[Sample of Apr 23rd] How to filter indecent words in ASP.NET website - Microsoft All-In-One Code Framework - Site Home - MSDN Blogs
Microsoft All-In-One Code Framework - Developers' Pain Killer

[Sample of Apr 23rd] How to filter indecent words in ASP.NET website

Rate This
  • Comments 2

 

Homepage image
Sample of the Day RSS Feed

Sample Downloads:
C# version: http://code.msdn.microsoft.com/ASPNETSensorKeywordInSite-2770d86a 
VB version: http://code.msdn.microsoft.com/ASPNETSensorKeywordInSite-6c2ed899 

Today’s code sample demonstrates how to censor key words in website. Customers usually want to filter some indecent words in their website. In this sample, we use a word blacklist dictionary to store the indecent words.  And  we can check the users' input or search results with the blacklist, and replace the key word with specific char, such as "*".

The sample was written by our star developer: Arwind Gao.

imageYou can find more code samples that demonstrate the most typical programming scenarios by using Microsoft All-In-One Code Framework Sample Browser or Sample Browser Visual Studio extension. They give you the flexibility to search samples, download samples on demand, manage the downloaded samples in a centralized place, and automatically be notified about sample updates. If it is the first time that you hear about Microsoft All-In-One Code Framework, please watch the introduction video on Microsoft Showcase, or read the introduction on our homepage http://1code.codeplex.com/.

 

Introduction

The sample demonstrates how to censor key words in website. Customers usually want to filter some indecent words in their website. In this sample, we use a word blacklist dictionary to store the indecent words.  And  we can check the users' input or search results with the blacklist, and replace the key word with specific char, such as "*".

 

Running the Sample

Please follow these demonstration steps below.

Step 1: Open the CSASPNETCensorKeywordInSite.sln.

Step 2: Right-click the KeyBlackManage.aspx page then select "View in Browser". You can add some indecent words which you want to censor.

image

Step 3: Right-click the Default.aspx page then select "View in Browser". Type some content then click the button to test.

image

Step 4: Validation finished.

 

Using the Code

Step1. Create a C# "ASP.NET Web Application" in Visual Studio 2010/Visual Web Developer. Name it as "CSASPNETCensorKeywordInSite".

Step2. If you have installed SQL server 2008 r2 express on your computer, you can directly use the sample database under the App_Data. If not, add a SQL Server Database in the App_Data folder and name it as ��Sample��. The definition of the table ��WordBlack�� as show below:

[Id] [int] IDENTITY(1,1) NOT NULL,[Name] [nchar](10)

You can insert the following test data or add new data:

INSERT [dbo].[WordBlack] ([Id], [Name]) VALUES (1, N'tmd') 
INSERT [dbo].[WordBlack] ([Id], [Name]) VALUES (2, N'***') 
INSERT [dbo].[WordBlack] ([Id], [Name]) VALUES (3, N'test') 

Step3. Add a “Web Service”. This Web Service is used to get the blacklist.

// To allow this Web Service to be called from script, using ASP.NET AJAX, uncomment the following line. 
   [System.Web.Script.Services.ScriptService()] 
   [System.Web.Services.WebService(Namespace = "http://tempuri.org/")] 
   [System.Web.Services.WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)] 
   [ToolboxItem(false)] 
   public class WebService1 : System.Web.Services.WebService 
   { 
       //Sql Connection 
       private static SqlConnection conn = new SqlConnection("Data Source=.\\SQLEXPRESS;AttachDbFilename=|DataDirectory|\\Sample.mdf;Integrated Security=True;User Instance=True"); 
 
 
       [WebMethod()] 
       public string LoadScript() 
       { 
           // Add your operation implementation here 
           string input = ""; 
 
 
           //Query string 
           string queryString = "SELECT [Name] FROM [WordBlack]"; 
           //set query string 
           SqlCommand command = new SqlCommand(queryString, conn); 
           //Open connection 
           conn.Open(); 
           SqlDataReader reader = command.ExecuteReader(); 
 
 
           if (reader.HasRows) 
           { 
               while (reader.Read()) 
               { 
                   input += "|" + (reader["Name"] as string).Trim(); 
               } 
               input = input.Substring(1); 
           } 
           reader.Close(); 
           //Close connection 
           conn.Close(); 
           return input; 
       }       
   } 

Step4. Add two pages then rename to Default.aspx and KeyBlackManage.aspx, the KeyBlackManage page is used to manage the blacklist.  The Default.aspx is used to test. A button is for the client-side input validation, the other button is for the server output validation.

