WeberDev.com PHP and MySQL Code

LOG IN
BEGINNER GUIDES  |  PHP CLASSES  |  CODE SEARCH  |  ARTICLES SEARCH  |  PHP FORUMS  |  PHP MANUAL  |  PHP FUNCTIONS LIST  |  WEB SITE TEMPLATES
Start typing to search for PHP and MySQL Code Snippets and Articles Search
Submit a code Example / Snippet Submit Your Code
Search Engine Optimization Monitor SEO Monitor
Web Site UpTime Monitor UpTime Monitor
WeberDev's Monthly code contest PHP Code Contest
Your Personal Examples List My Favorite Examples
Your Personal Articles List My Favorite Articles
Edit Account Info Update Your Profile
PHP Code Search
Web Development Forums
Learn MySQL Playing Trivia
PHPBB2 Templates
Web Development Index
PHP Web Logs (BLogs)
Web Development Resources
Web Development Content
PHPClasses
PHP Editor
PHP Jobs
Vision.To Design
Ajax Tutorials
PHP Programming Help
PHP/MySQL Programming
Webmaster Resources
Webmaster Forum
XML meta language
website builder
Submit Site
Forex Trading Online forex trading platform

Go Back Add a Comment Send this example to a friend Add this Article to your personal favoritest for easy future access to your favorite Code Examples and Articles. Submit a code example Print this code example.
BACK ADD A COMMENT SEND TO A FRIEND ADD TO MY FAVORITES ADD CODE EXAMPLES PRINT
Title : Protect your mailto: email addresses from bots - pure PHP
Categories : PHP, Email, Security Click here to Update Your Picture
Gerd Klingenspor
Date : Jul 26th 2004
Grade : 4 of 5 (graded 4 times)
Viewed : 9352
File : No file for this code example.
Images : No Images for this code example.
Search : More code by Gerd Klingenspor
Action : Grade This Code Example
Tools : My Examples List

  Submit your own code examples 
 

After reading the example of how to secure your email on your website from robots with Javascript, I thought a pure PHP version would be nice.
The code below takes 1, 2 or 3 parameters, (1)the email and (2)the text for the link. If you omit the text, the email address is used. The 3rd parameter could be used to format the link.

<?php
function eMail($email, $name='', $params='') {
   
$encMail = encString($email);
    if(!
$name) $name=$email;
    return
'<a href="mailto:'.$encMail.'" '.$params.'>'.$name.'</a>';
}

function
encString ($orgStr) {
   
$encStr = "";
   
$nowStr = "";
   
$rndNum = -1;

   
$orgLen = strlen($orgStr);
    for (
$i = 0; $i < $orgLen; $i++) {
       
$encMod = rand(1,2);
        switch (
$encMod) {
        case
1: // Decimal
           
$nowStr = "&#" . ord($orgStr[$i]) . ";";
            break;
        case
2: // Hexadecimal
           
$nowStr = "&#x" . dechex(ord($orgStr[$i])) . ";";
            break;
        }
       
$encStr .= $nowStr;
    }
    return
$encStr;
}
?>


Usage Example
<?php
echo eMail('bob@hotmail.com', 'bob@hotmail.com', 'class=whatever').'<BR>';
echo
eMail('bob@hotmail.com', 'email me', 'class=whatever').'<BR>';
echo
eMail('bob@hotmail.com');
?>



Encoding data using PGP via PHP's proc_* functions
Categories : Cryptography, Security, Email, PHP, PGP
A damaged image generator (class) for validating text. CAPTCHA - Completely Automated Public Turing test to tell Computers and Humans Apart
Categories : PHP, PHP Classes, Security, GD image library, Security
Protect your email links from being spidered by spam email robots!
Categories : PHP, Security, Mail, Email
send_mail function to defeat Header Injection Hacking/Spamming
Categories : PHP, Email, Form Processing, Security
Email a user with out exposing email address
Categories : PHP, Databases, MySQL, Email
Password Creator: This PHP code exmaple shows how to use bitwise operations on a single variable and using it as a flagged variable. The class generates passwords of a given length using specified characters and the flags.
Categories : PHP, PHP Classes, Algorithms, Security
Simple Password example
Categories : PHP, Authentication, Security, HTTP
Class for sending mail with MIME attachments in multipart format using external sendmail, mimencode and zip
Categories : Email, Network, PHP, PHP Classes
PHP Function to Encrypt/Decrypt a string without a known key. The string itself has his own different key for every character.
Categories : PHP, Algorithms, Security, Authentication, Encryption
A PHP function to encrypt and decrypt a number or string or a combination of the two.
Categories : PHP, Encryption, Security
A web-based php3 IMAP email client supporting address books, attachements (downloading and sending), LDAP searching, and much much more.
Categories : Email, PHP, LDAP
A very simple PHP single password cookie based login without usernames.
Categories : PHP, Cookies, Security, Beginner Guides
email new items in db
Categories : PHP, Email, Databases, MySQL, Beginner Guides
MD5 secured login
Categories : PHP, Java Script, Authentication, Security
Secure URL $_GET
Categories : PHP, Data Validation, Security
 Gerd Klingenspor wrote : 1162
I forgot to mention, that you have to look into the source code to see the results.
Your visitors will see the unencoded version, the bots/harvesters will see the encoded version, but not the unencoded one.
 
