You can try to implement this code:
PHP Code:
if (isset($_POST['submit']) && $_SERVER['REQUEST_METHOD'] == "POST") {
$exploits = "/(content-type|bcc:|cc:|document.cookie|onclick|onload|javascript|alert)/i";
$profanity = "/(beastial|bestial|blowjob|clit|cock|cum|cunilingus|cunillingus|cunnilingus|****|ejaculate|fag|felatio|fellatio|****|fuk|fuks|gangbang|gangbanged|gangbangs|hotsex|jism|jiz|kock|kondum|kum|kunilingus|orgasim|orgasims|orgasm|orgasms|phonesex|phuk|phuq|porn|pussies|*****|spunk|xxx)/i";
$spamwords = "/(viagra|phentermine|tramadol|adipex|advai|alprazolam|ambien|ambian|amoxicillin|antivert|blackjack|backgammon|holdem|poker|carisoprodol|ciara|ciprofloxacin|debt|dating|porn)/i";
$bots = "/(Indy|Blaiz|Java|libwww-perl|Python|OutfoxBot|User-Agent|PycURL|AlphaServer)/i";
if (preg_match($bots, $_SERVER['HTTP_USER_AGENT'])) {
exit("<p>Known spam bots are not allowed.</p>");
}
foreach ($_POST as $key => $value) {
$value = CleanUp($value);
if (empty($_POST['name']) || empty($_POST['email']) || empty($_POST['url']) || empty($_POST['collecting']) ) {
exit("<p>Name, e-mail, URL and collecting are required fields. Please go back and fill in the form properly.</p>");
} elseif (preg_match($exploits, $value)) {
exit("<p>Exploits/malicious scripting attributes aren't allowed.</p>");
} elseif (preg_match($profanity, $value) || preg_match($spamwords, $value)) {
exit("<p>That kind of language is not allowed through our form.</p>");
}
}
I'm not sure how to mix it in myself, but I've seen this used on other register.php files.