TECHNOLOGY
AN OPEN SOURCE E-MAIL ADDRESS OBFUSCATOR
Mailto is a class written by Debugged Interactive Designs in PHP4 to obfuscate e-mail addresses from spam harvesters. The class lets you easily encode an entire anchor tag using ROT13 Encryption or an 8 bit, random key, ASCII Caesar Cipher. At run-time, javascript is used to decode the encryption. If javascript is disabled, then the e-mail address is safely shown by reversing the e-mail address using PHP and re-reversing (versing?) it at run-time using CSS.
Step 3: Use the provided test script
Filename: /mailto/test.php
<?php

//initialize mailto object and create encrypted link
include_once("Mailto.php");
$mailto = new Mailto();
$mailto2 = new Mailto('cc8b');
$mailto3 = new Mailto('bad_input');
$encrypted_link = $mailto->createLink('spam@debuggeddesigns.com','Debugged Interactive Designs');
$encrypted_link2 = $mailto2->createLink('spam@debuggeddesigns.com','Debugged Interactive Designs');
$encrypted_link3 = $mailto3->createLink('spam@debuggeddesigns.com','Debugged Interactive Designs');

?>

<html>
<head><title></title>
<script type="text/javascript" src="rot13.js"></script>
<script type="text/javascript" src="cc8b.js"></script>
</head>
<body>

<b>(Rot13)What's in the source?</b><br /> <?php echo htmlentities($encrypted_link);?>

<br /><br />

<b>(Rot13)What's displayed to the user?</b><br /> <?php echo $encrypted_link;?>

<br /><hr><br />

<b>(Cc8b)What's in the source?</b><br /> <?php echo htmlentities($encrypted_link2);?>

<br /><br />

<b>(Cc8b)What's displayed to the user?</b><br /> <?php echo $encrypted_link2;?>

<br /><hr><br />

<b>(Non-existant encryption)What's in the source?</b><br /> <?php echo htmlentities($encrypted_link3);?>

<br /><br />

<b>(Non-existant encryption)What's displayed to the user?</b><br /> <?php echo $encrypted_link3;?>

</body>
</html>
Step 4: Try out the test script
Upload the files 'rot13.js', 'cc8b.js', 'Mailto.php' and 'test.php' into the same directory ("mailto" in this example) on a web server with PHP 4.2.0+ running. Then open a browser and visit www.yourdomain.com/mailto/test.php to see what Mailto can do.
(Rot13)What's in the source?
<script type="text/javascript">Rot13.write('<n uers="znvygb:fcnz@qrohttrqqrfvtaf.pbz">Qrohttrq Vagrenpgvir Qrfvtaf</n>');</script><noscript><span style="unicode-bidi:bidi-override;direction:rtl;">< moc.sngiseddeggubed@maps > sngiseD evitcaretnI deggubeD</span></noscript>

(Rot13)What's displayed to the user?


(Cc8b)What's in the source?
<script type="text/javascript"> Cc8b.write("42.9d9a8b976a8e8f8c9f91918f8e8e8f9d9391989d588d9997.6e8f8c9f91918f8e4a73989e8f9c8b8d9e93a08f4a6e8f9d9391989d"); </script><noscript><span style="unicode-bidi:bidi-override;direction:rtl;">< moc.sngiseddeggubed@maps > sngiseD evitcaretnI deggubeD</span></noscript>

(Cc8b)What's displayed to the user?

COMMENTS (displaying 3 comments)

1. Posted on February 18, 2009 by Shawn Stedman
Excellent article. Unfortunately I have to work with an undocumented proprietary content management system written in ASP. I have come up with a simple email obfuscator based on numeric character references, JavaScript and CSS. Take a look at my blog post at pixelwisedesign.com/blog/?p=40 if you are in a similar situation and cannot utilize a server side language.
2. Posted on December 21, 2008 by Zidu
this is only test
3. Posted on November 6, 2008 by Daniel
kake!

POST (leave a comment)

Name:
Email:
Message:
Verify:
CAPTCHA Image