Profanity Filter

I don't know if my approach is appropriate to the condition, but normally what I done is I will put the filter just before data inserted to database. And redirect back to the form with error message code as indicator for display the error message.

As for the processes of the filter. I will put the list of text into an array and perform with:

foreach ($array_text as $text){
    if(strpos(strtolower(htmlentities($POST['comment'])),$text) !== false){
        return true;
    }
    return false;
}

Profanity filters don't really work as users will find a way around them. fcking hell, etc. It's the intent that should be policed not the word IMO. Some may find the correct spelling offensive, but those who are offended by profanity will equally be offended by a mispelt offering - otherwise they're just spelling snobs. Filtering all profane words with all various common spellig mistakes is pointless (IMO again) and you run the risk of false positives. Perhaps FCKEditor would be a problem or the mispelling of counting by dropping the 'o'.

However, they are in use in many forums, including this one, and they do prevent a lot of crap getting through.

You could do a client side filter in jQ and then repeat the filter on the server. This could prevent submission in the first place and lessen frustration for the user. Again it could be Ajaxed, where the filter is run on the server, without the user being aware of it. Client side offensive word filters are there for all to see in js, so a determined user could check the filter and post to his malicious heart's content.

A clear policy is a good idea with maybe a short message below the posting box. The ability for other users to report a message would also be useful. My 2p.

diafol:

A couple of questions if you don't mind...

• If I am storing all of the profanity words in an array that is acting as an include file which is called before the data is submitted to the DB, how will anyone know how to find/view it in order to see how to by-pass the filter? I do not wish to hard code them directly into the page so the source can be easily viewed via right-click.
• I was planning initially on doing this in PHP - Why do you suggest jQuery? (I am not very familiar at this point with JQ). What are the benefits of JQ in comparison to just using a PHP array to cycle through for the forbidden words, eliminate them from the form and show a message informing the User to correct the fields?
• I do understand that some malcious people may atempt to by-pass the filter by misspelling curse words, but I am hoping to catch the most general, common and obvious words - I have a list of about 300 prohibited words to cycle through at this point.

Thanks much,
Matthew

A couple of questions if you don't mind...

No prob. That's why we're here.

1. Keep array in php and nobody will see it.
2. No need to use jq at all.
3. That's fine. Prevention is better than cure. You'll never catch all of them anyway. Just saying that you need to police intent and not purely rely on automated filters.

Honestly, it's pretty pointless. I'd say that it's best to just ban those that swear if it means that much. I personally don't filter any profanity on any of my websites because I believe in a free internet. I silence those that swear to offend.

FÜ etc
in utf8, there are 1408 (thus far) ways to write eff ewe see kay and get past filters
If you are going to try to catch all possible forms of all comon profanities
:: a gigabyte sized array, processing will take so long your site will shut down

as said before, does not really work, even with a good filter, policy and policing is required
This comes up often, in classes
students seem to enjoy finding homographs for swear words