Extension talk:EmailAddressImage

From MediaWiki.org
Jump to navigation Jump to search

Address in Sourcecode[edit]

It's a little bit dangerous to write the Email Address into the query-string.

So I used base64 to encode and decode the string:

EmailAddressImage.php

<?php
 
# allows the use of tag <email>foo@domain.com</email> which will result
# in inline insertion of an image with the text foo@domain.com
#
# CREDITS:
# email address regexp pattern borrowed from:
#   http://www.regular-expressions.info/email.html
 
$wgExtensionFunctions[] = 'emailAddressImage';
 
# Sets the hook to be executed once the parser has stripped HTML tags.
$wgHooks['ParserAfterStrip'][] = 'emailAddressImage';
 
function emailAddressImage() {
        global $wgParser;
 
        $wgParser->setHook( 'email', 'doAddressImage' );
        return true;
}
 
function doAddressImage( $input, $argv ) {
        $email_pattern = '/\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}\b/';
 
        $found = preg_match($email_pattern, $input, $matches);
 
        $addr = ( empty( $found ) ? '[INVALID EMAIL ADDR]' : base64_encode($matches[0]) );
 
        global $wgScriptPath; // wiki's root path, defined in LocalSettings
 
        return "<img src='" . $wgScriptPath
                . "/extensions/EmailAddressImage-generator.php?str="
                . $addr
                . "' style='vertical-align: text-top;'>";
}
?>

EmailAddressImage-generator.php

<?php
// Code modified by Maarten (MediaWiki.org User:Thinkling) from example obtained here:
// http://www.tech-recipes.com/php_programming_tips1470.html
 
// usage:
//   Blah blah <img src="generate_text_image.php?str=name@domain.com"
//   style="vertical-align: text-top;"> blah blah.
 
Header ("Content-type: image/gif");
 
if (isset($_REQUEST['str'])) {
    $string = $_REQUEST['str'];
} else {
    $string = '[INVALID EMAIL ADDR]';
}
if($string !== '[INVALID EMAIL ADDR]') {
	$string = base64_decode($string);
}
 
$font  = 3;
$width  = ImageFontWidth($font)* strlen($string);
$height = ImageFontHeight($font); // + 5;
$im = ImageCreate($width,$height);
 
$x=imagesx($im)-$width ;
$y=imagesy($im)-$height; // + 2;
 
$background_color = imagecolorallocate ($im, 242, 242, 242); //white background
$text_color = imagecolorallocate ($im, 0, 0, 0);//black text
$trans_color = $background_color;//transparent colour
 
#imagecolortransparent($im, $trans_color);
imagestring ($im, $font, $x, $y,  $string, $text_color);
 
imagegif($im);
ImageDestroy($im);
?>



It looks to me EmailAddressImage as implemented in version 1.1 does not actually help in obfuscating the e-mail address. Granted is shows the address as an image, but the HTML source contains the cleartext address as parameter. Spammer who searches for @-characters and grabs strings that look like "something@somethingelse" only has to check if the somethingelse-part has valid MX-records and a good e-mail address has been found.

It would suffice to use something simple, like ROT13 to crypt the address. If the parameter how much to ROT can be given when installing EmailAddressImage, I doubt spammers would go to the trouble to get the cleartext address. --Taleman 21:42, 28 February 2008 (UTC)

Full e-mail address still visible in wikitext[edit]

A similar worry is that harvesters can still access the original e-mail address within the wikitext source (especially given that harvesters don't respect restrictions specified within robots.txt). As far as I can make out, there is no way of preventing the 'view source' option from being presented to guest users on a standard MediaWiki installation, so this would be a problem even with the image extension installed (although perhaps there is another extension available that can do this?).

