I don't think using PHP for the email helps, because the file is created on the server and sent to the browser with the email in full view

Try this one. In the example below the user fills in a form, the entries are posted to a "thankyou" page which has a .php extension. The email is generated by php before the page is served to the user.

<form method="POST" action="thankyou-page.php">
<textarea rows="6" name="message" cols="60"></textarea>
Name : <input typ="text" size="35" name="name" />
You may leave your name and e-mail address if you wish:
E-mail address : <input typ="text" size="35" name="email" />
<input type="submit" value="Send" name="send" />
</form>

On thankyou-page.php

<?php
$email = $HTTP_POST_VARS[email];
if (!$email) $email = "user@domain.com";
$mailto = "owner@domain.com";
$mailsubj = "User contact";
$mailhead = "From: $email\n";
$mailbody = $HTTP_POST_VARS[message];
if ($name) {
$mailbody .= "\n\n";
$mailbody .= "From: $name\n";
}
mail($mailto, $mailsubj, $mailbody, $mailhead);
?>

Harry

Hmm. At first I thought I understood what you're suggesting as: offer the visitor access to your email, but not without filling in a form.

In other words, the user would have to fill out a form and then your address will be emailed to them. I like the idea that they have to provide a real address or they won't receive your address, athough I'm not happy with the extra effort and time required of the customer. I want people to be able to contact me easily.

But that's not what I see on second look. It looks as though you're simply allowing them to contact you via a "contact us" form. What if they want to use their own email client? You're not going to give them your address? Yes, that works, but it's got some drawbacks, from a psychological/marketing perspective.

[Whew, we're now way off topic. Maybe a mod could transfer these posts?...]

It goes against the grain of the trend for transparency in business and maybe in all aspects of contemporary life. By that I mean that many businesses will need to be concerned about the appearance of credibility. It may be important to their customers that the site post their phone number, street address, and email address on the site.

zollerwagner,

Yes, it's just a "contact us" form. The user never sees the address, nor is it available on the site where it could be scavenged by a bot. Of course it's not foolproof as any intelligent human or software can easily convert a domain name into an email address.

I agree for a commercial site this may not be suitable. Even for my own site I am torn between privacy and openness to the user. In fact I get so much spam anyway I doubt whether it makes any difference. :(

Harry

OH how I hope this isn't typical..all you guys not using javascript ...
I have to have Javascript running on my personal site to control the delivery of images of my artwork ( when delivery was by normal means they just got copied /stolen and I found them all over the net as other peoples "work" )..So now when visitors come in either they run javascript ( and therefore can't copy.. except via printscreen when we are debugging on site and need to relax the locks ) or they see no pictures!
Now the really interesting part is that since 2 months the "cached" versions of my pages in google ..have all my images loading ( takes around 30 seconds to "build" my "cached" page in google? ) just like you were seeing the pages live on site with javascript and direct X enabled ...
So I thought ...wow Google reads javascript now ...way to go ..graphic sites finally get an indexer ...

EH No ...turns out that google is just lying ..its not caching me at all ...its in fact displaying my pages live inside its supposedly "cached" area (just like any other framed pageset )...If I go to googles "cache" and then quickly go to my logs "latest visitors"
its easy to see ( me 'n' google just dropped by!)...
Now the question is this...
are they doing this because of copyright issues ...
Under the "Berne conventions" only educational establishments are allowed to store copyright material in any way ..and that only in severely limited amounts ..And no way is google or any other major search engine an educational institution ( might have been once.. but not now guys ..now your're all just breaking the law every where! )
"Caching" me and probably you ( you'd need to be running this kind of script to notice )
gets them round this nicely ...still not legal in other respects ..but ..

However it's ruinous on bandwidth ...cos every time on of my competitors looks at what google call their "cache" ..I pay the call ..!

Neat way to force someone right out of business using google cache as the middle man?

So apparently the choice is ..either accept copyright infringement ( if you didn't ask to be spidered )..or become the "unwitting paying provider" of someone elses "cache" service..