The main code of the client-side input validation as shown below:

<asp:ScriptManager ID="ScriptManager1" runat="server" EnablePageMethods="true"> 
    <Services> 
        <asp:ServiceReference Path="~/WebService1.asmx" /> 
    </Services> 
</asp:ScriptManager> 
 
    <asp:TextBox ID="tbText" runat="server" Height="151px" TextMode="MultiLine" Width="475px"></asp:TextBox> 
     
    <asp:Button ID="btnClientCheck" runat="server" Text="ClientCheck" OnClientClick="javascript:LoadAndExecuteDynamicJS();" /> 
     
    <asp:Button ID="btnEnter" runat="server" Text="ServerCheckAndOutPut" OnClick="btnEnter_Click" /> 
    Output: 
    <asp:Literal ID="ltrMsg" runat="server"></asp:Literal> 
     
     
 
 
    <script type="text/javascript" language="javascript">function LoadAndExecuteDynamicJS() { 
  var wsp = CSASPNETCensorKeywordInSite.WebService1; 
  wsp.LoadScript(CallBackFunction); 
        } 
 
 
        function CallBackFunction(result) { 
  var strText = "" + document.getElementById('tbText').value; 
  strText = strText.replace(/(\s)*/gi, ""); //Remove space 
  strText = strText.toLowerCase();               
       
  var strs = new Array(); 
  strs = result.toLowerCase().split("|"); 
  var msg = ""; 
  try {                 
      for (i = 0; i < strs.length; i++) {                       
          if (strText.indexOf(strs[i]) > -1) { 
              msg = msg + "," + strs[i]; 
          } 
      } 
      if (msg.length > 0) { 
          alert("Your input has the following illegal characters:" + msg.substring(1,msg.length)); 
      }                   
  } 
  catch (e) { 
      alert(e); 
  } 
        } 
    </script> 

The main code of the server output validation as shown below:

protected void btnEnter_Click(object sender, EventArgs e) 
       { 
           string str = tbText.Text; 
           str = str.Trim(); //Remove the spaces and format symbols in the data 
           string str1 = str.Replace(" ", ""); 
 
 
           bool isBool = ValidByReg(str1); 
 
 
           if (isBool) 
           { 
               ltrMsg.Text = str; 
           } 
           else 
           { 
               ltrMsg.Text = ReplacDirty(str); 
           } 
       } 
 
 
       //The list of KeyBlack such as:dirtyStr1|dirtyStr2|dirtyStr3 
       public static string dirtyStr = "";  
 
 
       public string ReplacDirty(string str) 
       { 
           dirtyStr = ReadDic(); 
           try 
           { 
               str = Regex.Replace(str, @"" + dirtyStr + "", @"xxxxx"); 
           } 
           catch (ArgumentException ex) 
           { 
               // Syntax error in the regular expression 
           } 
           return str; 
       } 
 
 
 
 
       private string ReadDic() 
       { 
           String input = ""; 
 
 
           //Query string 
           string queryString = "SELECT [Name] FROM [WordBlack]"; 
           //set query string 
           SqlCommand command = new SqlCommand(queryString, conn); 
           //Open connection 
           conn.Open(); 
           SqlDataReader reader = command.ExecuteReader(); 
 
 
           if (reader.HasRows) 
           { 
               while (reader.Read()) 
               { 
                   input += "|" + (reader["Name"] as string).Trim(); 
               } 
               input = input.Substring(1); 
           } 
           reader.Close(); 
           //Close connection 
           conn.Close(); 
           return input; 
 
 
       } 
 
 
       public bool ValidByReg(string str) 
       { 
           dirtyStr = ReadDic(); 
           //Regular expression used to detect dirty dictionary 
           Regex validateReg = new Regex("^((?!" + dirtyStr + ").(?<!" + dirtyStr + "))*$", RegexOptions.Compiled | RegexOptions.ExplicitCapture); 
       
           return validateReg.IsMatch(str); 
       } 
 

The main code of KeyBlackManage page as shown below:

/// <summary> 
       /// Bind datatable to GridView 
       /// </summary> 
       private void BindGrid() 
       { 
           //Query string 
           string queryString = "SELECT [Id], [Name] FROM [WordBlack]"; 
           SqlDataAdapter adapter = new SqlDataAdapter(); 
           //set query string 
           adapter.SelectCommand = new SqlCommand(queryString, connection); 
           //Open connection 
           connection.Open(); 
           //Sql data is stored DataSet.                  
           DataSet sqlData = new DataSet(); 
           adapter.Fill(sqlData, "WordBlack"); 
           //Close connection 
           connection.Close(); 
 
 
           //Bind datatable to GridView 
           gdvKeyword.DataSource = sqlData.Tables[0]; 
           gdvKeyword.DataBind(); 
       } 
 
 
       //database operation 
       protected void btnAdd_Click(object sender, EventArgs e) 
       { 
           if (IsValid) 
           {                
               string queryString = "Insert into [WordBlack](Name)values(@Keyword)"; 
               SqlParameter para = new SqlParameter("Keyword", tbKey.Text.Trim()); 
               SqlCommand command = new SqlCommand(queryString, connection); 
               command.Parameters.Add(para); 
               connection.Open(); 
               command.ExecuteNonQuery(); 
               connection.Close(); 
 
 
               BindGrid(); 
           } 
       } 
Leave a Comment
  • Please add 4 and 3 and type the answer here:
  • Post
  • very nice code sample!

  • Fans of Arsenal will not be pleased; nor will Scunthorpe fans! :D

Page 1 of 1 (2 items)