Using Form Scripts

Using Form Scripts

in WEBPLUS

 

In WEBPLUS you have the built-in ability to create forms that can be sent to your email address via Serif Web Resources. This is a nice simple option that’s easy to set up, and it works well. However, some forum members want to be able to do more than just send form results to a single email address. Some have expressed the wish to save form data to a database, whilst other want to be able to post form data to more than one email address.

 

In order to do this, you must use a form script on your host server. The good news is that such scripts are not nearly as complicated to set up as you may first imagine.

 

There are many scripts available, but in most cases your hosting company will have a script ready for you to use. One of the most popular scripts is the Tectite Formmail Script that is available free of charge, and this is often the script that most web hosts use. Some WEBPLUS users have advised that this particular script has certain security vulnerabilities. However, if set up correctly, the chances of your script being used by spammers to create an email gateway are virtually eliminated.

 

In this article, we are going to use the Formmail script as an example. You will find a link later on in the article where you can configure and download a script specifically for your web site. But first, lets look at the elements of the script that you will need to understand:

 

Mangled Email Addresses: This is a security feature of Formmail. Essentially, it replaces the “@” in your email addresses with a text string that you create. For example, if you define your “Mangle” string as “htrs897rbm0915” The email addresses sent to the script will look something like this:

 

Yournamehtrs897rbm0915yourdomain.com

 

Clearly, this would not be recognised by an email harvesting bot as an email address. However, when the script processes your forms it will UN-MANGLE the address correctly. We strongly suggest that you use this feature to help prevent email harvesting on your site. When you come to configure your script (instructions later) you will be given the option of creating a “mangle” string. Just be sure that you write down the string somewhere, as you will need it whenever you set up a form in WEBPLUS.

 

Hidden Fields: Scripts, such as Formmail use hidden fields that send information to your script. Basically, these fields contain instructions on what the script must do with the form data. In WEBLUS, you will see that you can define hidden fields in your forms. When hidden fields are set up, users of your form won’t see these fields, and will not, therefore, be able to change any of the field values.

 

One of the most used hidden fields will be one named “recipients”. The value of this field will be the list of email addresses to which your form data will be sent. Again, as a security feature, you must ensure that your recipient’s email addresses are the “Mangled” email addresses. You can specify as many addresses as you want. Furthermore, you can have different email addresses for each form on your web site. So, although all your forms get processed by the same script, the “recipient” hidden field tells the script where to send that particular form’s data.

 

Continue >>>

Using Form Scripts.pdf