Jump to content

protect e-mail addresses from bots

wkilc

By wkilc
in PHP Coding Help

 Share

Recommended Posts

wkilc Regular Member

wkilc

Posted
Posted

Hi all,

 

I use a script that for a member directory that grabs, amongst other things, member e-mail addresses, and then displays them as part of the member directory.

 

while ($row = mysql_fetch_object($result)) {
$snre_eMail=$row->eMail;
echo "<td><a href='mailto:$eMail'>$eMail</a></td>";

 

I know how to use JavaScript and/or unicode to hide e-mail for a "static" (hard-coded) address... but can anyone help me apply that to all these addresses pulled from the MySQL db?  For instance, can we tell it to translate the "@" to its unicode equivalent "&#64;" before echoing the address, just for some basic protection?

 

Thanks.

Link to comment
Share on other sites
wkilc Regular Member

wkilc

Posted
  • Author
Posted

Thank you.  I'm seeing a lot of ways to manually protect individual addresses... but I'm looking for a way to replace some characters dynamically as they're pulled from the db.

 

I thought I was on to something here, but I'm getting a syntax error.

 

while ($row = mysql_fetch_object($result)) {
$eMail=$row->eMail;
$NEWeMail = str_replace("@", "&#64", $eMail);
echo "<td><a href='mailto:$NEWeMail'>$NEWeMail</a></td>";

Link to comment
Share on other sites
Jumpy09 Regular Member

Jumpy09

Posted
Posted

I thought that using the code was just another way to display the same thing, even if you use the code "&#64" isn't it still visually and identically the same thing as @?  If you copy the code, it still copies as @.

 

Most places use email at site dot com, and do relatively fine.  What syntax error are you getting?

Link to comment
Share on other sites
wkilc Regular Member

wkilc

Posted
  • Author
Posted

Thanks again.  This is what I've come up with:

 

while ($row = mysql_fetch_object($result)) {
$eMail=$row->eMail;

$unsafe = array("@", ".com", ".edu", ".net"); 
$safer = array("&#64", "&#46;&#99;&#111;&#109;", "&#46;&#101;&#100;&#117;");
$NEWeMail = str_replace($unsafe, $safer, $eMail);
echo "<td><a href='mailto:$NEWeMail'>$name</a></td>";

 

I'm going to display the name rather than the e-mail address, then use the unicode to relpace the "@" and the ".com", ".net", etc... in the domain name in the link source code.

 

Then again, I may just protect the entire page as well...

Link to comment
Share on other sites
Jumpy09 Regular Member

Jumpy09

Posted
Posted

You may want to read up on http://www.unicom.com/blog/entry/173 because it states that HTML Entities for obscuring your email address doesn't work.  However if you HTML Entity the Mailto link itself, it may fool a few bots.

 

Technically it is your call, but I wouldn't see why it would work.

 

Edit: This was documented back in 2003, and there has been just about 8 years of advancement for bots.  Once again it is your call.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.