 |  |  |  |  |  |  |  |
Email address contains javascript tags
Please support our MySQL advertiser: PostgreSQL or MySQL? Compare and contrast the two most popular open source databases
Thread Solved |
Hi,
I'm not entirely sure which forum to post this question because I cannot determine whether it's a MySQL, Joomla, or PHP issue. But I will post it here, as some of you may know about this.
I am using a custom built "user" table in my MySQL database, and the email addresses are being stored in plain text as VARCHAR(60). However, when I retrieve an email address from a record, and then display it on my webpage, it appears as an "email link" and not as plain text.
This is the code I'm using to retrieve the email address from the MySQL database.
------------------------------------------------------
------------------------------------------------------
The PHP code works fine, but the email address variable now contains the following javascript information only after it's been retrieved from the database...
So, my question is... all I need is the "plain text" email address (as I need this to populate an editable text box on my webpage), but where is this additional javascript information coming from? ...and how can I strip this javascript data so I can obtain just the email address itself?
Thanks
I'm not entirely sure which forum to post this question because I cannot determine whether it's a MySQL, Joomla, or PHP issue. But I will post it here, as some of you may know about this.
I am using a custom built "user" table in my MySQL database, and the email addresses are being stored in plain text as VARCHAR(60). However, when I retrieve an email address from a record, and then display it on my webpage, it appears as an "email link" and not as plain text.
This is the code I'm using to retrieve the email address from the MySQL database.
------------------------------------------------------
php Syntax (Toggle Plain Text)
------------------------------------------------------
The PHP code works fine, but the email address variable now contains the following javascript information only after it's been retrieved from the database...
JavaScript Syntax (Toggle Plain Text)
So, my question is... all I need is the "plain text" email address (as I need this to populate an editable text box on my webpage), but where is this additional javascript information coming from? ...and how can I strip this javascript data so I can obtain just the email address itself?
Thanks
Last edited by peter_budo; Jul 2nd, 2009 at 4:52 am. Reason: Keep It Organized - For easy readability, always wrap programming code within posts in [code] (code blocks) and [icode] (inline code) tags.
•
•
Join Date: Jul 2006
Posts: 827
Reputation: 
Solved Threads: 135
Practically a Posting Shark
Since you mention Joomla, it is possible that this is Joomla's way of storing e-mail addresses. You could use a regular expression to strip all unnecessary code, but there could be a lot of exceptions. Maybe Joomla has a function to retrieve it built-in.
"If it is NOT source, it is NOT software."
-- NASA
-- NASA
•
•
Join Date: Jan 2009
Posts: 1,318
Reputation:
Solved Threads: 161
This is Joomla's spam protection
Joomla has a plugin that obfuscates email addresses, to make it harder for scrapers and bots.
The visible address and effective address are not changed, just what robots can see.
you can probably disable the plugin somewhere in Joomla configuration.
There is likely a 'howto' on setting up the editbox without disabling spam protection, somewhere on the web. Joomla is a popular cms
Sometimes the help, is worse than the problem
Joomla has a plugin that obfuscates email addresses, to make it harder for scrapers and bots.
The visible address and effective address are not changed, just what robots can see.
you can probably disable the plugin somewhere in Joomla configuration.
There is likely a 'howto' on setting up the editbox without disabling spam protection, somewhere on the web. Joomla is a popular cms
Sometimes the help, is worse than the problem
Last edited by almostbob; Jul 2nd, 2009 at 10:39 am.
Failure is not an option It's included free
If at first you dont succeed, join the club
Of course its always in the last place you look, you dont keep looking after you find it
Please mark solved problems, solved
If at first you dont succeed, join the club
Of course its always in the last place you look, you dont keep looking after you find it
Please mark solved problems, solved
•
•
•
•
Originally Posted by pritaeas 
Since you mention Joomla, it is possible that this is Joomla's way of storing e-mail addresses. You could use a regular expression to strip all unnecessary code, but there could be a lot of exceptions. Maybe Joomla has a function to retrieve it built-in.
•
•
•
•
Originally Posted by almostbob
This is Joomla's spam protection
Joomla has a plugin that obfuscates email addresses, to make it harder for scrapers and bots.
The visible address and effective address are not changed, just what robots can see.
you can probably disable the plugin somewhere in Joomla configuration.
There is likely a 'howto' on setting up the editbox without disabling spam protection, somewhere on the web. Joomla is a popular cms
Sometimes the help, is worse than the problem
Can I ask your opinion though... even though I'm disabling an important spam protection function, I'm assuming it doesn't matter given that email addresses are only appearing in text boxes in user-login access webpages (not publicly-accessable pages). Does that matter? Obviously, if the email addresses were published on public access pages, then yes... it's a risk, but what if they were only shown in text boxes on registered pages requiring user-login access? Surely scrapers and bots can't access such pages given that they are protected behind user logins - they would need to simulate a user login to access such information, right? Or is it best to keep the obfuscation protection enabled, and find another method to populate the text boxes with the plain text version?
