Win the Spam Arms Race

function safeAddress($emailAddress, $theText, $theTitle, $xhtml, $isItSafe) {
// Version 1.5 - by Dan Benjamin - http://www.hivelogic.com/
// set $isItSafe = 1 to get escaped HTML, 0 for normal HTML
// set $xhtml = 1 if you want your page to be valid for XHTML 1.x
// you can call it like this: 
//<?php echo safeAddress($entity, $linkText, $titleText, 1, 1); ?>

    $ent = "";
    $userName = "";
    $domainName = "";
    
    for ($i = 0; $i < strlen($emailAddress); $i++) {
        $c = substr($emailAddress, $i, 1);
        if ($c == "@") {
            $userName = $ent;
            $ent = "";
            } else {
            $ent .= "&#" . ord($c) . ";";
            }
    }

    $domainName = $ent;
    
    if ($xhtml == 1) {

    $endResult = "<script type=\"text/javascript\">
<!--
document.write('<a href=\"mailto:$userName&#64;$domainName\" title=\"$theTitle\">$theText<\/a>');
// -->
</script>";

    } else {
        $endResult = "<script language=\"JavaScript\" type=\"text/javascript\">
<!--
document.write('<a href=\"mailto:$userName&#64;$domainName\" title=\"$theTitle\">$theText<\/a>');
// -->
</script>";

    }
    if ($isItSafe) {
        return(htmlentities($endResult));
    } else {
        return($endResult);
    }
}