MyBB Community Forums

MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.6 > 1.6 Suggestions and Feedback > emailaddress encryption
Full Version: emailaddress encryption
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2

Kimmo

2005-03-30, 03:13 PM
knowing how many of the robots/spiders scavenge for email-addresses in the web, wouldn't it make sense to encrypt any visible email-addresses on the website and forums....

Like they do here by turning the email-address into hex character by character in the code but still show it normally on the webpage...

see example at:http://www.knechtology.com/stop-spam/ema...tml#encode


Can something like this be built in the forum-code??

cheers,
Kimmo

decswxaqz

2005-03-30, 03:57 PM
Someone would catch onto it and could easily create a script to decrpyt it.

Kimmo

2005-03-30, 07:24 PM
of course it's easy to decrypt.....but if it is easy to code...it would help with the current spiders and robots....why NOT do it? right now there's NO protection (apart from robots.txt)

decswxaqz

2005-03-30, 08:34 PM
Easier than planned thanks to Chris' foresight for modders Smile

inc/integration.php - Change
function accountCreated($uid)
{
   // Called after an account is created
   global $db;
   $sql = "SELECT email FROM " . TABLE_PREFIX . "users WHERE uid='$uid'";
   if(($result = $db->query($sql))){
      $row = $db->fetch_array($result);
      $email = $row['email'];
      $email = hexCodeEmail($email);
      $sql = "UPDATE " . TABLE_PREFIX . "users SET email = '$email' WHERE uid='$uid'";
      $db->query($sql);
   }
}

function emailChanged($uid, $email)
{
   // Called when an email address is changed
   global $db;
   $email = hexCodeEmail($email);
   $sql = "UPDATE " . TABLE_PREFIX . "users SET email = '$email' WHERE uid='$uid'";
   $db->query($sql);
}

inc/functions.php - Add
function hexCodeEmail($email){
   $temp = "";
   for($i = 0; $i < strlen($email); $i++){
      $temp .= "&#" . ord($email[$i]) . ";";
   }
   return $temp;
}


To update everyone who has already registered use the below (please make sure you do the above first)

update_email.php
<?php
require "./global.php";
$sql = "SELECT uid, email FROM ".TABLE_PREFIX."users";
$query = $db->query($sql);
while($row = $db->fetch_array($query)){
   $uid = $row['uid'];
   $email = $row['email'];
   $email = hexCodeEmail($email);
   $sql = "UPDATE " . TABLE_PREFIX . "users SET email = '$email' WHERE uid='$uid'";
   $db->query($sql);
}
echo "updated emails";
?>

Kimmo

2005-03-30, 09:33 PM
thanks for that...even though I am not really that worried about the values in the database....I am more concerned about the emails-that are shown in the posts... if I enter an email in the post....the spiders will find it...

cheers,
Kimmo

decswxaqz

2005-03-30, 09:58 PM
That would involve lots of changes in many files. This was intended as a quick fix. And unless you use a DM manager it should be fine Smile

You want a global change to any emails posted? Confused

Kimmo

2005-03-31, 07:27 AM
well that's almost the idea yes.....the system would recognize this is an email and hex it.....maybe it would even work by just replacing the @-sign with it's hex-equivalent...hmmm...it would make the thing slower though if the system always has to go through the entire post looking for this sign and then replace it....

well was just an idea....

Bill

2005-03-31, 08:40 AM
Kimmo Wrote:well that's almost the idea yes.....the system would recognize this is an email and hex it.....maybe it would even work by just replacing the @-sign with it's hex-equivalent...hmmm...it would make the thing slower though if the system always has to go through the entire post looking for this sign and then replace it....

I don't think it would make it slower, the BBS boards do that all the time, thats how the smilies are generated. (but i have no idea how to do it Smile )

wildteen88

2005-03-31, 10:18 AM
To be able to replace the email address into hexform, you can do this with the BBCode function when you post your message.

Just use a simple pre_replace function. Because when I post is made it is sent to the database first and then through the BBCode or MyCode function.

I believe this is done throught inc/functions_post.php

The email lines are lines 44 and 45:
	$message = preg_replace("#\[email\](.*?)\[/email\]#i", "<a href=\"mailto:$1\">$1</a>", $message);
	$message = preg_replace("#\[email=(.*?)\](.*?)\[/email\]#i", "<a href=\"mailto:$1\">$2</a>", $message);

but if people type in their email addresses into their posts then there will have be an addon the doautourl() function on lines 220 - 227

I would try this but I'm not too good at preg_replace or anything like that yet, I'm still a novice with PHP and still learning.

decswxaqz

2005-03-31, 10:42 AM
I've been trying to use preg_match to find any occurence of email address. I've tried adding an email address without the [ email] tags and it just treats it as plain text.

[email protected]

That should just stay as plain text which means any bot could find it.

Having trouble doing this though as I thought Sad
Pages: 1 2
MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.6 > 1.6 Suggestions and Feedback > emailaddress encryption