Forum Moderators: open
At present the system is set up to take in the e-mail address of the user placing the advert (as a compulsory field in the 'place exchange ad' form) and display that along with the other details of the exchange when the search function is used.
However I realise that the weakness in this system is that the ad-placer's e-mail address will be displayed in plain text on the search results page.
Do you suggest I use some kind of encryption for the user's e-mail address, set up a system whereby the e-mail is kept behind a form (not sure how I'd do that) or something else? Or is there something obvious here I'm missing?
then in your query add WHERE poster = 'N'
and WELCOME to the Webmaster World BTW!
I've thought a little more about what I want now (before I get to the brass tacks of actually scripting it!)
For each advert that appears on the search results page (i.e. fitting the searcher's requirements), I want the result to link to a webform that is specific to that advert (ad_id in the database), that allows the searcher to contact the ad-placer without actually displaying the placer's e-mail address.
This should protect against the web-crawler problem (although there could still be an issue if spammers learn to automatically put their crap in the form and submit it). Still got to figure out how to do it, but I'm sure I've seen similar systems on other websites that I've used in the past.
