security for my php forum

[silverglade]

hi, i made a web forum message board and someone posted porn words on it so i had to remove the forum from my server.

i need a way  to delete posts, email registratoin and password, and block porn keywords in the messages. does anyone know of a link that teaches this.?

i cant find one , only for password. any help greatly appreciated. thanks . derek

[blirette]

Should be simple but long.

 

Make SQL queries with an array that contains all those filthy keywords. Run the queries, store the informations (IDs) in an array and delete all the bad things after with a good ol' DELETE!

 

That's how I'd do it.

[lemmin]

I think it would make more sense to catch these things before you put them into your DB. Preg_replace() would probably be the best method of doing this. On your insert query, do something like this:

$badwords = array("porn", "meecrab");
qry = "INSERT INTO table (Content) VALUES ('".preg_replace($badwords, "@$#!", $content)."')";

 

[silverglade]

thanks. is there a way i can delete posts? this guy put a ton of porn words into my forum, probably someone from this forum. derek

[lemmin]

As blirette suggested, you can use DELETE with LIKE:

$qry = "DELETE FROM table WHERE content LIKE '%porn%' OR content LIKE '%meecrab%'";

Keep putting ORs for however many words you want to look for.

[waynew]

MEECRAB?

[lemmin]

Sorry, meecrob.

http://en.wikipedia.org/wiki/Meecrob

The South Park reference is how I was relating it to this topic.

[silverglade]

every time i load my forum now, that guy's porn messages come up and i cant delete it. is  there a way to delete his posts? like going to the database or something? thanks , derek

[lemmin]

The SQL I posted is how you are supposed to delete his posts. Or, if he used the same name in all the posts, use that as the criteria for the deletes.

 

If you want to visually delete them, you can get the MySQL Administrator Tools:

http://dev.mysql.com/downloads/gui-tools/5.0.html