Badword List is not working..

[batu544]

Hi,
    I have added some words in badword list .. but those words are still displaying on comments..  Is there anything needs to be done.. ?

Thanks,
batu544

[V@no]

works fine in unmodified v1.7.8

[batu544]

Thanks V@no for your reply.. I am using 1.7.4 and as far as I remember I have not modified the comment.php file ..

Will it help me.. if I will replace the comments.php file from v 1.7.8 ?

and how this bad word filter works ? Is the bad word has been stored in the database as **** or only during the display time it changes to **** ?


Thank you
batu544

[V@nо]

There is no such thing as comments.php file in 4images, must be a mod or something (unless you are referring to admin/comments.php, but it has nothing to do with displaying comments on details page.

The bad words filter only replaces text before it's being displayed, the text itself is stored as original in the database. Replacing anything from v1.7.8 might break your v1.7.4 as there are quiet a few changes needed to make it compatible.

Anyhow, the bad words filter is executed in format_text() function.

[batu544]

Just now I tested the bad word filters in my own system and its working fine.. but in server its not working..

This is my show comment code in details.php

Code: [Select]

//-----------------------------------------------------
//--- Show Comments -----------------------------------
//-----------------------------------------------------
if ($image_allow_comments == 1) {
  $site_template->register_vars(array(
      "has_rss"   => true,
      "rss_title" => "RSS Feed: ".$image_name." (".str_replace(':', '', $lang['comments']).")",
      "rss_url"   => $script_url."/rss.php?action=comments&".URL_IMAGE_ID."=".$image_id
  ));

  $sql = "SELECT c.comment_id, c.image_id, c.user_id, c.user_name AS comment_user_name, c.comment_headline, c.comment_text, c.comment_ip, c.comment_date".get_user_table_field(", u.", "user_level").get_user_table_field(", u.", "user_name").get_user_table_field(", u.", "user_email").get_user_table_field(", u.", "user_showemail").get_user_table_field(", u.", "user_invisible").get_user_table_field(", u.", "user_joindate").get_user_table_field(", u.", "user_lastaction").get_user_table_field(", u.", "user_comments").get_user_table_field(", u.", "user_homepage").get_user_table_field(", u.", "user_icq")."
          FROM ".COMMENTS_TABLE." c
          LEFT JOIN ".USERS_TABLE." u ON (".get_user_table_field("u.", "user_id")." = c.user_id)
          WHERE c.image_id = $image_id
          ORDER BY c.comment_date ASC";
  $result = $site_db->query($sql);

  $comment_row = array();
  while ($row = $site_db->fetch_array($result)) {
    $comment_row[] = $row;
  }
  $site_db->free_result($result);
  $num_comments = sizeof($comment_row);

  if (!$num_comments) {
    $comments = "<tr><td class=\"commentrow1\" colspan=\"2\">".$lang['no_comments']."</td></tr>";
  }
  else {
    $comments = "";
    $bgcounter = 0;
    for ($i = 0; $i < $num_comments; $i++) {
      $row_bg_number = ($bgcounter++ % 2 == 0) ? 1 : 2;

      $comment_user_email = "";
      $comment_user_email_save = "";
      $comment_user_mailform_link = "";
      $comment_user_email_button = "";
      $comment_user_homepage_button = "";
      $comment_user_icq_button = "";
      $comment_user_profile_button = "";
      $comment_user_status_img = REPLACE_EMPTY;
      $comment_user_name = format_text($comment_row[$i]['comment_user_name'], 2);
      $comment_user_info = $lang['userlevel_guest'];

      $comment_user_id = $comment_row[$i]['user_id'];

      if (isset($comment_row[$i][$user_table_fields['user_name']]) && $comment_user_id != GUEST) {
        $comment_user_name = format_text($comment_row[$i][$user_table_fields['user_name']], 2);

