Jump to content

Obfuscate email - want to obfuscate specific txt instead


Recommended Posts

I have a wordpress site.  I found this plugin which searches the page once wordpress has spit it out and obfuscates all emails it can find. I'm a noob, so bear with me here.  This is the code:

<?php
/*
Plugin Name: Make Safe
Plugin URI: http://wordpress.org/extend/plugins/makesafe
Description: Obfuscates email addresses.
Version: 1.0
Author: Loud Dog
Author URI: http://www.louddog.com
*/

if (!class_exists("LoudDog_MakeSafe")) {
	class LoudDog_MakeSafe {
		function __construct() {
			if (is_admin()) return;
			add_action('init', array($this, 'start'), 10);
		}
		
		function start() {
			ob_start(array($this, 'filter'));
		}
	
		function filter($content) {
			preg_match_all('/<a.*href="(mailto:.*?)".*?>(.*?)<\/a>/', $content, $matches);
			
			for ($ndx = 0; $ndx < count($matches[0]); $ndx++) {
				$email = '';
				foreach(str_split($matches[1][$ndx]) as $chr) {
					$email .= rand(0,1) ? $chr : "".ord($chr).";";
				}

				$text = '';
				foreach(str_split($matches[2][$ndx]) as $chr) {
					$text .= rand(0,1) ? $chr : "".ord($chr).";";
				}

				$code = str_split("<a href='$email'>$text</a>", 7);
				$code = "document.write(\"".implode('"+"', $code)."\");";
				$code = str_split($code);
				$code = array_map('ord', $code);
				$code = array_map('dechex', $code);
				$code = "\x".implode("\x", $code);
				$code = "<script type='text/javascript'>"."eval(unescape('$code'));"."</script>";
		
				$content = str_replace($matches[0][$ndx], $code, $content);
			}
	
			return $content;
		}
	}

	new LoudDog_MakeSafe();
}

What I'm hoping is able to be done is have this search for a specific text instead.  I have another plugin that spits out the url to mp3 files.  I'd like to obfuscate any url ending with a ".mp3" in it.  Mind you, the plugin doesn't actually post links, as in "<a href>" tags.  I'm trying to prevent folks from finding the location to the mp3 file by viewing the source code.  I'd just like to have those urls obfuscated.

 

If that's too difficult, I'd settle for obfuscating anything that contains "http://www.mydomain.com/folder" in it.  Is this something that PHP is able to do?  Can the above code be modified simply to achieve this?  If not, any suggestions are welcome!  Thank you.

 

~Quest~

Link to comment
Share on other sites

Why even bother outputting the URLs if you don't want them to be usable? If you obfuscate the URL then whatever is attempting to use it (whether it be a user browsing the source or a media player plugin) will not work properly because it wont see the correct URL.

Link to comment
Share on other sites

  • 2 weeks later...

I was under the impression that obfuscating html makes it look like gibberish to the eye but still readable to the browser.  That's what I'm looking to achieve.  I know there's tons of ways around these types of efforts and such, but I'm just trying to put a speed bump to the average user who might look for direct links to the mp3 files.  Any thoughts on this?  Is it possible?

Link to comment
Share on other sites

I was under the impression that obfuscating html makes it look like gibberish to the eye but still readable to the browser.

Generally speaking, it is the other way around. Someone would obfuscate something in order to make it un-readable to a browser (or bot) but still readable to a human user. Eg, writing an email out as something like someuser (at) somedomain (dot) com makes it so your average email detection software wont see it, but any human user will still understand it.

 

Whether the link is gibberish or not though, if it works then the user can still just use the direct link. If you just want to make it so the URL doesn't contain info like the artist's name/track name then generate some random code for each file and create a database to map the code to the file (or just rename the files). Then use that code to reference the file in the URL.

Link to comment
Share on other sites

You can make a program that serves the mp3 file only if the link has not already been used.

Here's how I'd do it:

When a link is created for a user create a random number and store it in a database along with the link id (autoincrement) and the name of the file to serve.

Then output a link that looks like this http://mydomain.com/servefile.php?id=12345&key=734871637846

when servefile.php runs it will read the database

$id=mysqli_realescape_string($dbconn, $_GET['id']) ;
$query="SELECT * FROM tablename WHERE id=$id";
$result=mysqli_query($query);
$row=mysqli_fetch_assoc($result);
if ($row['key']==$_GET['key'] && $row['used']!=true ){
//serve file here and mark link as used in database
}else{
// print an error message here;
}
Edited by davidannis
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.