|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
ferocious software...
Posting email addresses on your site is a bad idea unless you're itching to
try your hand at coding infalliable filtering rules within your email client. Naturally you need your viewers
to be able to reach you, unless the viewer is a mail-harvesting spambot! The typical work-around is to use
email address obfuscation, which means showing some text that is garbage to a bot, but understandable by a human...
like you AT your[remove_this]domain DOT com.
Most obfuscation techniques are quite effective, though not fool-proof. The problem is that mail obfuscation and automated image generation of emails still don't offer the convenience of the now infamous mailto: command which all spambots yearn for.
This script, however, allows you to use the mailto: command without worrying about spambot harvest [unless the spambot "hovers" on non-linked page elements] by encoding the email using php and decoding on hover using javascript.
Here's an example of the script at work...
here is an e-mail address: [protected e-mail]
To make this happen, all you need to do is include the hideaddr.php file at the beginning of your pages and then type <?php email("you@yourdomain.com"); ?>. The php include will scramble the letters in the address and and return source code which has no mailto: element and no intelligible email address:
As you can see, the code gives no useful info to the evil bot, but allows you to print any text you may want like "click here" or whatever to generate a bonafide mailto: as soon as the user hovers on the address... just like we used to use in the good ole days!
The hideaddr.php [0.24] will place [protected e-mail] or similar 'links' on the page for your obfuscated email addresses. You may have an unlimited number of addresses on the page, each with a randomly generated DOM id. If you would like to uniquely specify the displayed text, you may optionally specify a second string argument when making the function call: 'textToDisplay'. You may also optionally control the text string which is displayed after hover: 'textAfterHover'. By default [no 3rd argument given], the clean e-mail address is displayed after hover. There are usage guidelines in the script comments, but all you'll really need in your *.php file are the following 2 lines:
Note that the 2nd and 3rd arguments in square brackets [ ] of the e-mail function are optional.
Advanced Usage:
If your content is being pulled from a database or flat file and you'd like to automatically obfuscate all e-mail addresses before displaying the content, you can try searching for e-mail patterns in your content with preg_replace_callback.
With your $myContent variable set to something resembling that above, try this:
Using this example you should get the following output with <?php echo $myContent; ?> :
Normally the email() function would echo the output and return true, but in this case, it sees the incoming array argument from preg_replace_callback and knows to return the string output to the caller without echoing anything.
If you're mystified and curious about that preg_replace_callback pattern above, you can learn more about using regular expressions in php [PCRE] here.
Play with it and enjoy!
Release Notes:
There was an innerhtml bug in the javascript for hideaddr.php [version 0.1] and hideaddr2.php [version 0.2]. Both versions are now deprecated in favor of hideaddr.php [version 0.24] where this bug has been fixed and additional functionality added. Our thanks to the folks at Captain Larry's for pointing this out!
Download hideaddr.zip
Most obfuscation techniques are quite effective, though not fool-proof. The problem is that mail obfuscation and automated image generation of emails still don't offer the convenience of the now infamous mailto: command which all spambots yearn for.
This script, however, allows you to use the mailto: command without worrying about spambot harvest [unless the spambot "hovers" on non-linked page elements] by encoding the email using php and decoding on hover using javascript.
Here's an example of the script at work...
here is an e-mail address: [protected e-mail]
To make this happen, all you need to do is include the hideaddr.php file at the beginning of your pages and then type <?php email("you@yourdomain.com"); ?>. The php include will scramble the letters in the address and and return source code which has no mailto: element and no intelligible email address:
<script language = "JavaScript1.1" type = "text/javascript">
function decodeAddr(protectedAddr, domId){
var
cleanAddr=" ";
for(i=0; i < cleanAddr.length; i+=2){
thisPiece=protectedAddr.substring(i,i+2);
cleanAddr=cleanAddr.concat(thisPiece.charAt(1),
thisPiece.charAt(0));
}
cleanAddr=cleanAddr.link("mailto:"+cleanAddr);
document.getElementById(domId).innerHTML=cleanAddr;
}
</script>
here is an e-mail address:
<span id = "oyuoyruo9842"><span onMouseOver = "decodeAddr('oy@uoyruodamnic.mo', 'oyuoyruo9842')"><em>[hover to show address]</em ></span></span>
As you can see, the code gives no useful info to the evil bot, but allows you to print any text you may want like "click here" or whatever to generate a bonafide mailto: as soon as the user hovers on the address... just like we used to use in the good ole days!
The hideaddr.php [0.24] will place [protected e-mail] or similar 'links' on the page for your obfuscated email addresses. You may have an unlimited number of addresses on the page, each with a randomly generated DOM id. If you would like to uniquely specify the displayed text, you may optionally specify a second string argument when making the function call: 'textToDisplay'. You may also optionally control the text string which is displayed after hover: 'textAfterHover'. By default [no 3rd argument given], the clean e-mail address is displayed after hover. There are usage guidelines in the script comments, but all you'll really need in your *.php file are the following 2 lines:
// at or near the beginning of your *.php file
<?php include './hideaddr.php'; ?>
// wherever you wish to obfuscate an address
<?php email("you@yourdomain.com", ["text to display before hover"], ["text to display after hover"] ); ?>
Note that the 2nd and 3rd arguments in square brackets [ ] of the e-mail function are optional.
Advanced Usage:
If your content is being pulled from a database or flat file and you'd like to automatically obfuscate all e-mail addresses before displaying the content, you can try searching for e-mail patterns in your content with preg_replace_callback.
$myContent = "here is my e-mail address: me@mydomain.com -- your e-mail address: you@your.domain.com -- her e-mail: first.last@her.domain.com";
With your $myContent variable set to something resembling that above, try this:
$myContent = preg_replace_callback("/[-_a-z0-9]+(\.[-_a-z0-9]+)*@[-a-z0-9]+(\.[-a-z0-9]+)*\.[a-z]{2,6}/i", email, $myContent);
Using this example you should get the following output with <?php echo $myContent; ?> :
here is my e-mail address: [protected e-mail]
-- your e-mail address: [protected e-mail]
-- her e-mail: [protected e-mail]
Normally the email() function would echo the output and return true, but in this case, it sees the incoming array argument from preg_replace_callback and knows to return the string output to the caller without echoing anything.
If you're mystified and curious about that preg_replace_callback pattern above, you can learn more about using regular expressions in php [PCRE] here.
Play with it and enjoy!
Release Notes:
There was an innerhtml bug in the javascript for hideaddr.php [version 0.1] and hideaddr2.php [version 0.2]. Both versions are now deprecated in favor of hideaddr.php [version 0.24] where this bug has been fixed and additional functionality added. Our thanks to the folks at Captain Larry's for pointing this out!
Download hideaddr.zip
© 2010 Monsterbyte
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|