Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

We've moved the forum!

Please use forum.silverstripe.org for any new questions (announcement).
The forum archive will stick around, but will be read only.

You can also use our Slack channel or StackOverflow to ask for help.
Check out our community overview for more options to contribute.

General Questions /

General questions about getting started with SilverStripe that don't fit in any of the categories above.

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo, swaiba

Email Obfuscation


Go to End


17 Posts   7417 Views

Avatar
dalesaurus

Community Member, 283 Posts

31 October 2009 at 4:56pm

The answer is you wouldn't use it in HTML, can you be more specific as to what you are trying to do?

Avatar
tobych

Community Member, 97 Posts

31 October 2009 at 6:06pm

I mean what would the A tag in the HTML look like?

Avatar
bummzack

Community Member, 904 Posts

31 October 2009 at 10:15pm

Edited: 31/10/2009 10:16pm

I usually use the jQuery defuscate plugin: http://plugins.jquery.com/project/defuscator
Instead of inserting an email link you would have something like this in your source:

<div id="Content" class="typography">
mail(at)domain.xx
</div>

Then calling this in your JavaScript:

$('#Content').defuscate();

Will turn the plain text mail(at)domain.xx to a e-mail link to mail@domain.xx

Compared to other variants of obfuscation, this approach leaves the user with a human readable address if he doesn't have JavaScript enabled.

Avatar
dalesaurus

Community Member, 283 Posts

1 November 2009 at 7:48am

C'mon Toby, you can be more specific that that. We don't write HTML in Silverstripe, we write SS templates and fill out Page Content in the CMS.

Lets play MadLibs:

I want to make ___(noun)___ appear in my ___(place on site)___ in an obfuscated manner. That ___(noun)___ will be pulled from ___(data source: entered in WYSIWYG editor, pulled from DB, typed statically in a template, etc)___. I want this to happen ___(frequency: once, automatically)__ I put an ___(noun)__ in my ___(data source)___.

Avatar
tobych

Community Member, 97 Posts

1 November 2009 at 10:31am

Edited: 01/11/2009 10:47am

I tried to make Dale's MadLibs work for us but gave up!

Okay, so here's the API documentation, for those that want it:

http://api.silverstripe.org/sapphire/email/Email.html#obfuscate

I didn't bother reading that because I was hoping someone who had done so and tried it all out and was able to quickly provide an example, would help this lazy programmer avoid just that. That hard-working API- and source-reading programmer is now, temporarily, me.

(And my God does the API documentation online need to be searchable, and easily linkable-to-methods, and have examples. And yes, feel free to tell ask me why I don't just do it myself then. :-) Maybe there's some elsewhere that I've not yet heard about. Something that works like the PHP documentation.)

Here's what I'm going to use until my client wants a better solution than Email::obfuscate() (currently) provides.

In the controller:

  function emailAddress() {
    return "toby@tobychampion.co.uk";
  }

  function ObfuscatedEmailForURL() {
      return Email::obfuscate($this->emailAddress(), 'hex');
  }

  function ObfuscatedEmailForText() {
      return Email::obfuscate($this->emailAddress(), 'direction');
  }

In the template:

<a href="mailto:$ObfuscatedEmailForURL">$ObfuscatedEmailForText</a>

What the browser gets:

<a href="mailto:&#x74;&#x6f;...&#x6b;"><span class="codedirection">ku.oc.noipmahcybot@ybot</span></a>

It also gets some custom CSS in the header (via a call to Requirements::customCSS() in Email::obfuscate()):

<style type="text/css">
span.codedirection { unicode-bidi: bidi-override; direction: rtl; }
</style>

Which is using CSS functionality you can read about here: http://xhtml.com/en/css/reference/unicode-bidi/ (bidi stands for bi-directional here; I thought it was just a magic woo woo word but no).

So this seems like the basic solution offered. Users without Javascript won't see any readable email address though. The solution Email::obfuscate() offers is to use 'visible' instead of 'direction', which would give the browser this:

<a href="mailto:&#x74;&#x6f;...&#x6b;">toby [at] tobychampion [dot] co [dot] uk</a>

Okay, back to avoiding reading APIs and stealing code.

Toby

Avatar
dalesaurus

Community Member, 283 Posts

2 November 2009 at 5:20am

Wow, that is a wiki-worthy post Toby. Nicely done.

Now that I see your intent a bit more clearly I agree there isn't a direct way to do it. Email::Obfuscate is pretty narrow in its functionality. It ended up requiring a bunch of code (too much) to perform a simple task. Thanks for patiently working through it.

Also, there has been discussion recently on the Google Dev groups on restructuring the documentation. At this time, however, reading the APIs is the best way to get a straight answer.

Avatar
tobych

Community Member, 97 Posts

2 November 2009 at 7:03am

Thanks Dale. I've linked to the post from the comments in the API documentation for Email.

The Email class seems to not be the best place for this method. Also, it seems to me the functionality would better be provided by a class that takes an address in the contructor and provides the different views on it through methods. Too much responsibility in the class otherwise. I guess I could file a ticket on that and provide a patch. The most recent change to Email.php was http://open.silverstripe.org/changeset/67675. There are no tickets around it. But I'm not experienced enough using the templating system to know what would be the best way of making this functionality easy to use and well factored. I'm going to play around and see what I can up with, starting with reading:

http://doc.silverstripe.org/doku.php?id=templates#creating_your_own_template_variables_and_controls

Toby

Avatar
tobych

Community Member, 97 Posts

2 November 2009 at 9:08am

Edited: 02/11/2009 9:18am

I've now learned enough about templates and ViewableData to give me a wrapper around Email::obfuscate(). It's somewhere being super useful, reasonably elegant... and totally over-the-top and a waste of time. I enjoyed the exercise, though.

In my template I can have:

<a href="$MyObfuscatedEmail.Link">$MyObfuscatedEmail.Title</a>

or, depending on how I feel (terse or DRY):

<% control MyObfuscatedEmail %>
  <a href="$Link">$Title</a>
<% end_control %></p>

To make this work, I include in my controller's init():

function init() {
  parent::init();
  $this->MyObfuscatedEmail = new ObfuscatedEmail("toby@tobychampion.co.uk");
}

And finally, here's the new class (also, attached as it appears in my code/ folder):

class ObfuscatedEmail extends ViewableData {

  protected $email;
  protected $titleMethod;
  
  function __construct($email, $titleMethod = 'direction') {
    $this->email = $email;
    $this->titleMethod = $titleMethod;
  }

  function Title() {
    return Email::obfuscate($this->email, $this->titleMethod);
  }

  function Link() {
    return 'mailto:' . Email::obfuscate($this->email, 'hex');
  }

  function Email() {
    return $this->email;
  }

}

Toby