blocking numbers in php shoutbox

Is it possible to block numbers in php? I have little shoutbox form and now I need to blocking numbers (example phonenumber etc) so uder can't insert anything harmful or unsuitable info in my shoutbox?
It has to inset ip number to database but I want to isolate numbers from message.
Here is my action code:

<?php
require_once("config.php");
$name = $_POST['name'];
$message = $_POST['message'];
$ip = $_POST['ip'];
$mlen = strlen($message);
$maxlength = 150;
$date = date("M jS Y");
if ($_POST['submit'])  {
if ($name == "") { 
echo "<font color='#FF0000'><strong>error: username be missing</strong></font>"; 
}
else if ($message == "") { 
echo "<strong>Error: No message to be sent.</strong>"; 
}
else if ($mlen > $maxlength) { 
echo "<font color='#FF0000'><strong>error: message be missing.</strong></font>"; 
}
else {
$db = mysql_connect($dbhost,$dbuser,$dbpass); 
mysql_select_db($dbname) or die(mysql_error());
mysql_query("INSERT INTO shoutbox(name,message,date,ip) VALUES('$name','$message','$date','$ip')"); 
}
}
?>

Open in new window

tikkanenAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

tikkanenAuthor Commented:
I just increase the points value, I need also to isolate email addresses from message? Is that possible same time?
0
ncooCommented:
All numbers will be replaced with nothing.
<?php
require_once("config.php");
$name = $_POST['name'];
$message = $_POST['message'];
$message = preg_replace('/([0-9]+)/is','',$message);
$ip = $_POST['ip'];
$mlen = strlen($message);
$maxlength = 150;
$date = date("M jS Y");
if ($_POST['submit'])  {
if ($name == "") { 
echo "<font color='#FF0000'><strong>error: username be missing</strong></font>"; 
}
else if ($message == "") { 
echo "<strong>Error: No message to be sent.</strong>"; 
}
else if ($mlen > $maxlength) { 
echo "<font color='#FF0000'><strong>error: message be missing.</strong></font>"; 
}
else {
$db = mysql_connect($dbhost,$dbuser,$dbpass); 
mysql_select_db($dbname) or die(mysql_error());
mysql_query("INSERT INTO shoutbox(name,message,date,ip) VALUES('$name','$message','$date','$ip')"); 
}
}
?>

Open in new window

0
Ray PaseurCommented:
You might want to do this to email addresses...
<?php
 
$email_address = "Joey@MySite.com";
$redacted_email_address = str_replace('@', ' ', $email_address);
$redacted_email_address = str_replace('.', ' ', $redacted_email_address);
echo $redacted_email_address; // Joey MySite com

Open in new window

0
Fundamentals of JavaScript

Learn the fundamentals of the popular programming language JavaScript so that you can explore the realm of web development.

Ray PaseurCommented:
to block numbers you can use a REGEX to replace digits 0-9 with the number sign #
<?php 
 
$message = ereg_replace("[0-9]", "#", $message);

Open in new window

0
Ray PaseurCommented:
Actually, go with NCOO on the numbers - preg is faster than ereg.
0
tikkanenAuthor Commented:
Ray_Paseur:, that looks fine, but how that remove or convert messages whitch include email addresses. I tested that and insert email in text area ($message) but it still came in database and every user see it in shoutbox.

ncoo that works, I have to splitt point if Ray make solution in this email address problem.
0
Ray PaseurCommented:
<quote> it still came in database </quote>

tikkanen: You should put the string replacement code somewhere after receiving the input and BEFORE putting the information into the data base.  Then you will not have email addresses in the data base.

Best of luck, ~Ray
0
tikkanenAuthor Commented:
I tested ypur code but I can't get it working in right way. It has to remove email addresses from message field if somebody insert email address.
In the line $message = preg_replace('/@/is','',$message); it only remove @ sign from emai laddress

Here is what I try.
$name = $_POST['name'];
$message = $_POST['message'];
$message = preg_replace('/([0-9]+)/is','',$message);
$message = preg_replace('/@/is','',$message);
 
$ip = $_POST['ip'];
$mlen = strlen($message);
$maxlength = 150;
$date = date("M jS Y");
$email_address = "Joey@MySite.com";
$redacted_email_address = str_replace('@', ' ', $message);
$redacted_email_address = str_replace('.', ' ', $message);
if ($_POST['submit'])  {
if ($name == "") { 
echo "<font color='#FF0000'><strong>error: username be missing</strong></font>"; 
}
else if ($message == "") { 
echo "<strong>Error: No message to be sent.</strong>"; 
}
else if ($mlen > $maxlength) { 
echo "<font color='#FF0000'><strong>error: message be missing.</strong></font>"; 
}
else {
$db = mysql_connect($dbhost,$dbuser,$dbpass); 
mysql_select_db($dbname) or die(mysql_error());
mysql_query("INSERT INTO shoutbox(name,message,date,ip) VALUES('$name','$message','$date','$ip')"); 
}
}
?>

Open in new window

0
ncooCommented:
For emails as well you could use:
<?php
require_once("config.php");
$name = $_POST['name'];
$message = $_POST['message'];
$message = preg_replace('/([0-9]+)/is','',$message);
$message = preg_replace('/([^ ]+?)@([^ ]+?).([^ ]+?)/is','',$message);
$ip = $_POST['ip'];
$mlen = strlen($message);
$maxlength = 150;
$date = date("M jS Y");
if ($_POST['submit'])  {
if ($name == "") { 
echo "<font color='#FF0000'><strong>error: username be missing</strong></font>"; 
}
else if ($message == "") { 
echo "<strong>Error: No message to be sent.</strong>"; 
}
else if ($mlen > $maxlength) { 
echo "<font color='#FF0000'><strong>error: message be missing.</strong></font>"; 
}
else {
$db = mysql_connect($dbhost,$dbuser,$dbpass); 
mysql_select_db($dbname) or die(mysql_error());
mysql_query("INSERT INTO shoutbox(name,message,date,ip) VALUES('$name','$message','$date','$ip')"); 
}
}
?>

Open in new window

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
tikkanenAuthor Commented:
Thanks!! Both solutions works nice!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
PHP

From novice to tech pro — start learning today.