You are viewing the PKP Support Forum | PKP Home Wiki

Email the Author without login?

OJS development discussion, enhancement requests, third-party patches and plug-ins.

Moderators: jmacgreg, btbell, michael, bdgregg, barbarah, asmecher

Forum rules
The Public Knowledge Project Support Forum is moving to http://forum.pkp.sfu.ca

This forum will be maintained permanently as an archived historical resource, but all new questions should be added to the new forum. Questions will no longer be monitored on this old forum after March 30, 2015.

Email the Author without login?

Postby lednakashim » Sun Mar 06, 2011 2:41 am

I was wondering as to the best way to implement an e-mail the author feature without having to implement user registration. Is there any way to do this without writing php and only using the smarty templates and preexisting php?
Code: Select all
<a href="javascript:openRTWindow('{url page="rt" op="emailAuthor" path=$articleId|to_array:$galleyId}');">
will 404 without a logged in user.

Also, an opinion question, should some kind of e-mail obfuscation take place at this stage? How safe is http://www.smarty.net/docsv2/en/language.function.mailto.tpl. How safe is hex encoding? (the only one that seems to work)
Posts: 33
Joined: Wed Dec 29, 2010 10:23 pm

Re: Email the Author without login?

Postby mcrider » Fri Mar 11, 2011 2:34 pm

Hi lednakashim,

Thats not possible without rewriting the back-end code.. And its probably not a good idea, as it opens your system up to being used maliciously by spammers. You can use smarty's {mailto} tag instead -- We seem to use both javascript and hex encoding for this tag (you can grep OJS for 'mailto' to see examples). I'm not sure about the 'safety' of either method -- do you mean which method is least likely for crawlers to harvest the email address?

Posts: 952
Joined: Mon May 05, 2008 10:29 am
Location: Vancouver, BC

Re: Email the Author without login?

Postby lednakashim » Sat Mar 12, 2011 3:25 pm

It appears to be a fairly standard practice to show corresponding information without any authentication.
For example on http://www.nature.com/nature/journal/va ... 09851.html, one simply clicks on the author to send them an e-mail; the security is handled by a captcha.

Although I can't comment on the success of spam bots, judging by the number of users from afghanistan registered on our site (we have captcha off) I'm not quite sure if demanding registration before users can correspond will protect our authors.

I was hoping somebody would be able to muse on the problem; because enabling correspondence without authentication must be implemented on our site and I was wondering if anybody has written any code in addition to smarty's {mail}.
Posts: 33
Joined: Wed Dec 29, 2010 10:23 pm

Return to OJS Development

Who is online

Users browsing this forum: Bing [Bot] and 3 guests