        $comment_user_profile_link = !empty($url_show_profile) ? $site_sess->url(preg_replace("/{user_id}/", $comment_user_id, $url_show_profile)) : $site_sess->url(ROOT_PATH."member.php?action=showprofile&amp;".URL_USER_ID."=".$comment_user_id);
        $comment_user_profile_button = "<a href=\"".$comment_user_profile_link."\"><img src=\"".get_gallery_image("profile.gif")."\" border=\"0\" alt=\"".$comment_user_name."\" /></a>";

        $comment_user_status_img = ($comment_row[$i][$user_table_fields['user_lastaction']] >= (time() - 300) && ((isset($comment_row[$i][$user_table_fields['user_invisible']]) && $comment_row[$i][$user_table_fields['user_invisible']] == 0) || $user_info['user_level'] == ADMIN)) ? "<img src=\"".get_gallery_image("user_online.gif")."\" border=\"0\" alt=\"Online\" />" : "<img src=\"".get_gallery_image("user_offline.gif")."\" border=\"0\" alt=\"Offline\" />";

        $comment_user_homepage = (isset($comment_row[$i][$user_table_fields['user_homepage']])) ? format_url($comment_row[$i][$user_table_fields['user_homepage']]) : "";
        if (!empty($comment_user_homepage)) {
          $comment_user_homepage_button = "<a href=\"".$comment_user_homepage."\" target=\"_blank\"><img src=\"".get_gallery_image("homepage.gif")."\" border=\"0\" alt=\"".$comment_user_homepage."\" /></a>";
        }

        $comment_user_icq = (isset($comment_row[$i][$user_table_fields['user_icq']])) ? format_text($comment_row[$i][$user_table_fields['user_icq']]) : "";
        if (!empty($comment_user_icq)) {
          $comment_user_icq_button = "<a href=\"http://www.icq.com/people/about_me.php?uin=".$comment_user_icq."\" target=\"_blank\"><img src=\"http://web.icq.com/whitepages/online?icq=".$comment_user_icq."&img=5\" width=\"18\" height=\"18\" border=\"0\" alt=\"".$comment_user_icq."\" /></a>";
        }

        if (!empty($comment_row[$i][$user_table_fields['user_email']]) && (!isset($comment_row[$i][$user_table_fields['user_showemail']]) || (isset($comment_row[$i][$user_table_fields['user_showemail']]) && $comment_row[$i][$user_table_fields['user_showemail']] == 1))) {
          $comment_user_email = format_text($comment_row[$i][$user_table_fields['user_email']]);
          $comment_user_email_save = format_text(str_replace("@", " at ", $comment_row[$i][$user_table_fields['user_email']]));
          if (!empty($url_mailform)) {
            $comment_user_mailform_link = $site_sess->url(preg_replace("/{user_id}/", $comment_user_id, $url_mailform));
          }
          else {
            $comment_user_mailform_link = $site_sess->url(ROOT_PATH."member.php?action=mailform&amp;".URL_USER_ID."=".$comment_user_id);
          }
          $comment_user_email_button = "<a href=\"".$comment_user_mailform_link."\"><img src=\"".get_gallery_image("email.gif")."\" border=\"0\" alt=\"".$comment_user_email_save."\" /></a>";
        }

        if (!isset($comment_row[$i][$user_table_fields['user_level']]) || (isset($comment_row[$i][$user_table_fields['user_level']]) && $comment_row[$i][$user_table_fields['user_level']] == USER)) {
          $comment_user_info = $lang['userlevel_user'];
        }
        elseif ($comment_row[$i][$user_table_fields['user_level']] == ADMIN) {
          $comment_user_info = $lang['userlevel_admin'];
        }

        $comment_user_info .= "<br />";
        $comment_user_info .= (isset($comment_row[$i][$user_table_fields['user_joindate']])) ? "<br />".$lang['join_date']." ".format_date($config['date_format'], $comment_row[$i][$user_table_fields['user_joindate']]) : "";
        $comment_user_info .= (isset($comment_row[$i][$user_table_fields['user_comments']])) ? "<br />".$lang['comments']." ".$comment_row[$i][$user_table_fields['user_comments']] : "";
      }

