Yeah, it's not that great of a method, but I think the main difference is that while most other places use Javascript code or ASCII equivalent-characters, this one uses a completely different method which requires bots to interpret HTTP headers instead of just brute-forcing a link. Plus, because the link isn't mailto:, it will most likely be skipped by the majority of spam bots (we could change the controller-url to something other than mailto/ as well).

why do you implement a simple captcha within the formeditor?

or make a simple howto - so if someone would like to use a captcha - it can be included as simple as can.

i will like to have a captcha, but i don't know how to put it into the form. ;-)

Hi

Captcha is a pain for users. I think it is better to have an alternative that allows straight input.

Cheers

Nicolaas

I agree with this last point. A good email obfuscator needs to use javascript in my opinion.

I would recommend to have a look to this wonderful article

http://www.alistapart.com/articles/gracefulemailobfuscation/

The only downfall is that you need a backup solution for those who don't have javascript activated.

It wouldn't be too difficult, I guess, to implement this solution into SS.

It's true that Captcha is controversial, but I don't think that we want to block it out of SilverStripe altogether!

This recaptcha field might help:
http://open.silverstripe.com/browser/modules/recaptcha/trunk/code/RecaptchaField.php

Is it possible to decorate a random class like DBField?
That would be useful for this. For example:
1. Install the module reCaptcha-MailHide
2. Update themes like this:
$Content.ReCaptchaMailHidden

Or, to be a bit more extensible:
1. Install the module spamprotect-reCaptcha (or any spamprotect-* module)
2. Set the preferred anti-spam mechanism in _config.php
3. Update themes like this:
$Content.SpamProtected
4. Decide that you want a different mechanism
5. Install spamprotect-yourRandomMechanism
6. Update setting in _config.php

Thoughts?

EDIT: Of course, $Content.SpamProtected should return the same as $Content if no spamprotect-* module is installed (maybe provide a default one?)

I'm not sure about decorating a Varchar; in theory it's possible but I've never done it.

One of the approaches we're thinking about taking with this stuff is to increase the number of DBField subclasses to better describe the kind of content that they contain.

So, you might have

class EmailAddress extends Varchar {

}

...

static $db = array(
"Email" => "EmailAddress",
);

That's definately a good idea to have an EmailField, but it won't cover the possibility of inlining email adresses in the Content field for example.

Maybe that anti-spam support could be in the core, and then make a class, say AntiSpamifier, that one should subclass to implement new mechanisms?

Relevant classes could then implement a getSpamProtected method that creates a AntiSpamifier object and passes it's string through AntiSpamifier::SpamProtect() before returning it.

Still, it might be hard to make it relatively easy to validate what the user types for example in the reCaptcha field.

EDIT: Spelling.