The only other solution I can think of would be to physically separate the name and domain parts of e-mail addresses within the page source. Using a template of the form {{email|name=abc1|domain=xyz.com}} should be sufficient to work around the problem, but also makes it difficult for users to enter or copy and paste addresses straight onto the page. Again, perhaps an extension could be devised to replace standard e-mail addresses with a template of this form prior to the changes being saved to the database? -- Keith Wilson 13:11, 24 March 2008 (UTC)

But how did you do it? I created template called lettre: <email>{{{u}}}@{{{d2}}}{{{d1}}}</email>, then I tried to use it: {{lettre|u=mail|d2=domain|d1=.net}}, and I got INVALID EMAIL ADDR. Abagnale OS Ubuntu 11.04; MW 1.19.2; MySQL 5.1.61; PHP 5.2.17 09:37, 13 October 2012 (UTC)

Patch to ROT13 email address parameter[edit]

Simple patch, tested a bit and seems to work. HTML source has only the obfuscated parameter, should make it more difficult to harvest addresses. Context diffs:

*** EmailAddressImage.php-2008-04-17    2008-04-17 14:29:22.000000000 +0300
--- EmailAddressImage.php       2008-04-17 14:30:02.000000000 +0300
***************
*** 39,49 ****
        $found = preg_match($email_pattern, $input, $matches);

        $addr = ( empty( $found ) ? '[INVALID EMAIL ADDR]' : $matches[0] );

        global $wgScriptPath; // wiki's root path, defined in LocalSettings

        return "<img src='" . $wgScriptPath
        . "/extensions/EmailAddressImage/EmailAddressImage-generator.php?str="
!       . $addr
        . "' style='vertical-align: text-top;'>";
  }
--- 39,50 ----
        $found = preg_match($email_pattern, $input, $matches);

        $addr = ( empty( $found ) ? '[INVALID EMAIL ADDR]' : $matches[0] );
+         $rotaddr = str_rot13($addr);

        global $wgScriptPath; // wiki's root path, defined in LocalSettings

        return "<img src='" . $wgScriptPath
        . "/extensions/EmailAddressImage/EmailAddressImage-generator.php?str="
!       . $rotaddr
        . "' style='vertical-align: text-top;'>";
  }
*** EmailAddressImage-generator.php-2008-04-17  2008-04-17 14:28:17.000000000 +0300
--- EmailAddressImage-generator.php     2008-04-17 14:30:02.000000000 +0300
***************
*** 9,19 ****
  Header ("Content-type: image/gif");

  if (isset($_REQUEST['str'])) {
!       $string = $_REQUEST['str'];
  } else {
!       $string = "[Invalid email address]";
  }

  $font  = 4;
  $width  = ImageFontWidth($font)* strlen($string);
  $height = ImageFontHeight($font); // + 5;
--- 9,21 ----
  Header ("Content-type: image/gif");

  if (isset($_REQUEST['str'])) {
!       $rotstring = $_REQUEST['str'];
  } else {
!       $rotstring = "[Invalid email address]";
  }

+ $string = str_rot13($rotstring);
+
  $font  = 4;
  $width  = ImageFontWidth($font)* strlen($string);
  $height = ImageFontHeight($font); // + 5;

This code will stop the ROT13 being applied to the error message:

if (isset($_REQUEST['str'])) {
    $string = str_rot13($_REQUEST['str']);
} else {
    $string = "[Invalid email address]";
}

Bonus translation:

 /** Finnish (suomi)
  * @author Taleman
  */
 $messages['fi'] = array(
                       'emailaddressimage-desc' => 'Lisää tagin <tt><email></tt> näyttämään sähköpostiosoitteen kuvana',
 );

--Taleman 11:54, 17 April 2008 (UTC)

Invalid_email_addr when used on variables in an semantic mediawiki environment[edit]

Hi,

When I use this extension with fixed email string (such as <email>bill.gates@microsoft.com</email> it is working fine. However, if I use it within a template (e.g., <email>{{{Email|}}}</email>) in a semantic mediawiki environment, it gives the invalid email addr error. I guess it's because <email> tag was processed BEFORE variables are extracted, so this extension sees {{{Email|}}} instead of an actual email address. Any idea how to fix it? I guess using another parser hook instead of ParserBeforeStrip would work but I was unable to find one. Thanks a lot.

Wikihy com (talk) 22:37, 12 November 2013 (UTC) Found the solution myself: Change

function doAddressImage( $input, $argv ) {

to

function doAddressImage( $input, array $args, Parser $parser, PPFrame $frame ) {
        $input = trim($parser->recursiveTagParse( $input, $frame ));
        if (empty($input)) return '';

This way, the templates (such as {{{Email|}}}) will be expanded before it's further processed. reference: https://www.mediawiki.org/wiki/Manual:Tag_extensions#How_do_I_render_wikitext_in_my_extension.3F