Forbidden words checker - JavaScript and AJAX forum at WebmasterWorld - WebmasterWorld

Forum Moderators: open

Message Too Old, No Replies

Forbidden words checker

Need to clean some form entries

Mauricio

3:20 pm on Mar 17, 2004 (gmt 0)

Hi.

I've got a free classifed ads service and it's becoming to be hardly spammed. Everyday (some days, more than once) I must connect trought FTP, downlad the flat text files with the ads, delete the spam messages and upload the files again. Awesome.

So I'm looking for a free javascript to block some words on the text area of the submission form.

What I get now is this:
(It does nothing with the form and I suspect the filter only will work if the textarea matchs exactly within the forbidden words)

<HTML>
<HEAD>
<script language="JavaScript1.2">

var forbidden=new Array()
forbidden[0]="obviously"
forbidden[1]="I will"
forbidden[2]="not"
forbidden[3]="put"
forbidden[4]="here"
forbidden[5]="any"
forbidden[6]="strong"
forbidden[7]="word"

var testresults
function checktext(){
var invalidcheck=0;
var str=document.myform.textarea.value
if (str==forbidden[i])
invalidcheck=1

if (invalidcheck!=1)
testresults=true
else{
alert("Sorry... some words of your ad are not allowed on this site")
testresults=false
}
return (testresults)
}
</script>

<script>
function checktextads(){
if (document.layersΖdocument.getElementByIdΖdocument.all)
return checktext()
else
return true
}
</script>

</HEAD>
<BODY>

<FORM NAME="myform" ACTION="cgi-bin/classifieds/update.pl" METHOD="post">
<TEXTAREA NAME="textarea" COLS="40" ROWS="5"></TEXTAREA>
<INPUT TYPE="submit" onClick="return checktextads()">
</FORM>

</BODY>
</HTML>

Can anyone help me?

Thanks in advance.

Rambo Tribble

4:44 pm on Mar 17, 2004 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

Yes, it appears that an exact match would be needed for this to work. To accommodate "fuzzy" matching would require some fairly sophisticated scripting. I'm not aware of anything that would be free. I could be wrong, but I expect you'll have to hire someone's coding services to obtain what you want.

dcrombie

4:45 pm on Mar 17, 2004 (gmt 0)

You're making it a lot harder than you need to ;)

<SCRIPT type="text/javascript">  var forbidden = new Array ("obviously", "I will", "not", "put", "here", "any", "strong", "word"); 
 function checkForm (form){ 
 var input = form.textarea.value; 
 var fail = false; 
  
 for (var i=0; i < forbidden.length; i++) { 
 badWord = forbidden[i]; 
 if (input.indexOf(badWord)!= -1) { 
 fail = true; 
 break; 
 } 
 } 
 if (fail) { 
 // error message 
 return false; 
 } 
 return true; 
 } 
</SCRIPT> 
<FORM ... onSubmit="return checkForm(this);"> 
<TEXTAREA NAME="textarea" COLS="40" ROWS="5"></TEXTAREA> 
<INPUT TYPE="submit"> 
</FORM>

Mauricio

4:56 pm on Mar 17, 2004 (gmt 0)

Great.

Works fine.

Rambo Tribble

5:42 pm on Mar 17, 2004 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

You're still going to have to have an exact match, though.

ajkimoto

6:36 pm on Mar 17, 2004 (gmt 0)

10+ Year Member

You could use regular expressions to handle fuzzy matches.

Something like

<SCRIPT type="text/javascript">
var forbidden = new Array ("v[!i1]agra", "xen[!i1]c[o0@]l", "c[i!1]al[i!1]s", "put", "here", "any", "strong", "word");
function checkForm (form){
var input = form.textarea.value;
var fail = false;
for (var i=0; i < forbidden.length; i++) {
Regex=eval('/'+forbidden[i]+'/i');
if (Regex.test(input)){
fail = true; break;
}
}
if (fail) {
alert("hey, you can't put that here!")
return false; }
return true;
}
</SCRIPT>
<FORM name="myform" method="post" action="" onSubmit="return checkForm(this);">
<TEXTAREA NAME="textarea" COLS="40" ROWS="5"></TEXTAREA>
<INPUT TYPE="submit">
</FORM>

Purple Martin

10:14 pm on Mar 17, 2004 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

The spammers only have to turn off JavaScript to get around that. Ideally you should do it server-side instead.

ajkimoto

10:23 pm on Mar 17, 2004 (gmt 0)

10+ Year Member

While I usually like to do validation on the client-side, in this case I'm afraid that Purple Martin is correct. You could make it a little harder on them by hiding the form using css if js is not enabled (use js to make the form visible, otherwise keep it hidden).

However, since such folks are already relegated to the boundaries of society, they will probably not be deterred by such screen-door security.

ajkimoto

Rambo Tribble

10:42 pm on Mar 17, 2004 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

However, you could handle the submission through a JavaScript function, thereby forcing all but the cleverest from submitting the form without JavaScript turned on.

ajkimoto

10:50 pm on Mar 17, 2004 (gmt 0)

10+ Year Member

I suppose that if you make it too much of a hassle for them, the aforementioned spammers will just go elsewhere.

ajkimoto