mcfly Posted August 2, 2006 Share Posted August 2, 2006 Hi, see below..This is a php file that writes guestbook info to a txt file. I have a problem with spam in my guestbook, and I wonder if anyone knows about a "tag" that can block web addresses entered in the "comment field" F.ex. If you enter "http://www" in the comment field, you will get blocked... Just take a look at this site, and you'll know what i mean;http://slap-madcap.com/guestbook.phpThanks--- Erik<?phpwhile(list($key, $val) = each($HTTP_POST_VARS)) { $val = str_replace("<", "<", $val); $HTTP_POST_VARS[$key] = str_replace(">", ">", $val); } $date = date("d. m. Y H:i:s");$logit = "<font style=\"font-family: arial; font-size: 8pt;\"><p><b>Name:</b> ".$HTTP_POST_VARS["name"]."<br>"."<b>Time:</b> $date<br>"."<b>Comment: </b>".$HTTP_POST_VARS["comment"]." <br><hr> \n";$logit = stripslashes($logit);$fp = fopen ("innlegg.txt", "r+") or die("Error, somthing is wrong.");$Old = fRead ($fp, filesize("innlegg.txt"));fclose ($fp);$fp = fopen ("innlegg.txt", "w") or die("Error, somthing is wrong.");fwrite ($fp, $logit);fwrite ($fp, $Old);fclose ($fp); header("Location: guestbook.php");?>[b]edit(shoz): Edited for language[/b] Quote Link to comment Share on other sites More sharing options...
legohead6 Posted August 2, 2006 Share Posted August 2, 2006 you could set up a database with unallowed addresses then see if the comment relates to those.. ...... also theres a code to turn to lower case so someone can fool it like that... Quote Link to comment Share on other sites More sharing options...
onlyican Posted August 2, 2006 Share Posted August 2, 2006 use regular expressionsor str_replace for certain sites Quote Link to comment Share on other sites More sharing options...
AndyB Posted August 2, 2006 Share Posted August 2, 2006 This works for me:[code]// function to check for all our favorite penis extenders and other spam trashfunction flag_spam($text) { $total_matches = 0; $trash = array(); // Count the regular links $regex = "/<\\s*a\\s+href\\s*=\\s*/i"; $total_matches += preg_match_all($regex, $text, $trash); // Count the PHPBB links $regex = "/[\\s*/\\s*url\\s*]/i"; $total_matches += 5 * preg_match_all($regex, $text, $trash); // Check for common spam words $words = array('phentermine', 'viagra', 'cialis', 'vioxx', 'oxycontin', 'levitra', 'ambien', 'xanax', 'paxil', 'casino', 'slot-machine','texas-holdem','ringtones'); foreach ($words as $word) { $word_matches = preg_match_all('/' . $word . '/i', $text, $trash); $total_matches += 5 * $word_matches; } if ($total_matches > 4) { return TRUE; } return FALSE;} // abstract data sent from form.....$comments = trim($_POST['comments']);if (flag_spam($comments)) { die("SPAM = LOSER"); // gotcha!}// comments not null so continue processing form by removing tags, slashes, etc.$comments = strip_tags($comments);[/code] Quote Link to comment Share on other sites More sharing options...
mcfly Posted August 5, 2006 Author Share Posted August 5, 2006 OK, thanks, folks! But I can't get it to work.. Excactly where shall I write it? Could anyone just edit the code for me and post it here?(I'm not a web-dude at all, I was just left alone trying to fix my own page)Thanks!Erik[code]<?phpwhile(list($key, $val) = each($HTTP_POST_VARS)) { $val = str_replace("<", "<", $val); $HTTP_POST_VARS[$key] = str_replace(">", ">", $val); } $date = date("d. m. Y H:i:s");$logit = "<font style=\"font-family: arial; font-size: 8pt;\"><p><b>Name:</b> ".$HTTP_POST_VARS["navn"]."<br>"."<b>Time:</b> $date<br>"."<b>Comment: </b>".$HTTP_POST_VARS["kommentar"]." <br><hr> \n";$logit = stripslashes($logit);$fp = fopen ("innlegg.txt", "r+") or die("Error, something is wrong.");$Old = fRead ($fp, filesize("innlegg.txt"));fclose ($fp);$fp = fopen ("innlegg.txt", "w") or die("Error, something is wrong.");fwrite ($fp, $logit);fwrite ($fp, $Old);fclose ($fp); header("Location: crapbook.php");?>[/code] Quote Link to comment Share on other sites More sharing options...
