Revision history for SpamSafeEmail
Revision [23234]
Last edited on 2016-05-20 07:38:47 by FrankChestnut [Replaces old-style internal links with new pipe-split links.]Additions:
While the "fairly" [[EmailActionInfo | spam safe email]] is good, there is an alternative to javascript wich as of today can still be turned off or simply not work for some people. This solution encodes the email link and change the text into a bot safe text.
Deletions:
Revision [19226]
Edited on 2008-01-28 00:14:44 by FrankChestnut [Modified links pointing to docs server]No Differences
Additions:
if (preg_match("/^.+\@.+$/", $tag))
if (preg_match("/^.+\@.+$/", $tag))
$mailto = "mailto:";
$address = htmlspecialchars($tag);
for ($x=0; $x < strlen($address); $x++)
if(preg_match('!\w!',$address[$x]))
{
$address_encode .= '%' . bin2hex($address[$x]);
} else {
$address_encode .= $address[$x];
}
$tag = $mailto . $address_encode;
} else if (!preg_match("/:\/\//", $tag)) {
// check for protocol-less URLs
$tag = "http://".$tag; //Very important for xss (avoid javascript:() hacking)
Browsers will see a mail link, clicking on the link will open the usual mail client, etc. But all the bots will see is an non-email text and an encoded string and won't be able to translate it into a mail.
Text: frank [dot] chestnut [at] postnuke [dot] com∞
source:
%%(html)
<a title="frank [dot] chestnut [at] postnuke [dot] com" href="mailto:%66%72%61%6e%6b.%63%68%65%73%74%6e%75%74@%70%6f%73%74%6e%75%6b%65.%63%6f%6d">frank [dot] chestnut [at] postnuke [dot] com</a> <span class='exttail'>∞</span>
FrankChestnut - 16-04-2006
Also: DataBaseAbstraction
----
CategoryUserContributions
if (preg_match("/^.+\@.+$/", $tag))
$mailto = "mailto:";
$address = htmlspecialchars($tag);
for ($x=0; $x < strlen($address); $x++)
if(preg_match('!\w!',$address[$x]))
{
$address_encode .= '%' . bin2hex($address[$x]);
} else {
$address_encode .= $address[$x];
}
$tag = $mailto . $address_encode;
} else if (!preg_match("/:\/\//", $tag)) {
// check for protocol-less URLs
$tag = "http://".$tag; //Very important for xss (avoid javascript:() hacking)
Browsers will see a mail link, clicking on the link will open the usual mail client, etc. But all the bots will see is an non-email text and an encoded string and won't be able to translate it into a mail.
Text: frank [dot] chestnut [at] postnuke [dot] com∞
source:
%%(html)
<a title="frank [dot] chestnut [at] postnuke [dot] com" href="mailto:%66%72%61%6e%6b.%63%68%65%73%74%6e%75%74@%70%6f%73%74%6e%75%6b%65.%63%6f%6d">frank [dot] chestnut [at] postnuke [dot] com</a> <span class='exttail'>∞</span>
FrankChestnut - 16-04-2006
Also: DataBaseAbstraction
----
CategoryUserContributions
Deletions:
if (preg_match("/^. \@. $/", $tag))
$mailto = "
Additions:
if (preg_match("/^. \@. $/", $tag))
if (preg_match("/^. \@. $/", $tag))
$mailto = "
if (preg_match("/^. \@. $/", $tag))
$mailto = "
Deletions:
if (preg_match("/^.+\@.+$/", $tag))
$mailto = "mailto:";
$address = htmlspecialchars($tag);
for ($x=0; $x < strlen($address); $x++)
if(preg_match('!\w!',$address[$x]))
{
$address_encode .= '%' . bin2hex($address[$x]);
} else {
$address_encode .= $address[$x];
}
$tag = $mailto . $address_encode;
} else if (!preg_match("/:\/\//", $tag)) {
// check for protocol-less URLs
$tag = "http://".$tag; //Very important for xss (avoid javascript:() hacking)
Browsers will see a mail link, clicking on the link will open the usual mail client, etc. But all the bots will see is an non-email text and an encoded string and won't be able to translate it into a mail.
Text: frank [dot] chestnut [at] postnuke [dot] com∞
source:
%%(html)
<a title="frank [dot] chestnut [at] postnuke [dot] com" href="mailto:%66%72%61%6e%6b.%63%68%65%73%74%6e%75%74@%70%6f%73%74%6e%75%6b%65.%63%6f%6d">frank [dot] chestnut [at] postnuke [dot] com</a> <span class='exttail'>∞</span>
FrankChestnut - 16-04-2006
Also: DataBaseAbstraction
----
CategoryUserContributions
Revision [13868]
Edited on 2006-04-16 11:00:07 by FrankChestnut [Added link to original spam safe email page]Additions:
While the "fairly" [[EmailActionInfo spam safe email]] is good, there is an alternative to javascript wich as of today can still be turned off or simply not work for some people. This solution encodes the email link and change the text into a bot safe text.