• Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
0

DW extension advice

Participant ,
May 11, 2020 May 11, 2020

Copy link to clipboard

Copied

Hi there, I'm looking for some advice. I'm about to create a society website in DW. For now there are 2 things we don't yet have a solution for.

1. masking/scrambling e-mail links

2. form handling. Not just name & e-mail but more data like address fields, phone numbers, dob. etc.

 

Which extensions would you recommend? I'd like to have all the solutions operable from within DW as I would be easy to hand over the complete site to other board members and cross platform. TIA.

TOPICS
Extensions

Views

2.8K

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
May 11, 2020 May 11, 2020

Copy link to clipboard

Copied

1. One way is to use CSS to obfuscate the email link. As an example, I use right2left as follows:

The CSS:

 

.reverse { 
    unicode-bidi: bidi-override;
    direction: rtl;
}

 

the HTML:

 

<p class="reverse">moc.elpmaxe@liam</p>

 

the Result:

 

mail@xample.com

 

 

2. Have a look at

i) https://www.webassist.com/

ii) https://www.dmxzone.com/3/extensions

 

 

Wappler, the only real Dreamweaver alternative.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
May 11, 2020 May 11, 2020

Copy link to clipboard

Copied

Never post e-mail addresses, obfuscated or not, on the open web.  I highly recommend you build your app behind password protection so nobody can see sensitive data except your members.

 

Secure form processing and encryption are essential to protect your site, your members' data and your server from exploitation by hackers and spam bots.  Ask your hosting provider which form processing scripts they recommend you use with your hosting plan.    Or you can go 3rd party and use a form service like JotForms or Wufoo.com where form data is collected and processed on their servers, not yours. 

 

Nancy O'Shea— Product User, Community Expert & Moderator

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
May 11, 2020 May 11, 2020

Copy link to clipboard

Copied

I agree with Nancy that posting email addresses is a bad idea.  I'm wondering why you are so set on creating this in Dreamweaver thinking it will be easy to hand over.  If someone doesn't know how to code, making them purchase HTML editing software or trying to edit code in a free text editor is very dangerous.

 

Personally I would recommend looking into software to manage your community and make it easier to maintain without an editor like DW such as Invision Community ( https://invisioncommunity.com ) or Vanilla ( https://vanillaforums.com/en/ ).  There are probably others out there, but I think you would be better with a solution like those as opposed to trying to build this all yourself and thinking it will be easy to hand off. Having something with a modern web interface to manage online from anywhere would be your best bet to hand off to a client or someone potentially without technical expertise.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
May 11, 2020 May 11, 2020

Copy link to clipboard

Copied

A backend CMS is necessary for non-coding amateurs to manage the site with.  Even WordPress with a Memberhsip Plugin would be a better option.

https://www.wpbeginner.com/wp-tutorials/ultimate-guide-to-creating-a-wordpress-membership-site/

 

Nancy O'Shea— Product User, Community Expert & Moderator

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Participant ,
May 11, 2020 May 11, 2020

Copy link to clipboard

Copied

Thanks everyone. To be more specific, I'm not planning on posting e-mail adresses in full. Just a clickable word, but the link data should not be harvestable. As for the site, it won't be used as a community platform. Just some basic info about the society, our subject, some stories an a application form to become a member. So no need for WP. Besides, I hate templates and have very bad experiences with cms. 

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
May 11, 2020 May 11, 2020

Copy link to clipboard

Copied

Who will be tasked with maintaning this site?  That's who you must build it for.  Like it or not, most people prefer to use a CMS either custom or open source.

 

Nancy O'Shea— Product User, Community Expert & Moderator

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Participant ,
May 11, 2020 May 11, 2020

Copy link to clipboard

Copied

Thanks Nancy. For the coming time I will maintain this site as I do with the current one. I thought it was good practice (for our society) to set things up in a way that it could be handed over easily by working with a well used and cross platform editor like DW. I can also set it up in Indesign and use IN5 for export. Maybe easier for me but not so flexible in handing things over.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
May 11, 2020 May 11, 2020

Copy link to clipboard

Copied

Why InDesign? That's a print publishing tool, not a web tool.

 

As far as the site goes, unless you build a protected area, bots will crawl your site and pick up the emails even if they are a word or phrase (ie: Email Me) because they read code, not what humans read in a browser.

 

The only other option out there is looking to your client's CRM for forms. Often times the CRM allows you a tool to post from the web to your CRM directly so your client can see their members in an organized manner in a database rather than trying to sort through forms that could potentially just blast their inbox with emails.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
LEGEND ,
May 12, 2020 May 12, 2020

Copy link to clipboard

Copied

'I'm not planning on posting e-mail adresses in full. Just a clickable word, but the link data should not be harvestable.'

 

Well you can't do that as an email address would need to be associated with the 'clickable word':

 

<a href="#">Email: John Brown</a>

 

Where is the email address coming from?

