Email obfuscate

Please note: This feature is already supported in the core, see below.

Email obfuscate

Version 0.1

Obfuscate email addresses to prevent spam. It will probably not stop all, but hopefully stop some of them.


  1. Add email-obfuscate folder to site/plugins/.



In the panel add a new kirbytext tag, like this:



You can also use it in the template like this:

echo obfuscateEmail( '' );
echo obfuscateEmailLink( '' );

For humans it will output:
<a href=""></a>

For robots it will output some encoded characters.



Initial release


Kirby 2.3

Based on

The obfuscating is based on an answer on stackoverflow.

1 Like

FYI: If you use the email kirbytag, the mail address is obfuscated automatically.


Whaat!?? So I spent 2 month developing this thing and it was already there all the time!? :smiley: :wink:

I could not find that in the docs.

Well, the information is hidden :wink: but it’s there:

you poor lil’ thing, haha …:stuck_out_tongue_winking_eye:

I’ve also heard of a certain search engine said to be quite helpful in such cases …

Would be awesome to have that sentence here as well:

you poor lil’ thing, haha

Maybe not 2 month but like 15 min maybe. :slight_smile:

Yes, I think we can invest a minute to update the docs …:slight_smile:

Edit: Done.


Besides the email Kirbytag there is also the str::encode() function if you want to use it in a template. :wink:

1 Like

Maybe it is worth mentioning, that the markdown version (<>) is not obfuscated.


I have shut down the plugin as the same function is already in the core:

Hey guys, how does the core method work with email panel field?

I’d like to use panel field’s validation but output an obfuscated email. is there a better way?
if using:

    label: Email
    type: email

Then have to:

  <a href="mailto:<?php echo str::encode($site->email()) ?>">
    <?php echo str::encode($site->email()) ?>


    label: Email
    type: text
<?php echo $site->email()->kt() ?>


The panel fields are simply used for a nice way to interact with the data. They do not change how it is rendered. Since rendering is done outside of the panel, you need to manage obfuscation in your template, or use the kirbytag email like you mentioned.

You can also use the email function:

It’s what the kirbytag email uses to generate it’s obfuscated email. Use it inside your <p> tag. It creates that <a href="mailto: tag with obfuscated email.

1 Like

Thanks, I really missed that one in the docs.

  <?php echo html::email($site->email()) ?>



And finally for completeness’ sake, there also the kirbytag() helper, which you can use with any kirbytag:

    echo kirbytag(array(
      'email'  => '',
      'text'  => 'Contact us'

Brilliant :slight_smile: I should use that more often !

@texnixe, would it not be a good idea to include either the kirbytag() approach or the html::email($site->email()) or the str::encode() one in the docs? (or both?) I use them veeery often, and since people are asking (and spending two months developing plugins :stuck_out_tongue_closed_eyes:), it seems I’m not alone.

@daizumi Yes, any idea where to best put this?

I would suggest in the Email Field page, under an In templates/snippets headline, like you do for checkboxes here.

1 Like

I have tried both

<?php echo html::email($information->email()) ?>


<a href="mailto:<?php echo str::encode($information->email()) ?>">
    <?php echo str::encode($information->email()) ?>

And neither of them show the email address obfuscated in the inspector. Am I missing something? Any pointers would be appreciated.

The inspector often decodes the entity encoding again for better readability. Please take a look at the raw source code – it should contain the encoded version.

I wrote a small plugin to automatically encode emails in kirbytext and to provide a fieldMethod to apply the same filter to other fields, e.g. block-textfields.

This also works if a email gets wrapped in an A-Tag, because only the emails found are converted to encoded characters.

I imagine this is useful, in order that no rawtext email gets output on the website.

Maybe it’s also useful for someone here:


class Encode {
  public static function email ($value) {
    return Str::encode($value);

  public static function emailsInText ($text) {
    $text = preg_replace_callback('/[A-Z0-9\._%+-]+(@)[A-Z0-9\.-]+(\.)[a-z]{2,6}/i', function($match) {
      return Encode::email($match[0]);
    }, $text);
    return $text;

Kirby::plugin('site/encode', [
  'fieldMethods' => [
    'encodeEmail' => function ($field) {
        $field->value = Encode::email($field->value);
        return $field;
    'encodeEmails' => function ($field) {
      $field->value = Encode::emailsInText($field->value);
      return $field;
  'hooks' => [
    'kirbytext:after' => function ($text) { return Encode::emailsInText($text); }