Highlighted

DW extension advice

Participant ,
May 11, 2020

Copy link to clipboard

Copied

Hi there, I'm looking for some advice. I'm about to create a society website in DW. For now there are 2 things we don't yet have a solution for.

1. masking/scrambling e-mail links

2. form handling. Not just name & e-mail but more data like address fields, phone numbers, dob. etc.

 

Which extensions would you recommend? I'd like to have all the solutions operable from within DW as I would be easy to hand over the complete site to other board members and cross platform. TIA.

Topics

Extensions

Views

1.5K

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more

DW extension advice

Participant ,
May 11, 2020

Copy link to clipboard

Copied

Hi there, I'm looking for some advice. I'm about to create a society website in DW. For now there are 2 things we don't yet have a solution for.

1. masking/scrambling e-mail links

2. form handling. Not just name & e-mail but more data like address fields, phone numbers, dob. etc.

 

Which extensions would you recommend? I'd like to have all the solutions operable from within DW as I would be easy to hand over the complete site to other board members and cross platform. TIA.

Topics

Extensions

Views

1.5K

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Adobe Community Professional ,
May 11, 2020

Copy link to clipboard

Copied

1. One way is to use CSS to obfuscate the email link. As an example, I use right2left as follows:

The CSS:

 

.reverse { 
    unicode-bidi: bidi-override;
    direction: rtl;
}

 

the HTML:

 

<p class="reverse">moc.elpmaxe@liam</p>

 

the Result:

 

mail@xample.com

 

 

2. Have a look at

i) https://www.webassist.com/

ii) https://www.dmxzone.com/3/extensions

 

 


Ben

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Adobe Community Professional ,
May 11, 2020

Copy link to clipboard

Copied

Never post e-mail addresses, obfuscated or not, on the open web.  I highly recommend you build your app behind password protection so nobody can see sensitive data except your members.

 

Secure form processing and encryption are essential to protect your site, your members' data and your server from exploitation by hackers and spam bots.  Ask your hosting provider which form processing scripts they recommend you use with your hosting plan.    Or you can go 3rd party and use a form service like JotForms or Wufoo.com where form data is collected and processed on their servers, not yours. 

 

Nancy O'Shea, ACP
Alt-Web.com

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Adobe Community Professional ,
May 11, 2020

Copy link to clipboard

Copied

I agree with Nancy that posting email addresses is a bad idea.  I'm wondering why you are so set on creating this in Dreamweaver thinking it will be easy to hand over.  If someone doesn't know how to code, making them purchase HTML editing software or trying to edit code in a free text editor is very dangerous.

 

Personally I would recommend looking into software to manage your community and make it easier to maintain without an editor like DW such as Invision Community ( https://invisioncommunity.com ) or Vanilla ( https://vanillaforums.com/en/ ).  There are probably others out there, but I think you would be better with a solution like those as opposed to trying to build this all yourself and thinking it will be easy to hand off. Having something with a modern web interface to manage online from anywhere would be your best bet to hand off to a client or someone potentially without technical expertise.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Adobe Community Professional ,
May 11, 2020

Copy link to clipboard

Copied

A backend CMS is necessary for non-coding amateurs to manage the site with.  Even WordPress with a Memberhsip Plugin would be a better option.

https://www.wpbeginner.com/wp-tutorials/ultimate-guide-to-creating-a-wordpress-membership-site/

 

Nancy O'Shea, ACP
Alt-Web.com

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Participant ,
May 11, 2020

Copy link to clipboard

Copied

Thanks everyone. To be more specific, I'm not planning on posting e-mail adresses in full. Just a clickable word, but the link data should not be harvestable. As for the site, it won't be used as a community platform. Just some basic info about the society, our subject, some stories an a application form to become a member. So no need for WP. Besides, I hate templates and have very bad experiences with cms. 

