Cryptex | E-Mail Address Protection Plugin

NOTE: this plugin is targeted to advanced users and professionals – it requires some configuration tasks and won’t work out-of-the-box!

The plugin is used to display Email addresses as an image – automatically.
This will stop harvesters and crawlers from gathering sensitive data from your website.
It works with emails, telephone numbers, postal addresses or any other text-content.
Just wrap your E-Mail-Address into a shortcode like [email][email protected][/email] – that’s it.
Or use the Autodetect filter to transform every E-Mail-Address on your page automatically into an image!

Plugin Features

• Protects Email Adresses, Telephone Numbers or any other content
• Fully customizable appearance: you can configure font-family, font-size and font-color – everything looks like your theme style
• Retina/HD/High-Dpi Images – best appearance on all devices (2x, 3x or 4x resolution enhancement)
• Shortcode and/or Autodetection usage!
• Build-In E-Mail-Address-Autodetection – all addresses on your page are protected automatically (if you want it – you can also just use shortcodes!)
• Autodetection filters configurable for the_content, the_excerpt, comments, comments_excerpt, text-widget
• Reversible Address-Autodetection Process – your content is modified as long as the plugin is activated
• Postal-addresses, telephone-numbers, names and other sensitive information`s can be protected too
• Protects E-Mail hyperlinks (mailto) by using javascript based key-shifting encryption/decryption with dynamic keys – but you can use images only
• Suitable for high traffic sites – automated caching of dynamic generated images and CSS
• Automatic font-search (standard system font-paths)
• Supports the new modern UI style of WordPress 3.8
• Native support for Enlighter Syntax Highlighter to display E-Mail Addresses within highlighted content (requires Enlighter v2.7)
• Includes the Liberation(tm) Fonts package
• TrueType as well as OpenType Fonts are supported

Text-Transformations

The @-sign as well as dot’s within the e-mail-addresses can be automatically replaced by different placeholders, e.g. mail(at)example{dot}org, to match your website’s corporate design.

Security Modes

Cryptex provides various obfuscation modes for E-Mail-Addresses:

• Plain Text – only text-transformations are applied – no use of images
• Single Image – the e-mail-address is expressed as a single image
• Multipart Image – the e-mail-address is splitted into two images, seperated by the @-sign in plain text
• Advanced Multipart Image – the craziest one: each part (divided by dot’s and @ sign) is displayed as a seperate image, the dividers as plain text

System requirements

• PHP 5.4 or greater
• GD library (v2.0.28 or greater)
• GD PNG support
• FreeType2 (optional, required for OpenType fonts)
• Accessible cache directory (/wp-content/plugins/cryptex/cache/ or a custom one)

WordPress Theme requirements

• The wp_footer and wp_head action have to be used (enqueue js+css resources)

Installation

1. Upload the complete cryptex folder (WordPress Plugin) to the /wp-content/plugins/ directory
2. Activate the plugin through the ‘Plugins’ menu in WordPress
3. Go to Settings -> Cryptex and check all items into the sidebar.
4. In case that there are no font available on your server you can use own/special fonts by uploading them into the /wp-content/plugins/cryptex/fonts/ directory
5. Go to the appearance section and select the font-family, font-color and font-size like the styles in your theme
6. That’s it! You’re done. You can now enter the following code into a post or page to protect email addresses: [email][email protected][/email]. Or use the Autodetect feature

1. 

   Cryptex Website Appearance

2. 

   Settings Page - Contextual Help Menu

3. 

   Settings Page - Appearance

4. 

   Settings Page - Autodetect Filters & CDN Options

5. 

   Settings Page - System Informations

6. 

   Settings Page - Image Offsets & Retina/HighDpi Options

Cryptex Shortcode doesn’t work in Text-Widgets

Generally, WordPress does not process any shortcodes used in text-widgets. You can add the following code to your template functions.php file to enable shortcode processing: add_filter('widget_text', 'do_shortcode');

I get an error using the system font paths, which are shown by the settings page

This paths – depending on your hosting environment – can be different – if you don’t know the path, please ask your hosting provider or upload the fonts manually into the cryptex-plugin-directory \wp-content\plugins\cryptex\fonts\ and use Plugin Directory as font source.

