Help blocking words from $_Post

[Starwind237]

So I modded bug14's neater thingy to post contact details in a simple list. The only problem is I know stupid people will post a bunch of vulgar crap into it. That's why I want to incorporate a block list into.

This is what I'm currently trying but it blocks you no matter what you post.

PHP Code:

<?php
//Some variables...
$aim = $_POST['aim'];
$yim = $_POST['yim'];
$msn = $_POST['msn'];
$name = $_POST['name'];
$email = $_POST['email'];

//Keeping out spam
//lowered badness level of words for younger GGers ^_^
$wordlist = "crap|dang|shoot|sex";

if(preg_replace("/\b($wordlist)\b/ie", 'preg_replace("/./","*","\\1")', $name)){
    echo 'You have tried to post something on the blocklist!';}

elseif(preg_replace("/\b($wordlist)\b/ie", 'preg_replace("/./","*","\\1")', $aim)){
    echo 'You have tried to post something on the blocklist!';}

elseif(preg_replace("/\b($wordlist)\b/ie", 'preg_replace("/./","*","\\1")', $yim)){
    echo 'You have tried to post something on the blocklist!';}
    
elseif(preg_replace("/\b($wordlist)\b/ie", 'preg_replace("/./","*","\\1")', $msn)){
    echo 'You have tried to post something on the blocklist!';}    

elseif(preg_replace("/\b($wordlist)\b/ie", 'preg_replace("/./","*","\\1")', $email)){
    echo 'You have tried to post something on the blocklist!';}    
    
    else{
            if($name!="") {
                header("Location: view.php");
                //writes contact information to text file.
                $handle = fopen("contacts.txt", "a");
                    fwrite($handle, $name.".::.".$aim.".::.".$yim.".::.".$msn.".::.".$email."\r\n");
                fclose($handle);
                }
            else {
                echo $html_one;
                echo 'Please enter your name and full contact details.';
                }
                
        }
$html_one = '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
<title>Please Enter Contact Details</title>
</head>';
    
?>

[rcadble]

Just use PHP's str_replace, it's a lot easier to use than regex.

Code:

<?php
$badwords = Array("crap", "dang", "shoot", "sex"); //add your words there
$aim = str_replace($badwords, "*BLOCKED*", htmlentities($_POST['aim'])));
$yim = str_replace($badwords, "*BLOCKED*", htmlentities($_POST['yim']));
$msn = str_replace($badwords, "*BLOCKED*", htmlentities($_POST['msn']));
$name = str_replace($badwords, "*BLOCKED*", htmlentities($_POST['name']));
$email = str_replace($badwords, "*BLOCKED*", strip_tags($_POST['email']));

if(!ereg("^[a-zA-Z0-9._%-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,4}$", $email)) { //if it isn't a real email
	$errors .= "You entered an improperly formatted email address.<br>";
} 

if(stristr($aim, '*BLOCKED*') == true || stristr($msn, '*BLOCKED*') == true || stristr($yim, '*BLOCKED*') == true || stristr($name, '*BLOCKED*') == true || stristr($email, '*BLOCKED*') == true || ) {
	$errors .= "You entered a vulgar aim, yim, msn, name, or email.<br>";
}

if (strlen($name)==0 || strlen($email)==0) {
	$errors .= "Please do not enter a blank name or email.<br>";
}

if ($errors=="") {
	header("Location: view.php"); 
	$handle = fopen("contacts.txt", "a");
		fwrite($handle, $name.".::.".$aim.".::.".$yim.".::.".$msn.".::.".$email."\r\n");
	fclose($handle);
} else {
	echo $errors;
}
?>

I got rid of the $html_one crap since I didn't know what you were trying to do there, I'm sure you could easily reimplement that.

[Starwind237]

$html1 was in bug14's original program. It basicly just set's up the title and a few other things.

Well, you had few typos that I had to debug. But, thanks to you I got it working!

Thanks a lot +rep