BTW ..someone is bound to be thinking what about robots .txt ...the point is under ALL international copyright laws ...the "copier" or "cacher" or "non educational search engine" must have your handwritten permission to do anything with your material ...also "public domain " does not apply ...ask any judge ..( private paid for server )

Does anyone think you have to put up a "no burglars" sign to make breakins illegal?
Sorry this one is so long ...but I do think it merits serious discussion ..

This may not answer your real question, but my images don't appear in Google if they are on a page created with javascript write(). The whole page is created with this method.

This was done because I wanted to be able to run a slide show with forward and backward buttons without having to go to the server each time they clicked a button (unless they hadn't downloaded the image yet). Getting it to work in Netscape 4 was a bear. Now that I no longer support that browser, it would probably be much easier.

Anyway, the method was pretty complex and because of the javascript-turned-off-issue I was thinking about redoing it in php, but now that you've mentioned this copyright issue, I'm going to have to reconsider my reconsidering!

Leosghost - if I understand your problem correctly, try adding this to your robots.txt:

User-agent: Googlebot-Image 
Disallow: /

Problem solved.

Hi "Z"
Sure I could do it all in Javascript but chose not to for numerous reasons ..Even so the ways its set up they just can't be "caching" ....I'll sticky you the url if you want to take a look (it's undergoing work on all the grafics at the moment but still up )
Like I said on the copyright issue ..in international and US and virtually everybodies law "g" and all the others are now ...( they weren't when they were at UCLA or wherever it was that they all started their "hobby" search engines ).. breaking the law just "caching" us ..in fact even showing your URL and a "snippet" description in their results is illegal ...
and its not upto you or me to ask them not to!
they just can't legally do it!........the repercussions for the future of any search engine is very interesting here ....
Sort of like offering an IPO from a burglary business
or a safecracker selling shares in future "swag"...
They can of course show all the sites that asked to be there ( depending on the T.O.C. on the submit page ) but legally.. displaying "spidered" search results is profiting by theft of intellectual property ....

If this gets past the moderator I can already hear the screams in the boardrooms of search engines every where ..."**** guys!.. someone added two and two and there went the free lunch we've all had!"

Ps .I wondered about this one years ago and started writing about it when elsewhere someone said "why do we think the search engines owe us a living " ...He got it so wrong ....They live by us not complaining when they steal whats our property ..for how long?

Hi"E" ..I wasn't searching for a solution to a problem with surfers ..I already found one ..my scripts!
The problem is that even the best script is not gonna prevent theft by the big boys ...
First point ..is why should I have to ask "g" to stay out of a private area any more than I should have to askit not to index the contents of my house and put the list in the local newspaper that it edits ...?
Second point is ..The scrpts that are there means it cannot possibly be showing the "cached" version of my site ...so in doing what its doing it's costing me the bandwidth to lie to its customers ....and yes I could ban google bot ..but again does the burglar in my or your house have a defense if he says "well there was no notice to me personally saying do not enter "..?.who pays for your server ..you or the "spider" engines ...
I have no issue at all with the "non crawler" others ..but all spider engines are stealing..and they know it!

Hi, Leosghost,

That's a very interesting argument, but I'm not convinced.

The problem with the idea is that average Web site owner is happy if Google caches their pages and images.

To a some degree what's illegal is socially-defined. For most of us, it's a mutually beneficial "theft," if that's what it is.

Your not wanting the images cached puts you in a very small minority. For the convenience and benefit of the majority, it seems like a small matter to add the code E suggested to your site. If that works (to prevent Google from caching your files) then there's no problem, is there?

The bottom line is that there would be a heck of a lot more people screaming if some government said Google was burglaring compared to the extremely infrequent complaints we hear now.

Heheh. Oh, you crazy guys and your ridiculous American legal nonsense! You nearly got me with that one.

Seriously, this is unenforcable over-the-top paranoid garbage. You'll be suing somebody for printing your page next! And you wonder why the American legal system is the laughing stock of the world?

At the end of the day, if you don't want somebody to store/read/admire/cache/share your content, then don't put it on the public internet. Problem solved. Not that anybody would want to, but you're never gonna get a law like that.

Hi Richard

1. Already is a law all over the world ...

2.I am not in the states ...

