0

Hello guys

For my project i am tring to compare elements of an array with string.This could help at a certain extent to prevent pornographics uploads based on the filenames

Here is my snippet

      $banned_file_names = array('bestiality','lolita','porn','xxx','incest','cock','teenporn');
      $filen = preg_replace("/\\.[^.\\s]{3,4}$/", "", $file_name);
     if (in_array($filen,$banned_file_names) === true) {
        echo 'Adult image upload is not allowed';
        exit;

This works fine for a filename like porn.png but i wanted to make it more efficient.
I added
$filen = preg_replace("/\\.[^.\\s]{3,4}$/", "", $file_name);
so that if user upload an image with name like porn-img.png , filen becomes like pornimg and get blocked

However this fails.......

Bottom line is how can i compare 2 string so that pornimg.png get block as porn is an element of array banned_file_names.

This is not a very efficient code to prevent porn uploads but its my first level check....
Kindly help me with this and feel free to suggest other checks that could be perform to prevent porn uploads of any kind

Regards

2
Contributors
4
Replies
6
Views
5 Years
Discussion Span
Last Post by Khav
0

I don't think you can block these images. Who's to know what's in an image, especially with an inocuous title.

0

I understand you diafol , like i said the checking by filename is ONLY 1st level of Check , i have plans for 2nd level of check which will involve human , thus reducing the risk to minimum
Could you please help me fix the compare strings thing describe above

1

OK, how;s this?

function dodgyImage($image){
    $dirty_words = array('winkle','worm','woody','pickle'); 
    $nude_image = pathinfo($image,PATHINFO_FILENAME);
    $disinfected_image = preg_replace("/[^A-Za-z0-9]/","",$nude_image);
    foreach($dirty_words as $naughty) if(stripos($disinfected_image,$naughty) !== false) return true;
    return false;
}

$image = '/www/htdocs/inc/svWor-madscf.inc.php';

if(dodgyImage($image)){
    echo "You are sick individual"; 
}else{
    echo "Thank you for not uploading porn. But if you're interested, I have quite a collection"; 
}

I made the preg_replace strip all non-alphanumerics so that wink-le would cause a hit also.

Votes + Comments
Works perfect
0

Works perfect dude
The foreach and stripos commands were very helpful here

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.