 matthew waygood wrote : 1164
The results I got were :-
&lt;a href="mailto:&#x62;&#x6f;&#98;&#64;&#104;&#111;&#x74;&#109;&#x61;&#x69;&#108;&#x2e;&#x63;&#x6f;&#109;" class=whatever&gt;bob@hotmail.com&lt;/a&gt;&lt;BR&gt;&lt;a href="mailto:&#98;&#111;&#x62;&#x40;&#104;&#111;&#116;&#109;&#97;&#x69;&#108;&#x2e;&#x63;&#111;&#109;" class=whatever&gt;email me&lt;/a&gt;&lt;BR&gt;&lt;a href="mailto:&#x62;&#x6f;&#98;&#64;&#104;&#111;&#116;&#109;&#97;&#105;&#108;&#x2e;&#99;&#111;&#x6d;" &gt;bob@hotmail.com&lt;/a&gt; 

You forgot to encrypt the link text if it too contains and email address, so bob@hotmail.com could still be extracted.
 
 matthew waygood wrote : 1165
forgot this was being displayed on a page, so doesnt reflect what I saw. I have replace the codes with # to make it more readable

&lt;a href="mailto:########### class=whatever&gt;bob@hotmail.com&lt;/a&gt;
&lt;a href="mailto:######## class=whatever&gt;email me&lt;/a&gt;
&lt;a href="mailto:#######&gt;bob@hotmail.com&lt;/a&gt; 
 
 matthew waygood wrote : 1166
Although you can decode the email address, I have tried extracting with a few programs and it does seem to protect you email.
As the person who submitted the Javascript solution you refer to, I will be switching to this method as it provides better compatability with people who switch off javascript.

Nice work. I`ll add a comment to my own submission referencing this.


 
 Sarah King wrote : 1171
for comparison also see this code: http://www.weberdev.com/get_example.php3?count=3939

One type of encryption and also hides the mailto= string to prevent that giving the bots reason to store for manual processing (as they get smarter)

Sarah
 
 Gerd Klingenspor wrote : 1174
To make it pretty much bombproof:

replace OLD:

function eMail($email, $name=``, $params=``) {
    $encMail = encString($email);
    if(!$name) $name=$email;
    return `&lt;a href="mailto:`.$encMail.`" `.$params.`&gt;`.$name.`&lt;/a&gt;`;
}

with NEW:

function eMail($email, $name=``, $params=``) { 
    if(!$name) $name=$email; 
    return `&lt;a href="`.encString(`mailto:`).encString($email).`" `.$params.`&gt;`.encString($name).`&lt;/a&gt;`; 

 
 matthew waygood wrote :1261
I needed this recently so I recoded it with some other features you may find useful. And included the coding of the MAILTO: text aswell as pointed out earlier.

&lt;?php
function eMail($email, $name=``, $params=``, $email_extras=``)
{
    // return an empty link if no email was specified
    if( (!$email) || (!is_scalar($email)) ) return ``;

    // contruct extra parameters for the mailto link, ie subject,cc,bcc,body while will also be encoded
    $email_extras_string=``;
    if($email_extras) $email_extras_string=`?`.$email_extras;
    if(is_array($email_extras))
    {
        $email_extras_string=`?`;
        $first=TRUE;
        while(list($key,$value)=each($email_extras))
        {
            if(!$first)
            {
                $email_extras_string.="&";
            }
            $first=FALSE;
            $email_extras_string.=$key."=".urlencode($value);
        }
    }

    // if no name was specified then use the email address
    if( (!$name) || (!is_scalar($name)) ) $name=$email;

    // if formatting parameters were specified then add a space to make readable
    $param_string=``;
    if( ($params) && (is_scalar($params)) ) $param_string=` `.$params;

    // return the link, encoding appropriate parts of the href
    return `&lt;A HREF="`.encString(`MAILTO:`.$email.$email_extras_string).`"`.$param_string.`&gt;`.encString($name).`&lt;/A&gt;`;
}

function encString($orgStr)
{
    $encStr="";
    $nowStr="";
    $rndNum=-1;

    $orgLen=strlen($orgStr);
    for($i=0;$i&lt;$orgLen;$i++)
    {
        if(version_compare("4.2", php_version)) // a pre php version 4.2, rand should be seeded
        {
            list($usec, $sec) = explode(` `, microtime());
            srand( (float) $sec + ((float) $usec * 100000) );
        }
        $encMod = rand(1,5); // make chances of coding as follows: Decimal 2/5, Hex 2/5, None 1/5
        switch($encMod)
        {
            case 1: // Decimal
            case 2: // Decimal
                $nowStr="&#".ord($orgStr[$i]).";";
                break;
            case 3: // Hexadecimal
            case 4: // Hexadecimal
                $nowStr="&#x".dechex(ord($orgStr[$i])).";";
                break;
            default: // Normal (case 5)
                $nowStr=$orgStr[$i];
            break;
        }
        $encStr.=$nowStr;
    }
    return $encStr;
}

echo eMail(`mwwaygoo@hotmail.com`)."&lt;BR/&gt;\n";
echo eMail(`mwwaygoo@hotmail.com`, `email me`)."&lt;BR/&gt;\n";
echo eMail(`mwwaygoo@hotmail.com`, `email me`, `onMouseOver="self.status=\`status\`;return true" onMouseOut="self.status=\`\`;return true"`)."&lt;BR/&gt;\n";
echo eMail(`mwwaygoo@hotmail.com`, `email me`, ``, array(`Subject`=&gt;`sub`,`Cc`=&gt;`cc`,`body`=&gt;`body`,`Bcc`=&gt;`bcc`))."&lt;BR/&gt;\n";

?&gt;