2016-03-27 433 views
-1

我在我的網站上有一個聊天,但它沒有帳戶,所以詛咒是猖獗的。我使用PHP將我的所有數據寫入user.txt。有沒有一個簡單的過濾器在php中盲目詛咒?因爲這個js我使用似乎並沒有工作得很清楚:PHP聊天審查

$(function() { 
 
    $("input:submit[name='submit']").on("click",function() { 
 
    var name = $("input:text[name='name']").val(); 
 
    var message = $("input:text[name='field2']").val(); 
 
    var badwords = ["dingbat", "poopy"]; 
 

 
    /* do this */ 
 

 
    if($.inArray(name, badwords) !==-1 || $.inArray(message, badwords) !==-1) { 
 
     alert("Your Message Contains Bad Words, Please Remove Them Before Proceeding"); 
 
     return false; 
 
    } 
 
    }); 
 
});

這裏是我完整的代碼(減去txt.php這只是顯示user.txt

@import url(https://fonts.googleapis.com/css?family=Lato:400,100,300); 
 
#blu { 
 
background: #F0FAFF; 
 
padding: 3; 
 
width: 310; 
 
     } 
 
\t \t b, i, p { 
 
-webkit-transition: all 0.5s ease; 
 
    font-size: 16px; 
 
    font-size: 1rem; 
 
    line-height: 23px; 
 
    line-height: 1.4375rem; 
 
    font-weight: 400; 
 
    font-style: normal; 
 
    font-family:"Lato"; 
 
} 
 
iframe{border: 3px solid white;} 
 

 
button,input, #rcp_submit, #rcp_update_card { 
 
    display: inline-block; 
 
    font-family: "Lato", sans-serif; 
 
    font-weight: 500; 
 
    outline: 0; 
 
    border-radius: 0; 
 
    color: black; 
 
    background: #FFFFFF; 
 
    white-space: nowrap; 
 
    padding: 9px 16px !important; 
 
    line-height: 1.4; 
 
    border: 0; 
 
\t color:black; 
 
    position: relative; 
 
    -webkit-transition: 0.1s; 
 
    transition: 0.1s; 
 
}
,!--this file is called c5.php--> 
 
<?php 
 
if(isset($_POST['field1']) && isset($_POST['field2'])) { 
 
    $data = $_POST['field1'] . '-' . $_POST['field2'] . "<br>"; 
 
    $ret = file_put_contents('user.txt', $data, FILE_APPEND | LOCK_EX); 
 
    if($ret === false) { 
 
     die('There was an error writing this file'); 
 
    } 
 
    else { 
 
\t echo "$ret bytes written to file<a href ='javascript:history.go(-1)'>go back</a>"; 
 
    } 
 
} 
 
else { 
 
    die('no post data to process'); 
 
} 
 
?> 
 
<html> 
 
<body onload="reloadIFrame();"> 
 
<script> 
 
window.setInterval("reloadIFrame();", 3000); 
 
function reloadIFrame() { 
 
document.getElementById("myIframe").src="txt.php"; 
 
} 
 
</script> 
 
<div id ="blu"> 
 
<table> 
 
<p>Chat about your code</p> 
 
<td> 
 
<iframe src ="txt.php" id ="myIframe"></iframe><br/> 
 
<button onclick="reloadIFrame();">Refresh feed</button> 
 
<form action="c5.php" method="POST"> 
 
<p>Name:</p> 
 
    <input name="field1" type="text" /> 
 
\t <h3>&nbsp;</h3> 
 
<p>Question:<p> 
 
    <input name="field2" type="text" /> 
 
    <input type="submit" name="submit" value="Submit"> 
 
</form> 
 
<a href="user.txt" download="chatlogs">download chat logs</a> 
 
</td> 
 
</table> 
 
</div>

+5

不會有任何效果,人們總能找到創造性的方法以c_u_r_s_e –

+0

這樣一個基於JS的過濾器應該工作得很好,假設你有一個有效的,完整的目錄,你想過濾掉。那麼問題是什麼?你實際上是什麼意思「似乎不太好」? – arkascha

+0

還有一個普遍的問題:當人們訪問你的網站時,他們怎麼會這麼生氣,以至於他們詛咒?這在互聯網上並不常見... – arkascha

回答

0

讓我們來看看t爲什麼你的js不工作

你正在匹配一個單詞的整個句子。 這裏有一個例子,如果var nameBADWORD SOMEONE_BADWORD 如果數組認爲值(BADWORD SOMEONE_BADWORD

所以你應該做的句子被分成它的基本成分

name.split(/[(\s|_)]/) // split the name by white space or underscore 
要搜索的內容

現在你將有

["BADWORD", "SOMEONE", "BADWORD"]

數組

和代碼變爲:

$(function() { 
    function containBadWord(words , banlist){ 
    var bad = false; 
    $.each(words , function(k , v){ 
     if($.inArray(v, banlist) !==-1){ 
      bad = true; 
      return false; 
     } 
    }); 
    return bad; 
    } 
    $("input:submit[name='submit']").on("click",function() { 
    var name = $("input:text[name='']").val(); 
    var name_split = name.split(/[(\s|_)]/); 
    var message = $("input:text[name='field2']").val(); 
    var message_split = message .split(/[(\s|_)]/); 
    var badwords = ["dingbat", "poopy"]; 

    /* do this */ 
    if(containBadWord(name_split , badwords)){ 
    alert("your name has bad words") 
    } 

    if(containBadWord(message_split , badwords)){ 
    alert("your messagehas bad words") 
    } 
    }); 
}); 

編輯:

上面的代碼是行不通的,因爲你的jQuery選擇都是錯誤的爲好。

`input:text[name='']` will select an input with an empty attribute of `name` 

這裏是工作的代碼

https://jsfiddle.net/tq7odeLg/

+0

dosen't工作... – 500man

+0

我希望超過工作評論,但我會問什麼不工作!我測試了它,它爲我工作 –

+0

@ 500人看到js小提琴和更新 –

0

我想這一點,和它的工作:

<?php 
 

 
$find=array('bad','word','words'); 
 

 
$replace=array('...','...','...'); 
 

 
if(isset($_POST['user_input'])&&!empty($_POST['user_input'])) 
 
\t  $data = $_POST['name'] . '-' . $_POST['user_input'] . "<br>"; 
 
$ret = file_put_contents('user.txt', $data, FILE_APPEND | LOCK_EX); 
 
    if($ret === false) { 
 
     die('There was an error writing this file'); 
 
    } 
 
    else { 
 
    } 
 
{ 
 

 
$user_input=$_POST['user_input']; 
 

 
$user_input_new=str_ireplace($find,$replace,$user_input); 
 

 
} 
 
?> 
 

 
<p> <?php 
 
     $text = file_get_contents('user.txt'); 
 
     echo $text; 
 
    ?> 
 
</p> 
 
<style> 
 
@import url(https://fonts.googleapis.com/css?family=Lato:400,100,300); 
 
b, i, p { 
 
-webkit-transition: all 0.5s ease; 
 
    font-size: 16px; 
 
    font-size: 1rem; 
 
    line-height: 23px; 
 
    line-height: 1.4375rem; 
 
    font-weight: 400; 
 
    font-style: normal; 
 
    font-family:"lato"; 
 
} 
 
</style> 
 

 
<hr> 
 

 
<form action="ws.php" method="POST"> 
 
<p>name:</p><input name ="name" type ="text"></input><br/> 
 
<p>comment:</p><br/><textarea name="user_input" rows="6" col="30"> 
 
</textarea><br/> 
 
<input type="Submit" value="Submit"> 
 

 
</form> 
 
</form>