Vain teksti | Teksti ja kuvat

Simple Machines Community Forum

Customizing SMF => SMF Coding Discussion => Aiheen aloitti: incith - helmikuu 24, 2006, 07:17:36 AP

Otsikko: Censored Words easily bypassed
Kirjoitti: incith - helmikuu 24, 2006, 07:17:36 AP
Adding bbc code into a word, for example, Wo[b][/b]rd, and Word would be allowed into the forum post even if it's in the censored words list.  This also allows for blank posts, with just a bbc code or two.
Otsikko: Re: Censored Words easily bypassed
Kirjoitti: URPG - helmikuu 24, 2006, 07:36:40 AP
Guess the the Pharser should first do the Tags, then look for the words and post length, not the other way round...
Otsikko: Re: Censored Words easily bypassed
Kirjoitti: RyanJones - helmikuu 24, 2006, 12:16:32 IP
Lainaus käyttäjältä: URPG - helmikuu 24, 2006, 07:36:40 AP
Guess the the Pharser should first do the Tags, then look for the words and post length, not the other way round...

Why not jut strip empty tag sets? The problem would also come if someone used them in part of the word...

Striping them would be hard but you could just stop the posting process if one is found. Create a temp copy of the post variable and then strip the tags in it and check for censor maches if it does create and error and stop the posting process, otherwise allow it to continue.

Cheers,

Ryan Jones
Otsikko: Re: Censored Words easily bypassed
Kirjoitti: URPG - helmikuu 24, 2006, 12:57:58 IP
I don't know how it's done, but vBulletin does stop you from posting things like that. It does not count things inside tags for the minimum word requirement.
Otsikko: Re: Censored Words easily bypassed
Kirjoitti: RyanJones - helmikuu 24, 2006, 01:20:58 IP
How about this as a start for my idea...


  function RequireCensor($InputStr)
  {
    global $modSettings;

    $TempVar1 = preg_replace('~\[(.+?)\](.+?)\[\/(.+?)\]~is', '$2', $InputStr);
    $TempVar2 = preg_replace('~\[(.+?)\](.+?)\[\/(.+?)\]~is', '$2', $InputStr);

    $BannedWords = str_replace("\r\n", '|', $modSettings['censor_vulgar']);
    $TempVar2     = preg_replace('~(' . $BannedWords . ')~si', '*', $TempVar2);

    if ($TempVar1 == $TempVar2)
      return false;
    else
      return true;
  }


like I said before, it makes a copy of the string, strips tags, replaces bad words and then compares the strings... it can probably be improved but it whould work as a stating point :)

Cheers,

Ryan Jones
Otsikko: Re: Censored Words easily bypassed
Kirjoitti: URPG - helmikuu 24, 2006, 10:30:19 IP
Don't know about the exact syntax, i only code other languages, but it sounds valid. Just cut out all tags (and blanks too?) and check for forbidden strings.
Otsikko: Re: Censored Words easily bypassed
Kirjoitti: RyanJones - helmikuu 25, 2006, 05:43:53 AP
Lainaus käyttäjältä: URPG - helmikuu 24, 2006, 10:30:19 IP
Don't know about the exact syntax, i only code other languages, but it sounds valid. Just cut out all tags (and blanks too?) and check for forbidden strings.

Thats the only way I can see it being done. Remoing the tags from just the censored wordscould be almost impossible :(

Maybe the dev team can come up with an idea :)

Cheers,

Ryan Jones
Otsikko: Re: Censored Words easily bypassed
Kirjoitti: SleePy - helmikuu 25, 2006, 02:41:14 IP
i tested this and it is true. it does do this... wow blank posts. glad nobody on our forums figured it out yet.
Vain teksti | Teksti ja kuvat