      $comment_user_ip = ($user_info['user_level'] == ADMIN) ? $comment_row[$i]['comment_ip'] : "";

      $admin_links = "";
      if ($user_info['user_level'] == ADMIN) {
        $admin_links .= "<a href=\"".$site_sess->url(ROOT_PATH."admin/index.php?goto=".urlencode("comments.php?action=editcomment&amp;comment_id=".$comment_row[$i]['comment_id']))."\" target=\"_blank\">".$lang['edit']."</a>&nbsp;";
        $admin_links .= "<a href=\"".$site_sess->url(ROOT_PATH."admin/index.php?goto=".urlencode("comments.php?action=removecomment&amp;comment_id=".$comment_row[$i]['comment_id']))."\" target=\"_blank\">".$lang['delete']."</a>";
      }
      elseif ($is_image_owner) {
        $admin_links .= ($config['user_edit_comments'] != 1) ? "" : "<a href=\"".$site_sess->url(ROOT_PATH."member.php?action=editcomment&amp;".URL_COMMENT_ID."=".$comment_row[$i]['comment_id'])."\">".$lang['edit']."</a>&nbsp;";
        $admin_links .= ($config['user_delete_comments'] != 1) ? "" : "<a href=\"".$site_sess->url(ROOT_PATH."member.php?action=removecomment&amp;".URL_COMMENT_ID."=".$comment_row[$i]['comment_id'])."\">".$lang['delete']."</a>";
      }

      $site_template->register_vars(array(
        "comment_id" => $comment_row[$i]['comment_id'],
        "comment_user_id" => $comment_user_id,
        "comment_user_status_img" => $comment_user_status_img,
        "comment_user_name" => $comment_user_name,
        "comment_user_info" => $comment_user_info,
        "comment_user_profile_button" => $comment_user_profile_button,
        "comment_user_email" => $comment_user_email,
        "comment_user_email_save" => $comment_user_email_save,
        "comment_user_mailform_link" => $comment_user_mailform_link,
        "comment_user_email_button" => $comment_user_email_button,
        "comment_user_homepage_button" => $comment_user_homepage_button,
        "comment_user_icq_button" => $comment_user_icq_button,
        "comment_user_ip" => $comment_user_ip,
        "comment_headline" => format_text($comment_row[$i]['comment_headline'], 0, $config['wordwrap_comments'], 0, 0),
        "comment_text" => format_text($comment_row[$i]['comment_text'], $config['html_comments'], $config['wordwrap_comments'], $config['bb_comments'], $config['bb_img_comments']),
        "comment_date" => format_date($config['date_format']." ".$config['time_format'], $comment_row[$i]['comment_date']),
        "row_bg_number" => $row_bg_number,
        "admin_links" => $admin_links
      ));
      $comments .= $site_template->parse_template("comment_bit");
    } // end while
  } //end else
  $site_template->register_vars("comments", $comments);
  unset($comments);


and this is the format_text function..

Code: [Select]

function replace_badwords($text) {
  global $config, $split_badwords;
  if ($config['badword_list'] != "") {
    if (!isset($split_badwords)) {
      $badwords = trim($config['badword_list']);
      $badwords = preg_replace("/[\n\r]/is", " ", $badwords);
      $badwords = str_replace(","," ",$badwords);
      $badwords = preg_quote($badwords);
      $badwords = str_replace('/', '\\/', $badwords);
      $split_badwords = preg_split("/\s+/", $badwords);
    }