3. The internet is not public ..neither is my server .

4. Thanks to the Moderators here ..I know it's severely off topic ...

5. Richard.... Not looking to get on your case here but normally one should make sure that one knows what one is talking about prior to posting on a specialist subject ... go search copyright ...with any search engine ..

Oh and "Z" the last time I saw anyones government (yours or mine ) looking out for the interests of Joe public over vested interest and huge business and applying the existing laws..was just before Jaylo and janet climbed all over my dreams ..then I woke up had a coffee ..put on my shorts ..........
M'soft and windoze wasn't for us it was just the big boys fighting while we watched from the side ...

Moderators I promise that dont want to be running this subject here but I heve had "thread start refused" elsewhere ...Subject to hot to handle?

I don't want my images cached either and placed the robots.txt disallow all search engines file on all my sites and am still waiting patiently for them all to OBEY it. I see them in my logs checking it but the images are still cached and available.

I use javascript for my contact info which I have set up as text in a gif image so the bots can't grab my email. The search engines do not cache the gif with my email or the images that are using the javascript. I have scrolling image galleries set up with javascript. They currently only cache what is sitting on the page when they crawl which is only the tiny thumbnails.

Leosghost, it is not settled; Google interprets the law differently from you, that is why we have courts. But you do bring up the point that it is an area of some concern for publishers.

Let's not rehash this entire discussion:
[webmasterworld.com...]

Pele, that's pretty interesting. I had forgotten that I have two kinds of pages in which the images are written with javascript. The first page is thumbnails and the second large images. For both, the data is stored in a list of variables. The full file name is created by javascript, so Google--which isn't about to do complex thinking--obviously doesn't find the files.

The beauty of this for me was that I can add one line of data to one file and the images are available on the thumbnail page and the full-size pages.

Now, it wasn't my intention to hide them from Google. Maybe I should redo the code so the thumbnails are available.

Back to the original topic.

I personally surf with JavaScript on, and don't believe in turning it off unless I know I am entering sites that might use flaws in security regarding JavaScript, however just disabling ActiveX can help with this issue.

In the design of my sites I try to use as little JavaScript as possible, and aim to have sites accessible to users without it on. I think of JavaScript as an additional element, rather than a required one. It is a very useful scripting language, however due to the frequent unfortunate use of it in manners which are annoying, etc and the fact people do disable it because of this I don't believe it can be relied upon for any major element of a site. While saying this I realise that there are some instances where people may decide you must have JavaScript on to be able to use an additional feature, such as a Chat Room, and agree that that is ok.

And now to the current topic.

Whilst I do not have an extensive knowledge of copyright laws and there international acceptance I personally do not think that by caching a copy of a site Google is infringing it. And if it is technically infringing copyright I would be very disappointed if anyone ever decided to sue Google for this, especially as you can easily customize what the GoogleBot does at your site as well as remove your site from Google at any time. Unnecessary litigation has gone way too far - and as Google is doing in my mind a great lot of good, it would be a shame for a minor disagreement like that to ruin it for everyone else.

And to the comment regarding "public internet" by R1chard. My interpretation of that comment is not that the entire internet is public, rather to the area of it which is publicly accessible.

It is a publicly accessible resource of information. Of course, there are private areas of the internet secured with usernames/passwords and so on, and much, if not most, of the content available is copyrighted, but you must have security in place to be able to not call your online content public.

The trouble is it's not just Google, it's ALL the search engines doing it and they really have it backwards it needs to be OPT IN not OPT OUT because it's hard to keep track of them all to disallow them.

I haven't read all the comments, but the ones I've read are quite disturbing.

1) Using javascript for any kind of protection or security is just plain stupid. You are relying on somthing that isn't fixed: many people surf with javascript restricted or even disabled entirely. Not because they wanted it, but because js isn't an option. Screen reader, mobile phones, etc don't have javascript.

If you are using javascript, make sure that the site is perfectly usable for clients without javascript enabled. Then, you apply the javascript. See: [digital-web.com...]

There are far better ways to protect your images (like using a .htaccess to deny accessing pics from other domains), but remember this: when someone visits your page, it needs to download something to view it. If I want to see a picture, the picture needs to be fully downloaded into my cache folder before I see anything. That means, if I ever want to use your pic, I just search for it in my cache folder.

