0

I know there is htmlentities() to block stuff, but how do I block unicode characters from being posted?

Things like U+202e will let them bypass swear filters.

John Conde
  • 217,595
  • 99
  • 455
  • 496
prestotron
  • 35
  • 1
  • 7
  • 1
    Swear filters can even be bypassed with ASCII characters, like `sh!t` or `$hit`, or by leaving out some vocals like `fck`. I suggest that whatever system you have, make it so that users need to have a minimum number of posts approved by staff before their posts are displayed immediately. After that, just ban those who violate the rules. – Siguza May 10 '15 at 10:58
  • What do you mean by "unicode characters"? Since *all* characters are unicode characters, you might as well just reject *all* input. – 一二三 May 10 '15 at 11:35
  • You could convert it and then run the string through the swear filter. http://stackoverflow.com/questions/1805802/php-convert-unicode-codepoint-to-utf-8 – timgavin May 13 '15 at 01:10

0 Answers0