 

You would need to store John Browns email address in a database then when the 'clickable word' is clicked you would evoke a 'generic' form and pass the email address via the database to the form-processing script. The link would look like:

 

<a href="mailForm.php?name=John Brown">Email: John Brown</a>

 

A generic form would be on the 'mailForm.php' page and you would get the name of the person being emailed -  $name = $_GET['name'];

 

You would then connect to your database of names/email adrresses and get the correct email address for the name being passed through to the form, then you would use that in the form processing script and send the form. Probably would be better to use a uniqiue ID for each person as there may be 2 or 3 John Browns. 

 

<a href="sendMailForm.php?id=4">Email: John Brown</a>

<a href="sendMailForm.php?id=7">Email: John Brown</a>

<a href="sendMailForm.php?id=12">Email: John Brown</a>

 

$id = $_GET['id'];

 

However if you are using InDesign then none of the above will make much sense to you I assume. In that case I would just 'scramble' the email address and take your chances. Plenty of websites still openly include email information within the html code. I would not do it but just saying they exist and these people are 'professional' developers. If your scrambling proves to be uneffective and your recipients started recieving a lot of junk in their email boxes then you need to try a different approach.

 

As for the form which collects phone nos., email addresses, names, date of birth etc well that is just a case of building a secure form with some validation - you can source many tutorials on Google or search the web for solutions for that. The key here is how do you intend to use the collected data. Are you manually managing it or are you planning to automatically send that information to a database.

 

There are many different aspects you need to consider like ensuring any information you collect is safe and only used for the intended purpose it was collected for, given the new ruling in many countries about data protection etc

 

These days building anything but a simple website is too problematical to consider unless you work in a team environment. There are far to many 'specialist' areas involved to be able to confidently undertake as a single developer. The deeper you go the more problems you uncover.

 

 

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
May 12, 2020 May 12, 2020

Copy link to clipboard

Copied

Simple PHP email obfuscation example:

<?php
//Encode Email
function protectMail($s) {
$result = '';
$s = '' . $s;
for ($i = 0; $i < strlen($s); $i++) {
$result .= '&#' . ord(substr($s, $i, 1)) .
';';
}
return $result;
}
?>

usage:

<a href="mailto:<?php echo protectMail('you@yourwebsitedomain.com'); ?>">Click here to email us</a>

 If email links are a must, I would create a new, unique, unused email address for the website, at least that way you can get an idea of how effective any kind of email obfuscation is against email harvesters.

Paul-M - Community Expert

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Participant ,
May 12, 2020 May 12, 2020

Copy link to clipboard

Copied

Thanks everyone. I thought my questions were easier than they appear to be. Let me explain. Back in the old days when I used GoLive, there was an extension that scrambled the mailto-link (with Javascript, I believe). Let's say the clickable word is ‘here’, then that extension scrambled the mailto-code. I was looking for a kind of DW equivalent of that extension. I've never stated that I wanted to mask a readable e-mail address.

 

As for the form handling, also back in the GL-days, I had a php-script that was linked to the html/css formfields. I could use form fields and radio buttons and then have the form input send to one or more e-mail addresses for manual handling. Since that script isn't maintained anymore it's not working under the recent version of php. So I'm looking for a solution along those lines. Maybe I was wrong by using the word ‘extension’.

 

Solutions like those of Paul-M is something I could work with. Thanks Paul. I hope my explanation makes any sense. TIA.

 

@Ben_M: yes ID is a design program, but is also capable to produce e-pubs/apps, interactive pdf's and websites. With IN5 added to ID you can output decent html-5 websites. I worked with IN5 for a client where we both did print/pdf and app using the same layout. I still have to find out what they do with issues like form handling and mailto scrambling.

 

 

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
LEGEND ,
May 12, 2020 May 12, 2020

Copy link to clipboard

Copied

There are plenty of 'amatuer' email 'masking' options out there (see links below) but its unclear how effective they are as spambots get more sophisticated over time. I guess we are suggestion here ways which will almost guarantee a spambot can't get at the email address, which is good practice. Of course the downside is you need a little bit of coding skill to be able to implement these.

 

http://www.wbwip.com/wbw/emailencoder.html

 

https://www.heartinternet.uk/blog/15-ways-to-hide-your-email-address/

 

https://www.jqueryscript.net/text/jQuery-Plugin-To-Mask-Email-Addresses-On-Your-Website-Mail-Mask.ht...

 

 

 

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Participant ,
May 12, 2020 May 12, 2020

Copy link to clipboard

Copied

Thanks osgood. There's so much out there that it becomes almost impossible to value which is any good. Especially if this is not your core competence. I remember my searches from years ago. I don't mind messing with some code, as long as I know I work with a good solution, have some kind of manual or the possibility to ask questions.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
May 12, 2020 May 12, 2020

Copy link to clipboard

Copied

Just make sure you use a completely new and 'fresh' email address and only use for your email link on the website - at least then you can get a measurement of how effective your chosen email obfuscation method is ....

Paul-M - Community Expert

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
May 12, 2020 May 12, 2020

Copy link to clipboard

Copied

Mailto links are stictly for suckers.  Don't use them, don't use them, don't use them.

 

This is 2020.  GoLive was discontinued a long time ago when cyber security was not a big deal. Today cyber security is a very big deal.  So is protecting data and privacy and other stuff we didn't give a 2nd thought to in early 2000's. 

