Page 1 of 1

Not allow if string contains bad words??

Posted: Thu Apr 26, 2007 2:20 pm
by noahkeller
I am wondering how I would go about not allowing something if it contains a certain word(s), not to simply replace the bad word with another, but to not allow the post. I know how to not allow it, but I am having trouble determining whether the string contains a bad word or not, here is my code below, any help/suggestions will be very greatly appreciated.

This is for a church website I am working on.

Code: Select all

<?PHP
include("includes/db_connect.php");
include("includes/expletive_filter.php");

if (isset($_POST["pray"]))
 {$all_is_good = "yes";
  $prayer = $_POST["prayer"];
  $prayer_name = $_POST["prayer_name"];
  if($prayer=="")
   {$message = "<font color=\"#FF0000\">Error: You must enter something in the \"Prayer\" field.</font>";
    $all_is_good = "no";}
  if($prayer_name=="")
   {$message = "<font color=\"#FF0000\">Error: You must enter something in the \"Name\" field.</font>";
    $all_is_good = "no";}
  if(contains($expletives,$prayer))
   {$message = "<font color=\"#FF0000\">Error: You are not allowed to use bad words!</font>";
    $all_is_good = "no";}	
  if($all_is_good=="yes")
   {mysql_query("INSERT INTO `prayers` (`prayer`,`name`) VALUES ('$prayer','$prayer_name')");
    $message = "<font color=\"#00CC66\">Thank you! Your prayer has been submitted and may be viewed <a href=\"view_prayers.php\">here</a></font>";}}

?>
as you can see above i use the variable $all_is_good to determine if it is okay, what I am basically trying to accomplish is something like:

Code: Select all

if($prayer||$prayer_name==$expletives)
  {$all_is_good = "no"; 
    $message = "<font color=\"#FF0000\">Error: You are not allowed to use bad words!</font>";}
$expletives is defined as an array in the included file expletive_filter.php

the code for expletive_filter.php is as follows:

Code: Select all

<?PHP
$expletives = array("bad","words");
?>
Thanks in advance,
Noah Keller

P.S. I have been trying all day to accomplish this, and I am rather new to PHP

Posted: Thu Apr 26, 2007 2:26 pm
by pickle
Probably the easiest would be something like this:

Code: Select all

$prayer = "I'm assuming this is the string to check";
$expletives = array('bad','words','here');

if(strpos($prayer,$expletives) === FALSE)
{
   $all_is_good = FALSE;
}
else
{
   $all_is_good = TRUE;
}
Note that I've also used TRUE & FALSE rather than 'yes' or 'no'. You're using 'yes' & 'no' as booleans, so why not just use a boolean ;).

Also, I've edited your post to reflect how we'd like PHP code to be posted (with [syntax=... tags rather than [ code ]) tags.

Posted: Thu Apr 26, 2007 2:56 pm
by noahkeller
I appreciate your help especially on the boolean thing LOL, like I said, I'm new.

But anyway, after applying the code you sent me now it returns as always detecting a bad word. I'm pretty sure I did something wrong, although my code seems to match yours. If you could further assist that would be appreciated. If you would like to view what I am working on it is at:

http://www.cndstudios.com/WPC/pray.php

Here is the updated code for "pray.php":

Code: Select all

<?PHP
include("includes/db_connect.php");
include("includes/expletive_filter.php");

if (isset($_POST["pray"]))
 {$all_is_good = TRUE;
  $prayer = $_POST["prayer"];
  $prayer_name = $_POST["prayer_name"];
  
  if($prayer=="")
   {$font_color = "#FF0000";
    $message = "Error: You must enter something in the \"Prayer\" field.";
    $all_is_good = FALSE;}
  
  if($prayer_name=="")
   {$font_color = "#FF0000";
    $message = "Error: You must enter something in the \"Name\" field.";
    $all_is_good = FALSE;}
  
  if(strpos($prayer,$expletives) === FALSE)
   {$all_is_good = FALSE;
    $font_color = "#FF0000";
    $message = "Error: You are not allowed to use bad words!";}
  else
   {$all_is_good = TRUE;}

  if($all_is_good==TRUE)
   {mysql_query("INSERT INTO `prayers` (`prayer`,`name`) VALUES ('$prayer','$prayer_name')");
    $font_color = "#00CC66";
	$message = "Thank you! Your prayer has been submitted and may be viewed <a href=\"view_prayers.php\">here</a>";}}

?>
When I changed the FALSE to TRUE in:

Code: Select all

if(strpos($prayer,$expletives) === FALSE)
it returned as not detecting bad words even when there were.

Posted: Thu Apr 26, 2007 3:13 pm
by pickle
It seems strpos() isn't behaving like I'd expect it to from the documentation. strpos() isn't returning an integer when it gets an array as it's second argument. Nuts - that would have been really clean.

Anyway, I've tested this & it works:

Code: Select all

foreach($expletives as $dirty_word)
{
  if(strpos($string,$dirty_word) !== FALSE)
  {
      $bad_word = TRUE;
   }
}
if($bad_word)
{
   echo "Naughty naughty";
}

Posted: Thu Apr 26, 2007 3:17 pm
by guitarlvr
newbie question:

in

Code: Select all

if($bad_word)
{
   echo "Naughty naughty";
}
when a single variable is put into an if statement does it assume you mean if variable is true and then if you used !$bad_word it would assume if that is false?

Posted: Thu Apr 26, 2007 3:22 pm
by noahkeller
Right on!

Thanks a ton man. You don't know how much I appreciate it!

Couldn't have done it without ya.

Noah Keller

Posted: Thu Apr 26, 2007 3:23 pm
by noahkeller
guitarlvr:

yes I believe so

Posted: Thu Apr 26, 2007 3:24 pm
by pickle
In PHP, everything but NULL,boolean FALSE and integer 0 evaluate to boolean TRUE.

So ya, when it's set up like I did, you're checking to see if that variable evaluates to boolean TRUE or boolean FALSE.