currency exchange rates for implementation in web project from time to time, so I thought I would share a solution that I have developed for this purpose. It turns out that Yaho…
Since pre-biblical times, humans have sought ways to keep secrets, and share the secrets selectively.  This article explores the ways PHP can be used to hide and encrypt information.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.
Suggested Courses

885 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question