 

Old fashioned client-side obfuscation methods are not reliable (not that they ever were).  So please don't delude yourself into thinking this is an OK approach.  The reality today is that secure forms and sever-side scripts are essential.  Anything less is irresponsible.  Hire an experienced programmer to help you or use 3rd party solutions. 

 

Nancy O'Shea— Product User, Community Expert & Moderator

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Participant ,
May 14, 2020 May 14, 2020

Copy link to clipboard

Copied

Thanks Nancy. During this thread I noticed that my vocabulary is not on par with the subject, creating the wrong impression. I'm not deluding myself, I knew things were changed and came here for insights and advice. Not for getting it my way. If you could recommend some of those scrips/3rd party solutions that would be most helpful. Thanks!

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
May 14, 2020 May 14, 2020

Copy link to clipboard

Copied

Email obfuscation can have a certain level of effectivity, some people insist on email links. Best way is to do controlled tests to see how effective it is yourself, it might actually be more effective than the scaemongering here indicates.

 

Scaremongering, using words like 'suckers' and making sweeping statements is a nonsense and pure arrogance.  Controlled testing will give you the real asnswer of how effective or innefective any give method of obfuscation is. 

 

Dismissing something outright, blinkered opinions and assumptions are like saying don't cross the road because you might get run over. 

 

You may also consider blocking IPs and useragents in combination with  email obfuscation, combine that would sensible email spam filtering and it shouldn't be adisaster and you mmight not even enfd up a sucker after all!! 😁

 

I say all this with 20+ years experience and having clients many times insisting on email links after being advised against it in favour of the web form route .  If they insist, we just look at the best method to mitigate email harvesters as best as possible.

Paul-M - Community Expert

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Participant ,
May 14, 2020 May 14, 2020

Copy link to clipboard

Copied

Thanks Paul. It's clear to me that best practice is to have all e-mail links point to a contact form/page where handling takes place. This solution is more or less the same as the form handling I need to register new members. I never had any problems with a solution like that.

 

So that leaves me to search for good form handler with on one hand solid security and user friendly implementation and on the other hand enough flexibility in styling with css. So, all recommendations are still most welcome.

 

On a side note: I've always wondered why apps like DW never incorporated a solid solution for these issues as this is one of the basic features one need when creating even the simplest website. Yes, it takes some maintenance/updates but that should be the added value.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
LEGEND ,
May 14, 2020 May 14, 2020

Copy link to clipboard

Copied

'It's clear to me that best practice is to have all e-mail links point to a contact form/page where handling takes place.'

 

In my opinion that IS the most secure way (point links to a generic contact form and grab the appropriate email adddress based on the information passed to it from the link - could be a name or id) BUT I happen to agree with Paul on this one, email masking can work, you need to test it for a period and see what the response is really and if its good enough for your requirements.

 

You dont say how many email adresses you intent to use on the website. If its just for a limited number of staff eamil addressses then you could use a php switch statement to select the right name from a link and marry it up with the appropriate email address associated with that particular staff members name or id number.

 

If its dozens of email addresses then you should probably use a database to store them in.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Participant ,
May 14, 2020 May 14, 2020

Copy link to clipboard

Copied

Thanks osgood_. As for the e-mail handling we only have 2-3 addresses the e-mails should be send to. The data from the contact form should go to 1 e-mail address, the data from the membership application form should go to 2 e-mail addresses. That's the bare minimum we need.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
LEGEND ,
May 14, 2020 May 14, 2020

Copy link to clipboard

Copied

Reading between the lines of your last post it might be we have been talking cross purposes regarding email address links. If you are intending to use forms to send the data/infomation then there are no issues with including email addresses within the form processing script. These never get seen client side.

 

The only issues regarding email adresses is if you use the mailto: link approach where a default email client-box pops open already filled with the email address/subject and ready to go. That approach leaves the email address exposed to a spam harvestor as its client-side rendered rather than hidden on the server side.

 

As for the forms I cant really be of much help as I tend to build everything myself from the ground up. There are probably ready-made scripts, extensions available - maybe someone who uses that approach will be able to provide some more guidance/resources.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Participant ,
May 14, 2020 May 14, 2020

Copy link to clipboard

Copied

Thanks osgood_. Sorry that I don't speak ‘developer’. That would have reduced this thread significantly. Yes, the idea is to have 1 general contact form that sends data to 1 e-mail address. And 1 apply-for-membership form sends its data to max 2 e-mail addresses in 1 go. 

 

As for the mailto: option (even with data scrambled), I'm now convinced not to use that. 

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
May 14, 2020 May 14, 2020

Copy link to clipboard

Copied

"So that leaves me to search for good form handler... "

That all depends on your hosting plan and which server-side form processing methods your server supports.  Start with your hosting provider.   Ask them which scripts they recommend.

 

Nancy O'Shea— Product User, Community Expert & Moderator

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Participant ,
May 18, 2020 May 18, 2020

Copy link to clipboard

Copied

Thanks Nancy. Our provider supports Php (latest) and MySql (v5).

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines