DaniWeb IT Discussion Community

I have set up a guestbook on a flash site and the customer has asked for a bad word filter to be incorporated. I have this code for it:

[php]

$bad_words = explode('|', 'badword1|badword2|badword3|etc|etc');

foreach ($bad_words as $naughty)

{

$comments = eregi_replace($naughty, "#!@%*#", $comments);

}

[/php]

Where in the following code should this be inserted, please:

// Part Two - Choose what action to perform

   $action = $_GET['action'];

   

   switch($action) {

      case 'read' :

                 // Fetch all comments from database table

                 $sql = 'SELECT * FROM `' . $table . '`';

                 $allComments = mysql_query($sql, $DBConn) or die("Error in GuestBook Application: " . mysql_error());

                 $numallComments = mysql_num_rows($allComments);

                 // Fetch page-wise comments from database table

                 $sql .= ' ORDER BY `time` DESC LIMIT ' . $_GET['NumLow'] . ', ' . $numComments;

                 $fewComments = mysql_query($sql, $DBConn) or die("Error in GuestBook Application: " . mysql_error());

                 $numfewComments = mysql_num_rows($fewComments);

                 // Generate Output for Flash to Read

                 print '&totalEntries=' . $numallComments . '&';

                 print "<br>&entries=";        

                 

                 if($numallComments == 0) {

                    print "No entries in the guestbook, as yet..";

                 } else { 

                    while ($array = mysql_fetch_array($fewComments)) {

                           $name = mysql_result($fewComments, $i, 'name');

                           $email = mysql_result($fewComments, $i, 'email');

                           $comments = mysql_result($fewComments, $i, 'comments');

                           $time = mysql_result($fewComments, $i, 'time');

                           

                           print '<b>Name: </b>' . $name . '<br><b>Email: </b>' . $email . '<br><b>Comments: </b>' . $comments . '<br><i>Date: ' . $time . '</i><br><br>';

                           $i++;

                    }

                }

                // Print this only when there aren't any more entries..

                if($_GET['NumLow'] > $numallComments) {

                   print 'No More Entries!&';

                }

                break;

                 

          case 'write' :

             // Recieve Variables From Flash

                 $name = ereg_replace("&", "%26", $_POST['yourname']);

                 $email = ereg_replace("&", "%26", $_POST['youremail']);

                 $comments = ereg_replace("&", "%26", $_POST['yourcomments']);

                 $submit = $_POST['submit'];

                          

                 // Current system date in yyyy-mm-dd format

                 $submitted_on = date ("Y-m-d H:i:s",time());

                                  

                 // Check if its submitted from Flash

                 if($submit == 'Yes'){

                 // Insert the data into the mysql table

                 $sql = 'INSERT INTO ' . $table . 

                ' (`ID`, 

                                   `name`, 

                                   `email`, 

                                   `comments`, 

                                   `time`

                                  ) 

                                  VALUES 

                                  (\'\','

                                   . '\'' . $name . '\',' 

                                   . '\'' . $email . '\',' 

                                   . '\'' . $comments . '\',' 

                                   . '\'' . $submitted_on . '\'

                                   )';

                 $insert = mysql_query($sql, $DBConn) or die("Error in GuestBook Application: " . mysql_error());

Is it after the submit POST [submit] section?
Grateful for any help.