Protecting email addresses

[sarahk]

I've been trawling around trying to get links for one of my sites and lots say "after you've added a link email us" and give an email address. When I view the source the email is given like this:

Code:

<a href='mailto:me@mysite.com'>me@mysite.com</a>

which is 100% readable by both browsers and spammers.

I've written a script to "obfuscate" email addresses and you can create protected html. The output can be read by browsers but the spammers appear to be too lazy to code for it, probably because there's plenty of easy addresses to harvest.

so the address above becomes (broken abit to stop it being parsed)
<a href='& #109;& #97;& #105;& #108;& #116;& #111;:& #109;e& #64;& #109;& #121;& #115;& #105;& #116;& #101;& #46;& #99;& #111;& #109;'>& #109;& #101;& #64;& #109;& #121;& #115;& #105;& #116;& #101;& #46;& #99;& #111;& #109;</a>[/pre]

Now this can be hard to edit, and I mostly code in PHP so I just create an array at the top of my page with each type of address and then just echo the variable name. Easier to manage and I'm still winning the spammer battle.

Try it if you like, and feel free pass it on to others.

I don't record the email addresses converted by this, there's no tracking of it's use other than my standard hitcounter.

[KeysToTheHouse.com]

Any chance you'd be willing to share the PHP code? I do all my sites in PHP and the email addresses are dynamically written to each listing based on the realtor. This would be a nice little feature for me to add....

[sarahk]

sure, no probs

PHP Code:

function protectEmail($email, $label) 
{
   if (empty($email)) return '';
   if (empty($label)) $label = $email;
   $email = getOrdString('mailto:'.$email);
   $label = getOrdString($label);
   return "<a href='{$email}'>{$label}</a>";

}//protectEmail

function getOrdString($string)
{
   for($i=0;$i<strlen($string);$i++)
   { 
     $bit = $string[$i]; 
        $output .= '&#'.ord($bit).';';
   }
  return $output;
}//function getOrdString($string) 


[KeysToTheHouse.com]

Awesome!!! I've been a developer for a long time and I hate reinventing the wheel, so I love to beg and borrow code. Thanks for the timesaver.

[sarahk]

Hi Darrin

enjoy, it's all part of the campaign against spammers, right!

I've signed up to keystothehouse and advertised your only NZ rental, looks good I've also given you a north american property listing from my site, any chance of one back?

Sarah

[KeysToTheHouse.com]

Sorry it took so long to get back to you. It's been a busy week. I'm always looking for listings from countries outside the US. You're now country number 7. You can definately get a link back. I probably won't get to it until the weekend, but I'll definately do it. Thanks again.

[ResaleBroker]

Hi Sarahk,

This is exactly what I am looking for. You wrote that you create an array at the top of your page with each type of address and then just echo the variable name.

I am new to php but catch on quick. Is there someplace I could find an article on how to do this?

Thanks!

[sarahk]

check my page in 10 minutes, I'll add something there.

[ResaleBroker]

Thank You! Do you have any suggestions for protecting email addresses in forms?

[sarahk]

email addresses placed in hidden fields in forms are targetted. There is a bot that solely looks for these due to an old script called formmail.pl which is now discredited for that reason.

Take a look at http://www.pcpropertymanager.com/contact/index.html where there is a drop down to select the type of query. When the form is submitted I use that info to decide which email address gets the email. The email is therefore completely hidden in the php script and never shown to the browser.

Rather than using category names there I could as easily had the names of key people etc.

What form are you trying to protect? Can you post a link?

Sarah