got it!

if (strpos($value, "essay") !==false) {
$er=$er+1;
echo "<center><font size='-1' color='red'>Your comment is noted as spammy.</font></center><br>";}

Why are you using 1995 deprecated and non-semantic html?

echo '<p style="margin:auto; color:red;">Your comment is noted as spammy.</p>';

It does matter.

Anyway you are likely to have several such words and this list will change over time, I suggest a global list somewhere as a configuration . . .

$badwords = array { 
 'bad1', 
 'bad phrase', 
 'another bad phrase' 
}; 
// 
if (check_input($_POST['comments'],$badwords)) { 
 echo '<p style="margin:auto; color:red">Your comment is noted as spammy.</p>"; 
 exit; 
} 
// 
function check_input($input,$list) { 
 $spam=null; 
 foreach ($list as $phrase) { 
 if (strpos($input, $phrase)===true) { // Note THREE 
 $spam=1; 
 break; 
 } 
 } 
 return $spam; 
} 

Of course strpos doesn't check for CasEinSensItiviTy (stripos() DOES) and might miss attempts to hack around your filters, stripos or even preg_match would be a better choice.

if (preg_match("/$phrase/i",$input)) {  
 $spam=1; 
 break; 
} 

Why are you using 1995 deprecated and non-semantic html?

That's like asking why people program in C vs C++ or C#

You go with what you know ;)

I am trying to get your coding to work but am getting a fatal error.

$spammywords=array('forum','dissertation');
// 
if (check_input($_POST['comments'],$spammywords)) { 
 echo '<p style="margin:auto; color:red">Your comment is noted as spammy.</p>'; 
$er=$er+1; 
} 
// 
function check_input($input,$list) { 
 $spam=null; 
 foreach ($list as $phrase) { 
 if (stripos($input, $phrase)===true) { // Note THREE 
 $spam=1; 
 break; 
 } 
 } 
 return $spam; 
} 

Well, any code posted here is typed on the fly for educational purposes only, and you didn't say what the error was.

Note that functions must go **outside** any logic blocks in the "root" context of the PHP script or you'll get "undefined function" (or, you could move the function to immediately before them being called but that's kinda dumb logic.)

Anyway, here's a tested working example, but couldn't get stripos to work. IMO it's not the right tool for what you're doing anyway.

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> 
<html lang="en"> 
<head> 
 <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> 
<title>Untitled</title> 
</head> 
<body> 
<?php 
if ($_POST) { 
 $badwords = array (  
 'bad1',  
 'bad phrase',  
 'another bad phrase'  
 ); 
 $errors=null; 
 //  
 foreach ($_POST as $key=>$value) { 
 if (check_input($value,$badwords)) {  
 $errors .= "<li style=\"list-style:none; color:red\">Spam detected in the $key field.</li>\n";  
 } 
 }  
} // End if POST 
// Function - must reside OUTSIDE logic blocks 
function check_input($input,$list) {  
 $spam=null;  
 foreach ($list as $phrase) {  
 // if (stripos($input, $phrase)===true) { // Note THREE  
 if (preg_match("/$phrase/i",$input)) { 
 $spam=1;  
 break;  
 }  
 }  
 return $spam;  
} // end function 
?> 
<form method="post" action="input-test.php"> 
<?php if ($errors) { echo "<ul>$errors</ul>"; }?> 
<p><label for="yourname">Your Name</label>: 
<input type="text" name="yourname" id="yourname" value="bad1"></p> 
<p><label for="comments">Comments</label>: 
<textarea name="comments" id="comments" rows="3" cols="20">bad phrase</textarea></p> 
<p><input type="submit" value="Test Me"></p> 
</form> 
</body> 
</html> 

Note how there's no hard coded references to the form fields in the validation portion.

Ok, thank you!

rockinbil, is there a different way you would recommend than above's code?

Different in what way? That approach is expandable (you can add to or remove from the array as you need to,) compartmentalized and approaching OOP (the function accepts parameters and returns values,) the function can serve multiple purposes (for example, you can pass a different words array list to it to validate ordinary form data), and portable (the function can be moved into an include and used by multiple programs or scripts.) Not really sure what you mean.

rocknbil

you stated above that you have stripos but you included it in the code? Do you like as is or use different functions to catch the spam words?

Ah. You can see the line for stripos is commented out and it's using preg_match, which is what I prefer (but that's just me.) I couldn't get stripos to work in this context. That is working code BTW.

I tried the code but get a fatal error

Fatal error: Call to undefined function check_input()

From post #4464021? This can only mean one thing.

// Function - must reside OUTSIDE logic blocks

You have the function inside an if if/else block. I just retested it, appears to be working fine.

thanks for the help....you're the BoMB