Jump to content

[SOLVED] preg_match problem

nunu78

By nunu78
in Regex Help

 Share

Recommended Posts

nunu78 Newbie

nunu78

Posted
Posted

I'd like some help with this, as I am still new to php...

What I want the code do is:

1) get rid of messages if they contain tags of any kind (thanks to genericnumber1 this works)

2) if the message did not contain tags, but masked URLS using [ ] and < find those (or the always present href, as I've tried myself) and get rid of the message if they do appear in the message

 

All help is appreciated.

 

 

$strippedInput = strip_tags($message);
if($message != $strippedInput) {
     header('location:trap.php'); // something to redirect back, maybe with an error
     die();
 }

if (!preg_match("/href/i", $message)) {
  header('location:trap.php'); // something to redirect back, maybe with an error
     die();
}

 

all the code here:

<?php

// You can customize the date and time format using PHP.  As they are set now,
// the date will appear in the form "Sunday, January 11, 2004" and the time in
// the form "1:04 pm".  Another common date format would be 01.11.04; to change
// it to this, replace 'l, F j, Y' with 'm.d.y'.  More info can be found at
// http://us2.php.net/manual/en/function.date.php.

$dateFormat = 'd.m.Y';
$timeFormat = 'H:i';


if (empty($_POST['message'])) {
  header('Location: '.$_POST['bookurl'].'?contents=blank');
}

else {
  $entryFile = 'entries.txt';
  $formatFile = 'format.php';

  $message = stripslashes($_POST['message']);

  $allowedTags = '<a><em><strong><b><i><img>';

  $stripAttrib = 'javascript:|onclick|ondblclick|onmousedown|onmouseup|onmouseover|onmousemove|onmouseout|onkeypress|onkeydown|onkeyup|style|class|id';

  function removeEvilTags($source)
  {
     global $allowedTags;
     $source = strip_tags($source, $allowedTags);
     return preg_replace('/<(.*?)>/ie', "'<'.removeEvilAttributes('\\1').'>'", $source);
  }
  function removeEvilAttributes($tagSource)
  {
    global $stripAttrib;
    return stripslashes(preg_replace("/$stripAttrib/i", 'forbidden', $tagSource));
  }

  function word_wrap($message)
  {
    $maxLength = 60;
    $cut = ' ';
    $result = '';
    $wordlength = 0;

    $length = strlen($message);

    $tag = FALSE;
    for ($i = 0; $i < $length; $i++)
    {
      $char = substr($message, $i, 1);
      if ($char == '<') { $tag = TRUE; }
      elseif ($char == '>') { $tag = FALSE; }
      elseif (!$tag && $char == ' ') { $wordlength = 0; }
      elseif (!$tag) { $wordlength++; }
      if (!$tag && !($wordlength%$maxLength)) { $char .= $cut; }
      $result .= $char;
    }
  return $result;
  }
  
$strippedInput = strip_tags($message);
if($message != $strippedInput) {
     header('location:trap.php'); // something to redirect back, maybe with an error
     die();
 }

if (!preg_match("/href/i", $message)) {
  header('location:trap.php'); // something to redirect back, maybe with an error
     die();
}



  $message = word_wrap(removeEvilTags($message));
  $message = str_replace(array('&', "\r\n\r\n"), array('&', '</p><p>'), $message);
  $message = str_replace(array('&gt;', '&lt;', "\r\n"), array('>', '<', '<br />'), $message);

  $signername = strip_tags(stripslashes($_POST['signername']));
  $email = urlencode(strip_tags(stripslashes($_POST['email'])));
  $url = urlencode(strip_tags(stripslashes($_POST['url'])));
  $url = str_replace(array('%2F', '%3A'), array('/', ':'), $url);

  $formatted = file_get_contents($formatFile);
  $variables = array("\n", '%%signername%%', '%%email%%', '%%url%%', '%%message%%', '%%date%%', '%%time%%');
  $inputs = array('', $signername, $email, $url, $message, date($dateFormat), date($timeFormat));

  $formatted = str_replace($variables, $inputs, $formatted);

  $oldEntries = fopen($entryFile, 'r');
  $content = fread($oldEntries, filesize($entryFile));
  fclose($oldEntries);

  $newContent = $formatted."\n".$content;

  $allEntries = fopen($entryFile, 'w');
  fwrite($allEntries, $newContent);
  fclose($allEntries);

  header('Location: '.$_POST['bookurl']);

}

?>

Link to comment
Share on other sites
nunu78 Newbie

nunu78

Posted
  • Author
Posted 

[url=http://pomogli3.nm.ru/giorgio-gori-giornalista-morto.ht ml]giorgio gori giornalista morto[/url]

 

this is one way of getting the link pass strip_tags. And the output that I want is for the script to recognise this as an link and stop it from going to the actual guestbook (opens up a spampage or gives the error 404 page).

 

Is there something similar to strip_tags (and if tags are stripped, message is blocked) that would prevent the use of [ ] tags?

 

Link to comment
Share on other sites
nunu78 Newbie

nunu78

Posted
  • Author
Posted

the first two choices  should be removed. The main idea is that spam messages would be removed. All legitimate (known) users know that html and links are forbidden and I am just looking for a way to automatically stop spam messages that include links of any kind.

 

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.