webgyrl Posted April 8, 2004 Share Posted April 8, 2004 Been doing some reading on spam, web forms etc... I keep reading that it is best to avoid using mailto: in order for people to send email to a recipient from a web page. I keep reading that the best way to have someone send email from a web site is to make use of a form. One place I was reading stated the following: "Create the form to get the input from your visitors. The form can email you the results or add them directly to a database. Just make sure the script DOES NOT get passed the email address in a hidden field. The email address should be either coded in the script itself or in a parameter file of some kind." The site where I read the above also noted: "Don't use those special email encoding JavaScript's - These convert an email address into Unicode. It becomes unreadable to human beings, but it's pretty simple to find and convert these. if the spammers haven't figured it out yet then it's just a matter of time." My question is how do you make sure that the email address cannot be harvested by these email address harvesters? Is there a specific bit of code that can protect email addresses completely? Also, what if the site has a whole email contact directory? It is so much easier to use mailto: to list multiple contacts and also to do an advanced email link with subject. Is it still better to do up a form for each contact? Are there any other ways to protect email addresses? Thanks for any suggestions you might have. Nat Quote Link to comment Share on other sites More sharing options...
kaseytraeger Posted April 8, 2004 Share Posted April 8, 2004 Nat, I use forms for all email submissions. The email message is then processed through a PHP script. The email address is only known by the PHP script and is posted no where on the web page. If you look here, you'll see what I'm talking about. www.kaseyscreations.com/villagepantry/test-contactus.htm Note that this page is not complete because the submit button will not actually send mail. But all I need to do is add an action to my form tag, such as <form action="mailscript.php"> I use a PHP mail script called Jack's FormMail. You can read about it here -- www.dtheatre.com/scripts. This script is very easy to set up. If you want to use it and need any help, please feel free to ask. I'll help you set up the script and customize it for your web site. Also, please feel free to copy the form coding I've used on the sample web page to create your own email form. Have fun! Quote Link to comment Share on other sites More sharing options...
kaseytraeger Posted April 8, 2004 Share Posted April 8, 2004 Nat, Here's another page where I've customized the form to send mail to more than one person by selecting a radio button.... www.kaseyscreations.com/travisandkaseywedding/mailpage.htm This page can easily be adapted to accomodate a large email contact directory. Quote Link to comment Share on other sites More sharing options...
wbragg17 Posted April 9, 2004 Share Posted April 9, 2004 I use a web site: Obfuscator (http://alicorna.com/obfuscator.html) that will make your email address unusable for 'spambots' but useable for people. Hope this helps. Will Quote Link to comment Share on other sites More sharing options...
webgyrl Posted April 9, 2004 Author Share Posted April 9, 2004 Kasey, Thanks for the examples. I have used Jacks form mail for another site. You made my day with the radio button suggestion. Exactly what I was seeking. Will, I will check that site out. Thanks Nat Quote Link to comment Share on other sites More sharing options...
voilsb Posted April 9, 2004 Share Posted April 9, 2004 I use MailMe from http://www.arkie.net/~scripts/mailme/ Quote Link to comment Share on other sites More sharing options...
kaseytraeger Posted April 9, 2004 Share Posted April 9, 2004 I use a web site: Obfuscator (http://alicorna.com/obfuscator.html) Will, Just be aware that Obfuscator encodes each letter of your email address into a 4 (or sometimes 3) character ISO-coded value. For example, my name, kasey, would be encoded as: (k)#107; (a)#97; (s)#115; (e)#101; (y)#121; Note that I've removed the ampersand "&" from the front of each character so that you'd see the actual code value and not the translated HTML character. While I don't know of too many spambots that can currently "decode" these characters, I wouldn't be too surprised if sometime in the near future they become more prevalent. I've seen a number of HTML encoders that are supposed to encode your source code so that others can't read it. Many of them just translate each character into it's ISO-encoded brother. By typing a simple JavaScript command into my web browser's URL window, I can completely decode their "encoded" source code. I see this type of technology, if not already widely in use by email harvesters and spambots, to become SOP in the near future. For what it's worth, there's some fat to chew on!! Quote Link to comment Share on other sites More sharing options...
kaseytraeger Posted April 9, 2004 Share Posted April 9, 2004 Kasey, ... You made my day with the radio button suggestion. Exactly what I was seeking. Glad I could be of some assistance. Please let me know if you need help setting up the form or the script for your own application. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.