Let’s Make An E-Mail Form! Bonney Armstrong GD 444 Westwood College February 9, 2005.
13
Let’s Make An E-Mail Form! Bonney Armstrong GD 444 Westwood College February 9, 2005
-
Upload
emery-snow -
Category
Documents
-
view
214 -
download
0
Transcript of Let’s Make An E-Mail Form! Bonney Armstrong GD 444 Westwood College February 9, 2005.
Let’s Make An E-Mail Form!
Bonney ArmstrongGD 444
Westwood CollegeFebruary 9, 2005
Elements In A Feedback Form
• Their name• Their email address• Their phone number• Any comments they
might have• Any options you
might want to include– More information?– Rate something?– Join newsletter?
How The HTML Looks – Getting Started
<form action="http://www.himblau.com/cgi-bin/FormMail.pl" method="post">
• This piece of code uses the POST method• It goes between the <body> and </body> tags• It refers to a Perl script placed in the CGI or CGI-BIN
directory
How The HTML Looks – Hidden Fields
<form action="http://www.himblau.com/cgi-bin/FormMail.pl" method="post"> <input type="hidden" value="[email protected]" name="recipient"> <input type="hidden" value="http://www.himblau.com/feedback.htm"
name="redirect"> <input type="hidden" value="Feedback/Help" name="subject"><input type="hidden"
value="REMOTE_HOST,REMOTE_ADDR,REMOTE_USER,HTTP_USER_AGENT" name="env_report">
• The email address is where the results will be sent• The URL is where the page will redirect to once the
information has been submitted via POST method• You can specify the subject line of the email to be sent• Sending along the environment variables can be helpful
in troubleshooting
How The HTML Looks – Input Fields
<form action="http://www.himblau.com/cgi-bin/FormMail.pl" method="post">
<input type="hidden" value="[email protected]" name="recipient">
<input type="hidden" value="http://www.himblau.com/feedback.htm" name="redirect">
<input type="hidden" value="Feedback/Help" name="subject">
<input type="hidden" value="REMOTE_HOST,REMOTE_ADDR,REMOTE_USER,HTTP_USER_AGENT" name="env_report">
<textarea name="comments" rows="6" cols="40"> </textarea>
Name <input size="40" name="name">
E-Mail <input size="40" name="email">
Telephone <input size="40" name="telephone">
Fax <input size="40" name="fax">
<input type="checkbox" value="call_me_right_now_its_urgent" name="URGENT"> Please contact me as soon as possible!
• There are various elements to a form - <textarea>, <input>, etc.• Give each element a descriptive name (since this will appear in your
email) with NO SPACES (underlines are OK)• Leave enough room in the <input> elements for users’ data
How The HTML Looks – SUBMIT And RESET Buttons
<form action="http://www.himblau.com/cgi-bin/FormMail.pl" method="post"> <input type="hidden" value="[email protected]" name="recipient"> <input type="hidden" value="http://www.himblau.com/feedback.htm" name="redirect"> <input type="hidden" value="Feedback/Help" name="subject"><input type="hidden" value="REMOTE_HOST,REMOTE_ADDR,REMOTE_USER,HTTP_USER_AGENT"
name="env_report"> We welcome your feedback! If you have comments, questions, or suggestions, please share
them with us. Thanks! Comments: <textarea name="comments" rows="6" cols="40"> </textarea> May we contact you?: Name <input size="40" name="name"> E-Mail <input size="40" name="email"> Telephone <input size="40" name="telephone"> Fax <input size="40" name="fax"> <input type="checkbox" value="call_me_right_now_its_urgent" name="URGENT"> Please
contact me as soon as possible! <input type="submit" value="Submit Questionnaire" name="submit"> <input type="reset" value="Clear Form" name="clear"> </form>
• Don’t forget your SUBMIT and RESET buttons; these are reserved keywords (and keep their layout consistent)
• Enclose all field coding with a FORM end tag </form>
How The HTML Looks - Complete
<form action="http://www.himblau.com/cgi-bin/FormMail.pl" method="post"> <input type="hidden" value="[email protected]" name="recipient"> <input type="hidden" value="http://www.himblau.com/feedback.htm"
name="redirect"> <input type="hidden" value="Feedback/Help" name="subject"><input type="hidden"
value="REMOTE_HOST,REMOTE_ADDR,REMOTE_USER,HTTP_USER_AGENT" name="env_report">
We welcome your feedback! If you have comments, questions, or suggestions, please share them with us. Thanks!
