Your Contact Form
Here is a simple contact form that I created to show how code should be written to work properly with FormMail.pl:
<html> <title>ReptileLabs - Contact Information</TITLE> <LINK REL="SHORTCUT ICON" HREF="favicon.ico"> <BODY BGCOLOR="#000000" text="#9E98BC" LINK="#FF5CFF" ALINK=[ccc] "#FF0000" VLINK="#FFA240"> <body> <meta name="description" content="" <meta name="keywords" content="" <font face="Arial" size="+1"> <center><font face="MS Sans Serif,Arial" size="-1">All site[ccc] content ©1995-2004 by <a href="http://reptilelabs.com">[ccc] ReptileLabs</a> unless otherwise noted.<br>Text content /[ccc] website design by <a href="http://reptilelabs.com">ReptileLabs[ccc] </a> unless otherwise noted.</font></font> <hr> <H2 ALIGN="center"><font face="Times New Roman,Serif">[ccc] ReptileLabs Contact Page</font></H2></center> <p> <form action = "http://www.ecis.com/cgi-bin/cgiwrap/~alizard/[ccc] FormMail1.pl" method = "POST">
This next line must be inserted in your contact form HTML to make FormMail.pl work. Everything else is optional. This tells the browser where to look for the script. You can get this information from your provider.
<input type=hidden name="recipient" value="firstname.lastname@example.org">
The line containing the e-mail address tells the script where to e-mail the form. However, that's the minimum. I chose to implement more functionality in mine. One adds processing functions by adding the other "hidden name" fields from the FormMail documentation. The easiest way to do this is to go to the Montana Internet Corp. FormMail.pl documentation. This enables you to click directly to the fields that you might want to try out.
You add passive data-collection functions by adding regular form fields with named values. An example is in Contact Reason below.
You might object that putting your plain-text e-mail address on your web page leaves you just as open as a conventional mailto does to spammers. Well, it does. The fix is the same: Translate the e-mail address to which you want mail forms to be sent to character entity references within the contact form HTML. Although you can use your e-mail address in the conventional form, on the actual page as uploaded, I translated my mailing address to character entity references, as shown in the "NATATA Anti-Spam Encoder" article.
???Dustin: Please link to the appropriate article here. James says it hasn't been posted yet. Krista
This is how the line looks when the e-mail address is translated to character entity reference format:
<input type=hidden name="recipient" value="aliz[ccc] email@example.com">
I added a fixed subject in the line below so that e-mail from that page could be filtered directly into a mail folder on my e-mail client, using the value as a text string for the filter to operate on.
<input type=hidden name="env_report" value=",REMOTE[ccc] _ADDR,HTTP_USER_AGENT">
This instructs the script to collect and send you information containing the defined "environment field," which contains information collected by the web server. In this case, the information is the IP address that the user is coming from and the kind of browser in use.
The following line prints the information that would ordinarily be seen only within the subject field header of the e-mail message within the body of the message text. This might be useful in database and other processing of the form content.
<input type=hidden name="required" value="email,realname,messagetext">
Here, required means that if a user doesn't fill in all the required values, that user gets an error page, not an acknowledgment of mail sent.
<input type=hidden name="subject" value="Contact Form-Reptilelabs">
Choosing a subject here means that you can set your e-mail client to automatically filter it into a special mail folder for site-related e-mail. I used a separate Contact Reason field to allow users to choose a subject and to make further filtering possible, if desired.
<input type=hidden name="redirect" value="http://www.ecis.com/~alizard/confirmed.html">
This allows you to send users to a specific page (for example, a "Your mail has been sent!" page) after successfully completing and submitting the form. This is not required; the FormMail script provides one, but doing this means that you can make the confirmation page look like the rest of your site.
<p> <font face="MS Sans Serif,Arial" size="-1"> <b>Fields marked * are required</b> <b>*Name <br><input type = "text" maxlength = 200 size = 35 name =[ccc] "realname" value = ""> <br> <b>*E-mail </b> <br><input type = "text" maxlength = 200 size = 35 name =[ccc] "email" value = ""> <p> <b>Contact Reason </b><p><select name = "contact_reason"> <option selected>ReptileLabs <OPTION>I've read one of A.Lizard's published articles, and... <OPTION>I've read one of A.Lizard's public posts and... <OPTION>There is a security or other problem with the site itself <OPTION>Anything else </select>
I used a drop-down menu to constrain user choices to the ones listed; you can use a text field to allow free choice instead.
This is not from the list of optional entries in the FormMail documentation. You can add your own, and the FormMail script will process the information that your web form collects for you. This is what makes this script such a flexible and powerful tool.
<p> *Message <br><textarea name = "messagetext" cols = 40 rows = 5>[ccc] </textarea>
This is where the user enters the message. This isn't from the optional entries list, either.
<img src = "" border = 0 width = 150 height = 40> <p> <input type = "reset" value = "CLEAR"> <input type = "submit"[ccc] value = "SEND"> </form> </table> <hr> <b><font face="MS Sans Serif,Arial" size="+0"> <center><a href="index.html">Home</a> </html>
Note that you can put anything you please in the HTML file, as long as you use unique words in each form element value field; the value names are listed along with the entries filled in by the user. The print_blank_fields command prints all fields, including empty fields not filled in. Many possibilities exist, and you can find them at the FormMail.pl documentation page listed above.
Figure 4 shows what the contact form web page looks like.
Figure 4 Contact form browser display.
Figure 5 shows what my "confirmed" page looks like. (Code is not provided because anything will work.) You should put in some sort of indication that the mail was, in fact, sent, or some users will try repeatedly until they get boredand you will get mail repeatedly from the same user.
Figure 5 Confirmed page browser display.
Here is the result:
==== end quote Date: Sun, 13 Jun 2004 22:23:42 -0700 To: firstname.lastname@example.org From: email@example.com (A. Lizard) Subject: Contact Form-Reptilelabs Below is the result of your feedback form. It was submitted by A. Lizard (firstname.lastname@example.org) on Sunday, June 13, 2004 at 22:23:42 ------------------------------------------------------------------------ email: email@example.com subject: Contact Form-Reptilelabs contact_reason: ReptileLabs messagetext: test ------------------------------------------------------------------------ REMOTE_ADDR: 22.214.171.124 HTTP_USER_AGENT: Mozilla/4.0 (compatible; MSIE 6.0; Windows 98) Opera 7.21 [en] ==== end quote
Note the REMOTE_ADDR. If anyone tries to spam or otherwise abuse your mail, the ISP or network origin of the abuse can usually be determined via a whois lookup of the IP address given. This is why I enabled that environment variable.