Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- PHP and Protecting Email
July 18, 2004, 12:21 am
rate this thread
extract them into online directory, can a spambot harvest the address? or
does the spambot read the raw php code?
way to keep my email address from being harvested.
Does encoding the email with Ultimate Mailto (hex and dec code) help?
How can I protect the emails in MySQL when they are displayed on a page?
Re: PHP and Protecting Email
> I have contact info including email address in MySQL. If I use php
> extract them into online directory, can a spambot harvest the
> does the spambot read the raw php code?
> find a
> way to keep my email address from being harvested.
> Does encoding the email with Ultimate Mailto (hex and dec code)
> How can I protect the emails in MySQL when they are displayed on a
spambot is not going to read php, and is only going to read the html
The rest of your question really does not pertain to a php newsgroup,
and you should be able to find your answer elsewhere. In my case, I
hide it behind a button and a text box. A certain text string has to
be inserted in the text box, and the button pushed until the email
address becomes visible. Something beyond the reach of a bot.
There are also many other solutions.
http://www.dbForumz.com / This article was posted by author's request
Articles individually checked for conformance to usenet standards
Topic URL: http://www.dbForumz.com/PHP-Protecting-Email-ftopict130515.html
Visit Topic URL to contact author (reg. req'd). Report abuse:
Re: PHP and Protecting Email
Clients do not read raw php code. The server won't send it.
(Unless you manage to break PHP, e.g. briefly while upgrading it,
or misconfigure it, e.g. naming a PHP script foo.pjp, which the
server treats as text.) If you're concerned about harvesting
email addresses, also worry about your database password, which
could give away the mother lode of spam targets.
If the email address is sent to a client, you can assume that a
spambot *WILL* harvest it, unless you limit access to that page to
a small group of trusted people with passwords or some other
authentication method. The mere idea of having an "online directory"
spambots (aside from the fact that it is Turned Off(tm) and a
Security Hole(tm)). Spambots likely just do a regular-expression-match
don't actually bother to format any of it, much less run any
View Source, it's vulnerable). Whether or not actual people with
your main threat. However, if you ARE worried about them, remember
that cut 'n paste or eyeball-and-keyboard can harvest stuff designed
to be 'bot-proof.
I don't know what this is.
If they are displayed on a page, anyone who can view that page
can harvest them. The solutions are (a) DON'T display them, or
(b) severely limit who you display them to. One approach is to
only display email addresses the user already knows (his own).
One possibility is to render the email address into an image
using an unusual font (say, the Kidnap font) and transfer it
as an image. That's still vulnerable if any spammer manages
to convince one of your people with access to transcribe it
for them with promises of $$$.
Gordon L. Burditt