Question

我正在尝试整合php坏词过滤器输入是通过$ _REQUEST ['qtitle']和$ _REQUEST ['question']获得的但我没有这样做

$USERID = intval($_SESSION['USERID']);

if ($USERID > 0)
{
$sess_ver = intval($_SESSION[VERIFIED]);
$verify_asker = intval($config['verify_asker']);
if($verify_asker == "1" && $sess_ver == "0")
{
    $error = $lang['225'];
    $theme = "error.tpl";
}
else
{
    $theme = "ask.tpl";
    STemplate::assign('qtitle',htmlentities(strip_tags($_REQUEST['qtitle']), ENT_COMPAT, "UTF-8"));
    STemplate::assign('question',htmlentities(strip_tags($_REQUEST['question']), ENT_COMPAT, "UTF-8"));
    if($_REQUEST['subform'] != "")
    {
        $qtitle = htmlentities(strip_tags($_REQUEST['qtitle']), ENT_COMPAT, "UTF-8");
        $question = htmlentities(strip_tags($_REQUEST['question']), ENT_COMPAT, "UTF-8");
        $category = intval($_REQUEST['category']);


        if($qtitle == "")
        {
            $error = $lang['3'];
        }
        elseif($category <= "0")
        {
            $error = $lang['4'];
        }
        else
        {
            if($config['approve_stories'] == "1")
            {
                $addtosql = ", active='0'";
            }
            $query="INSERT INTO posts SET USERID='".mysql_real_escape_string($USERID)."', title='".mysql_real_escape_string($qtitle)."',question='".mysql_real_escape_string($question)."', tags='".mysql_real_escape_string($qtitle)."', category='".mysql_real_escape_string($category)."', time_added='".time()."', date_added='".date("Y-m-d")."' $addtosql";
            $result=$conn->execute($query);
            $userid = mysql_insert_id();
            $message = $lang['5'];
        }
    }
}
}   

else
{
$question = htmlentities(strip_tags($_REQUEST['qtitle']), ENT_COMPAT, "UTF-8");
$redirect = base64_encode($thebaseurl."/ask?qtitle=".$question);
header("Location:$config[baseurl]/login?redirect=$redirect");exit;
}

我正在尝试以下代码，但此代码替换了每个单词（未包含在数组中）

FUNCTION BadWordFilter(&$text, $replace){

$bads = ARRAY (
  ARRAY("butt","b***"),
  ARRAY("poop","p***"),
  ARRAY("crap","c***")
);

  IF($replace==1) {                                        //we are replacing
  $remember = $text;

  FOR($i=0;$i<sizeof($bads);$i++) {               //go through each bad word
       $text = EREGI_REPLACE($bads[$i][0],$bads[$i][1],$text); //replace it
  }

  IF($remember!=$text) RETURN 1;                     //if there are any changes, return 1

 } ELSE {                                                  //we are just checking

  FOR($i=0;$i<sizeof($bads);$i++) {               //go through each bad word
       IF(EREGI($bads[$i][0],$text)) RETURN 1; //if we find any, return 1
  }     
 }
}
$qtitle = BadWordFilter($wordsToFilter,0); 
$qtitle = BadWordFilter($wordsToFilter,1);

我在这里缺少什么？

Answer 1

我同意@Gordon这是重新发明轮子，但如果你真的想这样做，这是一个更好的开始：

function badWordFilter(&$text, $replace)
{
    $patterns = array(
        '/butt/i',
        '/poop/i',
        '/crap/i'
    );

    $replaces = array(
        'b***',
        'p***',
        'c***'
    );

    $count = 0;
    if($replace){
        $text = preg_replace($patterns, $replaces, $text, -1, $count);
    } else {
        foreach($patterns as $pattern){
            $count = preg_match($pattern, $text);
            if($count > 0){
                break;
            }
        }
    }

    return $count;
}

但是有很多固有的问题。例如，在文本How do you like my buttons?上运行过滤器...您最终会得到How do you like my b***ons?

Answer 2

我认为你应该使用这种功能：

function badWordsFilter(&$text){
    $excluded_words = array( 'butt', 'poop', 'crap' );
    $replacements = array();

    $i = count($excluded_words);
    while($i--){
        $tmp = $excluded_words{0};
        for($i=0;$i<(strlen($excluded_words)-1);$i++){
            $tmp .= '*';
        }
        $replacements[] = $tmp;
    }

    str_replace($excluded_words, $replacements, $text);
}

坏词过滤器集成

2 个答案: