Roope

Email Obfuscation (EMO)

Recommended Posts

19 hours ago, Roope said:

Hello @Barcelo!

So email addresses are replaced by text set in module config but conversion back to email doesn't kick in, right? Double check that emo.js is really present because it sounds like there's the issue here. Maybe consider adding modules config url to the file path:


<?php echo '<script src=" . $config->urls->modules . EmailObfuscation/emo.min.js"></script>'; ?>

 


I think you meant this ;):

<?php echo '<script src="' . $config->urls->siteModules . 'EmailObfuscation/emo.min.js"></script>'; ?>

This works fine as before - the script gets included just fine.

But, none of the included E-Mails addresses are replaced with any text and elements at all. They are still untouched present in plain text.

So I guess, that the module is "stuck" somehow or not recognized / executed at all during page rendering. Could another module might interfere?

(of course caching is not active :rolleyes:)
(Processwire V 2.7.2)

Share this post


Link to post
Share on other sites
On 9/27/2016 at 11:13 PM, Macrura said:

Feature request: one thing that would be cool is to be able to enable this only for some templates, instead of disable;
because i only need it on the contact page, so i'd need to disable like 30 templates, rather than enable 1, the way it is currently;

Is there any way of conditionally loading this module by the API?

One of the really critical issues here is that the module is still not able to skip stuff like twitter handle (e.g. @processwire)

Thanks @Macrura - I'll try look into these shortly!

On 9/28/2016 at 11:30 AM, Bacelo said:


I think you meant this ;):


<?php echo '<script src="' . $config->urls->siteModules . 'EmailObfuscation/emo.min.js"></script>'; ?>

This works fine as before - the script gets included just fine.

But, none of the included E-Mails addresses are replaced with any text and elements at all. They are still untouched present in plain text.

So I guess, that the module is "stuck" somehow or not recognized / executed at all during page rendering. Could another module might interfere?

(of course caching is not active :rolleyes:)
(Processwire V 2.7.2)

Sorry, I meant $config->urls->siteModules... And is should read your other post mo carefully since you already mentioned that script block is not included in the end of the document so it's not about js script surely. Don't know what other module could be blocking this but what other 3rd party modules you have installed?

Share this post


Link to post
Share on other sites

Thank you Roope  for supporting. :)

Actually I have the following site modules installed at the project:

AllInOneMinify
DiagnoseDatabase
DiagnoseFiles
DiagnoseImagehandling
DiagnoseModules
DiagnosePhp
DiagnoseWebserver
EmailObfuscation
FormBuilder
ImageExtra
InputfieldFormBuilderFile
JqueryDataTables
MarkupMenuBuilder
MarkupSEO
ProCache (not active)
ProcessDatabaseBackups
ProcessDiagnostics
ProcessFormBuilder
ProcessMenuBuilder
ProcessPageListerPro
ProcessProCache
ProcessWireUpgrade
ProcessWireUpgradeCheck
TemplateEngineFactory
TemplateEngineProcesswire

Share this post


Link to post
Share on other sites

Not that I'm familiar with all of thease but first that pops out from the list is TemplateEngineFactory. I haven't used it and have no idea about the logic behind the scenes but if you could temporarily uninstall it and see what happens.

Share this post


Link to post
Share on other sites

slightly off-topic, but just wanted to mention that i was able to solve my problem (loading emo on all pages, and it thinking that the twitter handle in the header was an email address) by just using a hanna code for the email addresses (like [[emo email=mail@example.com]]);

I have a function in my templates that does the email address replacement.

Not trying to discount the utility of this module as it can provide global coverage for email addresses, but possibly for some users who only need to replace a few emails in some specific places, then the shortcode can be useful. Also, if you had a specific field holding the email address, then you could obfuscate it with the same function directly in the template output...

Share this post


Link to post
Share on other sites
9 hours ago, Macrura said:

i was able to solve my problem (loading emo on all pages, and it thinking that the twitter handle in the header was an email address)

I don't experience this problem with this module - for me only email addresses are obfuscated, not twitter handles.

name@testing.com <- this would be obfuscated

@testing <- this is untouched

 

Share this post


Link to post
Share on other sites

ok right, well the main problem i was having was more that i didn't want EMO active on every page of the site, so i loaded the JS myself only on the page i needed it, where there were email addresses.

