window.requestAnimationFrame (with high resolution timing, very precise) and window.performance.now polyfills

Two Vanilla JavaScript polyfills:

I have just adapted the window.requestAnimationFrame polyfill made by Paul Irish to work with high resolution timing automatically (when possible) and improved the performance a little bit. Here it is: https://gist.github.com/jalbam/5fe05443270fa6d8136238ec72accbc0

I have also mixed the window.performance.now polyfill made by Paul Irish with Aaron Levine’s and modified some of the code to improve it. Here it is: https://gist.github.com/jalbam/cc805ac3cfe14004ecdf323159ecf40e

Both polyfills can be used either separately or together and they will automatically detect whether the web client needs them or not. Just load them in your code (using your favourite way) and, if the client needs them, the polyfills will deploy and be used.

If you want to use them together, remember to load first the code of the window.performance.now polyfill since the window.requestAnimationFrame polyfill could need it.

Any comments are welcome!

fake_rest_server – REST server in PHP

fake_rest_server” is a simple and easy-to-configure REST server made in PHP.

I made it just to create different REST servers very fast for testing purposes. It was made on 12th May 2016 (approximately).

It can be found on GitHub: https://github.com/jalbam/fake_rest_server

Configuring the server

To add new paths (routes) and methods, the developer just needs to create a new folder structure (folder and subfolders if needed) which represents the route and inside one file per method named [method_desired].php (for example, put.php).

To start developing your REST server, you will only need to download the files inside the src/ folder.

You may want to take a look at the src/_code/functions.php file (the engine will include it automatically) as it provides some basic but useful functions. There you can also add new functions or modify the existing ones.

If you want to add data, you can use the src/_code/data/data.php file (automatically included by the engine).

If you want to add configuration data, you can use the src/_code/config.php file (automatically included by the engine).

As the engine defines the USING_REST_SERVER constant, you can protect any of the files with the following line at the beginning:

<?php if (!defined("USING_REST_SERVER") || !USING_REST_SERVER) { return; } ?>

Note: this authorization code above is also defined in the AUTHORIZATION_CODE constant (inside the the src/_code/config.php file).

Example:

1) In the root folder (where the src/_code/ folder and the src/index.php file are placed), create a folder called myRESTService/.

2) Inside the myRESTService/ folder we have just created, create another folder called user/ and inside of it create two files: index.php and get.php.

3) Inside the myRESTService/user/index.php file, place the following code:

<?php
  //Users info (this could be in the "src/_code/config.php" file, but it is just an example):
  $usersData = Array
  (
    //User IDs:
    "1" =>
      Array
      (
        "name" => "John Doe",
        "favouriteFood" => "meat"
      ),
    "2" =>
      Array
      (
        "name" => "Joan Alba Maldonado",
        "favouriteFood" => "pizza"
      )
  );
  
  //Gets the data needed which has been sent through the REST client:
  $userId = getVariable("id"); //"getVariable" and other functions available in the "src/_code/functions.php" file.

4) Inside the myRESTService/user/get.php file put the following code:

<?php
  if ($userId === "") { echo "No id sent!"; }
  else if (array_key_exists($userId, $usersData))
  {
    echo $usersData[$userId]["name"] . " likes eating " . $usersData[$userId]["favouriteFood"];
  }
  else { echo "User cannot be found! (id=" . $userId . ")"; }

5) With this, we will have our REST server configured with the myRESTService/user/ route, accepting the GET method with the id parameter. This example can be found in the example_easy/ folder.

Testing the server

If you do not have a REST client, the server can be tested on any web browser by adding the debug=1 parameter to the URL as well as the method parameter with the method desired (not needed if the method is GET), as for example: http://localhost/fake_rest_server/src/index.php/route_1/subroute?method=post&debug=1&username=Joan

Following the example above, you can use a web browser to visit the following links:

http://localhost/route_to_the_REST_server/index.php/myRESTService/user/?method=get&debug=1&id=1 (it should show “John Doe likes eating meat”)

http://localhost/route_to_the_REST_server/index.php/myRESTService/user/?method=get&debug=1&id=2 (it should show “Joan Alba Maldonado likes eating pizza”)

http://localhost/route_to_the_REST_server/index.php/myRESTService/user/?method=get&debug=1&id=3 (it should show “User cannot be found! (id=3)”)

http://localhost/route_to_the_REST_server/index.php/myRESTService/user/?method=get&debug=1 (it should show “No id sent!”)

Note that the “/” character at the end of the route is optional.

