This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

We've moved the forum!

Please use forum.silverstripe.org for any new questions (announcement).
The forum archive will stick around, but will be read only.

You can also use our Slack channel or StackOverflow to ask for help.
Check out our community overview for more options to contribute.

General Questions /

General questions about getting started with SilverStripe that don't fit in any of the categories above.

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo, swaiba

E-mail obfuscation

7 Posts 3145 Views

Romeo

Community Member, 67 Posts

15 December 2009 at 5:22am

Edited: 15/12/2009 5:23am

When you add a mailto link using the TinyMCE editor, there is unfortunately no means of obfuscating it, with the result that the e-mail address gets happily snapped up by the spambots. I am thinking that there must be some simple automatic way to do this obfuscation, if only by converting to ASCII characters. And unfortunately if you paste an already ASCII-obfuscated link into TinyMCE, it converts it into spambot-friendly plaintext. Unless there's some way of preventing TinyMCE from doing this (any suggestions?), I'm looking at writing some code to post-process the content and obfuscate any mailto links it finds. It strikes me as such an obviously handy thing that I'm wondering if someone has already done this before. I don't want to do any wheel-reinvention if I can avoid it.

Romeo

Community Member, 67 Posts

15 December 2009 at 5:56am

I quickly did this in fact, by adding this function to my Page_Controller.php class:


	function Content() {
	    if (preg_match_all('/href="(mailto:.*?)"/', $this->Content, $matches)) {
	      $searches=array();
	      $replaces=array();  
	      for($i=0;$i<count($matches[0]);$i++){
		$link=$matches[1][$i];
		$obfuscatedLink = "";
		for ($j=0; $j<strlen($link); $j++){
		  $obfuscatedLink .= "&#" . ord($link[$j]) . ";";
		}
		array_push($searches,$link);
		array_push($replaces,$obfuscatedLink);
	      }
	      return str_replace($searches,$replaces,$this->Content);
	    } else {
	      return $this->Content;
	    }
	}

I'm a PHP newbie (I'm a Java guy) so this is undoubtedly poor PHP (I'm sure there's a better way of doing the string replaces using preg functions), but it does the job. I suspect there's a more efficient way of doing it, though.

bummzack

Community Member, 904 Posts

15 December 2009 at 8:12am

I usually tell my clients to not use regular e-mail links, but write the e-mail in a semi-obfuscated manner, like this:
mail(at)domain.xx

Then I use a jQuery script like this one: http://www.ia-stud.hiof.no/~joakims/projects/defuscator/ to convert these addresses to working e-mail links.

If you don't like the JavaScript route, I suggest you do your obfuscation in the onBeforeWrite method of your page class. Would result in slightly less computing overhead (obfuscation just takes place when page is being saved, instead of every page view).

Romeo

Community Member, 67 Posts

15 December 2009 at 9:41am

Both great ideas, thanks! I'm still slowly getting my head around the Silverstripe way of doing things, so I'm always keen to hear of better, more idiomatic techniques.

ravid

Community Member, 6 Posts

2 February 2010 at 5:13am

see http://www.silverstripe.org/customising-the-cms/show/278119#post278119 for a possible solution

Butterfly

Community Member, 3 Posts

19 February 2010 at 11:45am

omg, email obfuscation should really be included - this is something a framework should deliver out-of-the-box!

bummzack

Community Member, 904 Posts

19 February 2010 at 7:37pm

@Butterfly
There are some e-mail obfuscating methods implemented in Email::obfuscate already.
But there are many different needs and approaches to email obfuscation, each of them has its advantages/disadvantages. If you find the perfect solution, please provide a snippet on http://ssbits.com (or even write a module for it)

Return to top