How to Create an Advanced PHP (bad, naughty) Words Filter
Posted on October 26, 2008, Filled under PHP, 
Bookmark it
This is a PHP Class useful if you need to filter (bad, naughty) words from a string (text), whether is a simple string or one containing HTML tags.
Here’s the complete source code (we will explain it below):
filter.string.class.php
<?php
/*
Credits: Bit Repository
*/
class Filter_String {
var $strings;
var $text;
var $keep_first_last;
var $replace_matches_inside_words;
function filter()
{
$new_text = '';
$regex = '/<\/?(?:\w+(?:=["\'][^\'"]*["\'])?\s*)*>/'; // Tag Extractor
preg_match_all($regex, $this->text, $out, PREG_OFFSET_CAPTURE);
$array = $out[0];
if(!empty($array))
{
if($array[0][1] > 0)
{
$new_text .= $this->do_filter(substr($this->text, 0, $array[0][1]));
}
foreach($array as $value)
{
$tag = $value[0];
$offset = $value[1];
$strlen = strlen($tag); // characters length of the tag
$start_str_pos = ($offset + $strlen); // start position for the non-tag element
$next = next($array);
// end position for the non-tag element
$end_str_pos = $next[1];
// no end position?
// This is the last text from the string and it is not followed by any tags
if(!$end_str_pos) $end_str_pos = strlen($this->text);
// Start constructing the new resulted string. We'll add tags now!
$new_text .= substr($this->text, $offset, $strlen);
$diff = ($end_str_pos - $start_str_pos);
// Is this a simple string without any tags? Apply the filter to it
if($diff > 0)
{
$str = substr($this->text, $start_str_pos, $diff);
$str = $this->do_filter($str);
$new_text .= $str; // Continue constructing the text with the (filtered) text
}
}
}
else // No tags were found in the string? Just apply the filter
{
$new_text = $this->do_filter($this->text);
}
return $new_text;
}
function do_filter($var)
{
if(is_string($this->strings)) $this->strings = array($this->strings);
foreach($this->strings as $word)
{
$word = trim($word);
$replacement = '';
$str = strlen($word);
$first = ($this->keep_first_last) ? $word[0] : '';
$str = ($this->keep_first_last) ? $str - 2 : $str;
$last = ($this->keep_first_last) ? $word[strlen($word) - 1] : '';
$replacement = str_repeat('*', $str);
if($this->replace_matches_inside_words)
{
$var = str_replace($word, $first.$replacement.$last, $var);
}
else
{
$var = preg_replace('/\b'.$word.'\b/i', $first.$replacement.$last, $var);
}
}
return $var;
}
}
?>
How it works?
First, a regex is used to extract the HTML tags (if any). To do that we use preg_match_all() with the flag PREG_OFFSET_CAPTURE. This is used to get the actual position (offset) of the matched element. Based on this information we will calculate the numeric position for elements that aren’t tags & apply the filter to them.
How to use it?
In this example the script is replacing all the words from the array and keeps the first and last letter for each one. It replaces the middle letters with stars (*). For example the word ‘turpis’ will be replaced with ‘t****s’ (notice that four stars are used in this case). The filter ignores the HTML tags. The attribute ‘href’ is not replaced in the A tag.
<?php
error_reporting (E_ALL ^ E_NOTICE);
include 'filter.string.class.php';
$filter = new Filter_String;
$filter->strings = array('consectetuer','consequat','turpis', 'href');
$filter->text = 'Lorem ipsum dolor sit amet, href <a href="http://www.domain.com/">consectetuer</a> adipiscing elit. Nulla mi nunc, consequat vitae, condimentum at, iaculis at, turpis. Praesent suscipit. Maecenas et lectus.';
$filter->keep_first_last = false;
$filter->replace_matches_inside_words = false;
$new_text = $filter->filter();
echo $new_text;
?>
Lorem ipsum dolor sit amet, h**f c**********r adipiscing elit. Nulla mi nunc, c*******t vitae, condimentum at, iaculis at, t****s. Praesent suscipit. Maecenas et lectus.
