Closed (fixed)
Project:
SpamSpan filter
Version:
5.x-1.0
Component:
Code
Priority:
Normal
Category:
Bug report
Assigned:
Reporter:
Created:
31 Aug 2006 at 16:34 UTC
Updated:
23 Jun 2007 at 22:19 UTC
SpamSpan doesn't manage existing links such as Name Surname.
So, I modified these two function in spamspan.module:
function spamspan_callback($matches) {
// Replace .'s in domain part with [dot]
global $spamspan_format;
$domain = str_replace("."," [dot] ", $matches[2]);
if (strpos($matches[3], "@") === false) {
$t=' (<span class="t">' . $matches[3] . '</span>)';
} else {$t="";}
return '<span class="spamspan"><span class="' . variable_get('spamspan_userclass_'.$spamspan_format, 'u') . '">' .
$matches[1] . '</span>' . variable_get('spamspan_at_'.$spamspan_format, ' [at] ') . '<span class="' .
variable_get('spamspan_domainclass_'.$spamspan_format, 'd') . '">' . $domain . "</span>$t</span>";
function spamspan ($string, $format) {
/* We are aiming for code like this:
<span class="spamspan">
<span class="u">user</span> [at]
<span class="d">example [dot] com</span>
(<span class="t">Name Surname</span>)
</span>
*/
$GLOBALS['spamspan_format'] = $format;
$pattern = '!(?:<a href="mailto:)([^@]+)@([^"]+)">(.*?)</a>!i';
return preg_replace_callback($pattern, 'spamspan_callback', $string);
}
Since I use the spamspan filter after URL filter, simple email address (as user@example.com) are already converted into links (as user@example.com) when spamfilter come in action. This way, the pattern I can use is much more simple ;-)
Comments
Comment #1
njehlen commentedI'm getting an "unexpected $" error when I try this code - can you post as a patch? thanks!
Comment #2
njehlen commentedThe first function needs a " } " to close it - after adding that it works fine. Thanks!
Comment #3
ednique commentedI had a similar problem where I use the tinyMCE...
the email addresses sometimes weren't filtered when other tags then -p- surrounded the email...
This solution also fixed it...
Thanx!
Comment #4
cvining commentedI use mailhandler to post emails to my website and many emails contain options in the tags of the form:
AFAIK neither of the previous spamspan versions handle this case. So I've been trying the following code to handle options like this. As with the above approach, I enable URL filtering before spamspan so all emails should be links already.
I'd particularly appreciate comments from regex gurus on this.
- Thx, Cronin
Comment #5
Lil Devil commentedIt would be nice if both of the original way AND the
Comment #6
Lil Devil commentedDang. My previous note got truncated for some reason. I was trying to say it would be nice if both of the original way AND the "a href" way could both work at the same time. When creating content for my personal site, I use "a href" so the visible text of the link can be something like "email me" but when visitors post comments they will typically just type inline addresses with no tags. It would be nice if both get converted.
Comment #7
lucky a commentedApplying the patch worked for me too. Btw, without it e-mails propagated to comment titles and "latest comments" block would not obfuscated, so I thinks this fix is essential and should be included in the next release of the module.
I have a question, though. How do I go about filtering the e-mails in the content that existed before I installed this module? I.e. is there any way to do this retrospectively?
Comment #8
lakka commentedThanks for the patches and comments. But at the moment, this seems to me to defeat the point of spamspan. The idea is that the javascript will turn text of the form "email [at] domain [dot] com" into clickable links, so that (1) spambots will find it harder to pick up on the original text; and (2) a user with javascript disabled will still be able to understand the email address. This is why spamspan differs from the other obfuscation solutions available
If you are running another filter (or eg TinyMCE) which turns the addresses into mailto tags before spamspan runs, then (1) your html source will contain an email address which a spambot will be able to see; or (2) (if the address is obfuscated by that other filter) a user with javascript disabled will not be able to see the address. In either case, I cannot see the point of running spamspan.
I may well be missing the point here, so feel free to talk me into it!
Comment #9
roczei commentedHere is a bug in the spamspan.js file, the patch is here:
28c28
< var _anchorText = $("span." + Drupal.settings.spamspan.t, this).text();
---
> var _anchorText = $("span" + Drupal.settings.spamspan.t, this).text();
There was a missing point after the span field therefore the e-mail owner name was NULL!
This bug is similar in the spamspan.compressed.js:
1c1
< if(Drupal.jsEnabled){$(function(){$("span."+Drupal.settings.spamspan.m).each(function(_1){var _2=($("span."+Drupal.settings.spamspan.u,this).text()+"@"+$("span."+Drupal.settings.spamspan.d,this).text()).replace(/\s+/g,"").replace(/[\[\(\{]?[dD][oO0][tT][\}\)\]]?/g,".");var _3=$("span"+Drupal.settings.spamspan.t,this).text();$(this).after($("").attr("href","mailto:"+_2).html(_3?_3:_2).addClass("spamspan")).remove();});});}
\ No newline at end of file
---
> if(Drupal.jsEnabled){$(function(){$("span."+Drupal.settings.spamspan.m).each(function(_1){var _2=($("span."+Drupal.settings.spamspan.u,this).text()+"@"+$("span."+Drupal.settings.spamspan.d,this).text()).replace(/\s+/g,"").replace(/[\[\(\{]?[dD][oO0][tT][\}\)\]]?/g,".");var _3=$("span."+Drupal.settings.spamspan.t,this).text();$(this).after($("").attr("href","mailto:"+_2).html(_3?_3:_2).addClass("spamspan")).remove();});});}
Comment #10
lakka commentedThis last comment now fixed.
Comment #11
emdalton commentedWhat I'd like to see is for spamspan to correct cases where someone has left the URL filter before spamspan or has pasted a mailto link into a page. In other words, I would like the filter to correctly get rid of existing a/mailto tags and convert them to spamspan markup. I can't seem to keep my users from pasting in these mailto links, and I want to protect the email addresses when they do.
I don't know if this patch is supposed to have done that, but after I recently updated SpamSpan (to the May 22 release), it actually seems to be creating weird half-formatted links:
<a href="mailto:user@server.domain.edu">user@server.domain.edu</a>becomes
Email: user [at] server [dot] domain [dot] edu">user@server.domain.eduwith a link pointing to
mailto: <span class=Perhaps this is because of the server.domain.edu format, but could this be fixed?
Comment #12
lakka commentedFixed this latest comment in v 1.2
(please open a new report for each bug - the title of this thread has become a little inaccurate! ;-)
Comment #13
(not verified) commented