    foreach ($split_badwords as $key => $val) {
      if ($val != "") {
        if (substr($val, 0, 2) == "\\{") {
          $val = substr($val, 2, -2);
          $text = trim(preg_replace("/([^A-Za-z])".$val."(?=[^A-Za-z])/si", "\\1".str_repeat($config['badword_replace_char'], strlen($val)), " $text "));
        }
        else {
          $text = trim(preg_replace("/$val/si", str_repeat($config['badword_replace_char'], strlen($val)), " $text "));
        }
      }
    }
  }
  return $text;
}

function format_text($text, $html = 0, $word_wrap = 0, $bbcode = 0, $bbcode_img = 0) {
  if ($word_wrap && $text != "") {
    $text = preg_replace("/([^\n\r ?&\.\/<>\"\\-]{".$word_wrap."})/i", " \\1\n", $text);
  }

  if ($html == 0 || $html == 2) {
    $text = safe_htmlspecialchars($text);
  }

  if ($html !== 2) {
    $text = nl2br(trim($text));
    $text = replace_url($text);
  }

  if ($bbcode == 1) {
    $search_array = array(
      "/(\[)(list)(=)(['\"]?)([^\"']*)(\\4])(.*)(\[\/list)(((=)(\\4)([^\"']*)(\\4]))|(\]))/siU",
      "/(\[)(list)(])(.*)(\[\/list\])/siU",
      "/(\[\*\])/siU",
      "/(\[\/\*\])/siU",
      "/(\[)(url)(=)(['\"]?)(www\.)([^\"']*)(\\4])(.*)(\[\/url\])/siU",
      "/(\[)(url)(=)(['\"]?)([^\"']*)(\\4])(.*)(\[\/url\])/siU",
      "/(\[)(url)(])(www\.)([^\"]*)(\[\/url\])/siU",
      "/(\[)(url)(])([^\"]*)(\[\/url\])/siU",
      "/(\[)(code)(])(\r\n)*(.*)(\[\/code\])/siU",
      "/javascript:/si",
      "/about:/si"
    );
    $replace_array = array(
      "<ol type=\"\\5\">\\7</ol>",
      "<ul>\\4</ul>",
      "<li>",
      "</li>",
      "<a href=\"http://www.\\6\" target=\"_blank\" rel=\"nofollow\">\\8</a>",
      "<a href=\"\\5\" target=\"_blank\" rel=\"nofollow\">\\7</a>",
      "<a href=\"http://www.\\5\" target=\"_blank\" rel=\"nofollow\">www.\\5</a>",
      "<a href=\"\\4\" target=\"_blank\" rel=\"nofollow\">\\4</a>",
      "<pre>Code:<hr size=1>\\5<hr size=1></pre>",
      "java script:",
      "about :"
    );
    $text = preg_replace($search_array, $replace_array, $text);
    if (!$bbcode_img)  {
      $text = preg_replace("/(\[)(img)(])(\r\n)*([^\"]*)(\[\/img\])/siU", "<a href=\"\\5\" target=\"_blank\">\\5</a>", $text);
    }
    else  {
      $text = preg_replace("/(\[)(img)(])(\r\n)*([^\"]*)(\[\/img\])/siU", "<img src=\"\\5\">", $text);
    }
    $text = preg_replace("/(\[)(b)(])(\r\n)*([^\"]*)(\[\/b\])/siU", "<b>\\5</b>", $text);
    $text = preg_replace("/(\[)(i)(])(\r\n)*([^\"]*)(\[\/i\])/siU", "<i>\\5</i>", $text);
    $text = preg_replace("/(\[)(u)(])(\r\n)*([^\"]*)(\[\/u\])/siU", "<u>\\5</u>", $text);

    $text = replace_badwords($text);
  }

  $text = str_replace("\\'", "'", $text);

  return $text;
}



Do you see any issues here ??

Thank you.

[V@no]

My guess would be you have disabled BBCode?
Just try move $text = replace_badwords($text); below the } bracket

[batu544]

V@no... your suggestion worked.. !!!    now its working fine. (yes, I have disabled the BBcodes in comment) Thanks again for your help..