If you put something on the internet, it is not safe!

On topic:

I usually surf with javascript on, because most of the sites use javascript rollovers.... I restrict any intrusing form though. Any popup will be blocked, new windows will always be opened in another tab, and js cannot access any window-specific option (like moveTo() or window dimensions).

Yes, definately don't use JavaScript for security of data. One site I went to once had the username and password in the JavaScript file. The person who had made the site was amazed that I could get it. Use .htaccess/.htpasswd security if you do not have the skills to write the scripts needed.

Also, remember that if someone wants to get something that is public, they will. Doesn't matter if it is streamed from the site, there are programs to catch this.

This is positively my last post here ( in this thread on this subject moderators I promise )
BTW "Choster" I think it was directed me and any other interested parties to another thread a while back ...its well worth the visit ...and I probably should have posted this there ...only apparently some folks here didn't go look ...
Ok ..first.. I am a copyright specialist and have appeared as "expert witness" in a number of legal cases ...spider search engines who "cache" are breaking the law ..in virtually 99% of the worlds countries ...it's just their lawyers are sufficiently intimidating ( which of us has the resources for 5 yrs in court ..? ) so for now they ( all of them ) get away with it ..
Its all of our sites which are the reason for the "ads " to exist ..we are providing "free copy"..( for free read "jacked" ) in what is some times ( but not always ) a mutuably beneficial situation ...Doesn't make their actions legal!
Second point ..my or your server or the info on its is not in the public domain its our personal property to which we allow temporary non archivable access ( the laws are extremely upto date with regard to electronic storage ..it is prohibited without hand written permission )..opt in ..not..opt out!
My site and many others are the equivalent of an online portfolio ...as an artist I also have a portfolio for people to consult in my studio ...they do not think that because they are allowed into my studio to see the art work and look at the portfolio that this means they have the right to copy it to look at at home or elsewhere ..( ever tried to take photos in an art gallery ..no way ..you know its illegal ..same here )...
A "yellow pages" publisher does not think either that they have the right to enter my gallery to take photos (without my express hand written permission ) and to then use them to embellish ( for free )their "yellow pages" and thereby entice other artists to place similar "ads" in their ( the publishers )"yellow pages" next to their "stolen from me" copy...
To prevent this I do not have to place a notice "do not steal" at the entrance to my studio ...even if I laeve the door unlocked to allow honest potential customers in to browse ...
Thirdly ...the reason why to use js to protect the images... ( BTW it does work ..any one who doubts me ..sticky me for the url )....
Simple ...its just the same as saying to you you can't come in my studio if I see a camera in your hand or if you're pushing a photocopier on a gurney ...
I am slightly disturbed by the amount of people here that don't use js ..I may well be losing potential customers ....so be it ...
I am more concerned by the number of people who think that because the illegal methods of Spider engines help some that they should be allowed to steal from others ...or everyone .
To use the same legal system would say that because selling crack on the streets make some pusher rich and keeps many public officials employed in fighting that industry that I should encourage my son to use it just to keep the wheels of commerce turning ....
I am not saying that anyone here would wish this but it is where the logic of condoning the illegal actions of certain companies just because some make money by it leads.
Would anyone here work at what they do and then let some company reproduce that work for free just to help sell the companies product .....and not try to protect themselves .....?
Sorry if the language gets a little strong but some of the people here are actively saying they think the rest of us should give up our rights ...so search engines can make more money ......
Again "Choster" ..Moderators ...Brett ..whoever ..sorry to get a little heavy here and in whats really the wrong forum ( sorry "M" )...
Thanks for the space :) L

I don't think I have the knowledge on the issue of copyright to continue further on that topic. I guess caching is stealing in a way, but I am not going into that.

When it comes to JavaScript and images, and just image protection in general. Not sure how many people have realised that you can just screenshot images, although this is equivilent to photographing and is illegal as it breaches copyright, but I was just stating that as a technical method.

Regarding the earlier discussion about cloaking your email with php or javascript see Spam email is driving me nuts in the Website Technology Issues [webmasterworld.com] forum.

