HTML entities in links & MenuManager question

[10010110]

Hi there,

I’m usually encrypting e-mail addresses with HTML entities (i.e. “mail@example.com” instead of “mail@example.com”) so most spam robots won’t be able to recognize it as e-mail address and pick it up. Now I have the problem that the editor(s) (FCK and TinyMCE) are converting these entities into regular characters. How can I avoid that?

Second question: I need to apply a different style to the first link/list item in a menu generated by the MenuManager. How would I go about it since :first-child is not an option (at least not cross-browser compatible)? I’m sure there is a way to “hard code” it into the menu template but I’m not experienced enough to figure out myself. Or should I write a JavaScript/DOM?

Thanks.

[RonnyK]

Can't you go with the use of contact_form or formbuilder. They make it possible to sent mails to addresses without the address being shown. Otherwise is a tag available that does that (at least I think, as I don't use it myself)

http://dev.cmsmadesimple.org/projects/spamprotection

Ronny

[cyberman]

Smarty has an own {email} tag for encryptions ...

[heatherfeuer]

Smarty has an own {email} tag for encryptions ...

Really?  Is it in the documentation?  I'd love to know more about that and how to use it.

[Nullig]

You just add your email address like this:

Code: Select all

{mailto address="me@domain.com" encode="hex"}

Nullig

[mahjong]

so most spam robots won’t be able to recognize it as e-mail address and pick it up

Sorry, but that's a myth. Most email harvester go around this trick without any problem. Thanks to open-source, like the Gecko engine from Mozilla, most e-mail harvester now render the page (javascript, HTML entities and all) before retrieving the e-mails. In other words, if it shows as text in your browser, it can and it will be pick up. That includes also "emailREMOVEME at example dot com" type addresses. Any seven year old hacker can decode those with a single line of PHP.

The only absolutely safe way is to NOT publish your e-mail, but to use a contact form instead, or, at a lower level of reliability and confidentiality, captcha style images, which most user hate.

[mahjong]

Really?  Is it in the documentation?  I'd love to know more about that and how to use it.

http://wiki.cmsmadesimple.org/index.php ... And_Tricks
http://smarty.php.net/manual/en/languag ... mailto.php

[10010110]

Thanks for the reply guys (and gals).

You might have overseen it but I’ve posted a second question which I’m curious about the answer too.

[heatherfeuer]

Second question: I need to apply a different style to the first link/list item in a menu generated by the MenuManager. How would I go about it since :first-child is not an option (at least not cross-browser compatible)? I’m sure there is a way to “hard code” it into the menu template but I’m not experienced enough to figure out myself. Or should I write a JavaScript/DOM?

You should be able to style that with CSS.  Look under stylesheets for the navigation stylesheet that matches your menu style (vertical, horizontal, simple, cssmenu) and edit that and add it as a new stylesheet that you attach to the templates that display your menu.

[mahjong]

I think this should do :

Code: Select all

{if $node->index == 0}...{/if}

For instance,

Code: Select all

<a href="{$node->url}" target="{$node->target}" {if $node->index == 0}class="first-menu-item"{/if} >{$node->menutext}</a>

[10010110]

Sweeeeet! Thanks a lot.

[Vin]

Hi, another question - what about javascript obfuscating tag - how much secure is this way of defence? And how much does it differ from the address in an image?

[mahjong]

As I explained above, the rule is simple : if the end result is a working link, one you can click, may it be generated with javascript or not, it's not safe.

[Vin]

I know, I didn't make myself clear. Well, the qustion is - how much unsafe?
Using Captcha is, as you said, unfriendly to users, and can be deciphered anyway (it's more difficult, but it can). I would just like to know if the compromise of using javascript for e-mail address still relatively suffice or not.
Damned spam  .

[mahjong]

• A form is absolutely safe. It's totally impossible to harvest your e-mail since it's not published. So I gave it 10 out of 10.
• An image, if well done, is almost impossible to decrypt by most software. So I gave it 9/10.
• A direct link (<a href="mailto://...) is the worst. 0/10.
• A link with capitals to be removed(meNOSPAM@example.net) scores about 1/10.
• A textual address (me at domain dot com) is somewhere between 1 and 3 on a scale of 10
• A link made of HTML entities about the same, maybe 2/10
• A javascript link is not very much safer... I estimate it to be 3/10