Php bad word filtering

PHP
1

i created a forum…and it’s working now but i wanted to have a bad word filtering in posting and replying in my forum with calling badwords in my database like when a user post or reply in my forum “My Friend is a " then when submit every word will be checked on the database and when the word "” is on my list in database the output or the post will be “My Friend is a ****”…
i currently have this codes and my database…(i’m currently using dreamweaver cs4)

please help me A.S.A.P

this is my create_topic.php

<?php session_start(); ?>
<?php
if ((!isset($_SESSION['uid'])) || ($_GET['cid'] == "")) {
        header("Location: index.php");
        exit();
}
$cid = $_GET['cid'];
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Create Forum Topic</title>
<link rel="stylesheet" type="text/css" href="style.css" />
<style type="text/css">
<!--
h2 {
        font-size: 36px;
        color: #6F0000;
}
body,td,th {
        font-size: 18px;
        color: #6F0000;
        background-attachment: fixed;
        background-image: url(assets/image2.jpg);
        background-repeat: no-repeat;
        background-position: 27px 30px;
}
-->
</style></head>

<body>

<div id="wrapper">
<center><h2>Treston Forum Boards
</h2>
</center>

<?php
echo "<p>You are logged is as ".$_SESSION['username']." &bull; <a href='logout_parse.php'>Logout</a>";
?>

<hr />
<div id="content">
<form action="create_topic_parse.php" method="post">
<p>Topic Title</p>
<input type="text" name="topic_title" size="98" maxlength="150" />
<p>Topic Content</p>
<textarea name="topic_content" rows="5" cols="75"></textarea>
<br /><br />
<input type="hidden" name="cid" value="<?php echo $cid; ?>" />
<input type="submit" name="topic_submit" value="Create Your Topic" />
</form>
</div>
</div>

</body>
</html>

this is my create_topic_parse.php…

<?php
session_start();
if ($_SESSION['uid'] == "") {
        header("Location: index.php");
        exit();
}
if (isset($_POST['topic_submit'])) {
        if (($_POST['topic_title'] == "") && ($_POST['topic_content'] == "")) {
                echo "You did not fill in both fields. Please return to the previous page.";
                exit();
        } else {
                include_once("connect.php");
                $cid = $_POST['cid'];
                $title = $_POST['topic_title'];
                $content = $_POST['topic_content'];
                $creator = $_SESSION['uid'];
                $sql = "INSERT INTO topics (category_id, topic_title, topic_creator, topic_date, topic_reply_date) VALUES ('".$cid."', '".$title."', '".$creator."', now(), now())";
                $res = mysql_query($sql) or die(mysql_error());
                $new_topic_id = mysql_insert_id();
                $sql2 = "INSERT INTO posts (category_id, topic_id, post_creator, post_content, post_date) VALUES ('".$cid."', '".$new_topic_id."', '".$creator."', '".$content."', now())";
                $res2 = mysql_query($sql2) or die(mysql_error());
                $sql3 = "UPDATE categories SET last_post_date=now(), last_user_posted='".$creator."' WHERE id='".$cid."' LIMIT 1";
                $res3 = mysql_query($sql3) or die(mysql_error());
                if (($res) && ($res2) && ($res3)) {
                        header("Location: view_topic.php?cid=".$cid."&tid=".$new_topic_id);
                } else {
                        echo "There was a problem creating your topic. Please try again.";
                }
        }
}
?>

this is my post_reply.php…

<?php session_start(); ?>
<?php
if ((!isset($_SESSION['uid'])) || ($_GET['cid'] == "")) {
        header("Location: index.php");
        exit();
}
$cid = $_GET['cid'];
$tid = $_GET['tid'];
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Forum Series - Post Forum Reply</title>
<link rel="stylesheet" type="text/css" href="style.css" />
</head>

<body>

<div id="wrapper">
<h2>TimKippTutorials | Forum Tutorial Series - Part 5</h2>
<p>Posting Replies</p>

<?php
echo "<p>You are logged is as ".$_SESSION['username']." &bull; <a href='logout_parse.php'>Logout</a>";
?>

<hr />
<div id="content">
<form action="post_reply_parse.php" method="post">
<p>Reply Content</p>
<textarea name="reply_content" rows="5" cols="75"></textarea>
<br /><br />
<input type="hidden" name="cid" value="<?php echo $cid; ?>" />
<input type="hidden" name="tid" value="<?php echo $tid; ?>" />
<input type="submit" name="reply_submit" value="Post Your Reply" />
</form>
</div>
</div>

</body>
</html>

this is my post_reply_parse.php…

<?php
session_start();
if ($_SESSION['uid']) {
        if (isset($_POST['reply_submit'])) {
                include_once("connect.php");
                $creator = $_SESSION['uid'];
                $cid = $_POST['cid'];
                $tid = $_POST['tid'];
                $reply_content = $_POST['reply_content'];
                $sql = "INSERT INTO posts (category_id, topic_id, post_creator, post_content, post_date) VALUES ('".$cid."', '".$tid."', '".$creator."', '".$reply_content."', now())";
                $res = mysql_query($sql) or die(mysql_error());
                $sql2 = "UPDATE categories SET last_post_date=now(), last_user_posted='".$creator."' WHERE id='".$cid."' LIMIT 1";
                $res2 = mysql_query($sql2) or die(mysql_error());
                $sql3 = "UPDATE topics SET topic_reply_date=now(), topic_last_user='".$creator."' WHERE id='".$tid."' LIMIT 1";
                $res3 = mysql_query($sql3) or die(mysql_error());
               
