pojr Posted July 1, 2008 Share Posted July 1, 2008 <?php Session_Start(); mysql_connect("localhost", "dan92_happy", "[CENSORED]") or die(mysql_error()); mysql_select_db("dan92_admin") or die(mysql_error()); $resultsagain = mysql_query("SELECT * FROM bannedwords") or die(mysql_error()); while($chaos = mysql_fetch_array( $resultsagain )) { $ban = $chaos['wrd']; $num_rows = mysql_num_rows($resultsagain); } $resultagain = mysql_query("SELECT * FROM user WHERE nm='$_SESSION[username]'") or die(mysql_error()); while($rao = mysql_fetch_array( $resultagain )) { $sk = $rao['sk']; if ( $sk == '1' ) { include("..//head.php"); echo "<title>Forums - Chankys</title>"; include("..//headunder.php"); include("..//menu.php"); } elseif ( $sk == '2') { include("..//head2.php"); echo "<title>Forums - Chankys</title>"; include("..//headunder.php"); include("..//menu2.php"); } else { include("..//head.php"); echo "<title>Forums - Chankys</title>"; include("..//headunder.php"); include("..//menu.php"); } } if ( $_SESSION[logged_in] == 0 ) { include("..//head.php"); echo "<title>Forums - Chankys</title>"; include("..//headunder.php"); include("..//menu.php"); } $av = $_SESSION[av]; $nm = $_POST['nm']; $pst = $_POST['pst']; $tt = $_POST['tt']; $tid = $_POST['tid']; $ip = $_SERVER['REMOTE_ADDR']; $lk = $_POST['lk']; $id = $_POST['id']; $dt = date("l, F j, Y h:i:s A"); $pst = preg_replace("/\n/","\n<br />",$pst); $nm = stripslashes($nm); $bid = stripslashes($bid); $nm = strip_tags($nm); if($_SESSION[user] == administrator ) { $pst = strip_tags($pst, '<b><i><u><br><img><a><table><td><tr><th><frame>'); $tt = strip_tags($tt, '<b><i><u>'); } else { $pst = strip_tags($pst, '<b><i><u><br>'); $tt = strip_tags($tt); } $bid = strip_tags($bid); $nm = $_SESSION[username]; $lk = "http://dan92.yfma.com/u.php?id=$_SESSION[id]"; $bid = $_GET['f']; if ( $bid == "" ) { $quero = "SELECT * FROM forum WHERE id='$tid'"; $result = mysql_query($quero) or die(mysql_error()); $list = mysql_fetch_array($result) or die(mysql_error()); $num_rows = mysql_num_rows($result); $lock = $list['cs']; } else { $queris = "SELECT * FROM board WHERE id='$bid'"; $results = mysql_query($queris) or die(mysql_error()); $row = mysql_fetch_array($results) or die(mysql_error()); $lv = $row['lv']; $des = $row['des']; } if( $lv == '2' ) { if($_SESSION[user] == administrator ) { echo ""; } elseif($_SESSION[user] == 'trusted member' ) { echo ""; } else { $access = "negative"; } } elseif($lv == '3' ) { if($_SESSION[user] == administrator ) { $access = "positive"; } elseif($_SESSION[user] == 'trusted member' ) { $access = "positive"; } else { $access = "notpositive"; } } else { ""; } if (!(strpos($pst, "<b>" ) == true)) { if (!(strpos($pst, "</b>" ) == false)) { $htmlallowance = "negative"; } } if (!(strpos($pst, "<i>" ) == true)) { if (!(strpos($pst, "</i>" ) == false)) { $htmlallowance = "negative"; } } if (!(strpos($pst, "<u>" ) == true)) { if (!(strpos($pst, "</u>" ) == false)) { $htmlallowance = "negative"; } } if($_SESSION[logged_in] == 0 ) { echo "<h1>Access error!</h1><p>You need an account at Chanky's. register one <a href=\"..//register.php\"><b>here</b></a>.</p>"; } elseif($_SESSION[user] == 'banned member' ) { echo "<h1>Access error!</h1><p>You can no longer post at Chanky's because of your user level."; } elseif($_SESSION[user] == 'suspended member' ) { echo "<h1>Access error!</h1><p>You temporarily cannot post at Chanky's because of your user level. Wait for your condemn results for further notice."; } elseif($htmlallowance == "negative" ) { echo "<h1>Error!</h1><p>Your post has bad HTML. You failed to end the bold tag.</p>"; } elseif($pst == "" ) { echo "<h1>Error!</h1> <p>Your post is black. Please change that! You need at least one character.</p>"; } elseif(!(strpos($pst, "$num_rows" ) == true)) { echo "Error! $ban is a banned word."; } elseif($pst == "<b></b>" ) { echo "<h1>Error!</h1> <p>Your post is black. Please change that! You need at least one character.</p>"; } elseif($pst == "<i></i>" ) { echo "<h1>Error!</h1> <p>Your post is black. Please change that! You need at least one character.</p>"; } elseif($pst == "<u></u>" ) { echo "<h1>Error!</h1> <p>Your post is black. Please change that! You need at least one character.</p>"; } elseif($access == "negative" ) { echo "<h1>Access Error!</h1><p>You cannot post in this forum. Only trusted members and administrators can.</p>"; } elseif($lock == "lock" ) { echo "<h1>Access error!</h1><p>This topic is locked! You cannot post in this topic. If you insist on posting in this topic, then unlock it.</p>"; } elseif($lock == "pinlock" ) { echo "<h1>Access error!</h1><p>This topic is locked! Even though this topic is pinned, it does not mean you can post in it. You cannot post in this topic. If you insist on posting in this topic, then unlock it.</p>"; } elseif($ip == '71.101.45.67' ) { /* $resultend = mysql_query("UPDATE user SET user='suspended member' WHERE nm='$nm'") $resultend = mysql_query("UPDATE user SET age='User committed Terms of Agreement violations, but punishment is pending. The user may or may not end up getting banned.' WHERE nm='$nm'") or die(mysql_error()); */ echo "<h1>Congratulations!