Safe Tags v1.0

by Thalamus - October 2007

Nearly two years ago, I was looking at trying to write some code for a forum that would obfuscate certain text within posts. This (somewhat specialized) forum needed a function where, within posts, users could insert text (such as a name, nickname or other reference) that would be humanly readable on the forum pages, but that could not be picked up by search engines or trawler bots.

What I came up with at the time, was using vBcode tags that were 'built-in' by making core file changes to the bbcode class files. These then used javascript to call the base64 functions to meet the requirements. It all worked very well, but unfortunately played havoc with upgrades to vBulletin - each one meant having to re-input the code into the core php files.

With the introduction of the latest versions, and the addition and availability of more hooks, I've developed the function into a product that uses the available hooks, and making things much simpler for updates. There is a file upload, but this is simply a javascript file containing the base64 encode and decode functions.

Tested on vBulletin 3.6.8

What this product does, is to set up a vBcode (BB Code) tag called "safe" which, when used, enables you to place text into your forum posts that, although seen by human viewers of your site pages, obfuscates that text on the raw HTML page for any passing bot or search engine spider.

It does that by using a simple javascript call, to utilize the base64 encode method of encryption. What it does mean, is that if you have instances where you may want something posted on your forum but you don't want it picked up by spiders (names, places), you can now do it quite freely and easily using the Safe Tags method!

If you place an email address or a URL within the tags, it will not be parsed (although it will be encrypted) and no link will be automatically added to it.

Example:

A simple line of text that contains [safe]a name in here means that the text between the safe tags will be encrypted on the raw HTML but viewable on the thread page.

Installation

In the zip file you should have three files:

safe_encode.js
product-safetags.xml
safetags-readme.txt

To install, extract the files within the zip file to your own hard drive, then upload the safe_encode.js file into your forum's clientscript folder.

Go to your AdminCP -> Plugins & Products -> Manage Products, then click Add/Import Product.

In the Import Product section, browse for the file product-safetags.xml wherever you extracted it on your hard drive, set Allow Overwrite to Yes, then click Import.
--------------------------

The product installation will create a new custom BBcode which you can check in your AdminCP -> Custom BB Codes -> BB Code Manager.

--------------------------
This is my first published plugin, and I really don't know how much I can offer in terms of support, so please don't expect too much. It's a very easy and simple mod if you look through the xml file.

My grateful thanks to those who have helped me on here, and also to the authors of the code snippets I've used in this (I'm sorry I can't remember who you are - I'm old, and tnat's my excuse...)

Thanks for reading :)

Jan 2008 Known Issues: See post https://vborg.vbsupport.ru/showpost.php?p=1419557&postcount=19

It displays a blank page with the text to be obfuscated when using the Quick Reply function. Seems to be AJAX related, I'm looking into it.

Just a note to add that there is a color change for the text within the tags - you can change this simply after installing by going to your AdminCP -> Plugins & Products -> Plugin Manager, and editing the Safe Tags plugin by replacing the hexadecimal RGB value with your own.

In other words, find:
<span style=\"color:#00bbc5\">
and replace the #00bbc5 with your own value.

nice job

now this seems like a REALLY cool concept. I say MOTM!!!

Excellent addition .. thanks thalamus :up:

good work.... testing!

Very nice! Thanks!

From one 'old-guy' to another, thanks Thalamus! This is certainly getting the MOTM vote from me! Not because I was the guinea-pig beta test site, but because this is simply EXCELLENT!

/me Clicks (already) Installed!

Kudos!

cool idea -I am just wondering what type of text you would want to obfuscate from search engines, though? Also, is there an icon available for use in the text editor?

I just installed this, and tried it out and got a weird error. I wrote:

this is hidden this is visible

and submitted the post.

After I posted, instead of the page refreshing and taking me to the page where my post was, instead it displayed an all white page that only said "this is hidden" in the upper left corner, and nothing else.

