NYCPHP Meetup

[nycphp-talk] Replace restrictions

inforequest 1j0lkq002 at sneakemail.com
Mon Apr 11 20:06:33 EDT 2005


Spot spot-at-deviantart.com |nyphp dev/internal group use| wrote:

> We are having some issues with comment parsing.
>
> Each comment goes through quite a few search/replace operations. We 
> have some malicious users posting comments with thousands of emoticons 
> (for example) but we have not located an efficient way to limit this 
> since all search/replace function do not have a limiting option.
>
> Any ideas?
>
You may want to pre-characterize comments before processing. There must 
be a clever way to run some of the faster PHP functions across the 
comment-as-string or binary, producing a statistic which can 
characterize it as likely to be normal or likely to be problematic. Then 
handle as appropriate.

I would imagine a thousand emoticons would sign quite differently than 
typical prose when passed through a count_chars, if you inspect a set 
comprised of "special" characters (colons, semicolons, dashes, etc).... 
not sure if characterset presents a practical barrier, though (ascii was 
easy!).







More information about the talk mailing list