                // Email Sending
               
                if (($res) && ($res2) && ($res3)) {
                        echo "<p>Your reply has been successfully posted. <a href='view_topic.php?cid=".$cid."&tid=".$tid."'>Click here to return to the topic.</a></p>";
                } else {
                        echo "<p>There was a problem posting your reply. Try again later.</p>";
                }
               
        } else {
                exit();
        }
} else {
        exit();
}
?>

and here’s my database
[

1024×640 69 KB

here’s the list of badword…

1024×640 78.2 KB

please help A.S.A.P

2

I might be wrong here, but using the info you’ve described your issue with, you’ll want to take whatever is submitted from the comment control and run it against some list of words using any number of regex or substr routines that are probably floating around the internet.

3

it’s not yet online because i want to have filtering of bad words before releasing my forum online…so anyone knows??

4

The easiest way to do this is with str_replace(). Load the data into an array with [URL=“http://ca2.php.net/manual/en/function.mysql-fetch-array.php”]mysql_fetch_array() and use the $_Post[textout] as the haystack.

EX:



while($bad_words = mysql_fetch_array($MYSQL_QUERY_VAR)){

     $edited_words = str_replace($bad_words,'*FILTER*',$_POST['textoutput']);

}
5

I DON’T KNOW SOME OF YOUR DECLARATIONS HERE…

while($bad_words = mysql_fetch_array($MYSQL_QUERY_VAR)){

 $edited_words = str_replace($bad_words,'*FILTER*',$_POST['textoutput']);

}

LIKE THE “$MYSQL_QUERY_VAR” and the ‘FILTER’ and the $edited_words because i don’t have those on my codes and on my database just to make it more clearly

6

The “$MYSQL_QUERY_VAR” in this case would be the comments ex-post-facto. Unless I’m mistaken, smpily has provided you with a way to siphon upon output. It can be done either before the MySQL storage procedure or vice-versa. In any event, the $MYSQL_QUERY_VAR will be the array in which you use to run your subroutines for the bad word check.

Long story short, take his WHILE snippet, find your logic responsible for outputting your comments, and plug away… :slight_smile: It’s okay if your code isn’t 1-for-1. Just make whatever slight modifications you need.

7

Please don’t shout.

The $MYSQL_QUERY_VAR is simply a reference to your own mysql_query() declaration. and ‘FILTER’ is a string not a declaration. If you’ve read the str_replace() description and examples on php.net you would understand why it’s written like that. It would replace all bad words with FILTER. Here is a code that would work excuse me for not reading your entire four pages of code to try and explain how you could implement it and I do apologies for not using your own variables within your code to properly explain how str_replace would work. So here it is again but with it coded for you. if it doesn’t work try reading about the functions and their uses before shouting at someone who is trying to help…not annoy.


$badwords_sql = "SELECT * FROM bad_words";
$badwords_qry = mysql_query($badwords_sql) or die('Errors'.mysql_error());

while($bad_words = mysql_fetch_array($badwords_qry)){

     $edited_words = str_replace($bad_words,'*FILTER*',$_POST['topic_content']);

}
8

This is from a post by logic_earth from a couple of years ago in another thread (http://www.sitepoint.com/forums/3852992-post5.html) which does what you need. You would need to decided of you’ll just stored the censored version only or if you’ll store the uncensored one as the original and the censored version as an edit.

function censor ( $m )
{
    return str_repeat( '*', strlen( $m[0] ) );
}

$str = 'I like to say lots of badword2 over badword4 over badword5 and over badword1 again!';

$words = array( 'badword1', 'badword2', 'badword3', 'badword4', 'badword5' );
$str = preg_replace_callback( '/\\b(?:' . join( $words, '|' ) . ')\\b/i', 'censor', $str );

var_dump( $str );

The bit where the bad words are loaded into an array would be a normal “query and fetch results operation” to get the list of bad words from the database.

9

smpily i’m not shouting out to anyone,i’m sorry if you feel i’m shouting on you but it’s not…

i just pointing on the codes…i’m just a begginer using PHP codes that’s why i’m asking every declarations…

i created my forum by just watching tutorials…(too newbie)

so please kindly help me??

can you edit my codes to know where i will enter your codes and to filter out bad words…

please help me guys (i’m sorry if you misunderstand my reply)

10

Uhm, this would be difficult probably the easiest way would be to create a function and initiate the function every time you enter text into the database that you want to be filtered.
But I am not going to write it for you I think that would be a waste of your talent. Learn where to put it through testing. If you want a simple php function bad word filter then I suggest google’n it.

11

smpily…
i already sorry for the last and i explained what i’m pointing to…
i just need help…
it’s up to you sir if you would help me or not…
anyway thanks sir…
but if you change your mind you can help me
thanks again smpily