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Adobe Community Professional ,
May 11, 2020

Copy link to clipboard

Copied

Who will be tasked with maintaning this site?  That's who you must build it for.  Like it or not, most people prefer to use a CMS either custom or open source.

 

Nancy O'Shea, ACP
Alt-Web.com

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Participant ,
May 11, 2020

Copy link to clipboard

Copied

Thanks Nancy. For the coming time I will maintain this site as I do with the current one. I thought it was good practice (for our society) to set things up in a way that it could be handed over easily by working with a well used and cross platform editor like DW. I can also set it up in Indesign and use IN5 for export. Maybe easier for me but not so flexible in handing things over.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Adobe Community Professional ,
May 11, 2020

Copy link to clipboard

Copied

Why InDesign? That's a print publishing tool, not a web tool.

 

As far as the site goes, unless you build a protected area, bots will crawl your site and pick up the emails even if they are a word or phrase (ie: Email Me) because they read code, not what humans read in a browser.

 

The only other option out there is looking to your client's CRM for forms. Often times the CRM allows you a tool to post from the web to your CRM directly so your client can see their members in an organized manner in a database rather than trying to sort through forms that could potentially just blast their inbox with emails.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
LEGEND ,
May 12, 2020

Copy link to clipboard

Copied

'I'm not planning on posting e-mail adresses in full. Just a clickable word, but the link data should not be harvestable.'

 

Well you can't do that as an email address would need to be associated with the 'clickable word':

 

<a href="#">Email: John Brown</a>

 

Where is the email address coming from?

 

You would need to store John Browns email address in a database then when the 'clickable word' is clicked you would evoke a 'generic' form and pass the email address via the database to the form-processing script. The link would look like:

 

<a href="mailForm.php?name=John Brown">Email: John Brown</a>

 

A generic form would be on the 'mailForm.php' page and you would get the name of the person being emailed -  $name = $_GET['name'];

 

You would then connect to your database of names/email adrresses and get the correct email address for the name being passed through to the form, then you would use that in the form processing script and send the form. Probably would be better to use a uniqiue ID for each person as there may be 2 or 3 John Browns. 

 

<a href="sendMailForm.php?id=4">Email: John Brown</a>

<a href="sendMailForm.php?id=7">Email: John Brown</a>

<a href="sendMailForm.php?id=12">Email: John Brown</a>

 

$id = $_GET['id'];

 

However if you are using InDesign then none of the above will make much sense to you I assume. In that case I would just 'scramble' the email address and take your chances. Plenty of websites still openly include email information within the html code. I would not do it but just saying they exist and these people are 'professional' developers. If your scrambling proves to be uneffective and your recipients started recieving a lot of junk in their email boxes then you need to try a different approach.

 

As for the form which collects phone nos., email addresses, names, date of birth etc well that is just a case of building a secure form with some validation - you can source many tutorials on Google or search the web for solutions for that. The key here is how do you intend to use the collected data. Are you manually managing it or are you planning to automatically send that information to a database.

 

There are many different aspects you need to consider like ensuring any information you collect is safe and only used for the intended purpose it was collected for, given the new ruling in many countries about data protection etc

 

These days building anything but a simple website is too problematical to consider unless you work in a team environment. There are far to many 'specialist' areas involved to be able to confidently undertake as a single developer. The deeper you go the more problems you uncover.

 

 

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Adobe Community Professional ,
May 12, 2020

Copy link to clipboard

Copied

Simple PHP email obfuscation example:

<?php
//Encode Email
function protectMail($s) {
$result = '';
$s = '' . $s;
for ($i = 0; $i < strlen($s); $i++) {
$result .= '&#' . ord(substr($s, $i, 1)) .
';';
}
return $result;
}
?>

usage:

<a href="mailto:<?php echo protectMail('you@yourwebsitedomain.com'); ?>">Click here to email us</a>

 If email links are a must, I would create a new, unique, unused email address for the website, at least that way you can get an idea of how effective any kind of email obfuscation is against email harvesters.


