questthewordsmith Posted May 25, 2013 Share Posted May 25, 2013 I have a wordpress site. I found this plugin which searches the page once wordpress has spit it out and obfuscates all emails it can find. I'm a noob, so bear with me here. This is the code: <?php /* Plugin Name: Make Safe Plugin URI: http://wordpress.org/extend/plugins/makesafe Description: Obfuscates email addresses. Version: 1.0 Author: Loud Dog Author URI: http://www.louddog.com */ if (!class_exists("LoudDog_MakeSafe")) { class LoudDog_MakeSafe { function __construct() { if (is_admin()) return; add_action('init', array($this, 'start'), 10); } function start() { ob_start(array($this, 'filter')); } function filter($content) { preg_match_all('/<a.*href="(mailto:.*?)".*?>(.*?)<\/a>/', $content, $matches); for ($ndx = 0; $ndx < count($matches[0]); $ndx++) { $email = ''; foreach(str_split($matches[1][$ndx]) as $chr) { $email .= rand(0,1) ? $chr : "".ord($chr).";"; } $text = ''; foreach(str_split($matches[2][$ndx]) as $chr) { $text .= rand(0,1) ? $chr : "".ord($chr).";"; } $code = str_split("<a href='$email'>$text</a>", 7); $code = "document.write(\"".implode('"+"', $code)."\");"; $code = str_split($code); $code = array_map('ord', $code); $code = array_map('dechex', $code); $code = "\x".implode("\x", $code); $code = "<script type='text/javascript'>"."eval(unescape('$code'));"."</script>"; $content = str_replace($matches[0][$ndx], $code, $content); } return $content; } } new LoudDog_MakeSafe(); } What I'm hoping is able to be done is have this search for a specific text instead. I have another plugin that spits out the url to mp3 files. I'd like to obfuscate any url ending with a ".mp3" in it. Mind you, the plugin doesn't actually post links, as in "<a href>" tags. I'm trying to prevent folks from finding the location to the mp3 file by viewing the source code. I'd just like to have those urls obfuscated. If that's too difficult, I'd settle for obfuscating anything that contains "http://www.mydomain.com/folder" in it. Is this something that PHP is able to do? Can the above code be modified simply to achieve this? If not, any suggestions are welcome! Thank you. ~Quest~ Quote Link to comment Share on other sites More sharing options...
kicken Posted May 25, 2013 Share Posted May 25, 2013 Why even bother outputting the URLs if you don't want them to be usable? If you obfuscate the URL then whatever is attempting to use it (whether it be a user browsing the source or a media player plugin) will not work properly because it wont see the correct URL. Quote Link to comment Share on other sites More sharing options...
questthewordsmith Posted June 7, 2013 Author Share Posted June 7, 2013 I was under the impression that obfuscating html makes it look like gibberish to the eye but still readable to the browser. That's what I'm looking to achieve. I know there's tons of ways around these types of efforts and such, but I'm just trying to put a speed bump to the average user who might look for direct links to the mp3 files. Any thoughts on this? Is it possible? Quote Link to comment Share on other sites More sharing options...
kicken Posted June 7, 2013 Share Posted June 7, 2013 I was under the impression that obfuscating html makes it look like gibberish to the eye but still readable to the browser. Generally speaking, it is the other way around. Someone would obfuscate something in order to make it un-readable to a browser (or bot) but still readable to a human user. Eg, writing an email out as something like someuser (at) somedomain (dot) com makes it so your average email detection software wont see it, but any human user will still understand it. Whether the link is gibberish or not though, if it works then the user can still just use the direct link. If you just want to make it so the URL doesn't contain info like the artist's name/track name then generate some random code for each file and create a database to map the code to the file (or just rename the files). Then use that code to reference the file in the URL. Quote Link to comment Share on other sites More sharing options...
davidannis Posted June 8, 2013 Share Posted June 8, 2013 (edited) You can make a program that serves the mp3 file only if the link has not already been used. Here's how I'd do it: When a link is created for a user create a random number and store it in a database along with the link id (autoincrement) and the name of the file to serve. Then output a link that looks like this http://mydomain.com/servefile.php?id=12345&key=734871637846 when servefile.php runs it will read the database $id=mysqli_realescape_string($dbconn, $_GET['id']) ; $query="SELECT * FROM tablename WHERE id=$id"; $result=mysqli_query($query); $row=mysqli_fetch_assoc($result); if ($row['key']==$_GET['key'] && $row['used']!=true ){ //serve file here and mark link as used in database }else{ // print an error message here; } Edited June 8, 2013 by davidannis Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.