For example you need to filter the word ‘eat’ and there is a word in the text ‘create’. In this case, if we set $filter->replace_matches_inside_words to true ‘create’ will become ‘cr***te’. If set to false, ‘create’ will remain the same. This is the case when only the distinct word ‘eat’ is filtered.
Do you wish to receive the latest updates as soon as they are posted? Get our RSS Feed or Subscribe to the Newsletter!
- October 26, 2008
- article by Gabriel C.
- 5 comments
Sponsors
Related Posts
-
PHP: Randomize Text Letters while Keeping the Words Readableat October 4, 2008 with 3 comments
-
How to Create a PHP Word Popularity Scriptat November 7, 2008 with 4 comments
-
Highlight (Search) Key Words in a Text | PHPat August 30, 2008 with 8 comments
-
How to emphasize specific words from a string (text)
at September 6, 2008
-
How to Replace and Modify Content Between Two Delimiters in PHP
at August 8, 2009 with 1 comment
- I wanted to know if it is possible to use this define method but instead
on March 4th, 2010 by Morris
- I like MeeNews and use it myself. I haven't found a way yet to
on March 4th, 2010 by Thomas
- Nice!very useful.Thank You for posting this.:D God Bless./m
on March 4th, 2010 by eiramave
- Hi @ e11world That's fairly easy. Create a new directory/folder and named it to english for
on March 3rd, 2010 by brixter
-
Flabell Birthday Bundle - 26 Flash Components - Happy Birthday!by Gabriel C. on March 6, 2010
-
Embed Google Maps into your website: gMap jQuery Pluginby Gabriel C. on March 5, 2010
-
Simple Bar and Stacked Bar (AJAX) Graphs: mooBarGraphby Gabriel C. on March 4, 2010
-
Display photos as slideshow with strip effects: jqFancyTransitionsby Gabriel C. on March 3, 2010
Categories
- AJAX (17)
- Design (8)
- Flash (19)
- Freebies (2)
- General (3)
- Graphics (10)
- HTML & CSS (26)
- Frameworks (6)
- JavaScript (109)
- Frameworks (4)
- JQuery (45)
- MooTools (12)
- Photoshop (2)
- PHP (102)
- Reviews (3)
- Statistics (2)
- Web Tools (6)
- Wordpress (13)
Advertisements
Tag Cloud
- ajax login
- alphabetical
- array
- auto grow
- base
- calculate
- captcha
- chart
- charts
- countdown
- css framework
- delimiters
- documents
- dropdown
- extension
- extract
- filename
- fonts
- form
- gd library
- icon set
- iphone
- mod_rewrite
- percent
- Photo Gallery
- picker
- random
- remove
- script.aculo.us
- search
- shopping cart
- skin form elements
- slider
- syntax highlighter
- tableless
- to-do
- validate
- web analytics
- web fetch
- WYSIWYG
- zoom
5 Replies to "How to Create an Advanced PHP (bad, naughty) Words Filter"
October 27, 2008 at 12:48 PM
Just taking a quick glance at this… The regex on line 17 is not going to catch tags which don’t have quotes around attributes. While not valid, browsers will accept it in some circumstances…
You could still easily <script src=mysite.com/script.js></script> or whatever for your XSS.
Stuff like this is hard. REALLY hard.
October 27, 2008 at 4:36 PM
People can use this class on their own sites (and many others) where they know that standard is respected & only VALID syntax is used. I’ve seen many word filters in PHP that didn’t even check any tags in the string. This script is GOOD ENOUGH. I realize this stuff is really hard.
July 24, 2009 at 2:53 PM
Hi, I have written a similar bad word filtering script but I have also added phonetic filtering. You can check it out here:
http://webroy.blogspot.com/2009/07/advanced-bad-word-filter-in-php.html
August 27, 2009 at 3:10 AM
On line 73, the variable $words throws up an ‘Undefined variable’ error, which makes sense, as it hasn’t been defined!
Should it have been in the singular?
August 28, 2009 at 5:16 AM
Yes, you are right. It should have been is_string($this->strings). It can be used in case you need only to filter a word, not multiple words (elements) that are in an array.
The result is the same anyway in either of these cases:
$filter->strings = 'word here';$filter->strings = array('word here');