Quick JavaScript email obfuscation

Posted 5 April 2004

There are many methods to quickly obscure an email address from spam harvesters, this approach relies on the fact that most email harvesters won't understand JavaScript.

<?php
/**
 * Obfuscate an email address
 *
 * @author      Aidan Lister <aidan@php.net>
 * @version     1.1.0
 * @link        http://aidanlister.com/2004/04/quick-javascript-email-obfuscation/
 * @param       string      $email      E-mail
 * @param       string      $text       Text
 */
function mail_obfuscate($email, $text = '')
{
    // Default text

    if (empty($text)) {
$text = $email;
    }
    
    // Create string

    $string = sprintf('document.write(\'<a href="mailto:%s">%s</a>\');',
            htmlspecialchars($email),
            htmlspecialchars($text));

    // Encode    

    for ($encode = '', $i = 0; $i < strlen($string); $i++) {
        $encode .= '%' . bin2hex($string[$i]);
    }

    // Javascript

    $javascript = '<script language="javascript">eval(unescape(\'' . $encode . '\'))</script>';

    return $javascript;
}
?>

A quick example:

<?php
echo mail_obfuscate('aidan@php.net');
?>

Would result in:

As you can see, the output no longer remotely resembles an email address and is very unlikely to get picked up by a spam harvester.