[Plugin] Email Link Obfuscator

[Guest]

Welcome, Guest. Please login or register.
Did you miss your activation email?

1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[cyberk]

First day playing with MODx and very impressed.

Here's a little plugin to obfuscate email links with Javascript.

It basically scours the page for mailto: email links, and if it finds one it obfuscates it before sending the result to the browser. Yes, this is kind of a brute force method, but for our clients we find it's MUCH easier to just let them enter email addresses as normal and to obfuscate them on-the-fly than making them remember to enter one via some sort of snippet code. I suppose this could easily be re-written as a Snippet to let you choose which bits of content you wanted to scour for obfuscation, but as a plug-in it's set it and forget it for the entire site.

To install:

1. Create a new Plugin named whatever you want (i.e. Email Obfuscator).

2. Under System Events, check the OnWebPagePrerender event.

3. Save and enjoy.

Assuming everything works right, all the regular email links on every page on your site should be obfuscated with Javascript. No guarantees as to the spambot-proofness of the actual obfuscation, and please note that it does NOT obfuscate email addresses that are written outside a mailto: link.

And with all that said, here's the plugin:

Code:

function replaceEntities($str) {

       $str=html_entity_decode($str);

for ($i = 0 ; $i < strlen($str) ; $i++) {
$strreplaced = $strreplaced . "&#" . ord($str{$i}) . ";";
}
return $strreplaced;
}

function emailaddress($matches) {

$strNewAddress = replaceEntities($matches[1]);

$strText = replaceEntities($matches[2]);

$arrEmail = explode("&#64;",$strNewAddress);

$strTag = "<script language='Javascript' type='text/javascript'>" . "\r";
$strTag = $strTag . "<!--" . "\r";
$strTag = $strTag . "document.write('<a href=\"mai');" . "\r";
$strTag = $strTag . "document.write('lto');" . "\r";
$strTag = $strTag . "document.write(':" . $arrEmail[0] . "');" . "\r";
$strTag = $strTag . "document.write('@');" . "\r";
$strTag = $strTag . "document.write('" . $arrEmail[1] . "\">');" . "\r";
$strTag = $strTag . "document.write('" . $strText . "<\/a>');" . "\r";
$strTag = $strTag . "// -->" . "\r";
$strTag = $strTag . "</script><noscript>" . $arrEmail[0] . " at " . "\r";
$strTag = $strTag . str_replace("&#46;"," dot ",$arrEmail[1]) . "</noscript>";

return $strTag;

}


$modx->documentOutput=preg_replace_callback("#<a[^>]*mailto:([^'\" ]*)['\" ]>([^<]*)</a>#i","emailaddress",$modx->documentOutput);

[Commodore64]

I had to replace the occurrences of "documentContent" with "documentOutput" 

After that, the plugin worked like a charm. Very cool 

[sottwell]

A plugin on the first day?  Ooooh!  Always very happy to see a professional join the community! (your site is really nice, too!)

[davidm]

Yeah, nice one, and on your first day pretty amazing...
Amazing we have two antibot plugins in the same week

And Susan, thanks for attracting our attention on cyberk's website : indeed very very nice ! Waow... And also : I very much like your approach of webdesign, first class ...glad to have you there !

[cyberk]

Thanks, all!

Can someone explain the difference between documentContent and documentOutput? Both seem to work equally well for me here?

[OpenGeek]

$modx->documentContent is used internally by the parser to store the output of a document, and can be retrieved dynamically from the DB or from the cache, depending on certain settings.  However, the final portion of the parsing process, which is responsible for parsing uncached snippet tags and replacing any remaining placeholders in the content, uses $modx->documentOutput to collect the final bits of uncached page data and merge it into the $modx->documentContent.  Then it checks to see if the $modx->documentContent was generated from the database (vs. retrieved from cache), and if so, it caches the $modx->documentContent while still outputting the $modx->documentOutput.

In other words, $modx->documentContent is the potentially cacheable content for a page, while $modx->documentOutput represents the final output to be delivered following final processing that occurs on all pages, regardless of the cacheability.

[cyberk]

Thanks, Jason!

I updated the code above.

[Kunal Kapoor]

This plugin works a treat. Thanks a lot. This should be added to the REPOSITORY. This is much easier to use than my little snippet.

[Djamoer]

Thanks for bringing this up. Link added. Thanks for the great plugin as well. I'm looking forward to all your new invention with MODx

[dernier_recours]

The plugin does not allow rendering of special characters. For example, <a href="mailto:email@email.com">événement</a> will be shown as a link &eacute;v&eacute;nement.

[Aikdo]

AMAZING snippit my only thing would be with any sort of bot would not have Javascript enabled and so your comment about spambot proofness is good in the fact it would only obscure it against your end user... shame really i really like the idea...

[zi]

This plugin is very good!

..and it would be great if someone adds the functionality asked 2 posts up here.

Thanks for sharing.

regards,

zi

[cyberk]

The plugin does not allow rendering of special characters. For example, <a href="mailto:email@email.com">événement</a> will be shown as a link &eacute;v&eacute;nement.

Great catch. I've fixed the plug-in to handle special characters correctly.

The code in the original post has been fixed. Either replace code with fixed code, or simply add this line:

$str=html_entity_decode($str);

as the first line in the replaceEntities function. That's the only change necessary.

Thanks!

[Colin]

This may be a stupid question, but that's never stopped me before: what happens if the visitor has JS disabled?

[cyberk]

This may be a stupid question, but that's never stopped me before: what happens if the visitor has JS disabled?

It will display "name at address dot com"

At least, I'm pretty sure that's what it does.