Final comments

It is very easy to extend using PHP language. The project already includes some examples with routes, methods, functions and data as user accounts, etc. as examples (in both the example/ and the example_easy/ folder) but they can be deleted.

The only really-needed code is located in the src/ folder. Inside of it, the route_1/ folder and all of its content can also be deleted since it is just an example.

License

This project can be used, reproduced, distributed and modified freely for any non-commercial purposes but always keeping the author’s name and copyright clauses. Other than that, just use this project as you wish but never sell it!

EASPM123 – Get rid of spam emails!

EASPM123 (Email Anti-Spam 123) is an Easy-to-use JavaScript API that protects any email address you want to use in your website from spambots. First version (1.0) was released in November 2015.

It works in any browser with JavaScript support, even old ones (including Internet Explorer 5.0), offers different security options (very configurable) and it is just 2.57 KiB minified. If you want, you can easily configure it to be used with many languages at the same time.

Despite of this, this script should consider as a way to improve safety against spambots but not the unique method. A good anti-spam for your email (server or client) is still always recommended.

It can be found on GitHub: https://github.com/jalbam/easpm123

Basic idea

The basic idea is to disguise the email address by modifying it using a text that will be removed by the script when the desired JavaScript events are fired (or, if desired, automatically when the document is loaded).

Most spambots will not fire those JavaScript events or, even if they did it, many of the times will not catch the email address after doing it but the previously-shown email address (so they will end with a non-valid email address which includes the text that should have been removed).

The text to be removed should be human-understandable so that a human being could figure out the real email in the case that JavaScript was disabled or something failed. Under these circumstances, to help any human-being to figure out the real email address, this script uses the so-called “without-no-spam” elements which are elements containing the instructions that the human-being should follow to get the real email address. These “without-no-spam” elements will be removed automatically by the script if JavaScript is available.

As nowadays many spambots can already translate “AT” and “DOT” to “@” and “.” respetively, to improve safety this script provides a way to translate any desired text to the AT (@) symbol. The key here is to use a non-so-famous text that no spambot will understand at all.

There are different ways to use this script detailed below, some safer than others. Please, continue reading.

Usage

You can download the project from GitHub directly to include it in your project or you can also use one of the following commands while you are in your project:

Bower:

bower install easpm123

Yarn:

yarn add easpm123

npm (it will need a package.json):

npm i easpm123

The behaviour can be configured easily through the main (and unique) object the script uses (for more information, you can read the instructions in README.htm). But if you are lazy, although it would be less safe, you just need to include the .js file in your website and change the class name (or add to the current classes a new one) of the elements containing the links to the emails (the class name should be “easpm123” by default).

In order to start using this API, the “.js” file you choose (for example, easpm123_min.js which is already minified) must be included in your document. The most common way to do this is by using a tag:

<!-- NOTE: Edit the "src" property to point to the right location of the .js file: -->
<script src="easpm123_min.js" type="text/javascript" language="javascript"></script>

If we decide to use the main (and unique) object, this is how it looks like:

EASPM123
(
    autoLoad,
    //Next values can be set to null to force using default ones or use
    //an empty array if you do not want any value at all:
    linkClasses,
    withoutNoSpamElementClasses,
    linkIDs,
    withoutNoSpamElementIDs,
    textsToClear,
    atSymbolAliases,
    eventNames
);

The parameters accepted are the following ones:

Parameter Type Default value Mandatory? Description
autoLoad boolean true No If it is set to true, the script will be loaded automatically (the run method will not be needed to be called) when the document is ready. If it is set to false, all the rest of parameters will be ignored and they will need to be used in the run method instead.
linkClasses array of strings [“easpm123”] No Class names used by the tags (which contain a link to an email address) that will be affected.
withoutNoSpamElementClasses array of strings [“easpm123_label”] No Class names of the “without-no-spam” elements that will be removed.
linkIDs array of strings [“easpm123”] No IDs used by the tags (which contain a link to an email address) that will be affected.
withoutNoSpamElementIDs array of strings [“easpm123_label”] No IDs used by the “without-no-spam” elements that will be removed.
textsToClear array of strings [“NO_SPAM_WELCOME”] No Texts to be removed (case sensitive) from the email address.
atSymbolAliases array of strings [“{AT_HERE}”] No Texts that will be replaced by the AT (@) symbol.
eventNames array of strings [“mouseover”, “click”, “touchstart”] No Events that will fire the script. Those events will be attached to all affected tags (which contain a link to an email address) and also to all the affected “without-no-spam” elements. Use an empty array to run the script automatically without events.

