Best way to customize custom fields with a third party plugin?
This topic contains 5 replies, has 4 voices, and was last updated by 
Brigitte 5 years ago.
We have moved to a support ticketing system and our forums are now closed.
Open Support Ticket-
AuthorPosts
-
May 14, 2019 at 12:04 pm #486358
Hello, I want to secure ALL e-mails and phone numbers on my directory. I use for this a third party plugin that offers me to encrypt these informations (JS encrypt).
I have the choice to use 4 different methods with this plugin.
1) Using a shortcode:
[eeb_content]contact@site.com[/eeb_content]2) Using a function template:
<?php if (function_exists('eeb_content')) { echo eeb_content('Encode this text'); } ?>3) Using a hook action:
<?php add_action('eeb_ready', 'extra_encode_filters'); function extra_encode_filters($eeb_object) { add_filter('some_filter', array($eeb_object, 'callback_filter')); } ?>4) Using regular expressions:
<?php add_filter('eeb_email_regexp', 'change_email_regexp'); function change_email_regexp($regexp) { return '-your regular expression-'; } ?>I do not ask you how to do it because it does not concern you (third plugin), but rather what is the best of the 4 methods to use with GeoDirectory?
I found on the forum a function to activate shortcodes in all custom fields, but apparently it is not safe.
Thank you.
May 14, 2019 at 5:55 pm #486455Hi,
I asked to Stiofan to let us know.
Thanks
May 14, 2019 at 9:34 pm #486501Thank you very much Paolo.
May 14, 2019 at 9:53 pm #486505Remove the fields you want to secure from the tabs and all values for “Show in extra output locations” then add them back to the details page template using shortcodes (GD Post Meta) and wrap them in your shortcode function.
Let us know how it goes.
May 15, 2019 at 11:13 am #486609Hi Adrien,
For emails we already have basic JS obfuscation.
Every custom field has a filter to be able to override the content, the email one is here: https://github.com/AyeCode/geodirectory/blob/master/includes/custom-fields/output-functions.php#L1333
(not tested but this would prob be how i would do it:
/** * Get the html output for the custom field: email * * @param string $html The html to be filtered. * @param string $location The location to output the html. * @param array $cf The custom field array details. * @param string $output The output string that tells us what to output. * @since 2.0.0 $output param added. * @since 1.6.6 * * @return string The html to output for the custom field. */ function _my_custom_geodir_cf_email($html,$location,$cf,$p='',$output=''){ // check we have the post value if(is_numeric($p)){$gd_post = geodir_get_post_info($p);} else{ global $gd_post;} if(!is_array($cf) && $cf!=''){ $cf = geodir_get_field_infoby('htmlvar_name', $cf, $gd_post->post_type); if(!$cf){return NULL;} } // Block demo content if( geodir_is_block_demo() ){ $gd_post->{$cf['htmlvar_name']} = 'testing@example.com'; } $html_var = $cf['htmlvar_name']; // Check if there is a location specific filter. if(has_filter("geodir_custom_field_output_email_loc_{$location}")){ /** * Filter the email html by location. * * @param string $html The html to filter. * @param array $cf The custom field array. * @param string $output The output string that tells us what to output. * @since 2.0.0 $output param added. * @since 1.6.6 */ $html = apply_filters("geodir_custom_field_output_email_loc_{$location}",$html,$cf,$output); } // Check if there is a custom field specific filter. if(has_filter("geodir_custom_field_output_email_var_{$html_var}")){ /** * Filter the email html by individual custom field. * * @param string $html The html to filter. * @param string $location The location to output the html. * @param array $cf The custom field array. * @param string $output The output string that tells us what to output. * @since 2.0.0 $output param added. * @since 1.6.6 */ $html = apply_filters("geodir_custom_field_output_email_var_{$html_var}",$html,$location,$cf,$output); } // Check if there is a custom field key specific filter. if(has_filter("geodir_custom_field_output_email_key_{$cf['field_type_key']}")){ /** * Filter the email html by field type key. * * @param string $html The html to filter. * @param string $location The location to output the html. * @param array $cf The custom field array. * @param string $output The output string that tells us what to output. * @since 2.0.0 $output param added. * @since 1.6.6 */ $html = apply_filters("geodir_custom_field_output_email_key_{$cf['field_type_key']}",$html,$location,$cf,$output); } // If not html then we run the standard output. if(empty($html)){ global $preview; if ($cf['htmlvar_name'] == 'geodir_email' && !(geodir_is_page('detail'))) { return ''; // Remove Send Enquiry from listings page } if ($gd_post->{$cf['htmlvar_name']}) { $field_icon = geodir_field_icon_proccess($cf); $output = geodir_field_output_process($output); if (strpos($field_icon, 'http') !== false) { $field_icon_af = ''; } elseif ($field_icon == '') { $field_icon_af = ''; } else { $field_icon_af = $field_icon; $field_icon = ''; } $is_elementor_preview = class_exists( 'GeoDir_Elementor' ) && GeoDir_Elementor::is_elementor_view() ? true : false; // Check if elementor preview $email = $gd_post->{$cf['htmlvar_name']} ; $value = ''; if ( ! empty( $email ) && ( $email != 'testing@example.com' ) && ( $e_split = explode( '@', $email ) ) && ! defined( 'REST_REQUEST' ) && ! $is_elementor_preview ){ $value .= eeb_email($email,"Mail me"); } elseif ( ! empty( $email ) && ( ( defined( 'REST_REQUEST' ) && REST_REQUEST ) || $is_elementor_preview ) ) { $value .= "$email"; } else { $value .= $email; } $html = ''; if($output=='' || isset($output['icon'])) $html .= '' . $field_icon_af; if($output=='' || isset($output['label']))$html .= (trim($cf['frontend_title'])) ? ''.__($cf['frontend_title'], 'geodirectory') . ': '.'' : ''; if($output=='' || isset($output['icon']))$html .= ''; if($output=='' || isset($output['value']))$html .= stripslashes( $value ); $html .= ''; } } return $html; } add_filter('geodir_custom_field_output_email','_my_custom_geodir_cf_email',11,5);Stiofan
May 16, 2019 at 1:19 pm #486849You’re right Stiofan, it’s better to use the GeoDirectory feature rather than a third-party plugin for this type of use. But I did not understand the code that you copied me is not integrated with GeoDirectory? Should I add it in functions.php?
Today the stats are undeniable: the biggest sources of spam are E-MAILS & PHONES NUMBER. Would it be possible to also protect the custom field related to the phone?
Moreover, there are now 3 types of protection for these 2 sensitive datas (email & phone):
1) JS Rot13 – The SAFEST method using a rot13 method in JavaScript.
2) JS Escape – Pretty safe method using JavaScipt’s escape function
3) Html Encode – Not recommended, equal to antispambot() function of WordPressAny chance one day that GeoDirectory v2 users can protect this data with option 1 or 2?
It should not be forgotten that directories are the major target of scraper robots. For example in France the largest national directories obviously protect all these 2 data.
-
AuthorPosts
We have moved to a support ticketing system and our forums are now closed.
Open Support Ticket