I get a “file permission” error changing the font source to **Custom Directoy**

During security restrictions your system font paths could be unaccessable. In this case you have to upload TrueTypeFonts (.ttf) into the cryptex-plugin-directory \wp-content\plugins\cryptex\fonts\ and use Plugin Directory as font source.

I get an “file permission” php error in my blog

The directory /wp-content/plugins/cryptex/cache/ must be writeable – the images as well as the generated css file will be stored there. Try to set chmod to 0644 or 0770

I need bold/italic font styles

Please use the italic/bold font of the font family you’ve selected. For example there is an verdana.ttf(normal) and verdanai.ttf(italic) file!

Is it possible to use Cryptex directly in my wordpress template ? shortcode does not work yet

Of course! you can simply use <?php Cryptex::crypt('yourtext'); ?> to display ‘yourtext’ as crypted version

I miss some features / I found a bug

Send an email to Andi Dittrich (andi _D0T dittrich At a3non .dOT org) or or open a New Issue on GitHub

7.1

• Added: Full srcset highdpi support (all images generated in the required resolution)
• Added: Number of cached files to the settings page
• Added: about-page inlcuding html changelog
• Added: redirect to about-page on plugin activation/upgrade
• Added: debug tab to the about-page containing the full plugin configuration
• Changed: replaced dedicated colorpicker by build-in WordPress iris picker
• Changed: plugin settings splitted into multiple pages
• Changed: image dimensions of high resolution images are not cached anymore (performance)
• Changed: HTML5 srcset based HDPI renderer is set as prefered option
• Changed: moved plugin files into modules/ directory as required by wp-skltn
• Changed: set default line-height to 20px instead of auto
• Changed: set default padding to 4px
• Changed: wp-skltn library updated to 0.17.0 – MPL 2.0 License
• Bugfix: added width attribute to html-srcset highdpi images (causes invalid dimension on iOS devices)

7.0

License changed to GNU GENERAL PUBLIC LICENSE Version 2 (GPL-2.0)

• Added: option to disable generic cryptex shortcode
• Added: cryptex icon batch to settings page
• Added: docker based development mode
• Changed: moved settings page to top-level menu
• Changed: new settings page
• Changed: wp-skltn library updated to 0.13.0 – MPL 2.0 License
• Changed: sessionStorage is used to store the current active tab instead of cookies
• Changed: updated the UI components
• Changed; email/telephone shortcodes are enabled by default
• Changed: 3rd party plugin support (placeholders) are disabled by default
• Removed: jquery-cookie dependency
• Bugfix: telephone/email shortcodes caused a php warning in case no attributes were set – thanks to jotazzu on GitHub
• Bugfix: colorpicker sets wrong foreground color which caused unreadable input fields (color lightness calculation)
• Bugfix: settings label (checkboxes) were not linked to the input elements

6.0

• Added: WordPress Multisite support
• Added: New Environment Check to ensure Cryptex is working in a well configured environment
• Added: Support for telephone numbers including uri scheme tel:
• Added: Shortcode telephone
• Added: href Shortcode attribute to override the default behaviour
• Added: Plugin Upgrade Notification
• Changed: WP-Skeleton is used as Plugin Backend Framework
• Changed: All settings are stored in serialized form in cryptex-options instead of single options
• Changed: Settings Page URL to wp-admin/options-general.php?page=Cryptex
• Changed: Base64 Filename hashes are used instead of hexadecimal ones
• Replaced: PHP-Version-Errorpage by global admin_notice – ensure that PHP 5.3 or greater is used to avoid weird errors
• Bugfix: The cache accessibility check did not work on WIN platform
• Bugfix: Fixed some CSS rules used in Settings-Page
• Cleaned up the internal Plugin Structure

5.2

• Changed: the default font-file to LiberationSans-Regular.ttf
• Replaced: the low-level PHP based ObjectCache by the WordPress Transient API
• Bugfix: Fatal Errors thrown in environments with missing imageantialias() GD function are suppressed by additional check

