Contenido plug-in "mpHideEmailAddresses" (v 0.1rc) for Contenido 4.8.x

################################################################################
TOC (Table of contents)

- DESCRIPTION
- CHANGELOG
- FEATURES
- INSTALLATION
- FILES & FOLDER STRUCTURE
- CONFIGURATION
- TODO
- FINAL NOTE


################################################################################
DESCRIPTION

The main idea behind this plug-in is to hide existing email addresses from email 
harvesting spam bots by obfuscating email addresses in HTML output.

Each found email address like
[code]
<a href="mailto:user@example.com">drop me some lines</a>
[/code]

will be obfuscated to 
[code]
<!-- if mode is 'raw' -->
<a href="/mail/to/7uDexaXI6sbhu9Hem9zC0g%3D%3D">drop me some lines</a>
<!-- or if mode is 'js' -->
<a href="window.open('/mail/to/7uDexaXI6sbhu9Hem9zC0g%3D%3D');">drop me some lines</a>
[/code]

NOTES:
Currently it obfuscates only found email addresses with the prefixed "mailto:"
protocol, other email addresses will not be touched.
Example:
[code]
<a href="mailto:user@example.com">user@example.com</a>
[/code]

will be obfuscated to 
[code]
<a href="/mail/to/7uDexaXI6sbhu9Hem9zC0g%3D%3D">user@example.com</a>
[/code]

There are several ways for obfuscation, each of them have pros and cos, check out
http://www.google.com/q=email+obfuscation+techniques



################################################################################
CHANGELOG

2009-05-xx
    * Initial experimental implementation

2011-05-13  Plug-in "mpHideEmailAddresses" 0.1rc
    * new:  Added output mode (raw and js)



################################################################################
FEATURES

- The obfuscation (encryption) is done by PHP during response output, this 
  means on the fly.
- Works with Apaches mod_rewrite module to rewrite incoming obfuscated 
  /mail/to/* URLs to a server side script.
- The output will be a redirect to the email address using the mailto protocol, 
  e. g."mailto:user@example.com". Modern browser are able to recognize this and 
  to pass it to the email client



################################################################################
INSTALLATION

The folder structure in this package is identical to the default Contenido folder 
structure.

Therefore, coping all files and folders into your Contenido installation should 
be enough.

It is highly recommended to enable security check related lines in "cms/mailto.php", 
if you are using Contenido lower than 4.8.13. You will find them wrapped by 
"[security_check]" marker.

Please check section "FILES & FOLDER STRUCTURE" below if your folder structure 
differs from default Contenido folder structure, e. g. the default client folder's 
name isn't "cms".



################################################################################
FILES & FOLDER STRUCTURE

plugin_mpHideEmailAddresses.htaccess:
-------------------------------------
Contains some mod_rewrite rules. This file is to copy into your document root and
should renamed to ".htaccess". Takeover it's content, if your document root already
contains a ".htaccess" file.

cms/:
-----
The default client folder. Copy it's contents into your client's folder.
Contains the mailto.php script. Obfuscated emails will be rewritten to this script
by using rules in .htaccess.

contenido/plugins/hide_malto/:
------------------------------
Plug-in "mpHideEmailAddresses" related sources.



################################################################################
CONFIGURATION

Configure the plug-in by changing the settings in the "Configuration" section of
the file "contenido/plugins/mpHideEmailAddresses/includes/config.plugin.php".

Please read the documented configuration options within the configuration file,
and change the settings according to own wishes.



################################################################################
TODO

- Obfuscate or overwrite also email addresses without predefined "mailto:" protocol
- Option to obfuscate only email addresses matching to configured domains
  (e. g. by regex)



################################################################################
FINAL NOTE

Usage of the plug-in is at your own risk!

Murat Purc, murat@purc.de
