Looking for a php only email address obfuscator function

Question

Is there a php only email address obfuscator function? Most of the ones found on the web are a mix of JS and PHP.

Answer 1

Here are a couple of functions I use.

First one obfuscates email address using html character codes:

function getObfuscatedEmailAddress($email)
{
    $alwaysEncode = array('.', ':', '@');

    $result = '';

    // Encode string using oct and hex character codes
    for ($i = 0; $i < strlen($email); $i++) {
        // Encode 25% of characters including several that always should be encoded
        if (in_array($email[$i], $alwaysEncode) || mt_rand(1, 100) < 25) {
            if (mt_rand(0, 1)) {
                $result .= '&#' . ord($email[$i]) . ';';
            } else {
                $result .= '&#x' . dechex(ord($email[$i])) . ';';
            }
        } else {
            $result .= $email[$i];
        }
    }

    return $result;
}

Example:

echo getObfuscatedEmailAddress('[email protected]');
-->
firstname.last-name@example.com

Second one will return link where email address is both html and url encoded:

function getObfuscatedEmailLink($email, $params = array())
{
    if (!is_array($params)) {
        $params = array();
    }

    // Tell search engines to ignore obfuscated uri
    if (!isset($params['rel'])) {
        $params['rel'] = 'nofollow';
    }

    $neverEncode = array('.', '@', '+'); // Don't encode those as not fully supported by IE & Chrome

    $urlEncodedEmail = '';
    for ($i = 0; $i < strlen($email); $i++) {
        // Encode 25% of characters
        if (!in_array($email[$i], $neverEncode) && mt_rand(1, 100) < 25) {
            $charCode = ord($email[$i]);
            $urlEncodedEmail .= '%';
            $urlEncodedEmail .= dechex(($charCode >> 4) & 0xF);
            $urlEncodedEmail .= dechex($charCode & 0xF);
        } else {
            $urlEncodedEmail .= $email[$i];
        }
    }

    $obfuscatedEmail = getObfuscatedEmailAddress($email);
    $obfuscatedEmailUrl = getObfuscatedEmailAddress('mailto:' . $urlEncodedEmail);

    $link = '<a href="' . $obfuscatedEmailUrl . '"';
    foreach ($params as $param => $value) {
        $link .= ' ' . $param . '="' . htmlspecialchars($value). '"';
    }
    $link .= '>' . $obfuscatedEmail . '</a>';

    return $link;
}

Example:

echo getObfuscatedEmailLink('[email protected]');
-->
<a href="mailt&#111;&#58;%66i&#37;72stna%&#54;d&#x65;&#46;&#37;6c&#x25;6&#x31;st&#x2d;name&#64;&#101;&#x78;&#x61;mple&#46;co&#109;" rel="nofollow">f&#x69;&#114;s&#x74;na&#109;e&#x2e;&#108;a&#x73;t-name&#64;e&#x78;ample&#46;co&#109;</a>

Answer 2

Here is one more way which is quite tight and does not cause errors with https://validator.w3.org

function obfuscate($email){
$encoded_email = '';
for ($a = 0,$b = strlen($email);$a < $b;$a++)
{
    $encoded_email .= '&#'.(mt_rand(0,1) == 0  ? 'x'.dechex(ord($email[$a])) : ord($email[$a])) . ';';
}
return $encoded_email;}

Then to add to the page use:

<a href="mailto:<?= obfuscate(CONTACT_EMAIL.'?subject=Hello!') ?>"><?= CONTACT_EMAIL ?></a>