Check a string for bad words using function and if/else

Hi PHP Experts,

I am an ASP guy not PHP and need some PHP help: I want to check a posted field from a form for bad words before an email is sent. Can anyone show me a function (i need code as I'm quite unfamiliar with PHP) where I can have a list of bad words like 'poker,casino,viagra,seo' that I can add to, that's checked and if no matches, sends the email... so I need an IF and an ELSE and a function. I would like this in pure php, no javascript please.

N.B: I must to do it this way, not use a capcha thing because the client insists :-S


/ Tobzzz
LVL 11
Who is Participating?
Take a look at this:
// Email text to look in. I made it uppercase, so 
//the original case does not matter.
$string = strtoupper('Some words for testing');

// Words to check for, seperate by comma, and i upper case
if (strpos($string, 'VIAGRA,GAMBLE') !== false )
	// What to do is bad word is found
    echo 'Email is NOT send, bad word found';
} else {
	//What to do if no bad word is found
	echo 'Email is send!';


Open in new window

Ray PaseurCommented:
Normally I would say the client is always right, but in this case your client is dead wrong.  There is no practical way to make a list of all the "dirty words" because the creators of dirty words can think of more versions of dirty words than you can predict.  Consider poker,casino,viagra,seo and you will find that you have to deal with permutations including P0KER,CAS1NO,VIIAGRA,SE0, etc...  In public forums such as the customer reviews sections of e-commerce web sites the current state-of-the-art solution is a "report offensive content" button.  In other words, rather than try to filter the content programmatically, the site accepts input signals from the audience and notifies the editors if a review is required.  Some sites require editorial review before any content is presented (I do this in a church web site).

So I would use the CAPTCHA because at least then you have some hope of getting human input.  If you are interested in programming around the CAPTCHA, you have a lot of work to do and your chances of perfect filtering are almost nil - something offensive is sure to get through.  This is the general design pattern.

Make your list of words like poker,casino,viagra,seo in an array.  Using your input string, translate the numbers and letters as follows (you may need a little more than this, but these character replacements have been spotted many times and they are certain to be used by the spambots)...

Use trim() and preg_replace() to remove all excess whitespace from the input string
Use str_replace() to translate all lower-case "L" to upper case "I"
Use str_replace() to translate all numeric "0" to upper case "O"
Use str_replace() to translate all numeric "1" to upper case "I"
Use str_replace() to translate all numeric "3" to upper case "E"
Use str_replace() to translate all numeric "5" to upper case "S"
use strtoupper() to make all the "words" thus translated into upper case, then explode the input string into an array of words
Use soundex() and metaphone() to generate the codes for each word in the input string
Compare these to the soundex() and metaphone() values of the offensive words
If you get a match, flag the message for manual intervention.

Note that things like P E N I S will still get through, and you may want some additional filtering to catch stuff like that.  I doubt if you will get a programmer to write a working function for this over a 250-point question at EE, but the good news is that you can find all of these built-in functions documented on the web site, so you can set about the task of writing your own function to extend PHP.  Example or a built-in function documentation:

If you have questions about that, please post back here at EE and we can try to help.  Best of luck with your project, ~Ray
tobzzzAuthor Commented:
Thanks very much to both of you, both equally helpful. The client is wrong but is also stubborn. They'd rather receive thousands of spam emails than risk missing a sales lead because a customer doesn't like or cannot use CAPTCHA boxes!
Ray PaseurCommented:
Interesting that the customer thinks they know more than all the users of reCaptcha.

Anyway, thanks for the points and good luck to you and to them. ~Ray
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.