[nycphp-talk] Replace restrictions
inforequest
1j0lkq002 at sneakemail.com
Mon Apr 11 20:06:33 EDT 2005
Spot spot-at-deviantart.com |nyphp dev/internal group use| wrote:
> We are having some issues with comment parsing.
>
> Each comment goes through quite a few search/replace operations. We
> have some malicious users posting comments with thousands of emoticons
> (for example) but we have not located an efficient way to limit this
> since all search/replace function do not have a limiting option.
>
> Any ideas?
>
You may want to pre-characterize comments before processing. There must
be a clever way to run some of the faster PHP functions across the
comment-as-string or binary, producing a statistic which can
characterize it as likely to be normal or likely to be problematic. Then
handle as appropriate.
I would imagine a thousand emoticons would sign quite differently than
typical prose when passed through a count_chars, if you inspect a set
comprised of "special" characters (colons, semicolons, dashes, etc)....
not sure if characterset presents a practical barrier, though (ascii was
easy!).
More information about the talk
mailing list