function testProfanityFilter() { /* these test will no longer work, as we are dealing with random replacements $this->assertEquals(ProfanityFilter::filterHTML("<div>what <a href='foobar'>the</a> f**k?</div>"), "<div>what <a href='foobar'>the</a> #&@!*?</div>"); $this->assertEquals(ProfanityFilter::filterHTML("what the f**k?"), "what the #&@!*?"); $this->assertEquals(ProfanityFilter::filterHTML("---cusstest1---"), "---cusstest1-filtered---"); */ $profaneHTML = "<div>what <a href='foobar'>the</a> f**k?</div> brainfuck should be safe... what about assingement? Will it be filtered as ass?\n Let's see about F**K or Ass"; $filtered = ProfanityFilter::filterHTML($profaneHTML); // count profanity in original and filtered $cnt_prof = 0; $cnt_filt = 0; foreach (PA::$config->profanity as $i => $w) { $regexp = "/\\b" . $w . "\\b/i"; $cnt_prof += preg_match_all($regexp, $profaneHTML, $m); $cnt_filt += preg_match_all($regexp, $filtered, $m); } echo "{$cnt_prof} profane words in input\n{$cnt_filt} in filtered output\n"; echo "{$profaneHTML} \n------\n{$filtered}\n"; $this->assertEquals($cnt_filt, 0, "expected 0 profane words, got {$cnt_filt}\n"); }
function _filter($html, $truncate = NULL, $params = NULL) { require_once PA::$path . "/ext/InputSanitizer/InputSanitizer.php"; $defaults = NULL; // bleep out cuss words $defaults->filter_profanity = TRUE; // strip most html $defaults->passthrough_html = FALSE; // and break longish strings $defaults->wbr = 15; // minimal HTML formating $defaults->taglist = array('ul', 'li', 'p', 'br', 'b', 'strong', 'em', 'i'); $defaults->collapseWhitespace = TRUE; foreach ($defaults as $k => $v) { if (empty($params->{$k})) { $params->{$k} = $v; } } $sDom = new InputSanitizer(@$params->taglist, @$params->attrlist); $sDom->wbr = @$params->wbr; // break long strings every 15 chars $sDom->htmlAllowedEverywhere = TRUE; $sDom->passthrough = @$params->passthrough_html; $sDom->collapseWhitespace = $params->collapseWhitespace; $filered_drop = array(); foreach ($sDom->dropWithChildren as $i => $tag) { if (!in_array($tag, $params->taglist)) { $filered_drop[] = $tag; } } $sDom->dropWithChildren = $filered_drop; $html = $sDom->process($html, $truncate); if (@$params->filter_profanity) { require_once PA::$path . "/api/Validation/ProfanityFilter.php"; $html = ProfanityFilter::filterHTML($html); } return $html; }
<?php require 'ProfanityFilter.php'; $str = $_POST['str']; echo ProfanityFilter::containsProfanity($str);
function _out($html) { return ProfanityFilter::filterHTML($html); }
<?php session_start(); require 'db.php'; require 'ProfanityFilter.php'; $workshopId = $_POST['workshopId']; $requestName = $_POST['requestName']; $requestSeat = $_POST['requestSeat']; if (ProfanityFilter::containsProfanity($requestName)) { echo 'profanity'; } else { $sth = $dbh->query("SELECT name, seat FROM slots WHERE workshopId='{$workshopId}' AND status=0 AND (name='{$requestName}' OR seat='{$requestSeat}')"); $sth->setFetchMode(PDO::FETCH_OBJ); $result = $sth->fetch(); $created = date("Y-m-d H:i:s"); $assisting = '0000-00-00 00:00:00'; $cancelled = '0000-00-00 00:00:00'; if (!$result) { $sth = $dbh->prepare("INSERT INTO slots (workshopId, name, seat, status, created, assisting, cancelled) VALUE (:workshopId, :requestName, :requestSeat, 0, :created, :assisting, :cancelled)"); $sth->bindParam(':workshopId', $workshopId); $sth->bindParam(':requestName', $requestName); $sth->bindParam(':requestSeat', $requestSeat); $sth->bindParam(':assisting', $assisting); $sth->bindParam(':created', $created); $sth->bindParam(':cancelled', $cancelled); $sth->execute(); $_SESSION['mySlotId'] = $dbh->lastInsertId(); } else { echo 'duplicate'; } }
$wrapStart = '<p class="full warn"><i class="ico-warning"></i>'; $wrapEnd = '</p>'; if (!empty($_POST['register-submit'])) { $username = $_POST['username']; $email = $_POST['email']; $password = $_POST['password']; $emailAgain = $_POST['email-again']; $passwordAgain = $_POST['password-again']; if (!empty($username) && !empty($email) && !empty($password) && !empty($emailAgain) && !empty($passwordAgain)) { if (preg_match('/^[a-zA-Z0-9]+$/', $username)) { if ($email === $emailAgain && $password === $passwordAgain) { $exists = $loginSystem->checkUserExists($email, $username); if ($exists) { echo $wrapStart . 'An account with this email/username already exists.' . $wrapEnd; } else { if (!ProfanityFilter::containsProfanity($username)) { $response = $loginSystem->createUser($email, $password, $username); echo $response; } else { echo $wrapStart . 'No profanity please.' . $wrapEnd; } } } else { echo $wrapStart . 'Email and/or password did not match. Please try again.' . $wrapEnd; } } else { echo $wrapStart . 'Username must be alphanumeric (a-z A-Z 0-9) with no spaces.' . $wrapEnd; } } else { echo $wrapStart . 'Please enter your email and password.' . $wrapEnd; }
/** * @test * */ public function it_returns_cleaned_profane_string_with_specified_character() { $pf = new ProfanityFilter($this->setConfig(), $this->setWhitelist()); $input = "I am a f*****g profane string."; $expected_result = "I am a ####ing profane string."; $result = $pf->clean($input, '#'); $this->assertEquals($expected_result, $result); }