When I refreshed the forum, the post was there, and the text was hidden, but I did receive that error when posting. I am running a SEO engine, I don't know if that makes a difference, but just thought I would let you know.

thanks yoyoyo - I've had a look and cannot replicate the problem - did you View the Page Source on your errored page? I don't have any SEO engines so I can't comment unfortunately, but the safetags plugin only uses two hooks as can be seen in your AdminCP->Plugins & Products->Plugin Manager. It doesn't change any templates apart from appending a <script> tag at the end of the headinclude.

An icon can be added in your BBCode Manager as the information is stored as a Custom BBcode tag.

cool idea -I am just wondering what type of text you would want to obfuscate from search engines, though?

Take a look at my sig and you will understand why some forums need this.

Excellent work! Congratulation's on your 1st great add on! :D

thank you tF and yes, it's pretty essential for some forums (;)) to have this kind of function :)

An icon can be added in your BBCode Manager as the information is stored as a Custom BBcode tag.

Beat me to it... Here's a donation for anyone that wants to add a custom icon for the bbCode.

Many thanks TigerWare! :up:

Thank you very much for this! This will be a great help for my site, where we don't want personal information walking off.

/me clicks installed.

I just installed this, and tried it out and got a weird error. I wrote:

this is hidden this is visible

and submitted the post.

After I posted, instead of the page refreshing and taking me to the page where my post was, instead it displayed an all white page that only said "this is hidden" in the upper left corner, and nothing else.

When I refreshed the forum, the post was there, and the text was hidden, but I did receive that error when posting. I am running a SEO engine, I don't know if that makes a difference, but just thought I would let you know.


Yes I have the same problem. It's a problem with the Quick Reply AJAX it seems, if you submit a post with the custom tag in the Quick Reply it will do this. Unfortunately I haven't found a solution to it yet, hopefully somebody else knows something.

I am using 3.6.4 and not 3.6.8 though, is it possible something changed between these versions that might do it?

Yes I have the same problem. It's a problem with the Quick Reply AJAX it seems ...
I am using 3.6.4 and not 3.6.8 though, is it possible something changed between these versions that might do it?

I can confirm this too on 3.6.8 PL2 with a quick reply.

Thanks for reporting this; it's something that hadn't come up during development.

I'll have a look at it and see how it develops... meantime I've amended the first post to reflect the bug.

Figured it out. It has to do with the usage of document.write() inside of the script tags. For example, inside of handle_bbcode_safe, this works:
return "beefy";
And so does this:
return "<script language=\"javascript\" type=\"text/javascript\"> donothing(); </script>;
But this does not:
return "<script language=\"javascript\" type=\"text/javascript\"> document.write( decode64( '$fixed' ) ); </script>";

For some reason, using the write function here buggers it up when using AJAX. The solution is to modify some existing html instead. To do this, make a div to modify, and assign it a random id, then edit the innerHTML of it. It should look like this in the end:

$safeId = vbrand(1, 1000000);
return "<div id=\"safe_container_$safeId\"></div><script type=\"text/javascript\"> document.getElementById('safe_container_$safeId'). innerHTML = decode64('$fixed'); </script>";


That should work!

Thanks for that, Gwyrgyn! :up:

I did a quick checkup, and found the applicable notes here:

http://www.w3.org/MarkUp/2004/xhtml-faq#docwrite

since AJAX is a "standards-based presentation using XHTML and CSS" this would obviously affect it.

I'll go through the code tomorrow and do a check; then if it all works and I'm happy with it I'll update the product.

Many thanks again... I hope the above will explain it for others who may come across the same situation :)

OK, seems to work great with the quick reply, but quick edit is obviously handled differently as when a quick edit is saved, the text within the safe tags does not show on the page. However, it is there and shows again once the page is refreshed... I'll check further into it. I'll leave the first post bug report as is for now.

Unfortunately, I've not been able to spend much time on looking at fixing this mod for the quick reply functions, and I'm not sure how they'll work within the new 3.7 version so with regret, I have to remove my support for this modification.

Thanks to those of you who downloaded and provided me with feedback; perhaps at some future date I may be able to get back to it (time and inclination permitting).