So, my website is getting a significant amount of spam.
To filter out some of it, I wanted to test the body of the post to make sure it doesn't contain certain words. If they do, give the user an instant (temporary) ban.
Included is my code. I added an echo line to show the position returned, and tested with posts which did or did not include test words. For whatever reason, it always returns null, and nothing is displayed. Am I not allowed to pass a $_POST variable into this function?
Code:
$bannedwords = array ("spam word", "foo", "bar", "foobar", "quarry");
foreach ($bannedwords as $bannedphrase) {
$pos = strpos($_POST['body'], $bannedphrase);
echo 'The position is: ' . $pos;
if ($pos === FALSE){
//require_once 'inc/mod/ban.php';
//Bans::new_ban($_SERVER['REMOTE_ADDR'], 'Suspected Spammer.', '2', $_POST['board'] == '*' ? false : $_POST['board']);
error($config['error']['bannedword']);
}
}
EDIT: I do see a logic error here, though I don't think its what breaks the code. Maybe it is, however. If a user is banned early into the array, the if statement continues, which could be the reason I am seeing a null value later on?
As others have pointed out, you're testing the value backwards, since strpos will only return FALSE if the search string was NOT found. Also, echo your POST variable before you search it to make sure it is what you think it is.
Try this code:
$bannedwords = array ("spam word", "foo", "bar", "foobar", "quarry");
if (isset($_POST['body'])) { echo 'POST: ', $_POST['body'], '<br/>'; }
else { echo 'No POST variable found!'; }
foreach ($bannedwords as $bannedphrase)
{
$pos = strpos($_POST['body'], $bannedphrase);
if ($pos === FALSE)
{
echo ' Banned word not found.';
}
else
{
echo ' Banned word found at position: ', $pos;
//require_once 'inc/mod/ban.php';
//Bans::new_ban($_SERVER['REMOTE_ADDR'], 'Suspected Spammer.', '2', $_POST['board'] == '*' ? false : $_POST['board']);
error($config['error']['bannedword']);
break; // This will exit the foreach loop
}
}
I think that you should use a regex for this problem, this a regex example
$regex = "/(spam|bar|foo)/";
$phrase = "This is a spam message";
echo preg_match($regex, $phrase);
# The regex show 0 or 1