I'm creating a website and I have implemented a commenting/review system on there but I want to stop spammers so I've been trying to find a way to stop people from typing in url's. I tried the following method but it only works for the last thing mentioned (.in) and ignores the rest, it also doesn't cover everything...

  if(strstr($_POST["myreview"], 'www.')) {header("Location: page.php");}
  if(strstr($_POST["myreview"], 'http')) {header("Location: page.php");}
  if(strstr($_POST["myreview"], 'http://')) {header("Location: page.php");}
  if(strstr($_POST["myreview"], '.com')) {header("Location: page.php");}
  if(strstr($_POST["myreview"], '.co.uk')) {header("Location: page.php");}
  if(strstr($_POST["myreview"], '.us')) {header("Location: page.php");}
  if(strstr($_POST["myreview"], '.net')) {header("Location: page.php");}
  if(strstr($_POST["myreview"], '.in')) {header("Location: page.php");}

  else {
/*code to execute otherwise follows here*/

Can someone help?

Member Avatar for diafol

You could use preg_match(), using an array of patterns. Or build a strpos function for an array of patterns: http://www.php.net/manual/en/function.strpos.php#102773 (tried it and it works beautifully).

//EDIT
However, I couldn't get it to discern between false and 0, so it modified it, so here's my version:

$bad_array = array("http://", "www.", ".us"); //etc

function strpos_array($haystack, $needles) {
    if ( is_array($needles) ) {
        foreach ($needles as $str) {
            if ( is_array($str) ) {
                $pos = strpos_array($haystack, $str);
            } else {
                $pos = strpos($haystack, $str);
            }
            if ($pos !== FALSE) {
                return $pos;
            }
        }
	return false;
    } else {
        return strpos($haystack, $needles);
    }
}

if(strpos_array('This is a test', $bad_array) === false){
	echo "CLEAN";	
}else{
	echo "BAD TERM FOUND";
}

Wow, that looks beautiful. Let me try to see if it works one minute...

Member Avatar for diafol

Must have edited after you posted - sorry. I'd use stripos in that case as opposed to strpos. See the code I posted and just substitute strpos -> stripos

Changed it to stripos and it works amazingly! Thanks a lot mate, I can finally continue building my site now :D

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.