using php to protect email addresses

Re: using php to protect email addresses

"dave" <dmehler26@woh. rr.com> wrote in message
news:XUnKc.4343 3$2T2.35224@fe2 .columbus.rr.co m...[color=blue]
> Hello,
> I'm creating a site that has several contact email addresses. These[/color]
are[color=blue]
> vlid addresses, i'm wondering if i can use php to alter these addresses so
> that spam harvesters can't get them, yet a normal user clicking on them[/color]
can?[color=blue]
> Thanks.
> Dave.
>
>[/color]

The method I use, and PHP.net uses, is to str_replace "@" with " at " and
"." with " dot ".

So me@mysite.com would be displayed like this:

me at mysite dot com

You may want to consider only displaying the email address, and not making
it an actual link, to ensure that any spiders looking for e-mail addresses
can't get the addresses you have. It makes it more of a hassle for the user
to have to open their e-mail account and type in the e-mail manually instead
of just clicking on a link, but in the end it's safer.

Re: using php to protect email addresses

"kingofkolt " <jessepNOSPAM@c omcast.net> wrote in message news:<U9pKc.104 959$a24.22251@a ttbi_s03>...[color=blue]
> "dave" <dmehler26@woh. rr.com> wrote in message
> news:XUnKc.4343 3$2T2.35224@fe2 .columbus.rr.co m...[color=green]
> > Hello,
> > I'm creating a site that has several contact email addresses. These[/color]
> are[color=green]
> > vlid addresses, i'm wondering if i can use php to alter these addresses so
> > that spam harvesters can't get them, yet a normal user clicking on them[/color]
> can?[color=green]
> > Thanks.
> > Dave.
> >
> >[/color]
>
> The method I use, and PHP.net uses, is to str_replace "@" with " at " and
> "." with " dot ".
>
> So me@mysite.com would be displayed like this:
>
> me at mysite dot com
>
> You may want to consider only displaying the email address, and not making
> it an actual link, to ensure that any spiders looking for e-mail addresses
> can't get the addresses you have. It makes it more of a hassle for the user
> to have to open their e-mail account and type in the e-mail manually instead
> of just clicking on a link, but in the end it's safer.[/color]

why not keep the adresses in the php part of the script (and invisible
to any 'collectors') and using a form and mail() to send mails without
showing adresses at all?

micha

Re: using php to protect email addresses

some one else may be able to shed some light on this, but I have seen a
fairly short java script that seperates the email address up untill you
click the link then it puts it together and it works like a mail to
link, so if you go through the code you can't see an email address.

J.


dave wrote:
[color=blue]
>Hello,
> I'm creating a site that has several contact email addresses. These are
>vlid addresses, i'm wondering if i can use php to alter these addresses so
>that spam harvesters can't get them, yet a normal user clicking on them can?
>Thanks.
>Dave.
>
>
>
>[/color]

Re: using php to protect email addresses

On Sun, 18 Jul 2004 20:10:17 +1000, James Smith wrote:
[color=blue]
> some one else may be able to shed some light on this, but I have seen a
> fairly short java script that seperates the email address up untill you
> click the link then it puts it together and it works like a mail to
> link, so if you go through the code you can't see an email address.
>
> J.[/color]


Bad idea. I surf normally with JS disabled =)

You can encode an address:


function email_encode($a ddy, $mail_label) {
for ($i = 0; $i < strlen($addy); $i++) {
if(preg_match('/\w/', $addy[$i])) {
$enc_addy .= '%' . bin2hex($addy[$i]);
} else {
$enc_addy .= $addy[$i];
}
}

for ($i = 0; $i < strlen($mail_la bel); $x++) {
$enc_mail_label .= '&#x' . bin2hex($mail_l abel[$i]).';';
}

return '<a href="mailto:' . $enc_addy .'">' . $enc_mail_label . '</a>';
}

$mail_addy = email_encode('f oo@bar.com', 'foobar');




Regards,

Ian

--
Ian.H
digiServ Network
London, UK

Re: using php to protect email addresses

"chotiwalla h" <chotiwallah@we b.de> wrote in message
news:782d6cb.04 07180203.3cd282 a0@posting.goog le.com...[color=blue]
> "kingofkolt " <jessepNOSPAM@c omcast.net> wrote in message[/color]
news:<U9pKc.104 959$a24.22251@a ttbi_s03>...[color=blue][color=green]
> > "dave" <dmehler26@woh. rr.com> wrote in message
> > news:XUnKc.4343 3$2T2.35224@fe2 .columbus.rr.co m...[color=darkred]
> > > Hello,
> > > I'm creating a site that has several contact email addresses.[/color][/color][/color]
These[color=blue][color=green]
> > are[color=darkred]
> > > vlid addresses, i'm wondering if i can use php to alter these[/color][/color][/color]
addresses so[color=blue][color=green][color=darkred]
> > > that spam harvesters can't get them, yet a normal user clicking on[/color][/color][/color]
them[color=blue][color=green]
> > can?[color=darkred]
> > > Thanks.
> > > Dave.
> > >
> > >[/color]
> >
> > The method I use, and PHP.net uses, is to str_replace "@" with " at "[/color][/color]
and[color=blue][color=green]
> > "." with " dot ".
> >
> > So me@mysite.com would be displayed like this:
> >
> > me at mysite dot com
> >
> > You may want to consider only displaying the email address, and not[/color][/color]
making[color=blue][color=green]
> > it an actual link, to ensure that any spiders looking for e-mail[/color][/color]
addresses[color=blue][color=green]
> > can't get the addresses you have. It makes it more of a hassle for the[/color][/color]
user[color=blue][color=green]
> > to have to open their e-mail account and type in the e-mail manually[/color][/color]
instead[color=blue][color=green]
> > of just clicking on a link, but in the end it's safer.[/color]
>
> why not keep the adresses in the php part of the script (and invisible
> to any 'collectors') and using a form and mail() to send mails without
> showing adresses at all?
>
> micha[/color]

This would be a good option, but a mail server might not be available to
dave. Also, some users want to know contact e-mail addresses for future
reference.