But it was still finding something it thought was an email on the homepage, and then adding the script tag and thus JS error on the page, plus the overhead of the plugin running on that page.

the obfuscation function i'm using works on each email you trigger it on, so only where you want..

 

 

Share this post


Link to post
Share on other sites

OK, thanks guys!

Like @Robin S posted, we either have never experienced any problems with twitter (or any other some) handles. Can you @Macrura plese give me more detalied example about false positives you faced with?

I was thinking that maybe I could add new 'execution method' to the module config where one could select whether to exclude/include email auto obfuscation at selected templates/pages or go full manual by using public method ever when needed. This would definitely be more flexible than the current route we have in use.

  • Like 1

Share this post


Link to post
Share on other sites

I figured out what it was, it was an embedded Constant Contact sign up form that had the words:

Please enter your email address in name@email.com format

this is actually inside a <script> tag.

In any case your suggestion about the execution method would be really great, because when you know you only need the script to operate on 1 page, and leave the rest of the site untouched, it's really the safest way on a large project where you don't want things to break...

  • Like 1

Share this post


Link to post
Share on other sites
On 30.9.2016 at 10:55 AM, Roope said:

Not that I'm familiar with all of thease but first that pops out from the list is TemplateEngineFactory. I haven't used it and have no idea about the logic behind the scenes but if you could temporarily uninstall it and see what happens.

Actually I can't unistall the module "TemplateEngineFactory" as the template relies on this :(
I'll continue having a deeper look into and try to cut it down.

Share this post


Link to post
Share on other sites

New version is now available at GitHub. Added new option to exclude/include module execution at selected templates/pages + new $sanitizer->emo() method to manually control obfuscation for given string. Please go ahead and try it out!

  • Like 1

Share this post


Link to post
Share on other sites
4 hours ago, PWaddict said:

How can I re-initiate it via AJAX?

Currently this is not possible.

Share this post


Link to post
Share on other sites

The module is set to "autoload' => true, is this surely needed? In my quick test 'autoload' => 'template!=admin' works too.

  • Like 1

Share this post


Link to post
Share on other sites
1 hour ago, tpr said:

The module is set to "autoload' => true, is this surely needed? In my quick test 'autoload' => 'template!=admin' works too.

This module was launched before 2.3.1, which introduced conditional autoloading. Aforementioned change seems reasonable, but means dropping support for 2.2.

... although dropping support for 2.2 at this point doesn't seem like such a huge issue ;)

  • Like 3

Share this post


Link to post
Share on other sites
On 1/13/2017 at 9:34 AM, tpr said:

The module is set to "autoload' => true, is this surely needed? In my quick test 'autoload' => 'template!=admin' works too.

 

On 1/13/2017 at 11:27 AM, teppo said:

This module was launched before 2.3.1, which introduced conditional autoloading. Aforementioned change seems reasonable, but means dropping support for 2.2.

... although dropping support for 2.2 at this point doesn't seem like such a huge issue ;)

 

To be honest, I've missed the whole world of conditional autoloading of PW modules...

Dropping off support for 2.2 isn't any issue. There will be older perfecly functional emo releases available if someone needs it. So I think I'll go ahead and make this change same time I'll add PW namespace to the module - which should happen pretty soon. Thanks for the notice!

 

  • Like 2

Share this post


Link to post
Share on other sites

Thanks!

1 minute ago, Roope said:

To be honest, I've missed the whole world of conditional autoloading of PW modules...

So did I until recently :)

Share this post


Link to post
Share on other sites

Hi @Roope

Looks like module doesn't work when template cache is on. 

It loads 

 var emo_addr = new Array();
 emo_addr[0] = "fA1PLjJh83r7WD9s+apZEH5RTFM0uYwS2Ge6bxVOktKvIndQC4qBUycoim.NlXgz";
 emo_addr[1] = "sJL2Tc4GuoWX8VHn0yXx05jt0182Mh3xF6Ue05jt0haQ9VxdFVXfFRxxTO3QYoWdTcXn7OHG86mt0VFQ+JHmF53q0oYB7VDQ0pmyTZCQTZif";
 if(window.addLoadEvent) addLoadEvent(emo_replace());

just for first time after cache timeout, but cache is saved without it.

