Forum Moderators: phranque
I was just wondering how effective this is? I guess this relies on the idea that email harvestering spiders can follow links but they can't press form buttons - is this true?
An image of the email address catches those who print the page to consider later, and also serves those who do not use javascript.
Is there no downside to forms? I must admit I prefer to use a 'mailto' for simple contact - I like to see where my communication is going!
And once people install a form, there seems to be a tendency to add more and more fields, seeking info that is probably useless to them (and annoying to me), "because they can".
I realise this is a bit 'off topic' - but the psychology of webmaster privacy does overlap the psychology of visitor privacy - there's no point considering site security to the point where visitors feel excluded.
function adjustMailLinksEx(myDomain)
{ with (document) {
for (var i = 0; i < links.length; i++) with (links[i]) {
if (id.indexOf('email_') == 0) {
var tmp = id.split('_');
href = 'mailto:' + tmp[1] + String.fromCharCode(64) + myDomain;
}}}}
Each link must have an id value beginning "email_" e.g. id="email_press" becomes an email link with href="mailto:press@mydomain.com".
Naturally, this could be adjusted to detect the domain automatically.
I provide these links below a contact form - that just about covers all bases (except I don't use a Captcha system).
Kaled.
Like I said, for 4 years we have used a javascript encryption method. When I said it has been 100% successful I meant it - No problems ever! Thats on 100+ different business websites that we manage (and some of them are very big/popular).
So IMO:
1.) You can display an email address (as encrypted javascript),
2.) You don't have to resort to hiding the email address (sites look more helpful if you show the address).
3.) There are some awesome Captchas out there, but I think they are over kill (unless you are Yahoo or a Bank...) (I take the point that most stuff on this thread is actually talking about captchas, but in this instance I mean the image display things, where the visitor must type something.)
when using the form they do not get a copy of what they sent, with normal email they do
True, but the situation can be improved. My forms are set up so that when submitted the user gets a thank you message followed by the text of the email. The user can then print it off if required. Not a complete answer but better than nothing.
Problem is, if you make it so that *any* email address can be put there, you'll find people using your script to send spam and junk to people that they CC and BCC into your form.
Problem is, if you make it so that *any* email address can be put there, you'll find people using your script to send spam and junk to people that they CC and BCC into your form.
Oh puleez.... that's only if you're silly enough to put the email addresses on the browser side which is SOoooo '90s it's pathetic. All of the TO, CC and BCC should be done securely on the server side only so it's not a spam script at all.
Yes, but the response to which you are responding, was in response to the reply to the comment that said something like "the disadvantage of a form is that the person who fills the form in does not get a copy of what they sent".
The response to that was to suggest adding a CC field where you could fill in your own email address so that you get a copy back.
My further response was to show how that could be used to send spam if any address on any domain can be typed in there.
I have been using this for 3 years and it not only protects email but it can encode any output you want so you can protect your forms as well. When I added it to my forum's signup form it stopped robot signups completely.