Note that, except for the first parameter (autoLoad), all the rest of the parameters can accept the null value if we want to use their default value or can also accept an empty array (as for example the [] value) in the case that we do not want any value at all. In the case of the last parameter (eventNames), using an empty array will force the script to run its magic automatically without having to fire any event (not recommended as the safety would be decreased).

If the autoLoad parameter is set to false (not recommended), the rest of parameters will be ignored and the run method will have to be called manually when desired (always after the document has been loaded!). This method accepts the same parameters as the main object except the first one (it does not need the autoLoad parameter). Read below to see an example showing how to use it.

Have in mind that, as soon as the script is included, it will run itself once with the default options. We can run it again (through either the main object or the run method), if desired, after that.

The main object can only be used before the onload event of the window object is fired. If we want to run the script after that, we need to use the run method instead. In fact, the run method can only be used after the onload event of the window object is fired.

See the examples below for more information.

Example #1 – Easiest way for the developer (not so safe), with just HTML:

Note that, after the script is included, it immediately modifies the onload event of the window object (keeping any previous event, so it will not override anything) to execute itself after some milliseconds (it does not do it immediately to get rid of some spambots which will not have this into account). If, during the time between the inclusion of the script and the milliseconds (100 by default) before its executed itself, the onload event of the window object is overrided, this example will simply not work.

This way, any tag whose id is easpm123 or class property contains the easpm123 class, will be affected. The default text to remove from the email will be “NO_SPAM_WELCOME” and the “{AT_HERE}” text will be replaced by the AT (@) symbol.

The text inside of the elements whose id is easpm123_label or class property contains the easpm123_label class will be removed automatically when the page loads. These elements are called “without-no-spam” elements and are useful for the users when JavaScript is not available.

The real email address will be shown when the user is over or clicks or taps the email link (the tag described above).

HTML:

<!-- Using ID: -->
<a id="easpm123" href="mailto:email{*AT_HERE*}NO_SPAM_WELCOMEexample.com">email{*AT_HERE*}<del style="text-decoration:line-through;"><s>NO_SPAM_WELCOME</s></del>example.com</a>
<span id="easpm123_label">(without NO_SPAM_WELCOME)</span>
<br />
<!-- Using class: -->
<a class="easpm123" href="mailto:email{*AT_HERE*}NO_SPAM_WELCOMEexample.com">email{*AT_HERE*}<del style="text-decoration:line-through;"><s>NO_SPAM_WELCOME</s></del>example.com</a>
<span class="easpm123_label">(without NO_SPAM_WELCOME)</span>

Example #2 – Easiest way for the user (very unsafe), with a bit of JavaScript and HTML:

This methods needs a little bit of JavaScript (using an empty array as the eventNames parameter) but will not need any event fired by the user. The script and its magic will be performed automatically. The users can be happier this way but some spambots will be too. Safety wise, this method is not recommended.

As we are using the main object, this must be run before the onload event of the window object is fired.

JavaScript:

EASPM123(true, null, null, null, null, null, null, [] /* eventNames */);

HTML:

Use the same HTML code from the Example #1.

Example #3 – Second easiest way for the user (still unsafe), with a bit of JavaScript and HTML:

This will be little bit safer than the Example #2 as we change default values by the desired ones. Different IDs and class names have been used just to show how it works.

As we are using the main object, this must be run before the onload event of the window object is fired.

JavaScript:

EASPM123
(
    true, //autoLoad.
    ["class_email_link", "class_email_link2"], //linkClasses.
    ["class_without_no_spam_label", "class_without_no_spam_label2"], //withoutNoSpamElementClasses.
    ["id_email_link", "id_email_link2"], //linkIDs.
    ["id_without_no_spam_label", "id_without_no_spam_label2"], //withoutNoSpamElementIDs.
    ["WITHOUT_THIS_TEXT", "TAKE_THIS_OUT"], //textsToClear
    ["[PUT_AT_HERE]", "{HERE_AN_AT_SYMBOL}"], //atSymbolAliases.
    [] //eventNames.
);

HTML:

