php strpos not returning any value

Question

So, my website is getting a significant amount of spam.

To filter out some of it, I wanted to test the body of the post to make sure it doesn't contain certain words. If they do, give the user an instant (temporary) ban.

Included is my code. I added an echo line to show the position returned, and tested with posts which did or did not include test words. For whatever reason, it always returns null, and nothing is displayed. Am I not allowed to pass a $_POST variable into this function?

Code:

    $bannedwords = array ("spam word", "foo", "bar", "foobar", "quarry");
foreach ($bannedwords as $bannedphrase) {
    $pos = strpos($_POST['body'], $bannedphrase);
    echo 'The position is: ' . $pos;
    if ($pos === FALSE){            
        //require_once 'inc/mod/ban.php';
        //Bans::new_ban($_SERVER['REMOTE_ADDR'], 'Suspected Spammer.', '2', $_POST['board'] == '*' ? false : $_POST['board']);
        error($config['error']['bannedword']);
    }       
}

EDIT: I do see a logic error here, though I don't think its what breaks the code. Maybe it is, however. If a user is banned early into the array, the if statement continues, which could be the reason I am seeing a null value later on?

isn't that inverted? if its `false` that means it didn't found anything, just make sure that `$_POST['body']` isn't empty, and mind those letter cases — Kevin, May 16 '16 at 02:52
@RodrigoDuterte, read the example.. the $pos value is null when it shouldnt be, even before the if() block comes into play. — Dan Smith, May 16 '16 at 02:56
@DanSmith then its the `$_POST['body']`'s problem, not `strpos`, it only does whats being fed, since when `strpos` is broken, thats why i said make sure `$_POST['body']` body isn't empty — Kevin, May 16 '16 at 02:58
Could you add the input and output ? I mean : the content of `$POST['body']` and the HTML/text generated by PHP. Also, printing a false value is written as an empty string. — Master DJon, May 16 '16 at 03:06
"null"? `echo` won't output "null". Use `var_dump($pos)` to see what you're really getting. Probably `false`, which probably means everything is working just fine; but your `if` seems backwards, as pointed out above. — deceze, May 16 '16 at 03:10

score 3 · Accepted Answer · answered May 16 '16 at 03:32

As others have pointed out, you're testing the value backwards, since strpos will only return FALSE if the search string was NOT found. Also, echo your POST variable before you search it to make sure it is what you think it is.

Try this code:

$bannedwords = array ("spam word", "foo", "bar", "foobar", "quarry");

if (isset($_POST['body'])) { echo 'POST: ', $_POST['body'], '<br/>'; }
else { echo 'No POST variable found!'; }

foreach ($bannedwords as $bannedphrase) 
{
    $pos = strpos($_POST['body'], $bannedphrase);

    if ($pos === FALSE)
    {
        echo '  Banned word not found.';
    }
    else
    {
        echo '  Banned word found at position: ', $pos;

        //require_once 'inc/mod/ban.php';
        //Bans::new_ban($_SERVER['REMOTE_ADDR'], 'Suspected Spammer.', '2', $_POST['board'] == '*' ? false : $_POST['board']);

        error($config['error']['bannedword']);
        break; // This will exit the foreach loop
    }       
}

This is similar to what I eventually came up with, except that I used the if ($pos !== FALSE) and no else block — Dan Smith, May 16 '16 at 04:19
Nice. :) Yep, the else block with the extra echos was just for testing to help see where the problem is. — Sgt AJ, May 16 '16 at 04:22

score 0 · Answer 2 · answered May 16 '16 at 03:12

0

I think that you should use a regex for this problem, this a regex example

$regex = "/(spam|bar|foo)/";
$phrase = "This is a spam message";
echo preg_match($regex, $phrase);

# The regex show 0 or 1

answered May 16 '16 at 03:12

Oscar L. Sanchez Jara

47
4

php strpos not returning any value

2 Answers2