OddThinking

I have installed the plugin, but looks like it won’t encode the emails that are contained in the users’ comments to the WP posts. I would like to protect the emails that users publish from email harvesters too.

Can this feature be added?

[Ed: This feature was added to EmailShroud 2.1.]

Triple DES (3DES)
Whoa. I’m not typically a gadgets geek, but this I gotta have.

I do have a question, though. Everything works beautifully, but if I have my security settings higher than the lowest settings, the link isn’t displayed at all, but rather my alternative text setting. Any ideas?

Meo,

That doesn’t sound too hard. I will add that to the wishlist. I don’t have any concrete plans for starting the next version yet.

Jonathan,

If a user sets their security settings in their browser at a high level, they are effectively saying “I don’t trust the Javascript on the web page I am looking at, and the Javascript engine provided by my browser to block any nasty behaviour attempted by this web page.” All Javascript is turned off.

The plugin works by displaying the alternative text, and then using Javascript to make it look normal again. If you turn off Javascript, the alternative text will remain.

So, this sounds like it is working exactly as intended: If you are willing to run Javascript, it will look better. If you don’t, it gracefully degrades to the alternative text.

Thanks for the plugin, Julian. I have one question: What would I have to change to display the entire email address on my site? Currently, it just displays the username part of the email address and doesn’t include the domain.

Thanks!

[Ed: Feature added to EmailShroud 2.2]

Scott,

Sorry for the delay in responding. I started to write a simple response saying it wasn’t possible, but that provoked me to think about it more, and made me change my mind.

With Version 2.0, you currently have two choices:

1. Type in an email address straight into the text, in which case EmailShroud will drop the domain name, because it knows that if it leaves it there the spammers will find it.
2. Type the email address as mailto address in an anchor tag, in which case you specify whatever pretty text you like. I recommend this, because I don’t consider displaying raw email addresses to be very pretty. Be careful not to set the pretty text to the full email address, or EmailShroud will miss it, and the spammers will get it!

I have some more thinking to do about whether the Javascript could me made to substitute the full email address back in, if Javascript is enabled, making it prettier for the majority of your readers. Another feature to look forward to in the next version, I guess.

Thanks for the suggestion!

heya — good job.. now if only i could get it working. i’ve tried it on both IE and FF, and it’s stuck on redirect mode.

yes – javascript is on. i have never disabled it on either browser. any ideas?

thanks in advance, murray

Murray,

I am sorry to hear that you are having troubles.

Is it working here on this site? e.g. Does the following example_address appear as an email address or a (redirected) URL? Do you have a URL to your site that you can send me so I can see it in action?

Hi Julian!

Really good work, I find your plugin very useful!

So far, I did not have any troubles, but I just installed SimpleForum on a project website and EmailShroud stops people from registering/changing their email address.
Here is a screenshot how it looks like:
http://tinypic.com/view.php?pic=4r720ao

Your plugin works great, but I would like to know if I can workaround this or just disable EmailShroud for a specific page?

Thank you so much for this great plugin and your 2.2 update.
Just as the previous poster I would like the plugin to exclude a specific page (due to a form error). Is it possible?

I would also like to inform you that your plugin is no longer available at WordPress official plugin repository (even though it is the best plugin for this purpose 🙂 )

Any help is much appreciated.

In response to the last two requests, I offer a dirty hack, below. If more people find this useful, let me know and I will find a cleaner way to include it directly into the official plugin.

The purpose of this hack is to manually override the use of EmailShroud on an individual post or page.

You need to insert the following code into your WordPress theme.

<?php if (get_post_meta($post->ID,"sto_emailShroud",true)=="off"):
    remove_filter('the_content', 'sto_emailShroud_mainFilter', 55);
    remove_filter('get_the_excerpt', 'sto_emailShroud_mainFilter',9);
    remove_filter('the_excerpt_rss', 'sto_emailShroud_mainFilter',55);
endif; ?>

Where does the code go? Well, it has to be in “the loop”, which normally means after a line that looks like this:

<?php if (have_posts()) : while (have_posts()) : the_post(); ?>

It has to go before call to the_content or the_excerpt. Why not put it immediately after the loop starts, to be sure?

Then you need to mark the particular page or post that you want to protect. Edit the post, and look for the Custom Fields near the bottom of the page. Add a new custom field with the key sto_emailShroud and the value off. Both of these are case-sensitive.

This has been hastily tested, on one machine. Please test it yourself before you go live. I’d appreciate feedback on whether it worked for you.

Don’t forget – any email addresses on this unprotected page are exposed to spammers.

Daniel,

your plugin is no longer available at WordPress official plugin repository

Thanks for the warning. I have applied for it to be registered.

The hack to manually override the use of EmailShroud mentioned above works well for me. I was having a problem with a feedback form getting messed up whenever a required field was left out. The page would regenerate and any email address already entered on the form would break the structure of the form. Being able to switch off EmailShroud on this individual page cured it. Many thanks.

I have installed this plugin on two different wordpress sites. There is a simple site that it works flawlessly in. Then there is a more complicated site. On the second site it seems to think that js is disabled and will not encode the emails. Do you know of anything done in a them that may directly interfere with this plugin? Or any plugins that may interfere with it?

William, nothing springs to mind. Can you post/email me a link to your broken site so I can take a look?

I am also finding that this plugin thinks that js is disabled, at http://www.dpfr.org.uk/blog

The blog is embedded in a page to make it fit the look of the site, perhaps something there making it think js is disabled? Any chance you could have a look please?

John,

The first thing to check would be if you have a file in your theme called footer.php, then it should have this line in it <?php do_action('wp_footer'); ?>

If that isn’t the problem, here is some more information:

I’m not sure what changes you needed to make to your WordPress code/themes to make it “embed in a page”, but I suspect that is related to the problem. (I suspect you only needed to make theme changes, and not code changes.)

WordPress has the concept of a footer (“wp_footer”) at the bottom of each page. EmailShroud registers itself with the wp_footer action, so when the footer is generated, EmailShroud can include some JavaScript code there.

This code does not appear on your web-site, effectively making it look like JavaScript is disabled.

Please make sure your theme/code changes doesn’t interfere with the normal wp_footer process.

Julian,

Many thanks. I had edited footer.php in the theme and removed the call to wp_footer. Re-instating that has fixed it.

Silvan Mühlemann of tillate.com has performed an experiment to evaluate different email obfuscation techniques.

How can I style the A link? I’d like to place a background image next to the email link. I tried using the “sto_emailShroud0” tag, but that didn’t work.

Thanks,

richard,

Interesting question. That hasn’t come up before.

EmailShroud will catch mailto: HREFs and plain email addresses.

I believe (but haven’t double-checked by testing) that if it finds an HREF, its classes, styles and ids will be copied across. If it finds a plain email address in the text, there are no such styles to copy across, so that won’t happen.

So, first choice is to use mailto: URLs in your content, and style them normally.

For the other sort, it looks far messier.

To start with, you would need to style both the JavaScript and Non-JavaScript versions.

With JavaScript, no other tags are added (apart from what was mentioned above). You could use a technique like this to identify the mailto: hrefs.

For browsers without JavaScript, I think your idea of styling sto_emailshroud0 (and sto_emailshroud1, 2, 3.. etc. depending on the number of email addresses per page) should work.

Alternatively, you could change the code in the sto_emailShroud_matchedEmailAddress function to add tags to each type of output.