Comments: <textarea name="comments" rows="6" cols="40"> </textarea> May we contact you?: Name <input size="40" name="name"> E-Mail <input size="40" name="email"> Telephone <input size="40" name="telephone"> Fax <input size="40" name="fax"> <input type="checkbox" value="call_me_right_now_its_urgent" name="URGENT">
Please contact me as soon as possible! <input type="submit" value="Submit Questionnaire" name="submit"> <input type="reset" value="Clear Form" name="clear"> </form>
FormMail.pl – Path Variables#!/usr/local/bin/perl############################################################################### Define Variables ## Detailed Information Found In README File. #
# $mailprog defines the location of your sendmail program on your unix ## system. The flags -i and -t should be passed to sendmail in order to ## have it ignore single dots on a line and to read message for recipients #
$mailprog = '/usr/sbin/sendmail -i -t';
• Know your path to Perl (your hosting provider or system administrator should know this)
• Know your path to SENDMAIL (see above)• Change only the items in red – leave everything else alone or that is
typed behind a # sign• Usually the default settings that come with the script are correct for
most Linux-based systems
FormMail.pl – Domain And IP Address
# @referers allows forms to be located only on servers which are defined ## in this field. This security fix from the last version which allowed ## anyone on any server to use your FormMail script on their web site. #
@referers = ('himblau.com','66.235.221.109');
• Again, you will only change the items in red• You will put in the name of your domain• You will put in the IP address of your domain
– If you don’t know your own IP address, open up a command or MS-DOS window, then type “ping yourdomainname.com”, using whatever your domain name is
– The IP address will appear in the window; type that number in
• This prevents other domains or servers using your system to send mail (you get charged for that bandwidth!)
FormMail.pl – Allowed E-Mail Domain
# @recipients defines the e-mail addresses or domain names that e-mail can ## be sent to. This must be filled in correctly to prevent SPAM and allow ## valid addresses to receive e-mail. Read the documentation to find out how ## this variable works!!! It is EXTREMELY IMPORTANT. #
@recipients = &fill_recipients(@referers);
• To enable email to be sent to any address within your domain, make sure that the recipients variable is set to any recipient at your specified referrer
• Since you’ve already specified that the referring domain is himblau.com in this case, all email sent to * @himblau.com will be sent
FormMail.pl – Envelope Information
# ACCESS CONTROL FIX: Peter D. Thompson Yezek ## @valid_ENV allows the sysadmin to define what environment variables can ## be reported via the env_report directive. This was implemented to fix ## the problem reported at http://www.securityfocus.com/bid/1187 #
@valid_ENV = ('REMOTE_HOST','REMOTE_ADDR','REMOTE_USER','HTTP_USER_AGENT');
# Done ###############################################################################
• This isn’t necessary, but is a nice-to-have• This enables you to put the environment variable information in the
capture area of the form and have it passed to you in the response email that you will receive
• And that’s all you have to modify!• Leave the rest of the FormMail.pl script alone• Copy it into your CGI or CGI-BIN directory• Ensure permissions are set to (CHMOD) 755 (Read and Execute)
FormMail.pl – Overview of Edited Area ############################################################################### Define Variables ## Detailed Information Found In README File. #
# $mailprog defines the location of your sendmail program on your unix ## system. The flags -i and -t should be passed to sendmail in order to ## have it ignore single dots on a line and to read message for recipients #
$mailprog = '/usr/sbin/sendmail -i -t';
# @referers allows forms to be located only on servers which are defined ## in this field. This security fix from the last version which allowed ## anyone on any server to use your FormMail script on their web site. #
@referers = ('himblau.com','66.235.221.109');
# @recipients defines the e-mail addresses or domain names that e-mail can ## be sent to. This must be filled in correctly to prevent SPAM and allow ## valid addresses to receive e-mail. Read the documentation to find out how ## this variable works!!! It is EXTREMELY IMPORTANT. #@recipients = &fill_recipients(@referers);
# ACCESS CONTROL FIX: Peter D. Thompson Yezek ## @valid_ENV allows the sysadmin to define what environment variables can ## be reported via the env_report directive. This was implemented to fix ## the problem reported at http://www.securityfocus.com/bid/1187 #
@valid_ENV = ('REMOTE_HOST','REMOTE_ADDR','REMOTE_USER','HTTP_USER_AGENT');
# Done ###############################################################################
Putting It All Together
• Upload your HTML files to the server• Ensure your FormMail.pl script is in the
right directory and has the right permissions set
• Ensure the paths are set correctly within the script
• Make sure you have access to the email account you’ll be sending to
• Test the page and check for your results!