Paul-M, ACP - www.webspectrum.co.uk

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Participant ,
May 12, 2020

Copy link to clipboard

Copied

Thanks everyone. I thought my questions were easier than they appear to be. Let me explain. Back in the old days when I used GoLive, there was an extension that scrambled the mailto-link (with Javascript, I believe). Let's say the clickable word is ‘here’, then that extension scrambled the mailto-code. I was looking for a kind of DW equivalent of that extension. I've never stated that I wanted to mask a readable e-mail address.

 

As for the form handling, also back in the GL-days, I had a php-script that was linked to the html/css formfields. I could use form fields and radio buttons and then have the form input send to one or more e-mail addresses for manual handling. Since that script isn't maintained anymore it's not working under the recent version of php. So I'm looking for a solution along those lines. Maybe I was wrong by using the word ‘extension’.

 

Solutions like those of Paul-M is something I could work with. Thanks Paul. I hope my explanation makes any sense. TIA.

 

@Ben_M: yes ID is a design program, but is also capable to produce e-pubs/apps, interactive pdf's and websites. With IN5 added to ID you can output decent html-5 websites. I worked with IN5 for a client where we both did print/pdf and app using the same layout. I still have to find out what they do with issues like form handling and mailto scrambling.

 

 

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
LEGEND ,
May 12, 2020

Copy link to clipboard

Copied

There are plenty of 'amatuer' email 'masking' options out there (see links below) but its unclear how effective they are as spambots get more sophisticated over time. I guess we are suggestion here ways which will almost guarantee a spambot can't get at the email address, which is good practice. Of course the downside is you need a little bit of coding skill to be able to implement these.

 

http://www.wbwip.com/wbw/emailencoder.html

 

https://www.heartinternet.uk/blog/15-ways-to-hide-your-email-address/

 

https://www.jqueryscript.net/text/jQuery-Plugin-To-Mask-Email-Addresses-On-Your-Website-Mail-Mask.ht...

 

 

 

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Participant ,
May 12, 2020

Copy link to clipboard

Copied

Thanks osgood. There's so much out there that it becomes almost impossible to value which is any good. Especially if this is not your core competence. I remember my searches from years ago. I don't mind messing with some code, as long as I know I work with a good solution, have some kind of manual or the possibility to ask questions.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Adobe Community Professional ,
May 12, 2020

Copy link to clipboard

Copied

Just make sure you use a completely new and 'fresh' email address and only use for your email link on the website - at least then you can get a measurement of how effective your chosen email obfuscation method is ....


Paul-M, ACP - www.webspectrum.co.uk

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Adobe Community Professional ,
May 12, 2020

Copy link to clipboard

Copied

Mailto links are stictly for suckers.  Don't use them, don't use them, don't use them.

 

This is 2020.  GoLive was discontinued a long time ago when cyber security was not a big deal. Today cyber security is a very big deal.  So is protecting data and privacy and other stuff we didn't give a 2nd thought to in early 2000's. 

 

Old fashioned client-side obfuscation methods are not reliable (not that they ever were).  So please don't delude yourself into thinking this is an OK approach.  The reality today is that secure forms and sever-side scripts are essential.  Anything less is irresponsible.  Hire an experienced programmer to help you or use 3rd party solutions. 

 

Nancy O'Shea, ACP
Alt-Web.com

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Participant ,
May 14, 2020

Copy link to clipboard

Copied

Thanks Nancy. During this thread I noticed that my vocabulary is not on par with the subject, creating the wrong impression. I'm not deluding myself, I knew things were changed and came here for insights and advice. Not for getting it my way. If you could recommend some of those scrips/3rd party solutions that would be most helpful. Thanks!

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Adobe Community Professional ,
May 14, 2020

Copy link to clipboard

Copied

Email obfuscation can have a certain level of effectivity, some people insist on email links. Best way is to do controlled tests to see how effective it is yourself, it might actually be more effective than the scaemongering here indicates.

