|
|
|
After reading the example of how to secure your email on your website from robots with Javascript, I thought a pure PHP version would be nice.
The code below takes 1, 2 or 3 parameters, (1)the email and (2)the text for the link. If you omit the text, the email address is used. The 3rd parameter could be used to format the link.
|
<?php
function eMail($email, $name='', $params='') {
$encMail = encString($email);
if(!$name) $name=$email;
return '<a href="mailto:'.$encMail.'" '.$params.'>'.$name.'</a>';
}
function encString ($orgStr) {
$encStr = "";
$nowStr = "";
$rndNum = -1;
$orgLen = strlen($orgStr);
for ( $i = 0; $i < $orgLen; $i++) {
$encMod = rand(1,2);
switch ($encMod) {
case 1: // Decimal
$nowStr = "&#" . ord($orgStr[$i]) . ";";
break;
case 2: // Hexadecimal
$nowStr = "&#x" . dechex(ord($orgStr[$i])) . ";";
break;
}
$encStr .= $nowStr;
}
return $encStr;
}
?> | |
Usage Example
| <?php
echo eMail('bob@hotmail.com', 'bob@hotmail.com', 'class=whatever').'<BR>';
echo eMail('bob@hotmail.com', 'email me', 'class=whatever').'<BR>';
echo eMail('bob@hotmail.com');
?> | |
|
|
| Protect your email links from being spidered by spam email robots!
Categories : PHP, Security, Mail, Email | | | send_mail function to defeat Header Injection Hacking/Spamming
Categories : PHP, Email, Form Processing, Security | | | Encoding data using PGP via PHP's proc_* functions
Categories : Cryptography, Security, Email, PHP, PGP | | | A damaged image generator (class) for validating text.
CAPTCHA - Completely Automated Public Turing test to tell Computers and Humans Apart
Categories : PHP, PHP Classes, Security, GD image library, Security | | | PHP3: Formmail. Just a cgi formmail, but than in PHP. It is easy to use!
Categories : HTML and PHP, Email, PHP, Perl, HTML and PHP | | | phpEasyMail: An easy way to send data from HTML-forms via EMail.
Categories : Email, HTML and PHP, Complete Programs, PHP | | | validateEmail 2.0 - upgraded version of the old validateEmail function used to validate email
addresses via SMTP and regex.
Categories : Email, Regexps, PHP | | | Broadcast HTML Email
Categories : PHP, Email, MySQL, Databases | | | Anti SQL injection-PHP
Categories : PHP, MySQL, Security | | | POP3 Class
Categories : PHP Classes, PHP, Email | | | email validator check checker email e-mail email address
Categories : PHP, Email, Regexps | | | A PHP function to encrypt and decrypt a number or string or a combination of the two.
Categories : PHP, Encryption, Security | | | simple script to send emails via a html-form to different users
Categories : Email, MySQL, PHP, Databases | | | cPanel Email Accounts Creator
Categories : PHP, PHP Classes, Email, Form Processing, Web Services | | | Customer feedback or simple emailer - A PHP script that enables your visitors to send you emails.
Categories : PHP, Email, Form Processing | |
| | | | Gerd Klingenspor wrote : 1162
I forgot to mention, that you have to look into the source code to see the results.
Your visitors will see the unencoded version, the bots/harvesters will see the encoded version, but not the unencoded one.
| | | | matthew waygood wrote : 1164
The results I got were :-
<a href="mailto:bob@hotmail.com" class=whatever>bob@hotmail.com</a><BR><a href="mailto:bob@hotmail.com" class=whatever>email me</a><BR><a href="mailto:bob@hotmail.com" >bob@hotmail.com</a>
You forgot to encrypt the link text if it too contains and email address, so bob@hotmail.com could still be extracted.
| | | | matthew waygood wrote : 1165
forgot this was being displayed on a page, so doesnt reflect what I saw. I have replace the codes with # to make it more readable
<a href="mailto:########### class=whatever>bob@hotmail.com</a>
<a href="mailto:######## class=whatever>email me</a>
<a href="mailto:#######>bob@hotmail.com</a>
| | | | matthew waygood wrote : 1166
Although you can decode the email address, I have tried extracting with a few programs and it does seem to protect you email.
