Home >Backend Development >PHP Tutorial >There is a misunderstanding in character judgment by strpos function in PHP_PHP Tutorial
In php, strpos is the position where the string first appears. If it exists, it will return true or related specific numbers. If not, it will return 0 or false. But I want to use it to make a wordpress keyword blacklist to anti-spam comments. Found some problems, let's take a look below.
Modify the theme comments-ajax.php file
In the comments-ajax.php file in the theme directory, it is about line 60 (just get the $_POST['author'] and other fields in the comment form submitted by the user). Then add the following code to the file:
The code is as follows | Copy code | ||||
* @Author: vfhky September 21, 2013 22:13 * @Variable string $word: Keywords in the blacklist, users can increase or decrease them according to rules * @Variable string $comment_author: The $_POST['author'] field value submitted by the user, indicating the nickname * @Variable string $comment_content: The $_POST['comment'] field value submitted by the user, indicating the comment content **/ $words = "com,cn,info,net,www,http,cc,host,agent,mobile,electricity,country,Hong Kong,equipment,service,medicine,fertilizer,medicine,agriculture,credit,loan,day,profit, Internet, ticket, domain, sales, yellow, company, enterprise, machine, rent, people, money, equipment, purchase, broadcast"; $word = explode(',', $words); $num = count($word); for($i=0;$i If (strpos($comment_author,$word[$i],0) || strpos($comment_content,$word[$i],0)){ err( __('Advertising must be deleted, thank you for your understanding!') ); Break; } } |
4 Postscript
Through the above simple code, we have realized the verification of the keywords in the blacklist by submitting the user nickname and comment content entered in the comment. Once any of the above words is matched, for example, www appears, the user will be prompted "The advertisement must be deleted, thank you for your understanding!" The effect is as shown in the figure below. This is another insurance for the blog, which enhances the immunity of WordPress against spam comments, and it is also achieved through a non-plugin method!
The above looks fine, but this morning @Bad Children’s Shoes did an evil test and discovered a bug in the code of the previous article. When I came back from get off work in the evening, I looked at the code carefully and found that I had a one-sided understanding of the strpos function, so I made a note to mark it.
2 Prototype of strpos function
I believe everyone is familiar with the strpos function, and it can often be seen in string processing. The strpos function prototype is:
/*
* @Para string $source: Search in this string [*]
* @Para mixed $target: The string to be found; if it is not a string, it will be converted to an integer and regarded as the sequential value of characters [*]
* @Para int $offset: starting position of search
* @Return int/boolean: If successful, return the position of the first occurrence; if failed, return FALSE value
**/
int strpos(string $source, mixed $target [, int $offset = 0 ]);
3 Simple test of strpos function
After understanding the prototype of the strpos function, let’s first look at a simple test code.
The code is as follows | Copy code | ||||
/*
----------This is $test_1 END---------- $test_2 = "Buy TT badly"; for($i=0;$i If (strpos($test_2,$word[$i],0)){ echo 'The advertisement must be deleted, thank you for your understanding!'; Break; } } echo " ----------This is $test_2 END---------- ?> |
The test results are shown below:
Re-discuss WordPress anti-spam comments: It’s all the fault of the strpos function
4 Analysis of test results of strpos function
There are two different test variables $test_1 and $test_2 in the above code, and both of them contain the keywords in the blacklist: purchase. However, judging from the test results shown in the figure, the $test_1 variable is not effectively blocked, while the variable $test_2 is prompted to contain advertising words. The secret lies in the position where the word "purchase" appears in variables $test_1 and $test_2! When the keyword "purchase" appears at the front ($test_1), the execution result of the strpos($test_1,$word[$i],0) function is 0, because the word "purchase" is in the string "purchase TT" The front. Then the if statement in the for loop becomes if(0){}, so that it will not be regarded as a spam comment, which causes a BUG. The following are two methods to implement "wordpress keyword blacklist: anti-spam comment upgrade" by continuing to use the strpos function and using PHP regular expressions.
5.1 Correctly use strpos function to fix BUG
The code is as follows | Copy code | ||||||||
* @Author: vfhky September 24, 2013 20:06 * @Description: Use the strpos function correctly to solve the bug in the code of the previous article **/
|
The code is as follows | Copy code |
/* * @Author: vfhky September 24, 2013 20:06 * @Description: Use PHP regular expressions to correct BUG and implement "wordpress keyword blacklist: anti-spam comments and upgrade (non-plugin)" **/ $words = "com,cn,info,net,www,http,cc,host,agent,mobile,electricity,country,Hong Kong,equipment,service,medicine,fertilizer,medicine,agricultural,credit,loan,Japan,purchase, broadcast"; $word = explode(',', $words); $num = count($word); for($i=0;$i If( preg_match("/$word[$i]/i", $comment_author) || preg_match("/$word[$i]/i", $comment_content) ){ err( __('Advertising must be deleted, thank you for your understanding!') ); Break; } } |
6 Important reminders about function strpos
Another thing to note when using the strpos function is that it may return a Boolean value of FALSE, but it may also return a non-Boolean value equivalent to FALSE.
For example, return integer type 0, floating point value 0.0, empty string, string "0", array not including any elements, object not including any member variables, special type NULL, etc.
Therefore, the return value of this function should be tested using the identity operator "===" which checks the type of the returned value, rather than using the simple equal sign "==".
7Update 2013.09.26 22:27
After being reminded by @星河大帝, you can use an array instead of a string, and the execution efficiency should be about the same.
7.1 Use strpos function + array to fix BUG
The code is as follows | Copy code | ||||||||
$num = count($words); for($i=0;$i If (strpos($comment_author,$words[$i],0) !== false || strpos($comment_content,$words[$i],0) !== false){ err( __('Advertising must be deleted, thank you for your understanding!') );
} } |
7.2 Use regular expressions + arrays to fix BUG
http://www.bkjia.com/PHPjc/633054.htmlwww.bkjia.comtruehttp: //www.bkjia.com/PHPjc/633054.htmlTechArticleIn php, strpos is the position where the string first appears. If it exists, it returns true or the relevant specific number, no It will return 0 or false, but I want to use it to make a wordpress keyword blackname...