1 (edited by Tycho 2008-01-10 14:05)

Topic: An other way to bypass censored words

Hi,

Just a little but, it's possible to write censored word using html equivalent for 1 or more letters of this word. Example, if fuck is censored, it's possible to write it using fuck. This is worst than invisible BCC code : using html code it's possible to write links (with invisible BCC code links are dead).


Notice : in order to write fuck (in my previous example), I used fuck, don't think without testing that html code don't work wink

2

Re: An other way to bypass censored words

At the end of the day, without making any parser unnecessarily long and complicated, you'll never catch every variant. It's an uphill battle which you'll never win. If users are purposefully bypassing known censor words, (in moderation, might I add, as what some filters [catch/term as offensive] is pathetic), then you should penalise the user, not try to anticipate every future move.

3

Re: An other way to bypass censored words

I don't do censor stuff. Members can follow the rules or they can .... up ^^.

4 (edited by Tycho 2008-01-10 18:16)

Re: An other way to bypass censored words

Hey guys, the utility of this function is not the subject wink The subject is the possibility to bypass it. Maybe you don't see any utility to this function, personaly I do. We could discuss about it, but in an other subject plz ^^

By the way, it seams quite simple to fix this bug using html_entity_decode  () before checking the message.