I need some help with logins and sessions and string functions

[elite_prodigy]

Okay, when I built my site, I had no idea I was going to have to get this involved, but apparently I do.

 

I posted earlier about my Dirt Digger thing and now I've had to disable it until I can prevent certain tags from working. I had users posting pornographic images and what have you. I also need to just not even enter the submission into the database if there are words that I may set off a bunk submission such as a rant about nothing with ton of swearing. I don't want to get so involved with this as to build an entire user system and make people log in to make a submission.

 

I think the one function I need is like StripTags("","") or something. I want to remove all tags except for <i>, <br />, <p>, <b> <u> and their counter parts.

 

Plus, I can't think of a simple way to search a string to see if it contains certain words.

Maybe str_search?

 

I also want to record their IP into the DB upon submission.

 

----------------------------------------------------------------

 

I also have a relatively simple ACP/staff area where staff can log in and what not to make submissions to a special page that is "official", however, I want this ACP to recognize them and I need to transfer their user name to another variable and change the code inside the page depending on who logged in because each staff member has a web page and I want them to be able to update only their own page when they log in so I need to change some info in the PHP code so that everything is sent to the right databases.

[wildteen88]

php does provide a function  tostrip html tags from a string. Surprisingly its called strip_tags. It can be configured to only allow certain html tags too.

 

You can use str_replace to filter out offensive words, eg:

// add bad words to the bad_words array.
$bad_words = array('badword1', 'badword2', 'etc...');
// now to remove them
$clean_text = str_replace($bad_words, 'replacement_text_here', $text_to_filter);

[elite_prodigy]

Thanks. The strips_tags() is perfect!

 

Now, as for the $bad_words, it's a start but I need a way to know if the text contains those words and then if it does to not even enter it into the database.

 

Thanks!

[wildteen88]

Not the best, but its a starting point:

$bad_words = array('apples', 'berries', 'nuts');

$str = 'I like apples and berries';

$bad_word_count = 0;
foreach($bad_words as $bad_word)
{
    if(eregi($bad_word, $str))
    {
        $bad_word_count++;
    }
}

if($bad_word_count == 0)
{
    echo "'$str is clean!";
}
else
{
    echo "bin '$str' not clean!";
}

[elite_prodigy]

Yes, it is a start. With a bit of editing it should workd perfectly! Thanks!

 

[elite_prodigy]

Okay, I have just about everything solved, except I keep getting this error with my sessions.

 

I use a file called logout.php to logout:

<?php
session_destroy();
unset($_SESSION[user]);
?>
<html>
<head>
</head>
<body>

<script type="text/javascript">

//using javascript because I can't get the header(":" to go to parrent directory.

window.location="http://www.hasdsecret.co.cc";

</script>

</body>
</html>

 

The above reders this error:

Warning: session_destroy() [function.session-destroy]: Trying to destroy uninitialized session in /home/david08/public_html/hasdsecret.co.cc/admin/logout.php on line 2

 

 

[elite_prodigy]

I've fixed this too. Amature's mistake:

 

<?php
session_start(); //forgot to start session for destruction
session_destroy();
unset($_SESSION[user]);
?>
<html>
<head>
</head>
<body>

<script type="text/javascript">

//using javascript because I can't get the header(":" to go to parrent directory.

window.location="http://www.hasdsecret.co.cc";

</script>

</body>
</html>