Actually, I hope you don't mind but I'm going to start a new post with this subject as I'd like to gauge other user's ideas and thoughts on this. But please feel free to comment to this post if you wish. Thanks again for your post.
Last edited by nigelburrell; Jul 2nd, 2009 at 11:31 am. Reason: Adding more information
•
•
Join Date: Jan 2009
Posts: 1,318
Reputation:
Solved Threads: 161
that address is sent in clear text through however many relays, proxies, exist in the traceroute between your host and the user,
any one of them could be compromised
with an appropriate packet sniffer no plain text is safe
how likely do you enticipate interception
you could use something like
break the address at the @ sign, send two parts to
2 text boxes
1 for user name
1 for domain
and not sent the @ sign at all, and reconstruct the address in php/asp before submitting to the database,
any one of them could be compromised
with an appropriate packet sniffer no plain text is safe
how likely do you enticipate interception
you could use something like
break the address at the @ sign, send two parts to
2 text boxes
1 for user name
1 for domain
and not sent the @ sign at all, and reconstruct the address in php/asp before submitting to the database,
Failure is not an option It's included free
If at first you dont succeed, join the club
Of course its always in the last place you look, you dont keep looking after you find it
Please mark solved problems, solved
If at first you dont succeed, join the club
Of course its always in the last place you look, you dont keep looking after you find it
Please mark solved problems, solved
•
•
•
•
Originally Posted by almostbob
that address is sent in clear text through however many relays, proxies, exist in the traceroute between your host and the user,
any one of them could be compromised
with an appropriate packet sniffer no plain text is safe
how likely do you enticipate interception
you could use something like
break the address at the @ sign, send two parts to
2 text boxes
1 for user name
1 for domain
and not sent the @ sign at all, and reconstruct the address in php/asp before submitting to the database,
•
•
Join Date: Jan 2009
Posts: 1,318
Reputation:
Solved Threads: 161
•
•
•
•
Originally Posted by nigelburrell
Interesting solution, I might think about doing that. Thanks for the idea.
<input type='text' id='mailaccount'>@<input type='text' id='maildomain'> php Syntax (Toggle Plain Text)
http ://w ww.auditmypc.com/freescan/antispam.html
(link broken not sure if I would be violating DaniWeb policy),
it generates 50 fake email addresses every load to poison spambots
Last edited by almostbob; Jul 2nd, 2009 at 6:59 pm.
Failure is not an option It's included free
If at first you dont succeed, join the club
Of course its always in the last place you look, you dont keep looking after you find it
Please mark solved problems, solved
If at first you dont succeed, join the club
Of course its always in the last place you look, you dont keep looking after you find it
Please mark solved problems, solved
What a great idea to put two textboxes alongside each other with the "@" character in the middle. I will code this and see how it works.
Actually, I had to smile when I read your comment about the auditmypc website generating fake email addresses to poison spambots... what a great idea to fight back against spam!!
Actually, I had to smile when I read your comment about the auditmypc website generating fake email addresses to poison spambots... what a great idea to fight back against spam!!
 |
Similar Threads
- Problem passing email address through AJAX (JavaScript / DHTML / AJAX)
- VB6 - Look up email address from outlook address book? (Visual Basic 4 / 5 / 6)
- VB 6.0 - Accepting value (email address)from Inputbox (Visual Basic 4 / 5 / 6)
- Res. Form/Dreamweaver 8/Email to Address (HTML and CSS)
- username=email address inputted on submission>is this possible (PHP)
- JavaScript -- Validating an email address (JavaScript / DHTML / AJAX)
- outlook 03 email address read as word; duplicate email (Windows Software)
- Protecting email address from robots (PHP)
Other Threads in the MySQL Forum
- Previous Thread: How do I increase prices by percentage
- Next Thread: Navigation?
| Thread Tools | Search this Thread |
You need to join our community in order to build your list of favorite forums. You can visit the forum index for a listing of all forums.
Related Forum Features
Latest MySQL Posts
- Today's Posts
- Unanswered Threads
agplv3 alfresco amazon api artisticlicense aws bizspark breathalyzer camparingtocolumns changingprices cmg communityjournalism contentmanagement contractors copyright count court crm database design developer development distinct drupal dui ec2 email enterprise eudora facebook form foss gartner gnu government gpl greenit groupware hiring hyperic images innerjoins insert ip joebrockmeier join keyword keywords kickfire laptop law legal license licensing linux maintenance managing mariadb matchingcolumns metron micromanage microsoft microsoftexchange mindtouch montywidenius mozilla multiple music mysql mysqlcolumnupdating mysqldatetimeordermax() mysqlindex mysqlinternalqueries mysqlquery mysqlsearch news open-xchange opendatabasealliance opengovernment opensource oracle penelope priceupdating query referencedesign reorderingcolumns resultset saas select sharepoint simpledb sourcecode spotify sql sugarcrm syntax techsupport thunderbird transparency virtualization