Can somebody confirm it? 

And one small feature request: could you change "Replate text string" input from text to text Multilanguage field.

Share this post


Link to post
Share on other sites
On 1.10.2016 at 0:40 AM, Macrura said:

the obfuscation function i'm using works on each email you trigger it on, so only where you want..

Hi @Macrura,

would you mind to reveal more details of your obfuscation function? I would highly appreciate it.

Share this post


Link to post
Share on other sites

I'm using this function in places, seems to work well:

/**
 * Given an email address render the obfuscated version
 *
 * @param $strEmail - an email address
 *
 */
function createMailto($strEmail) {
  $strNewAddress = '';
  for($intCounter = 0; $intCounter < strlen($strEmail); $intCounter++){
    $strNewAddress .= "&#" . ord(substr($strEmail,$intCounter,1)) . ";";
  }
  $arrEmail = explode("&#64;", $strNewAddress);
  $strTag = "<script type='text/javascript'>\n";
  $strTag .= "<!--\n";
  $strTag .= "document.write('<a href=\"mai');\n";
  $strTag .= "document.write('lto');\n";
  $strTag .= "document.write(':" . $arrEmail[0] . "');\n";
  $strTag .= "document.write('@');\n";
  $strTag .= "document.write('" . $arrEmail[1] . "\">');\n";
  $strTag .= "document.write('" . $arrEmail[0] . "');\n";
  $strTag .= "document.write('@');\n";
  $strTag .= "document.write('" . $arrEmail[1] . "<\/a>');\n";
  $strTag .= "// -->\n";
  $strTag .= "</script><noscript>" . $arrEmail[0] . " at \n";
  $strTag .= str_replace("&#46;"," dot ",$arrEmail[1]) . "</noscript>";
  return $strTag;
}

also works well in a hanna code, and doesn't require any additional js files

  • Like 2

Share this post


Link to post
Share on other sites
11 hours ago, ottogal said:

Hi @Macrura,

would you mind to reveal more details of your obfuscation function? I would highly appreciate it.

You can do this with EMO too:

  1. At module settings page set "Obfuscation mode" to "Obfuscate manually..." (OR adjust exclude/include templates/pages settings to have auto obfuscation enabled only where needed).
  2. Then on a page template obfuscate only the parts of markup you want by using $sanitizer->emo() method.
// obfuscate single email address
echo $sanitizer->emo('hello@world.com');

// obfuscate email addresses from a body field output
echo $sanitizer->emo($page->body);

Also make sure that you are using the 1.1.x version since this feature was added to the latest release (1.1.0).

  • Like 1

Share this post


Link to post
Share on other sites
On 3/23/2017 at 7:15 PM, Zeka said:

Hi @Roope

Looks like module doesn't work when template cache is on. 

It loads 


 var emo_addr = new Array();
 emo_addr[0] = "fA1PLjJh83r7WD9s+apZEH5RTFM0uYwS2Ge6bxVOktKvIndQC4qBUycoim.NlXgz";
 emo_addr[1] = "sJL2Tc4GuoWX8VHn0yXx05jt0182Mh3xF6Ue05jt0haQ9VxdFVXfFRxxTO3QYoWdTcXn7OHG86mt0VFQ+JHmF53q0oYB7VDQ0pmyTZCQTZif";
 if(window.addLoadEvent) addLoadEvent(emo_replace());

just for first time after cache timeout, but cache is saved without it.

Can somebody confirm it? 

And one small feature request: could you change "Replate text string" input from text to text Multilanguage field.

Hello @Zeka!

Sorry for massive delay but I just quickly tested EMO with built-in cache and was able to repeat yor issue. Cache file had emails as plain text and both EMO scripts were missing. On a public page it was still allright (emails obfuscated) so I don't know why it wasn't really using cached version? Switch to ProCache worked as excepted - cached page, which was obfuscated.

