Bad Word Filtering - website contact forms
6 posts by 3 authors in: Forums > CMS Builder
Last Post: September 3, 2013 (RSS)
By Mikey - September 1, 2013
I need some help getting this bad word filtering string to function properly for a contact form. The contact form has a "message" textbox which I'd like to have the contents of message checked against the file "badwords.txt" which contains a list of bad words, which would trigger the filter and redirect to a thanks.php file.
So for example if someone entered an long sentence of mostly non bad words, however within the sentence is one or more BAD word/s the filter would be triggered, the message submission is killed and the user is redirected to thanks.php.
Can anyone offer up some suggestions on how to get this working?
// bad word filter
$str = @$_REQUEST['message'];
$bad_words = ('badwords.txt');
if (in_array($str, $bad_words)) {
#redirect bad words
$url='http://www.mydomain.com/thanks.php';
header ("Location: ".$url);
exit();
}
else {
// Process form
}
// end bad word filter
Thanks,
Zick
By Djulia - September 2, 2013
Hi Zick,
Here is a first approach:
$preventAlerts = '';
// Stop Words Check
$stopWords[] = 'sex';
$stopWords[] = 'money';
foreach (@$_REQUEST as $fieldName => $fieldValue) {
foreach ($stopWords as $wordKey => $wordValue) {
$pattern = '/.*' . preg_quote($wordValue, '/') . '.*/i';
if (is_array($fieldValue)) { $fieldValue = implode(",", $fieldValue); }
if (get_magic_quotes_gpc()) { $fieldValue = stripslashes($fieldValue); }
if (preg_match($pattern, $fieldValue)) {
$preventAlerts .= "Bad word : (".htmlspecialchars($wordValue).") !<br/>\n";
}
}
}
if (!$preventAlerts) {
// Process form
}
Good luck!
Djulia
Hi Zick,
Assuming your bad word list file contains a new word on each line like this:
these
are
bad
words
Then you could use the following method to filter the words:
//Our word string
$words = "These are some words";
$words_array = explode(" ", $words);
//Get our bad word lists contents from the file and store in in a string
$badWordList = file_get_contents( dirname(__FILE__) . '/bad_word_list.txt' );
//Make an array of bad words
$badWordArray = explode("\r\n", $badWordList);
//Cycle through all the words in our message
foreach($words_array as $word){
//Search the array of bad words for our word, if it's in there don't process the form
if(in_array($word, $badWordArray)){
redirectBrowserToUrl("thanks.php");
}
}
//If we've made it to this point, our string doesn't contain any obvious bad words
/*
* Process form
*/
So $words would be the message or string that you want to search, then you explode this message into an array of words. The get_file_contents function is used to turn the contents of the file into a string, and then it's turned into an array of words using the explode function.
Finally a foreach loop is used to cycle through the messages words and check if they appear in the bad word array.
Let me know if you have any questions.
Thanks!
Greg
PHP Programmer - interactivetools.com
By Mikey - September 2, 2013
Thanks for the help Greg.
So, ultimately what I'd like to do is have a menu type:single record within CMS Builder (bad_word_list.php), where I could add new bad words as needed - without the need to open the .txt file. So I created a menu type: single record (bad_word_list.php) and change the "content" to a textbox and checked the following code (Disable auto-formatting (don't add break tags to content)) but this put the words all on one line with a space between each and didn't work.
So I then unchecked the following code (Disable auto-formatting (don't add break tags to content)), and this makes each word on a new line, but adds a <br /> before the previous word. Such as:
This<br />
are<br />
bad<br />
words
... and the actual view source page code looks like this for the (bad_word_list.php) file, so I suspect this wont work any now.
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Bad Words List</title>
<meta http-equiv="Content-Type" content="text/html;charset=UTF-8" />
</head>
<body>
This<br />
are<br />
bad<br />
words
</body>
</html>
But with all that said is it possible to use a menu type:single record within CMS Builder (bad_word_list.php), where I could add new bad words as needed - without the need to open the .txt file?
Here's a few attempts I made with no success.
//Our word string
$words = "These are some words";
$words = str_replace(array("<br />"), " ", $words);
$words_array = explode(" ", $words);
//$words_array = explode("<br/>", $words);
//$words_array = str_replace("<br />"," ",explode(" ", $words));
//Get our bad word lists contents from the file and store in in a string
//$badWordList = file_get_contents( dirname(__FILE__) . '/bad_word_list.txt' );
$badWordList = file_get_contents( dirname(__FILE__) . '/bad_words_list.php' );
//Make an array of bad words
$badWordArray = explode("\r\n", $badWordList);
//Cycle through all the words in our message
foreach($words_array as $word){
//Search the array of bad words for our word, if it's in there don't process the form
if(in_array($word, $badWordArray)){
redirectBrowserToUrl("thanks.php");
}
}
//If we've made it to this point, our string doesn't contain any obvious bad words
/*
* Process form
*/
Thanks for your help!
Zick
Hi Zick,
I think your close to getting the solution. I've modified it so that the system doesn't need to get the words from another PHP file, and gets the list directly from the section:
//Our word string
$words = "These are some words";
$words_array = explode(" ", $words);
//Get our bad word lists contents from the bad_words section
$badWordSection = mysql_get('bad_words', 1);
$badWordList = $badWordSection['words'];
//Make an array of bad words
$badWordArray = explode("\n", $badWordList);
//Cycle through all the words in our message
foreach($words_array as $word){
//Search the array of bad words for our word, if it's in there don't process the form
if(in_array($word, $badWordArray)){
redirectBrowserToUrl("thanks.php");
}
}
//If we've made it to this point, our string doesn't contain any obvious bad words
/*
* Process form
*/
So the section I created also used a text box which didn't have auto-formatting selected, the section was called bad_words, and the text box field was called words.
The mysql_get function returns the first (and only record) from the section called bad_words, and assigns it to the variable badWordSection, then the contents of the field words is assigned to the variable badWordList.
The other change is changing the explode delimiter from \r\n to just \n, as the new line break that is used in the database is different to the one used in a text file.
After this point the system is the same as before.
Thanks!
Greg
PHP Programmer - interactivetools.com
By Mikey - September 3, 2013 - edited: September 3, 2013
Thanks for the guidance and help Greg.... everything seems to be working great so far!