5.1

• Added: Plugin Upgrade notifications fo major releases to the admins plugin page
• Added: Some unit testcases (development only)
• Bugfix: Email Address autodetection failed in some cases – thanks to topotato on GitHub

5.0

• Added: New Javascript decryption engine (size optimized – 827bytes)
• Added: Support for Enlighter Syntax Highlighter to display E-Mail Addresses within highlighted content (requires Enlighter v2.7)
• Added: Invisible placeholders around the html output (required for Enlighter)
• Added: Global Javascript Object Cryptex
• Added: Liberation(tm) Fonts package
• Added: Additional HDPI Image renderer based on the HTML5 srcset attribute
• Added: Settings page link to the plugin page (metadata row)
• Added: Link to author’s Twitter Channel (latest Enlighter updates/news)
• Added: Option to set the CSS Font-Family (in case you want to use another font for Email addresses on your page)
• Changed HTML output attribute ordering
• Removed: MooTools + jQuery code – replaced by native version
• Removed js-type option – Cryptex javascript is now always injected into the page (wp_footer action)
• Removed external CSS option – the required CSS is now always injected into the page (wp_head action)
• Bugfix: HDPI CSS container is now only added when cryptex images are found on the page
• Bugfix: The contextual help link was not “full” selectable (covered by the tab nav)
• Bugfix: Error handling of the FontManager failed (should never happen under normal conditions)
• Bugfix: ObjectCache file existent check failed
• The readme.txt (WordPress plugin repository) is generated from the markdown file README.md and CHANGES.md (GitHub style)

4.0

• Added: Retina/High-DPI image support
• Added: Option to set the line-height (image-height) manually
• Added FreeType2 support, including .otc and .otf fonts – enabled by default
• Added: Font-size can be set in px or pt – px value will be forced as default
• Added: Autodetect filter to text-widget content (optional)
• Added: Custom cache path/url settings like WordPress’ media options (advancved settings)
• Added: Option to disable Antialiasing (advancved settings)
• Added: New html+image rendering engines
• Added: Width+Height attributes to generated image-tags (including server side caching)
• Added: Additional user-role check (administrator + manage_options required)
• Added: Tab-Panels to the settings page (Appearance, Options, Advanced)
• Added: Contextual Help based help/informations
• Added: Shortcode options to override the global cryptex-settings – feature requested on WordPress.org Forums
• Added: Option to load stylesheet as inline content (style tag displayed in wp_footer)
• Added: Option to include javascript, required for hyperlink-decoding, as inline content (script tag displayed in wp_head or wp_footer)
• Added: Cleanup of generated stylesheets
• Added: New Screenshots
• Added: License Informations to settings-page footer
• Added: Error supression for system-font scanning
• Updated: MooTools Javascript code now uses document.getElements() instaed of leagcy $$() selector
• Modified: Cryptex javascript file uses UglifyJS for minification
• New settings page – now matches WordPress corporate UI style
• Removed WordPress <= 3.7 compatibility mode/legacy UI style
• Bugfix: Added some missing I18n namespaces
• Many internal changes/improvements

3.3

• Added: Option to enable processing of “Nested-Shortcodes” within cryptex/email tags – this might be useful if your using inner shortcode which fetches some content from your database, etc. (disabled by default)
• Bugfix: E-Mail-Address-Autodetection doesn’t recognize subdomains (e.g. [email protected])

3.2.1

• Bugfix: CSS files doesn’t get generated on upgrading the plugin – you have to click “save settings” to force the creation on previuos versions