leeming Posted August 5, 2006 Share Posted August 5, 2006 [quote author=mcfly link=topic=102783.msg410249#msg410249 date=1154793071]OK, thanks, folks! But I can't get it to work.. Excactly where shall I write it? Could anyone just edit the code for me and post it here?(I'm not a web-dude at all, I was just left alone trying to fix my own page)Thanks!Erik[code]<?phpwhile(list($key, $val) = each($HTTP_POST_VARS)) { $val = str_replace("<", "<", $val); $HTTP_POST_VARS[$key] = str_replace(">", ">", $val); } $date = date("d. m. Y H:i:s");$logit = "<font style=\"font-family: arial; font-size: 8pt;\"><p><b>Name:</b> ".$HTTP_POST_VARS["navn"]."<br>"."<b>Time:</b> $date<br>"."<b>Comment: </b>".$HTTP_POST_VARS["kommentar"]." <br><hr> \n";$logit = stripslashes($logit);$fp = fopen ("innlegg.txt", "r+") or die("Error, something is wrong.");$Old = fRead ($fp, filesize("innlegg.txt"));fclose ($fp);$fp = fopen ("innlegg.txt", "w") or die("Error, something is wrong.");fwrite ($fp, $logit);fwrite ($fp, $Old);fclose ($fp); header("Location: crapbook.php");?>[/code][/quote]add the code AndyB said... like this[code]<?php// function to check for all our favorite penis extenders and other spam trashfunction flag_spam($text) { $total_matches = 0; $trash = array(); // Count the regular links $regex = "/<\\s*a\\s+href\\s*=\\s*/i"; $total_matches += preg_match_all($regex, $text, $trash); // Count the PHPBB links $regex = "/[\\s*/\\s*url\\s*]/i"; $total_matches += 5 * preg_match_all($regex, $text, $trash); // Check for common spam words $words = array('phentermine', 'viagra', 'cialis', 'vioxx', 'oxycontin', 'levitra', 'ambien', 'xanax', 'paxil', 'casino', 'slot-machine','texas-holdem','ringtones'); foreach ($words as $word) { $word_matches = preg_match_all('/' . $word . '/i', $text, $trash); $total_matches += 5 * $word_matches; } if ($total_matches > 4) { return TRUE; } return FALSE;} //$_POST['comments'], change this to what ever your field name is for the message in the guest book.$comments = trim($_POST['comments']);if (flag_spam($comments)) { die("SPAM = LOSER"); // gotcha!}// comments not null so continue processingwhile(list($key, $val) = each($HTTP_POST_VARS)) { $val = str_replace("<", "<", $val); $HTTP_POST_VARS[$key] = str_replace(">", ">", $val); } $date = date("d. m. Y H:i:s");$logit = "<font style=\"font-family: arial; font-size: 8pt;\"><p><b>Name:</b> ".$HTTP_POST_VARS["navn"]."<br>"."<b>Time:</b> $date<br>"."<b>Comment: </b>".$HTTP_POST_VARS["kommentar"]." <br><hr> \n";$logit = stripslashes($logit);$fp = fopen ("innlegg.txt", "r+") or die("Error, something is wrong.");$Old = fRead ($fp, filesize("innlegg.txt"));fclose ($fp);$fp = fopen ("innlegg.txt", "w") or die("Error, something is wrong.");fwrite ($fp, $logit);fwrite ($fp, $Old);fclose ($fp); header("Location: crapbook.php");?>[/code]just see the php note i added... i hope that works Quote Link to comment Share on other sites More sharing options...
mcfly Posted August 6, 2006 Author Share Posted August 6, 2006 Thanks a lot! It works perfectly!Erik Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.