Check a string for bad words using function and if/else

Posted on 2011-05-01
Last Modified: 2012-05-11
Hi PHP Experts,

I am an ASP guy not PHP and need some PHP help: I want to check a posted field from a form for bad words before an email is sent. Can anyone show me a function (i need code as I'm quite unfamiliar with PHP) where I can have a list of bad words like 'poker,casino,viagra,seo' that I can add to, that's checked and if no matches, sends the email... so I need an IF and an ELSE and a function. I would like this in pure php, no javascript please.

N.B: I must to do it this way, not use a capcha thing because the client insists :-S


/ Tobzzz
Question by:tobzzz
    LVL 6

    Accepted Solution

    Take a look at this:
    // Email text to look in. I made it uppercase, so 
    //the original case does not matter.
    $string = strtoupper('Some words for testing');
    // Words to check for, seperate by comma, and i upper case
    if (strpos($string, 'VIAGRA,GAMBLE') !== false )
    	// What to do is bad word is found
        echo 'Email is NOT send, bad word found';
    } else {
    	//What to do if no bad word is found
    	echo 'Email is send!';

    Open in new window

    LVL 107

    Assisted Solution

    by:Ray Paseur
    Normally I would say the client is always right, but in this case your client is dead wrong.  There is no practical way to make a list of all the "dirty words" because the creators of dirty words can think of more versions of dirty words than you can predict.  Consider poker,casino,viagra,seo and you will find that you have to deal with permutations including P0KER,CAS1NO,VIIAGRA,SE0, etc...  In public forums such as the customer reviews sections of e-commerce web sites the current state-of-the-art solution is a "report offensive content" button.  In other words, rather than try to filter the content programmatically, the site accepts input signals from the audience and notifies the editors if a review is required.  Some sites require editorial review before any content is presented (I do this in a church web site).

    So I would use the CAPTCHA because at least then you have some hope of getting human input.  If you are interested in programming around the CAPTCHA, you have a lot of work to do and your chances of perfect filtering are almost nil - something offensive is sure to get through.  This is the general design pattern.

    Make your list of words like poker,casino,viagra,seo in an array.  Using your input string, translate the numbers and letters as follows (you may need a little more than this, but these character replacements have been spotted many times and they are certain to be used by the spambots)...

    Use trim() and preg_replace() to remove all excess whitespace from the input string
    Use str_replace() to translate all lower-case "L" to upper case "I"
    Use str_replace() to translate all numeric "0" to upper case "O"
    Use str_replace() to translate all numeric "1" to upper case "I"
    Use str_replace() to translate all numeric "3" to upper case "E"
    Use str_replace() to translate all numeric "5" to upper case "S"
    use strtoupper() to make all the "words" thus translated into upper case, then explode the input string into an array of words
    Use soundex() and metaphone() to generate the codes for each word in the input string
    Compare these to the soundex() and metaphone() values of the offensive words
    If you get a match, flag the message for manual intervention.

    Note that things like P E N I S will still get through, and you may want some additional filtering to catch stuff like that.  I doubt if you will get a programmer to write a working function for this over a 250-point question at EE, but the good news is that you can find all of these built-in functions documented on the web site, so you can set about the task of writing your own function to extend PHP.  Example or a built-in function documentation:

    If you have questions about that, please post back here at EE and we can try to help.  Best of luck with your project, ~Ray
    LVL 11

    Author Closing Comment

    Thanks very much to both of you, both equally helpful. The client is wrong but is also stubborn. They'd rather receive thousands of spam emails than risk missing a sales lead because a customer doesn't like or cannot use CAPTCHA boxes!
    LVL 107

    Expert Comment

    by:Ray Paseur
    Interesting that the customer thinks they know more than all the users of reCaptcha.

    Anyway, thanks for the points and good luck to you and to them. ~Ray

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Maximize Your Threat Intelligence Reporting

    Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

    This is a general how to create your own custom plugin system for your PHP application that you designed (or wish to extend a third party program to have plugin functionality that doesn't have it yet).  This is not how to make plugins for existing s…
    I imagine that there are some, like me, who require a way of getting currency exchange rates for implementation in web project from time to time, so I thought I would share a solution that I have developed for this purpose. It turns out that Yaho…
    The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
    This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

    758 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    8 Experts available now in Live!

    Get 1:1 Help Now