</h1><p>You have successfully went through the posting system! However, rather then posting the message, the staff at Chanky's have decided to suspend your account."; session_destroy(); } elseif($bid == "" ) { if($num_rows == 1) { mysql_query("INSERT INTO forum (nm, brd, pst, tid, ip, tt, id, lk, dt, av) VALUES('$nm', '$bid', '$pst', '$tid', '$ip', '$tt', '$id', '$lk', '$dt', '$_SESSION[av]' ) ") or die(mysql_error()); echo "<h1>Congrats!</h1><p>Your message was submitted! View your post <a href=\"t.php?id=$tid\"><b>right here</b></a>. Make sure that your post follows the <a href=\"http://www.dan92.yfma.com/terms.php\"><b>Terms of Agreement</b></a>.</p>"; } else { echo "<h1>Flood control enabled!</h1> <p>You made this post about a second after another one! cut down!</p>"; } } elseif($_SESSION[user] == 'POW member' ) { echo "<h1>Access error!</h1><p>You cannot make topic on Chanky's as your user level. POW members can make messages, but cannot start topics."; } elseif($tt == "" ) { echo "<h1>Error!</h1> <p>Your topic title is non-existent. Please change that! You need at least one character.</p>"; } elseif($access == "notpositive" ) { echo "<h1>Access error!</h1> <p>Only trusted members and administrators can post topics on this forum. You do not sport a high enough user level to post topics on this forum, but you can make posts.</p>"; } elseif($des == "" ) { echo "<h1>Whoa whoa whoa!</h1><p>You can't post a topic on a forum that doesn't even exist!"; } else { mysql_query("INSERT INTO forum (nm, brd, pst, tid, ip, tt, id, lk, dt, av) VALUES('$nm', '$bid', '$pst', '$tid', '$ip', '$tt', '$id', '$lk', '$dt', '$_SESSION[av]' ) ") or die(mysql_error()); echo "<h1>Congrats!</h1><p>Your topic was submitted! View your topic <a href=\"f.php?id=$bid\"><b>right here</b></a>. Make sure that your post follows the <a href=\"http://www.dan92.yfma.com/terms.php\"><b>Terms of Agreement</b></a>.</p>"; } include("..//foot.php"); ?> $PST is the post, and I don't know why this won't work. Any help appreciated. Quote Link to comment Share on other sites More sharing options...
br0ken Posted July 1, 2008 Share Posted July 1, 2008 I would recommend posting the part of the code that explicitly is meant to check for bad words. It would make it easier for people to help you. Quote Link to comment Share on other sites More sharing options...
pojr Posted July 1, 2008 Author Share Posted July 1, 2008 Sorry, my computer was about to die (and it's about to again) so I couldn't. But now I have it. <?php Session_Start(); mysql_connect("localhost", "dan92_happy", "[CENSORED]") or die(mysql_error()); mysql_select_db("dan92_admin") or die(mysql_error()); $resultsagain = mysql_query("SELECT * FROM bannedwords") or die(mysql_error()); while($chaos = mysql_fetch_array( $resultsagain )) { $ban = $chaos['wrd']; $num_rows = mysql_num_rows($resultsagain); } /* ... continued ... */ } elseif(!(strpos($pst, "$num_rows" ) == true)) { echo "Error! $ban is a banned word."; ?> Quote Link to comment Share on other sites More sharing options...
br0ken Posted July 1, 2008 Share Posted July 1, 2008 } elseif(!(strpos($pst, "$num_rows" ) == true)) { echo "Error! $ban is a banned word."; I take it this code is the part that's meant to check for banned words? This code though simply checks if the value in $num_rows is in $pst however $num_rows only contains the amount of rows returned by the last query. You have the right idea by using strpos() to figure out if a word is present in the string but you need to pass the banned words to this function instead. Quote Link to comment Share on other sites More sharing options...
pojr Posted July 1, 2008 Author Share Posted July 1, 2008 I don't know how to pass the banned word. Quote Link to comment Share on other sites More sharing options...
br0ken Posted July 1, 2008 Share Posted July 1, 2008 In the while loop where you assign the banned word to $ban, you could just check it there? <?php while($chaos = mysql_fetch_array( $resultsagain )) { $ban = $chaos['wrd']; if (strpos($pst, $ban)) { echo "Your post contains the banned word: ".$ban."<br />"; } } ?> Quote Link to comment Share on other sites More sharing options...
pojr Posted July 1, 2008 Author Share Posted July 1, 2008 Sorry, but it doesn't work. I should say that the database bannedwords has a few banned words in there; it's not a single banned word. Quote Link to comment Share on other sites More sharing options...
br0ken Posted July 1, 2008 Share Posted July 1, 2008 Did you put the code in on it's own or did you plug it into your code? Quote Link to comment Share on other sites More sharing options...
pojr Posted July 1, 2008 Author Share Posted July 1, 2008 I add added it in in it's own. I'm still uncertain on how to perform this. Quote Link to comment Share on other sites More sharing options...
br0ken Posted July 2, 2008 Share Posted July 2, 2008 The code I gave you needs to replace the WHILE statement in your code. It wont work on it's own. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.