 

Scaremongering, using words like 'suckers' and making sweeping statements is a nonsense and pure arrogance.  Controlled testing will give you the real asnswer of how effective or innefective any give method of obfuscation is. 

 

Dismissing something outright, blinkered opinions and assumptions are like saying don't cross the road because you might get run over. 

 

You may also consider blocking IPs and useragents in combination with  email obfuscation, combine that would sensible email spam filtering and it shouldn't be adisaster and you mmight not even enfd up a sucker after all!! 😁

 

I say all this with 20+ years experience and having clients many times insisting on email links after being advised against it in favour of the web form route .  If they insist, we just look at the best method to mitigate email harvesters as best as possible.


Paul-M, ACP - www.webspectrum.co.uk

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Participant ,
May 14, 2020

Copy link to clipboard

Copied

Thanks Paul. It's clear to me that best practice is to have all e-mail links point to a contact form/page where handling takes place. This solution is more or less the same as the form handling I need to register new members. I never had any problems with a solution like that.

 

So that leaves me to search for good form handler with on one hand solid security and user friendly implementation and on the other hand enough flexibility in styling with css. So, all recommendations are still most welcome.

 

On a side note: I've always wondered why apps like DW never incorporated a solid solution for these issues as this is one of the basic features one need when creating even the simplest website. Yes, it takes some maintenance/updates but that should be the added value.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
LEGEND ,
May 14, 2020

Copy link to clipboard

Copied

'It's clear to me that best practice is to have all e-mail links point to a contact form/page where handling takes place.'

 

In my opinion that IS the most secure way (point links to a generic contact form and grab the appropriate email adddress based on the information passed to it from the link - could be a name or id) BUT I happen to agree with Paul on this one, email masking can work, you need to test it for a period and see what the response is really and if its good enough for your requirements.

 

You dont say how many email adresses you intent to use on the website. If its just for a limited number of staff eamil addressses then you could use a php switch statement to select the right name from a link and marry it up with the appropriate email address associated with that particular staff members name or id number.

 

If its dozens of email addresses then you should probably use a database to store them in.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Participant ,
May 14, 2020

Copy link to clipboard

Copied

Thanks osgood_. As for the e-mail handling we only have 2-3 addresses the e-mails should be send to. The data from the contact form should go to 1 e-mail address, the data from the membership application form should go to 2 e-mail addresses. That's the bare minimum we need.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
LEGEND ,
May 14, 2020

Copy link to clipboard

Copied

Reading between the lines of your last post it might be we have been talking cross purposes regarding email address links. If you are intending to use forms to send the data/infomation then there are no issues with including email addresses within the form processing script. These never get seen client side.

 

The only issues regarding email adresses is if you use the mailto: link approach where a default email client-box pops open already filled with the email address/subject and ready to go. That approach leaves the email address exposed to a spam harvestor as its client-side rendered rather than hidden on the server side.

 

As for the forms I cant really be of much help as I tend to build everything myself from the ground up. There are probably ready-made scripts, extensions available - maybe someone who uses that approach will be able to provide some more guidance/resources.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Participant ,
May 14, 2020

Copy link to clipboard

Copied

Thanks osgood_. Sorry that I don't speak ‘developer’. That would have reduced this thread significantly. Yes, the idea is to have 1 general contact form that sends data to 1 e-mail address. And 1 apply-for-membership form sends its data to max 2 e-mail addresses in 1 go. 

 

As for the mailto: option (even with data scrambled), I'm now convinced not to use that. 

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Adobe Community Professional ,
May 14, 2020

Copy link to clipboard

Copied

"So that leaves me to search for good form handler... "

That all depends on your hosting plan and which server-side form processing methods your server supports.  Start with your hosting provider.   Ask them which scripts they recommend.

 

Nancy O'Shea, ACP
Alt-Web.com

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Participant ,
May 18, 2020

Copy link to clipboard

Copied

Thanks Nancy. Our provider supports Php (latest) and MySql (v5).

