SitePoint Sponsor

User Tag List

Results 1 to 6 of 6
  1. #1
    SitePoint Zealot
    Join Date
    Apr 2007
    Location
    New London, CT
    Posts
    172
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Form says I can't use that kind of language

    I have a form that send comments back to me. I have it so that it filters certain words. Recently I had a friend try to send me a comment but was told that they couldn't use that kind of language. I also tried writing a test message using completely safe words. The message was:
    Name: Jim
    Email: jim@aol.com
    Subject: Test Comment
    Feedback: This is a test.

    I am completely stumped with this and any help would be appreciated.

    PHP Code:
    <?php
    if (!isset($_POST['submit']) || $_SERVER['REQUEST_METHOD'] != "POST") {
        exit(
    "<p>You did not press the submit button; this page should not be accessed directly.</p>");
    } else {
        
    $exploits "/(content-type|bcc:|cc:|document.cookie|onclick|onload|javascript|alert)/i";
        
    $profanity "/(xxx)/i";
        
    $spamwords "/(viagra|phentermine|tramadol|adipex|advai|alprazolam|ambien|ambian|amoxicillin|antivert|blackjack|backgammon|texas|holdem|poker|carisoprodol|ciara|ciprofloxacin|debt|dating|porn|pills|)/i";
        
    $bots "/(Indy|Blaiz|Java|libwww-perl|Python|OutfoxBot|User-Agent|PycURL|AlphaServer)/i";

        if (
    preg_match($bots$_SERVER['HTTP_USER_AGENT'])) {
            exit(
    "<p>Known spam bots are not allowed.</p>");
        }
        foreach (
    $_POST as $key => $value) {
            
    $value trim($value);

            if (empty(
    $value)) {
                exit(
    "<p>Empty fields are not allowed. Please go back and fill in the form properly.</p>");
            } elseif (
    preg_match($exploits$value)) {
                exit(
    "<p>Exploits/malicious scripting attributes aren't allowed.</p>");
            } elseif (
    preg_match($profanity$value) || preg_match($spamwords$value)) {
                exit(
    "<p>That kind of language is not allowed through our form.</p>");
            }

            
    $_POST[$key] = stripslashes(strip_tags($value));
        }

        if (!
    ereg("^[_a-z0-9-]+(.[_a-z0-9-]+)*@[a-z0-9-]+(.[a-z0-9-]+)*(.[a-z]{2,6})$",strtolower($_POST['email']))) {
            exit(
    "<p>That e-mail address is not valid, please use another.</p>");
        }

        
    $recipient "my@email.address";
        
    $subject "Contact Form Mail";

        
    $message "You've received an e-mail through your website mail form: \n";
        
    $message .= "Name: {$_POST['name']} \n";
        
    $message .= "E-mail: {$_POST['email']} \n";
        
    $message .= "Subject: {$_POST['subject']} \n";
        
    $message .= "Feedback: {$_POST['comments']} \n";

        
    $headers "From: terrellharris.net <$recipient> \n";
        
    $headers .= "Reply-To: <{$_POST['email']}>";

        if (
    mail($recipient,$subject,$message,$headers)) {
            echo 
    "<p>Thank you! Your mail was successfully sent to the webmaster. Thank you for your time.</p>";
        } else {
            echo 
    "<p>Sorry, there was an error and your mail was not sent. Please find an alternative method of contacting the webmaster.</p>";
        }
    }
    ?>
    Last edited by funktifyknow; Aug 22, 2007 at 08:46. Reason: updated code/ removed profanity

  2. #2
    Function Curry'er JimmyP's Avatar
    Join Date
    Aug 2007
    Location
    Brighton, UK
    Posts
    2,006
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Im sure somebody will be able to help u....

    Maybe u could remove those profanity values? (in the code)
    James Padolsey
    末末末末末末末末末末末末末末末末末末末
    Awesome JavaScript Zoomer (demo here)
    'Ajaxy' - Ajax integration solution (demo here)

  3. #3
    SitePoint Zealot
    Join Date
    Apr 2007
    Location
    New London, CT
    Posts
    172
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    OOPS! Sorry forgot they were there. Just really frustrated with the code and didn't even think about it. Thanks for the heads up though.

  4. #4
    SitePoint Enthusiast
    Join Date
    Feb 2006
    Location
    Bel Air, Maryland.
    Posts
    60
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hmm I can't seem to find anything critical.
    Would it hurt that you have a trailing "|" after the last word (pills) in $spamwords?
    ---
    Paul S. Smith
    technetic | design & code

  5. #5
    SitePoint Addict agentforte's Avatar
    Join Date
    May 2007
    Location
    Toronto, ON, Canada
    Posts
    213
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I would suggest a captcha to prevent spam

    If you are afraid to program it yourself, recaptcha.org can help you out. The bonus is that it is free (unless you have tons of traffic using the form) and that it does not use up your server resources to produce the image (it retrieves the image from tha recaptcha website)

    I am still debating which to use, but I think I will have both working just in case I need to switch between them for some reason.

  6. #6
    SitePoint Zealot
    Join Date
    Apr 2007
    Location
    New London, CT
    Posts
    172
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks technetic. That was the ticket. I'll lok at the captcha things as well agentforte. Thanks again guys.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •