Spambot Email Protector 2.02: Bug with Text Fields?

By amy - April 9, 2019 - edited: April 11, 2019

It looks like the 2.02 version of the Spambot plugin is only encoding emails when they are hard-coded or come from the CMS via a WYSIWYG field, but not when the "mailto:" is in the page code and the email address loads from CMSB via a text field. Ex:

<a href="mailto:<?php echo $record['email_address']; ?>">

We have similar code on a site using the 2.01 version on CMSB 3.09, which does not have this issue. 

If I change $GLOBALS['SEP_ENCODING_METHODS']['comments'] or $GLOBALS['SEP_ENCODING_METHODS']['tags'] to true then that encoding will load, what specifically isn't kicking in is the javascript portion. For example, via WYSIWYG:


vs. via text field (which breaks the email address when opened in an email client):

href="mailto:tes<!-- jlj --><span>t<!-- del --><!-- bsa -->@t</span><!-- ztj -->m"

Any suggestions?

By gregThomas - April 15, 2019

Hey Amy,

Sorry, I've been slow to get back to you on this one. It took me a while to debug the issue, but I think I've found the cause.

If you open the file spambotEmailProtector.php and edit line 22 from:

  ob_start('SEP_replaceEmails', 2);


  ob_start('SEP_replaceEmails', 10000);

you should find the javascript is added correctly for both email addresses. Please, could you test this out and let me know if it resolves the issue for you?

Greg Thomas

PHP Programmer -

By amy - April 16, 2019

Thanks Greg, that did the trick. Appreciate you looking into this!

By gregThomas - April 16, 2019

Hey Amy,

Excellent! I'll get a new version of the plugin released with the fix in, I'll let you know once this is done.

The problem was that the cache the plugin uses to check for emails that need encoding was far too small, so sometimes only parts of an email address would be stored.

Greg Thomas

PHP Programmer -

By amy - April 17, 2019

Great—thanks Greg!