As the person who submitted the Javascript solution you refer to, I will be switching to this method as it provides better compatability with people who switch off javascript.
Nice work. I`ll add a comment to my own submission referencing this.
| | | | Sarah King wrote : 1171
for comparison also see this code: http://www.weberdev.com/get_example.php3?count=3939
One type of encryption and also hides the mailto= string to prevent that giving the bots reason to store for manual processing (as they get smarter)
Sarah
| | | | Gerd Klingenspor wrote : 1174
To make it pretty much bombproof:
replace OLD:
function eMail($email, $name=``, $params=``) {
$encMail = encString($email);
if(!$name) $name=$email;
return `<a href="mailto:`.$encMail.`" `.$params.`>`.$name.`</a>`;
}
with NEW:
function eMail($email, $name=``, $params=``) {
if(!$name) $name=$email;
return `<a href="`.encString(`mailto:`).encString($email).`" `.$params.`>`.encString($name).`</a>`;
}
| | | | matthew waygood wrote :1261
I needed this recently so I recoded it with some other features you may find useful. And included the coding of the MAILTO: text aswell as pointed out earlier.
<?php
function eMail($email, $name=``, $params=``, $email_extras=``)
{
// return an empty link if no email was specified
if( (!$email) || (!is_scalar($email)) ) return ``;
// contruct extra parameters for the mailto link, ie subject,cc,bcc,body while will also be encoded
$email_extras_string=``;
if($email_extras) $email_extras_string=`?`.$email_extras;
if(is_array($email_extras))
{
$email_extras_string=`?`;
$first=TRUE;
while(list($key,$value)=each($email_extras))
{
if(!$first)
{
$email_extras_string.="&";
}
$first=FALSE;
$email_extras_string.=$key."=".urlencode($value);
}
}
// if no name was specified then use the email address
if( (!$name) || (!is_scalar($name)) ) $name=$email;
// if formatting parameters were specified then add a space to make readable
$param_string=``;
if( ($params) && (is_scalar($params)) ) $param_string=` `.$params;
// return the link, encoding appropriate parts of the href
return `<A HREF="`.encString(`MAILTO:`.$email.$email_extras_string).`"`.$param_string.`>`.encString($name).`</A>`;
}
function encString($orgStr)
{
$encStr="";
$nowStr="";
$rndNum=-1;
$orgLen=strlen($orgStr);
for($i=0;$i<$orgLen;$i++)
{
if(version_compare("4.2", php_version)) // a pre php version 4.2, rand should be seeded
{
list($usec, $sec) = explode(` `, microtime());
srand( (float) $sec + ((float) $usec * 100000) );
}
$encMod = rand(1,5); // make chances of coding as follows: Decimal 2/5, Hex 2/5, None 1/5
switch($encMod)
{
case 1: // Decimal
case 2: // Decimal
$nowStr="&#".ord($orgStr[$i]).";";
break;
case 3: // Hexadecimal
case 4: // Hexadecimal
$nowStr="&#x".dechex(ord($orgStr[$i])).";";
break;
default: // Normal (case 5)
$nowStr=$orgStr[$i];
break;
}
$encStr.=$nowStr;
}
return $encStr;
}
echo eMail(`mwwaygoo@hotmail.com`)."<BR/>\n";
echo eMail(`mwwaygoo@hotmail.com`, `email me`)."<BR/>\n";
echo eMail(`mwwaygoo@hotmail.com`, `email me`, `onMouseOver="self.status=\`status\`;return true" onMouseOut="self.status=\`\`;return true"`)."<BR/>\n";
echo eMail(`mwwaygoo@hotmail.com`, `email me`, ``, array(`Subject`=>`sub`,`Cc`=>`cc`,`body`=>`body`,`Bcc`=>`bcc`))."<BR/>\n";
?>
| |
|
|
