Not allow if string contains bad words??

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
noahkeller
Forum Newbie
Posts: 11
Joined: Thu Apr 26, 2007 2:07 pm

Not allow if string contains bad words??

Post by noahkeller »

I am wondering how I would go about not allowing something if it contains a certain word(s), not to simply replace the bad word with another, but to not allow the post. I know how to not allow it, but I am having trouble determining whether the string contains a bad word or not, here is my code below, any help/suggestions will be very greatly appreciated.

This is for a church website I am working on.

Code: Select all

<?PHP
include("includes/db_connect.php");
include("includes/expletive_filter.php");

if (isset($_POST["pray"]))
 {$all_is_good = "yes";
  $prayer = $_POST["prayer"];
  $prayer_name = $_POST["prayer_name"];
  if($prayer=="")
   {$message = "<font color=\"#FF0000\">Error: You must enter something in the \"Prayer\" field.</font>";
    $all_is_good = "no";}
  if($prayer_name=="")
   {$message = "<font color=\"#FF0000\">Error: You must enter something in the \"Name\" field.</font>";
    $all_is_good = "no";}
  if(contains($expletives,$prayer))
   {$message = "<font color=\"#FF0000\">Error: You are not allowed to use bad words!</font>";
    $all_is_good = "no";}	
  if($all_is_good=="yes")
   {mysql_query("INSERT INTO `prayers` (`prayer`,`name`) VALUES ('$prayer','$prayer_name')");
    $message = "<font color=\"#00CC66\">Thank you! Your prayer has been submitted and may be viewed <a href=\"view_prayers.php\">here</a></font>";}}

?>
as you can see above i use the variable $all_is_good to determine if it is okay, what I am basically trying to accomplish is something like:

Code: Select all

if($prayer||$prayer_name==$expletives)
  {$all_is_good = "no"; 
    $message = "<font color=\"#FF0000\">Error: You are not allowed to use bad words!</font>";}
$expletives is defined as an array in the included file expletive_filter.php

the code for expletive_filter.php is as follows:

Code: Select all

<?PHP
$expletives = array("bad","words");
?>
Thanks in advance,
Noah Keller

P.S. I have been trying all day to accomplish this, and I am rather new to PHP
User avatar
pickle
Briney Mod
Posts: 6445
Joined: Mon Jan 19, 2004 6:11 pm
Location: 53.01N x 112.48W
Contact:

Post by pickle »

Probably the easiest would be something like this:

Code: Select all

$prayer = "I'm assuming this is the string to check";
$expletives = array('bad','words','here');

if(strpos($prayer,$expletives) === FALSE)
{
   $all_is_good = FALSE;
}
else
{
   $all_is_good = TRUE;
}
Note that I've also used TRUE & FALSE rather than 'yes' or 'no'. You're using 'yes' & 'no' as booleans, so why not just use a boolean ;).

Also, I've edited your post to reflect how we'd like PHP code to be posted (with [syntax=... tags rather than [ code ]) tags.
Real programmers don't comment their code. If it was hard to write, it should be hard to understand.
noahkeller
Forum Newbie
Posts: 11
Joined: Thu Apr 26, 2007 2:07 pm

Post by noahkeller »

I appreciate your help especially on the boolean thing LOL, like I said, I'm new.

But anyway, after applying the code you sent me now it returns as always detecting a bad word. I'm pretty sure I did something wrong, although my code seems to match yours. If you could further assist that would be appreciated. If you would like to view what I am working on it is at:

http://www.cndstudios.com/WPC/pray.php

Here is the updated code for "pray.php":

Code: Select all

<?PHP
include("includes/db_connect.php");
include("includes/expletive_filter.php");

if (isset($_POST["pray"]))
 {$all_is_good = TRUE;
  $prayer = $_POST["prayer"];
  $prayer_name = $_POST["prayer_name"];
  
  if($prayer=="")
   {$font_color = "#FF0000";
    $message = "Error: You must enter something in the \"Prayer\" field.";
    $all_is_good = FALSE;}
  
  if($prayer_name=="")
   {$font_color = "#FF0000";
    $message = "Error: You must enter something in the \"Name\" field.";
    $all_is_good = FALSE;}
  
  if(strpos($prayer,$expletives) === FALSE)
   {$all_is_good = FALSE;
    $font_color = "#FF0000";
    $message = "Error: You are not allowed to use bad words!";}
  else
   {$all_is_good = TRUE;}

  if($all_is_good==TRUE)
   {mysql_query("INSERT INTO `prayers` (`prayer`,`name`) VALUES ('$prayer','$prayer_name')");
    $font_color = "#00CC66";
	$message = "Thank you! Your prayer has been submitted and may be viewed <a href=\"view_prayers.php\">here</a>";}}

?>
When I changed the FALSE to TRUE in:

Code: Select all

if(strpos($prayer,$expletives) === FALSE)
it returned as not detecting bad words even when there were.
User avatar
pickle
Briney Mod
Posts: 6445
Joined: Mon Jan 19, 2004 6:11 pm
Location: 53.01N x 112.48W
Contact:

Post by pickle »

It seems strpos() isn't behaving like I'd expect it to from the documentation. strpos() isn't returning an integer when it gets an array as it's second argument. Nuts - that would have been really clean.

Anyway, I've tested this & it works:

Code: Select all

foreach($expletives as $dirty_word)
{
  if(strpos($string,$dirty_word) !== FALSE)
  {
      $bad_word = TRUE;
   }
}
if($bad_word)
{
   echo "Naughty naughty";
}
Real programmers don't comment their code. If it was hard to write, it should be hard to understand.
User avatar
guitarlvr
Forum Contributor
Posts: 245
Joined: Wed Mar 21, 2007 10:35 pm

Post by guitarlvr »

newbie question:

in

Code: Select all

if($bad_word)
{
   echo "Naughty naughty";
}
when a single variable is put into an if statement does it assume you mean if variable is true and then if you used !$bad_word it would assume if that is false?
noahkeller
Forum Newbie
Posts: 11
Joined: Thu Apr 26, 2007 2:07 pm

Post by noahkeller »

Right on!

Thanks a ton man. You don't know how much I appreciate it!

Couldn't have done it without ya.

Noah Keller
noahkeller
Forum Newbie
Posts: 11
Joined: Thu Apr 26, 2007 2:07 pm

Post by noahkeller »

guitarlvr:

yes I believe so
User avatar
pickle
Briney Mod
Posts: 6445
Joined: Mon Jan 19, 2004 6:11 pm
Location: 53.01N x 112.48W
Contact:

Post by pickle »

In PHP, everything but NULL,boolean FALSE and integer 0 evaluate to boolean TRUE.

So ya, when it's set up like I did, you're checking to see if that variable evaluates to boolean TRUE or boolean FALSE.
Real programmers don't comment their code. If it was hard to write, it should be hard to understand.
Post Reply