Log in

View Full Version : Swear Filter


lesham
11-07-2006, 04:43 PM
I have a contact us form that has been abused lately. People are submitting names like STINK AMERICA and companys like ASSFACE ... this is starting to become a problem here at my company. The code is as follows:


<form name=contactus method="POST" action="contactus.php" target=_self onsubmit="return formCheck(this);">
<tr><td align="left"><font size="2">First Name</font></td>
<td align="left"><input name="First Name" value size="35" maxlength=16 value=""></td></tr>
<tr><td align="left" height="24"><font size="2">Last Name</font></td>
<td align="left" height="24"><input type="text" name="Last name" size="35" maxlength=32 value=""></td></tr>

<tr><td align="left"><font size="2">Company</font></td>
<td align="left"><input type="TEXT" name="Company" value size="35" maxlength=32 value=""></td></tr>

<tr><td align="left"><font size="2">Street Address</font></td>
<td align="left"><input type="text" name="Street" size="35" maxlength=32 value=""></td></tr>
<tr><td align="left"><font size="2">City</font></td>
<td align="left"><input type="text" name="City" size="35" maxlength=20 value=""></td></tr>
<tr><td align="left"><font size="2">State</font></td>
<td align="left"><input type="text" name="State" size="35" maxlength=2 value=""></td></tr>
<tr><td align="left"><font size="2">Zip Code</font></td>
<td align="left"><input type="text" name="ZipCode" size="35" maxlength=5 onblur= valzip(); value=""></td></tr>
<tr><td align="left"><font size="2">Policy Number</font></td>
<td align="left"><input type="text" name="Policy" size="35" maxlength=16 value=""></td></tr>
<tr><td align="left"><font size="2">Daytime Phone</font></td>
<td align="left"><input type="TEXT" name="Telephone" value size="35" maxlength=16 value=""></td></tr>
<tr><td align="left"><font size="2">E-mail</font></td>
<td align="left"><input type="TEXT" name="Email" value size="35" maxlength=40 value=""></td></tr>
</table>
</td>
<td width="303" colspan="2">
<p align="left">


I am a/an :</p></td>
</tr>
<tr>
<td width="303" colspan="2">


<SELECT NAME="Iam">
<OPTION>Prospective insured</option>
<OPTION>Prospective agent</option>
<OPTION>Insured</option>
<OPTION>Agent</option>
<OPTION>Uknown Person</option>
</SELECT></td>
</tr>
<tr>
<td width="303" colspan="2">
<font size="2">I wish to :
</font></td>
</tr>
<tr>
<td width="303" colspan="2">


<select name="WishTo">
<OPTION>Request Claim Information</option>
<OPTION>Request information about my policy</option>
<OPTION>Request information about obtaining my policy</option>
<OPTION>Request my password</option>
<OPTION>Comment on your website</option>
<OPTION>Contact you on an unlisted topic</option>
</select></td>
</tr>
<tr>
<td width="303" colspan="2">
<font size="2">Message/Question</font> <!--<input type=text name=Comments size=35>--></td>
</tr>
<tr>
<td width="303" colspan="2">
<textarea name="comment" rows="9" cols="50" maxlength=800 value=""></textarea></td>
</tr>
<tr>
<td width="303" colspan="2">
<font size="2">User Verification: 1 + 2 =</font> <input type=text size=2 name=verify></td>
</tr>
<tr>
<td width="63">
<input type="submit" onSubmit="return checkmail(this)" value="Submit" name="B1"></td>
<td width="236">
<input type="reset" value="Cancel" name="B2"></td>
</tr>
</table>
</form>

My php code is as follows :


<?php


if ($_POST["verify"] == 3) {
foreach ($_POST as $key => $value)
$message = $message.$key." - ".$value."\r\n";

$headers = 'From: ' . $_POST["Email"] . "\r\n" .
'Reply-To: ' . $_POST["Email"] . "\r\n" .
'X-Mailer: PHP/' . phpversion();

echo $message;

if (mail("lesham@farmersofsalem.com", "Contact Us Page", $message, $headers))
echo "Your email has been successfully sent<br><br><a href='/test/contact_us.html'>Click here</a> to return to the previous page.";
else
echo "There was an error while trying to send the email. Please call us at 856-935-1851.";
} else
echo "User verification failed. <b><a onclick='history.back();'>Click Here</a></b> to correct your answer."

?>

I am looking for something to filter out bad language. Anyone help me out?
lesham
11-07-2006, 07:20 PM
Anybody?
Twey
11-07-2006, 07:56 PM
It is very unlikely you'll be able to do this. People will simply come up with ways around it ($#!T &c.).
djr33
11-08-2006, 05:50 PM
"STINK AMERICA" would never be filtered. Both of those words are plenty valid in some uses, so you wouldn't filter them.
I suppose you could filter the phrase, but that's ridiculous... just think about how many phrases you would need to think of then manually add to the php code.

To do a specific replace, use this:
$var = str_replace("badword","*******",$var);

The first parameter is what you're replacing, the next is what replaces it, and the next is the subject of this operation.

Note that using " badword " would only replace it when it's a full word. (Then replace, including spaces-- " ******* ".)

...and do that for every single word/phrase you want removed. Easy, but tedious.

You might try to find a "bad word list", or just write one yourself.

You could use a foreach loop, and have each bad word stored as part of an array. That would save some time.

And, yes, as Twey says, there's no way to filter everything. You filter specific things.
Using regular expressions, you could, for example, filter any words starting with "f", but it would be very hard to program that in a logical way to only find "bad" words. Reg Expressions are complex, but nice if you're looking for a specific pattern, like f**k... but that would find anything, such as folk, funk, and fork as well.