- JP

Re: using php to protect email addresses

While the city slept, kingofkolt (jessepNOSPAM@c omcast.net) feverishly
typed...

[contact form][color=blue]
> This would be a good option, but a mail server might not be available
> to dave.[/color]

Many hosts and ISP's have a generic form-to-mail script for their clients to
use. He could also use a remotely-hosted service like Response-o-matic:

[color=blue]
> Also, some users want to know contact e-mail addresses for
> future reference.[/color]

They would be in the reply that you send them.

Cheers,
Nige

--
Nigel Moss

Mail address not valid. nigel@DOG.nigen et.org.uk, take the DOG. out!
In the land of the blind, the one-eyed man is very, very busy!

Re: Re: using php to protect email addresses

"nice.guy.n ige" wrote:[color=blue]
> While the city slept, kingofkolt (jessepNOSPAM@c omcast.net) feverishly
> typed...
>
> [contact form][color=green]
> > This would be a good option, but a mail server might not be[/color]
> available[color=green]
> > to dave.[/color]
>
> Many hosts and ISP’s have a generic form-to-mail script for
> their clients to
> use. He could also use a remotely-hosted service like
> Response-o-matic:
> http://www.response-o-matic.com/
>[color=green]
> > Also, some users want to know contact e-mail addresses for
> > future reference.[/color]
>
> They would be in the reply that you send them.
>
> Cheers,
> Nige
>[/color]

Sometimes simple (and cute ideas) are the best. I like Nigel’s email
address with the phrase ’DOG.’ in it. If anyone wants to legitmately
contact him, they would have no problem at all.

--
http://www.dbForumz.com/ This article was posted by author's request
Articles individually checked for conformance to usenet standards
Topic URL: http://www.dbForumz.com/PHP-protect-...ict130542.html
Visit Topic URL to contact author (reg. req'd). Report abuse: http://www.dbForumz.com/eform.php?p=435780

Re: using php to protect email addresses

.oO(dave)
[color=blue]
> I'm creating a site that has several contact email addresses. These are
>vlid addresses, i'm wondering if i can use php to alter these addresses so
>that spam harvesters can't get them, yet a normal user clicking on them can?[/color]

Forget about Javascript crap or any other kind of "encryption " (@ -> at,
.. -> dot, decimal character references etc.), it's too easy to break
them with regular expressions. And the more difficult you make it for
the harvester, the more difficult it will also be for a real user.

I think your best chance is to use a simple form, so the user has to
press a button to see the mail-addresses (maybe after entering a kind of
randomly created pin-code). Bots are (hopefully) not capable of handling
such "forced" interactivity.

Micha

Re: using php to protect email addresses

dave wrote:[color=blue]
> Hello,
> I'm creating a site that has several contact email addresses.
> These are vlid addresses, i'm wondering if i can use php to alter
> these addresses so that spam harvesters can't get them, yet a normal
> user clicking on them can? Thanks.
> Dave.[/color]

Use a form, with a select box with the recepients:

<form action="form_ha ndler.php" method="post">
<select name="recep">
<option value="0">Recep ient 1</option>
<option value="1">Recep ient 2</option>
<option value="2">Recep ient 3</option>
<option value="3">Recep ient 4</option>
</option>
...
</form>

Then, in the form_handler.ph p:

$recipients = array('rec1@you rdomain.com', 'rec2@yourdomai n.com'...);
$mail_to = $recipients[$_POST['recep']];
--
If the Internet is a Marx Brothers movie, and Web, e-mail, and IRC are
Groucho, Chico, and Harpo, then Usenet is Zeppo.

Re: using php to protect email addresses

Regarding this well-known quote, often attributed to Michael Fesser's
famous "Mon, 19 Jul 2004 14:56:44 +0200" speech:
[color=blue]
> .oO(dave)
>[color=green]
>> I'm creating a site that has several contact email addresses. These are
>>vlid addresses, i'm wondering if i can use php to alter these addresses so
>>that spam harvesters can't get them, yet a normal user clicking on them can?[/color]
>
> Forget about Javascript crap or any other kind of "encryption " (@ -> at,
> . -> dot, decimal character references etc.), it's too easy to break
> them with regular expressions. And the more difficult you make it for
> the harvester, the more difficult it will also be for a real user.
>
> I think your best chance is to use a simple form, so the user has to
> press a button to see the mail-addresses (maybe after entering a kind of
> randomly created pin-code). Bots are (hopefully) not capable of handling
> such "forced" interactivity.
>
> Micha[/color]

I'll second that. I have something like that on my contacts page at
http://www.voterudy.org . It's basically just a button that says "click
here for email address", and when you click there it rerenders the page
with the email in plaintext.

To make it even simpler, I have a JavaScript set up that automatically
"clicks the button" and submits the PHP form. Sure, a spambot *could* get
around it... easily, even... but it's just not worth it, since it's a
nonstandard method, and there's so many other ripe-for-the-picking email
addresses out there.

--
-- Rudy Fleminger
-- sp@mmers.and.ev il.ones.will.bo w-down-to.us
(put "Hey!" in the Subject line for priority processing!)
-- http://www.pixelsaredead.com