2009-06-22
yent
Hello guys,
I use mailguard = hex and after 24h all the emails present on my site get spammed ...
I used wget to see to page raw content and noticed that the href (mailto:...) gets hex encoded but the content of the link is in raw text so its fully visible for bots !!!
I browsed a bit in the source and found a way to correct that :
inc/parser/xhtml.php (632) :
function emaillink($address, $name = NULL) {
global $conf;
//simple setup
$link = array();
$link['target'] = '';
$link['pre'] = '';
$link['suf'] = '';
$link['style'] = '';
$link['more'] = '';
$name = $this->_getLinkTitle($name, $address, $isImage);
if ( !$isImage ) {
$link['class']='mail JSnocheck';
++++++ $name = obfuscate($name);
} else {
$link['class']='media JSnocheck';
}
$address = $this->_xmlEntities($address);
$address = obfuscate($address);
$title = $address;
if(empty($name)){
$name = $address;
}
#elseif($isImage{
# $name = $this->_xmlEntities($name);
# }
if($conf['mailguard'] == 'visible') $address = rawurlencode($address);
$link['url'] = 'mailto:'.$address;
$link['name'] = $name;
$link['title'] = $title;
//output formatted
$this->doc .= $this->_formatLink($link);
}
That fixed the bug for now ... But I think that the next update will remove that so it should be corrected on your side ...
Anyway, thanks for such great software, keep it up !!!
Etienne