I'm really lost with PW built-in cache since I'm so used to work with Ryans ProCache module and it has never had any issues running together with EMO. So for now my best bet for you is to get that :) - in a meantime we'll see if there is something we can about this.

Multilanguage support is already in my TODO list, if I just could find the time... Thanks for the notice!

  • Like 1

Share this post


Link to post
Share on other sites

Hi @Roope,

Love this module - it's used in all my sites. Is it possible to disable the module on some pages via a hook? I need to disable the obfuscation when a particular GET variable is present.

Share this post


Link to post
Share on other sites
9 hours ago, Robin S said:

Hi @Roope,

Love this module - it's used in all my sites. Is it possible to disable the module on some pages via a hook? I need to disable the obfuscation when a particular GET variable is present.

Hello!

Yes, I think something like this on your page template should work.

$page->addHookBefore('render', function($event) {
  if(wire('input')->get->myvar) {
    $emo = wire('modules')->get('EmailObfuscation');
    $emo->mode = $emo::modeManual;
  }
});

 

  • Like 1

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By daniels
      This is a lightweight alternative to other newsletter & newsletter-subscription modules.
      You can find the Module in the Modules directory and on Github
      It can subscribe, update, unsubscribe & delete a user in a list in Mailchimp with MailChimp API 3.0. It does not provide any forms or validation, so you can feel free to use your own. To protect your users, it does not save any user data in logs or sends them to an admin.
      This module fits your needs if you...
      ...use Mailchimp as your newsletter / email-automation tool ...want to let users subscribe to your newsletter on your website ...want to use your own form, validation and messages (with or without the wire forms) ...don't want any personal user data saved in any way in your ProcessWire environment (cf. EU data regulation terms) ...like to subscribe, update, unsubscribe or delete users to/from different lists ...like the Mailchimp UI for creating / sending / reviewing email campaigns *I have only tested it with PHP 7.x so far, so use on owners risk
      EDIT:
      I've updated the module to 0.0.3. I removed the instructions from this forum, so I don't have to maintain it on multiple places. Just checkout the readme on github 🙂
      If you have questions or like to contribute, just post a reply or create an issue or pr on github. 
    • By blynx
      Hej,
      A module which helps including Photoswipe and brings some modules for rendering gallery markup. Feedback highly appreciated
      (Also pull requests are appreciated 😉 - have a new Job now and don't work a lot with ProcessWire anymore, yet, feel free to contact me here or on GitHub, Im'm still "online"!)

      Modules directory: http://modules.processwire.com/modules/markup-processwire-photoswipe
      .zip download: https://github.com/blynx/MarkupProcesswirePhotoswipe/archive/master.zip
      You can add a photoswipe enabled thumbnail gallery / lightbox to your site like this. Just pass an image field to the renderGallery method:
      <?php $pwpswp = $modules->get('Pwpswp'); echo $pwpswp->renderGallery($page->nicePictures); Options are provided like so:
      <?php $galleryOptions = [ 'imageResizerOptions' => [ 'size' => '500x500' 'quality' => 70, 'upscaling' => false, 'cropping' => false ], 'loresResizerOptions' => [ 'size' => '500x500' 'quality' => 20, 'upscaling' => false, 'cropping' => false ], 'pswpOptions' => (object) [ 'shareEl' => false, 'indexIndicatorSep' => ' von ', 'closeOnScroll' => false ] ]; echo $pswp->renderGallery($page->images, $galleryOptions); More info about all that is in the readme: https://github.com/blynx/MarkupProcesswirePhotoswipe
      What do you think? Any ideas, bugs, critique, requests?
      cheers
      Steffen
    • By bernhard
      WHY?
      This module was built to fill the gap between simple $pages->find() operations and complex SQL queries.
      The problem with $pages->find() is that it loads all pages into memory and that can be a problem when querying multiple thousands of pages. Even $pages->findMany() loads all pages into memory and therefore is a lot slower than regular SQL.
      The problem with SQL on the other hand is, that the queries are quite complex to build. All fields are separate tables, some repeatable fields use multiple rows for their content that belong to only one single page, you always need to check for the page status (which is not necessary on regular find() operations and therefore nobody is used to that).
      In short: It is far too much work to efficiently and easily get an array of data based on PW pages and fields and I need that a lot for my RockGrid module to build all kinds of tabular data.

