|
TECHNOLOGY
Mailto: an anti-spambot rot13 encoder
A FREE, OPEN SOURCE CAKEPHP HELPER CLASS
Mailto is a free, open source CakePHP Helper class, written by Debugged Interactive Designs, to provide a solution to spambots collecting e-mail addresses from websites. It encrypts the anchor tag (with PHP) using ROT13 encoding, and is decoded (with Javascript) at run-time. The ROT13 encoding simply shifts every letter by 13 places in the alphabet while leaving non-alpha characters untouched.
Step 1: Create the Mailto helper
This helper's function accepts an e-mail address as it's parameter and returns javascript code containing the encrypted anchor tag.
Filename: /app/views/helpers/mailto.php
<?php
class MailtoHelper extends Helper { function createLink($addr) { //you can pass this as a param $encryption_type = 'rot13'; //rip apart the email address $user_name = $mail_domain = ''; if (strpos($addr, '@') !== false) { //string contains @ symbol list ($user_name, $mail_domain) = split("@", $addr); } if($encryption_type=='rot13'){ //build the mailto link $unencrypted_link = '<a href="mailto:'.$addr.'">'.$user_name.' (at) '.$mail_domain.'</a>'; //build this for people with js turned off $noscript_link = '<noscript>'.$user_name.' (at) '.$mail_domain.'</noscript>'; //put them together and encrypt $encrypted_link = '<script type="text/javascript">'. 'Rot13.write(\''.str_rot13($unencrypted_link).'\');'. '</script>'.$noscript_link; } return $encrypted_link; } } ?> Step 2: Include Mailto in your controller
Filename: /app/controllers/tests_controller.php
<?php
class TestsController extends AppController { var $name = 'Tests'; var $helpers = array('Mailto'); function mailto() { } } ?> Step 3: Get the javascript file
The javascript decodes the anchor tag that was encoded in the helper above.
Download this file: http://scott.yang.id.au/file/js/rot13.js
Save the file here: /app/webroot/js/rot13.js Step 4: Include rot13.js in your layout view
Filename: /app/views/layouts/default.thtml
<script type="text/javascript" src="<?php echo $this->webroot; ?>js/rot13.js"></script>
Step 5: Using the helper inside a view
Filename: /app/views/tests/mailto.thtml
<?php echo $mailto->createLink('bakery@cakephp.org'); ?>
Step 6: View the source and be amazed
To test it out, visit the page www.yourdomain.com/tests/mailto
You should see the text 'bakery (at) cakephp.org' and when you hover your mouse it should show the link as 'mailto:bakery@cakephp.org'....now view the source.
I got this idea from a presentation by Mark Rosenthal at a BostonPHP meeting that explained this technique. He admitted that there are many different techniques for tricking spam bots, and he might not be the first to think of this one. Well, after some google searching, he wasn't: http://scott.yang.id.au/2003/06/obfuscate-email-address-with-javascript-rot13/. Believe it or not, that javascript file above was written by Scott Yang in 2003 for this exact purpose.
COMMENTS (displaying 3 comments) 1. Posted on October 23, 2008 by Chris Silvan Mühlemann wrote an article titled "Nine ways to obfuscate e-mail addresses compared" and claims this technique is one of the three that "...are absolutely rock-solid and keep your addresses safe from the harvesters."
Read it here: http://techblog.tilllate.com/2008/07/20/ten-methods-to-obfuscate-e-mail-addresses-compared/ 2. Posted on October 10, 2008 by Chris Bob: Not yet, but we'll add it to our list of projects. Good idea. 3. Posted on October 10, 2008 by Bob Do you have a non-CakePHP specific PHP class that does the same thing? POST (leave a comment) |
POPULAR BLOG TAGS
mbta
germans
gmail
privacy
ableton
usort
defcon
geek
php5tube
snowboard
youtube
published
color
php
google
magazine
charlie
quicksilver
cakephp
orwell
email
bakery
whoami
science
trice
as
code
mit
open source
launch
general
sports
class
spam
rot13
debuggeddesigns
boston
release
mailto
brain
skateboard
1984
encryption
security
routes
flash
regular expressions
drum machines
captcha
hobnox
|