<!-- Using ID: -->
<a id="id_email_link" href="mailto:email[PUT_AT_HERE]WITHOUT_THIS_TEXTexample.com">email[PUT_AT_HERE]<del style="text-decoration:line-through;"><s>WITHOUT_THIS_TEXT</s></del>example.com</a>
<span id="id_without_no_spam_label">(without NO_SPAM_WELCOME)</span>
<br />
<a id="id_email_link2" href="mailto:email[PUT_AT_HERE]WITHOUT_THIS_TEXTexample.com">email[PUT_AT_HERE]<del style="text-decoration:line-through;"><s>WITHOUT_THIS_TEXT</s></del>example.com</a>
<span id="id_without_no_spam_label2">(without NO_SPAM_WELCOME)</span>
<br />
<!-- Using class: -->
<a class="class_email_link" href="mailto:email{HERE_AN_AT_SYMBOL}TAKE_THIS_OUTexample.com">email{HERE_AN_AT_SYMBOL}<del style="text-decoration:line-through;"><s>TAKE_THIS_OUT</s></del>example.com</a>
<span class="class_without_no_spam_label">(without NO_SPAM_WELCOME)</span>
<br />
<a class="class_email_link2" href="mailto:email{HERE_AN_AT_SYMBOL}TAKE_THIS_OUTexample.com">email{HERE_AN_AT_SYMBOL}<del style="text-decoration:line-through;"><s>TAKE_THIS_OUT</s></del>example.com</a>
<span class="class_without_no_spam_label2">(without NO_SPAM_WELCOME)</span>

Example #4 – Not-so-easy way for the user (safer), with a bit more of JavaScript and HTML:

This is like the Example #3 but only firing the script under the default events (onmouseover, onclick and ontouchstart) and not automatically.

As we are using the main object, this must be run before the onload event of the window object is fired.

JavaScript:

EASPM123
(
    true, //autoLoad.
    ["class_email_link", "class_email_link2"], //linkClasses.
    ["class_without_no_spam_label", "class_without_no_spam_label2"], //withoutNoSpamElementClasses.
    ["id_email_link", "id_email_link2"], //linkIDs.
    ["id_without_no_spam_label", "id_without_no_spam_label2"], //withoutNoSpamElementIDs.
    ["WITHOUT_THIS_TEXT", "TAKE_THIS_OUT"], //textsToClear
    ["[PUT_AT_HERE]", "{HERE_AN_AT_SYMBOL}"], //atSymbolAliases.
);

HTML:

Use the same HTML code from the Example #3.

Example #5 – A little-bit-more-difficult way (a bit safer), with more JavaScript and HTML:

This is like the Example #4 but using the run method instead of the main object. So instead of running the script automatically we will do it manually.

Note that the main object must be used before the onload event of the window object is fired but the run method must be run after that.

For safety purposes, the main object waits by default 100 milliseconds before it runs the script automatically. In this example we will wait a little bit more to add even more safety.

JavaScript:

setTimeout
(
    function()
    {
        EASPM123.run
        (
            ["class_email_link", "class_email_link2"], //linkClasses.
            ["class_without_no_spam_label", "class_without_no_spam_label2"], //withoutNoSpamElementClasses.
            ["id_email_link", "id_email_link2"], //linkIDs.
            ["id_without_no_spam_label", "id_without_no_spam_label2"], //withoutNoSpamElementIDs.
            ["WITHOUT_THIS_TEXT", "TAKE_THIS_OUT"], //textsToClear
            ["[PUT_AT_HERE]", "{HERE_AN_AT_SYMBOL}"], //atSymbolAliases.
            []
        );
    },
    300
);

HTML:

Use the same HTML code from the Example #3.

Improving safety

To improve the safety and get rid of as many spambots as possible I recommend the following:

  1. Do not fire the script automatically (without needing events). So, do not do as the Example #2 or Example #3.
  2. Do not use the default values for the text which replaces the AT (@) symbol. Use your imagination to invent new ones. Look at the Example #4.
  3. Do not use the default values for the text which should be removed from the email address. Use your imagination to invent new ones. Look at the Example #4.
  4. Do not use the default values for the classes or IDs (for both, elements and the “without-no-spam” elements) and use your own ones. Look at the Example #4.
  5. Use the run method instead of the main object and call it some milliseconds after the onload event of the window object is fired. Look at the Example #5.
  6. Images or other elements instead of text can be used inside the “without-no-spam” elements to make it harder for the spambots to figure out the email address. Have in mind that some browsers can have images disabled or even some people could not see them properly.
  7. You can consider about using other events instead of the default ones to fire the script. That could, maybe, improve safety.
  8. If you are paranoid enough, you can consider using different ways to obfuscate the strings in the arrays used in the optional parameters and also use other ways of obfuscating. Again, use your own imagination.

Final comments

Following the instructions and some guidelines (included inside the package), the email addresses should be human-understandable even when JavaScript is disabled.

If you are tired of being spammed, you should try this little script (with an email address which spambots do not know yet!).

Live example: http://htmlpreview.github.io/?https://github.com/jalbam/easpm123/blob/master/test_min_eval.htm

License

Forbidden to use without keeping the author’s name and copyright clauses. Other than that, just use this script freely but never sell it!