      Basic Usage

       
      Docs & Download
      https://gitlab.com/baumrock/RockFinder/tree/master
       
      Changelog
      180516 change sql query method, bump version to 1.0.0 180515 multilang bugfix 180513 beta release <180513 preview/discussion took place here: https://processwire.com/talk/topic/18983-rocksqlfinder-highly-efficient-and-flexible-sql-finder-module/
    • By flydev
      OAuth2Login for ProcessWire
      A Module which give you ability to login an existing user using your favorite thrid-party OAuth2 provider (i.e. Facebook, GitHub, Google, LinkedIn, etc.)..
      You can login from the backend to the backend directly or render a form on the frontend and redirect the user to a choosen page.
      Built on top of ThePhpLeague OAuth2-Client lib.
      Registration is not handled by this module but planned.
       
      Howto Install
      Install the module following this procedure:
       - http://modules.processwire.com/modules/oauth2-login/
       - https://github.com/flydev-fr/OAuth2Login
      Next step, in order to use a provider, you need to use Composer to install each provider
      ie: to install Google, open a terminal, go to your root directory of pw and type the following command-line: composer require league/oauth2-google
      Tested providers/packages :
          Google :  league/oauth2-google     Facebook: league/oauth2-facebook     Github: league/oauth2-github     LinkedIn: league/oauth2-linkedin
      More third-party providers are available there. You should be able to add a provider by simply adding it to the JSON config file.

      Howto Use It
      First (and for testing purpose), you should create a new user in ProcessWire that reflect your real OAuth2 account information. The important informations are, Last Name, First Name and Email. The module will compare existing users by firstname, lastname and email; If the user match the informations, then he is logged in.
      ie, if my Google fullname is John Wick, then in ProcessWire, I create a new user  Wick-John  with email  johnwick@mydomain.com
      Next step, go to your favorite provider and create an app in order to get the ClientId and ClientSecret keys. Ask on the forum if you have difficulties getting there.
      Once you got the keys for a provider, just paste it into the module settings and save it. One or more button should appear bellow the standard login form.
      The final step is to make your JSON configuration file.
      In this sample, the JSON config include all tested providers, you can of course edit it to suit your needs :
      { "providers": { "google": { "className": "Google", "packageName": "league/oauth2-google", "helpUrl": "https://console.developers.google.com/apis/credentials" }, "facebook": { "className": "Facebook", "packageName": "league/oauth2-facebook", "helpUrl": "https://developers.facebook.com/apps/", "options": { "graphApiVersion": "v2.10", "scope": "email" } }, "github": { "className": "Github", "packageName": "league/oauth2-github", "helpUrl": "https://github.com/settings/developers", "options": { "scope": "user:email" } }, "linkedin": { "className": "LinkedIn", "packageName": "league/oauth2-linkedin", "helpUrl": "https://www.linkedin.com/secure/developer" } } }  
      Backend Usage
      In ready.php, call the module :
      if($page->template == 'admin') { $oauth2mod = $modules->get('Oauth2Login'); if($oauth2mod) $oauth2mod->hookBackend(); }  
      Frontend Usage
      Small note: At this moment the render method is pretty simple. It output a InputfieldForm with InputfieldSubmit(s) into wrapped in a ul:li tag. Feedbacks and ideas welcome!
      For the following example, I created a page login and a template login which contain the following code :
      <?php namespace ProcessWire; if(!$user->isLoggedin()) { $options = array( 'buttonClass' => 'my_button_class', 'buttonValue' => 'Login with {provider}', // {{provider}} keyword 'prependMarkup' => '<div class="wrapper">', 'appendMarkup' => '</div>' ); $redirectUri = str_lreplace('//', '/', $config->urls->httpRoot . $page->url); $content = $modules->get('Oauth2Login')->config( array( 'redirect_uri' => $redirectUri, 'success_uri' => $page->url ) )->render($options); }
      The custom function lstr_replace() :
      /* * replace the last occurence of $search by $replace in $subject */ function str_lreplace($search, $replace, $subject) { return preg_replace('~(.*)' . preg_quote($search, '~') . '~', '$1' . $replace, $subject, 1); }  
      Screenshot
       