Leosghost does raise interesting questions. The problem here is that it's a mistake to equate print media and digital media, as he does.

(Let me be clear that I don't know the law well, and I realize that law is often not about common sense.)

Just because a law written for print media could easily apply to digital media, doesn't necessarily mean it should.

Why? To some degree the problem is that enforcement becomes much harder with digital media, and what is possible and likely is much different.

What would a reasonable person say? Would a reasonable person consider it wrong to cache an image from a Website on their computer? Well, everyone of us is doing it--even Leosghost unless he's changed his browser defaults. It's not just search engines!

Wouldn't "reasonable people" (legal sense) say this normal? So is the law going to protect the content owner from browser or search engine caching? That's very hard to imagine.

It's much simpler if digital content owners change their methods to deal with the new risks. The fundamental decision is whether to open yourself to caching of any kind. If you don't want others to cache your content, you simply shouldn't post it online. It seems a little late to be trying to rethink how the Web works.

And Leosghost's JavaScript sounds like a good partial solution. I'd be interested in seeing how it works! Even if it's not a total solution, if it discourages some from stealing his images, that's something.

How do I reply without breaking my word here and going "off topic again" moderators help?

I'm gonna get "snipped" ...I can hear the scissors ...

"Z" ...sticky me ...

Moderators ..should this go to new thread ( and I know there were others that discussed this but they are old and were not being posted to by people with first hand legal knowledge ...

Albiet most of the posters did get the law right ..

Start a new thread, beginning with the statement "Continued from <url of this thread>".

Then post a message to this thread saying "Off-topic discussion continued at <URL of new thread>"

Leosghost- don't worry, it wasn't a personal attack on you (as you said, I don't even know where you are from). That was just a rant about US lawyers taking everything so literally without stopping to think rationally about the impact.

Regardless of what is law or not, I was talking about practical situations with normal people in the real world. Anything on a part of your server that is publically accessible, is just that: publically accessible. You've set the settings (a nontrivial matter than not everybody can/wants to do), so you have to live with it.

Specifically your comment that 'even showing your URL and a "snippet" description in their results is illegal...' just really got up my nose. Not only would most sites lose 70% of their traffic if this was the case, but what about the logical continuation of this? Am I allowed to review your site and include that review in a magazine? How about describe your site to somebody over the phone? Am I allowed to reveal what your site is about if somebody gives me the URL and asks?

So getting back on topic, yes there are people who don't have JavaScript enabled, either through choice or throuigh necessity (aside from the autodialer-fearers, another example is PalmPilot and cellphone users). So I would say that most of the time, JavaScript is best suited to trivial eye-candy and bonus applications.

You all seem to be forgetting an obvious reason for the average Joe to have JS disabled - viruses/worms and exploits! Not so much now, but it's a leftover from a couple of years back.
In fact, some companies disable it on their corpoate desktop images. Some were recommending it be disabled for security -many early worms and email viruses were JS based - so the advice all over the web was "disable scripts for protection against xyz email virus". Ever heard of "script blocker"? It's a componant of a popular anti-virus package. I know a lot of folks who STILL run with scripts disabled because of exploits and viruses. Ever mis-type a URL and end up where you wouldn't want your kids to be? And the site happens to run scripts that redirect your "home page", etc.? With scripts disabled, that is not likely to happen if you hit one of those (yes, a couple of years back, I mis-spelled altavista and ended up at a site that was a bit embarrasing to be at in a corporate work environment)
You may be amazed at the number of computers that can't run JS due to their anti-virus or security settings. YOU may not see it in YOUR logs because your audience is filled with geeks, gurus, etc. - but someone catering to "average" or "ordinary" users, or in the cases of some corporations, you will see it.

I have a page on my personal web site which, when you visit it, will place a file in the startup group on your computer, and when you next reboot, it will flash a hello message on your screen. I could do worse.......it's to show who is running an unsecured or un-patched computer. It won't work on most systems now, but about 4 years ago it was quite a bit of fun.

I have a JS that runs in a hidden iframe that will play with the jar files on your computer as well. That one was fun.

Shadows Papa
(former corporate anti-virus admin for a major financial/insurance company and Symantec tech advisor)