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Adobe Community Professional ,
May 18, 2020

Copy link to clipboard

Copied

The mail sending library, PHP Mailer, is frequently recommended by web hosts.

https://github.com/PHPMailer/PHPMailer

 

 

 

Nancy O'Shea, ACP
Alt-Web.com

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
LEGEND ,
May 18, 2020

Copy link to clipboard

Copied

I think phpMailer is just complicating the issue for someone that is asking how to process forms IF their server can handle the php mail function, which is a lot simpler to implement.

 

A lot depends on how complicated the form is of course - what form fields will be required. Generally input fields such as 'text' and 'textarea' are fairly simple to build out with few problems. 'radio buttons', 'checkboxes' and 'select fields' add a further complexity to the issue. If file attachments are required then phpMailer does make the process simpler but I would not use a sledgehammer to crack a nut if the form is fairly simple.

 

Then of course will a combination of javascript front-end client-side validation be required in combination with the back-end php server-side validation or will back-end server-side php validation and processing be sufficient, not to mention if javascript front end cleint-side validation is used will the data be sent to the php processing script via ajax to make a seemless integration workflow.........hummmm........sometimes I think you can try and run before you can walk.

 

I would advise those who are not familar with code just to concentrate on server-side php validation and processing. Its not as pretty but is robust and at the end of the day IS the work horse of any form validation/processing - javascript validation is just eye-candy but nice to have if you have the skill to implement it, if not it doesnt really matter.

 

The OPs hosting company should really have a basic php form processing script available which they recommned using, most do.

 

 

 

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Adobe Community Professional ,
May 18, 2020

Copy link to clipboard

Copied

The baked in PHP Mail() function has fallen out of favor for many reasons. Among other things, mail doesn't always get through.  And many hosts require SMTP authentication to keep their servers from being used as spam relays. 

 

PHPMailer may seem like a sledgehammer to swat flies approach but that's because sending mail is more complicated now than it was 4-5 years ago. See examples below.

https://github.com/PHPMailer/PHPMailer/tree/master/examples

 

 

Nancy O'Shea, ACP
Alt-Web.com

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
LEGEND ,
May 19, 2020

Copy link to clipboard

Copied

Its not fallen out of favour and I dont know where you get the idea mail doesnt get through. Ive never experienced someone who says they sent me mail through my web form and it hasnt arrived an neither to my knowledge has any of my clients, at least they havent informed me. If it was happening to them regularly then they would have.

 

I despair sometimes at the idiotic reasoning. I mean php has fallen out of favour, right we are told by nerd-heads, who are still in their nappies. Bullshite mail its just as good now as it ever was and is quick and easy to implement. I wont use a host that doesnt offer it as an option.

 

Its only nerd-heads that will tell you things fall out of favour. If thats the case everyone should not be using jQuery but hey guess what, that piece of crap Bootstrap, (light-years behind the web-development curve), still does, until the day it doesnt and all the Bootstrappers will say jQuery is for amatuers. Angular or React or Vue should be used instead of vanilla javascript, same as applies to node.js, apparently it is a pile of steaming horse manure since deno.js has arrived on the scene, node.js is now falling out of favour in some nerd-heads world.

 

When is this constant hopping onto the lastest trend going to cease, its not helping this industry. Most dont need to use a sledgehammer approach/workflow to crack a nut, certainly not in the is forum anyhow. But they do because a few nerd-heads working for the likes of Facebook, Google, Twitter etc brain wash them.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Participant ,
May 19, 2020

Copy link to clipboard

Copied

Thanks everyone. I will look into your suggestions. I have no need for the functionality to attach documents to the form, but yes, I'd like to be able to use radio buttons and/or tick boxes.

 

As for the discussion, I can see both your angles. Much appreciated. This threat demonstrates to me that there's an opportunity for apps like DW to have a solid solution for this incorporated. 

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Resources
Learn Resources
Add a group