    • By gRegor
      Updated 2018-05-06:
      Version 2.0.0 released
      Updated 2017-03-27:
      Version 1.1.3 released
      Updated 2016-04-11:
      Version 1.1.2 released

      Updated 2016-02-26:
      Officially in the module directory! http://modules.processwire.com/modules/webmention/

      Updated 2016-02-25:
      Version 1.1.0 is now released. It's been submitted to the module directory so should appear there soon. In the meantime, it's available on GitHub: https://github.com/gRegorLove/ProcessWire-Webmention. Please refer to the updated README there and let me know if you have any questions!
      ------------
      Original post:
       
      This is now out of date. I recommend reading the official README.
       
      I've been working on this one for a while. It's not 100%, but it is to the point I'm using it on my own site, so it's time for me to release it in beta. Once I finish up some of the features described below, I will submit it to the modules directory as a stable plugin.
      For now, you can install from Github. It works on PW2.5. I haven't tested on PW2.6, but it should work there.
      Feedback and questions are welcome. I'm in the IRC channel #processwire as well as #indiewebcamp if you have any questions about this module, webmention, or microformats.
      Thanks to Ryan for the Comments Fieldtype which helped me a lot in the handling of webmentions in the admin area.
      ProcessWire Webmention Module
      Webmention is a simple way to automatically notify any URL when you link to it on your site. From the receiver's perspective, it is a way to request notification when other sites link to it.
      Version 1.0.0 is a stable beta that covers webmention sending, receiving, parsing, and display. An easy admin interface for received webmentions is under development, as well as support for the Webmention Vouch extension.
      Features
      * Webmention endpoint discovery
      * Automatically send webmentions asynchronously * Automatically receive webmentions * Process webmentions to extract microformats   Requirements * php-mf2 and php-mf2-cleaner libraries; bundled with this package and may optionally be updated using Composer. * This module hooks into the LazyCron module.   Installation Github: https://github.com/gRegorLove/ProcessWire-Webmention

      Installing the core module named "Webmention" will automatically install the Fieldtype and Inputfield modules included in this package.   This module will attempt to add a template and page named "Webmention Endpoint" if the template does not exist already. The default location of this endpoint is http://example.com/webmention-endpoint   After installing the module, create a new field of type "Webmentions" and add it to the template(s) you want to be able to support webmentions. Sending Webmentions
      When creating or editing a page that has the Webmentions field, a checkbox "Send Webmentions" will appear at the bottom. Check this box and any URLs linked in the page body will be queued up for sending webmentions. Note: you should only check the "Send Webmentions" box if the page status is "published."   Receiving Webmentions This module enables receiving webmentions on any pages that have have "Webmentions" field, by adding the webmention endpoint as an HTTP Link header. If you would like to specify a custom webmention endpoint URL, you can do so in the admin area, Modules > Webmention.   Processing Webmentions (beta) Currently no webmentions are automatically processed. You will need to browse to the page in the backend, click "Edit," and scroll to the Webmentions field. There is a dropdown for "Visibility" and "Action" beside each webmention. Select "Process" to parse the webmention for microformats.   A better interface for viewing/processing all received webmentions in one place is under development.   Displaying Webmentions (beta) Within your template file, you can use `$page->Webmentions->render()` [where "Webmentions" is the name you used creating the field] to display a list of approved webmentions. As with the Comments Fieldtype, you can also generate your own output.   The display functionality is also under development.   Logs This module writes two logs: webmentions-sent and webmentions-received.   Vouch The Vouch anti-spam extension is still under development.   IndieWeb The IndieWeb movement is about owning your data. It encourages you to create and publish on your own site and optionally syndicate to third-party sites. Webmention is one of the core building blocks of this movement.   Learn more and get involved by visiting http://indiewebcamp.com.   Further Reading * http://indiewebcamp.com/webmention * http://indiewebcamp.com/comments-presentation * http://indiewebcamp.com/reply