3.2

• Added: Autodetection filters for get_the_excerpt, get_comment_text and get_comment_excerpt
• Added: New Security-Mode “Advanced Multipart Image” – each part of the email-address (seperated by dot’s and @ sign) is displayed as an image, the dividers as plain text
• Added: New Security-Mode “Text” – not recommended but usefull if you don’t want to use images (e.g. screenreaders required) – this setting will only modify the @sign of the text and adds mailto
• Added: Option to enable/disable the_excerpt, the_content, get_comment_text and get_comment_excerpt autodetect filters
• Added: Text-Replacement for the dot (.) within E-Mail-Addresses
• Improved: Increased the robustness of the Font-Manager (font detection)
• Improved: Font-List is now alphabetically sorted
• Bugfix: Limited the total number of directories to be recursively scanned by the Font-Manager to 100. This will prevent plugin-crashes by e.g. scanning the whole filesystem. A minimum Font-Path length of 4 characters is also required (using root path / is now permitted)
• Bugfix: Misspelled variable within Cryptex Main class (no influence)

3.1

• Added: E-Mail-Address autodetection – transforms E-Mail-Addresses from post/pages directly into images without the need of shortcodes (optionally – you can turn it off on the settings page)
• Added: I18n generation tools, including ANT build script
• Added: German translation (de_DE)
• Added: I18n can be disbaled
• Added: Environment Pre-Check (PHP 5.3 requirement!)
• Improved UI
• Bugfix: Added missing I18n domains
• Bugfix: Misspelled variable within image-hash generation (caused php error)

3.0

• New plugin backend structure
• PHP Namespaces used to isolate plugin (PHP >= 5.3 required!)
• Improved settings page, new design
• Improved E-Mail-Address detection
• Many performance optimizations
• Removed support for GD library version 1.x (>= v2.0.38 required)
• Added: Support for new WordPress backend UI style
• Added: Automated Font Search/Detection
• Added: Shortcode-Alias [email] to be compatible with other plugins
• Added: User defined dimension offsets for generated images
• Added: FULL I18n support (internationalization)
• Bugfix: Cache not cleared on activating plugin (required for updates)
• Bugfix: Closed possible attack vector on image filenames by decoding the used sha1 hashes – now a unique salt is used to prevent it
• Bugfix: Invalid px/pt transformation used for GD1/2 interoperability
• Bugfix: Wrong css cursor was used for divider (@ sign) using hybrid mode

2.0

• Complete rewritten version of the plugin. Completly cleaned, strict OOP coding style
• Bugfix: removed cryptex js+css from wordpress admin pages
• Bugfix: pointer cursor is only visible on active hyperlinks
• Improved: you can add css prefixes to fix problems with some themes without editing your theme css
• Improved: only 1 css file is added instead of 2 files like before
• Improved: new plugin directory structure
• Added: I18n (internationalization) is supported
• Added: you can select the method cryptex uses to display email addresses (single image, hybrid image)
• Added: if you wanna use cryptex directly in your wordpress template, you can simply use Cryptex::crypt('yourtext'); to display ‘yourtext’ as crypted version

1.3.5

• Bugfix: (websites without JQuery or MooTools) using Cryptex on more than one e-mail address per page failed: when any of the e-mail addresses getting clicked, the address from the last address gets applied to all of the links. (Thanks to Kory S.)

1.3.4

• Bugfix: by some misunderstanding of the WordPress API the update/upgrade/installation of any plugins triggered the restore/backup events of cryptex – this may be cause a “permission denied” error message during the installation of any plugin. I apologize for this inconvenience
• Improved: dynamic CSS file is automatically generated on activating the plugin
• Improved: suppress error messages if there is no GD-library

1.3.3

• Bugfix: restore of font folder cryptex/fonts failed on upgrade (windows servers..)

1.3.2

• Bugfix: restore of css files failed on upgrade
• Bugfix: CSS file only updated after second press on “save changes”
• Bugfix: color parsing error – colors like 0x0000ff not parsed correctly
• Bugfix: CSS font family failure on dynamic generated files
• Added: button to restore default font path \wp-content\plugins\cryptex\fonts\
• Added: jQuery ColorPicker to settings page
• Added: support for custom text in cryptex shortcode (like telephone numbers, postal addresses)
• Improved: new plugin directory structure – moved js+css files

1.3.1

• Bugfix: restore of font folder cryptex/fonts failed on upgrade

1.3

• First public release.