|
|
|
Start new subject | Reply to this subject
|
[1] 2 
|
 jacobjohn7 |
Sun, 03/08/08@14:22
|
|
Hi,
could someone kindly direct me with a problem i have encountered. I am using dreamweaver, i know where all the form items are and how to place them, question is how do you produce a form that is pulls all the answers together and sends them as an email request. Any help greatly appreciated.
PS: i know nothing AT ALL about code, but cobble them together through designer interface, being a graphic designer.
Many thanks
John
|
Kemistri |
Sun, 03/08/08@16:02
|
|
(I have a feeling of deja vu....)
You validate and parse form data into an e-mail, database entry, or HTML output using PHP.
|
jacobjohn7 |
Sun, 03/08/08@19:08
|
|
sorry for covering old ground.. but its a first for me... i have the form done now, only thing is cant find any area to type in the link so that the info goes off somewhere... any answers in plain english appreciated.
|
gerri-atrick |
Sun, 03/08/08@19:28
|
|
ahhhh another one .....frommail from here click here try it its easy and safe, i use it a lot :)
|
Kemistri |
Sun, 10/08/08@01:27
|
|
Are you still stuck? Sorted?
|
jacobjohn7 |
Sun, 10/08/08@20:40
|
|
hi gerri, and thanks for link, well i have downloaded, but what now... i have the code, but do i have to amend the code (which will be v much beyond me) or do i paste in the code. I have actually created the look and content of the form in dreamweaver, so i presume i have fit this in somewhere ... put the code somewhere, question is where. Many thanks for all help so far.
|
gerri-atrick |
Sun, 10/08/08@21:36
|
|
click here will answer all your questions :)
|
jacobjohn7 |
Sun, 10/08/08@22:03
|
|
hi thanks for that gerri... i have had a look through that already, but I am not grasping it... i cant get my head behind the rationale... procedures of this. I have a form created in dreamweaver... do i paste the code within my contacts page html file... or do I upload the code to the server seperately, and it finds it place?? I must stress i know nothing about coding and when i look at it, i dont know where or what to amend... surely if you can create a form on dreamweaver then surely you can configure it to send info to an email address, rather like the mailto command for a normal email link... cheers.
here is the page in question... click here
|
Kemistri |
Sun, 10/08/08@22:11
|
|
Simple general steps as follows:
1. Write your HTML mark up.
2. Create or adapt a PHP script.
3. Call the file like this:
<form method="post" action="script.php">
form continues.....
</form>
4. Place the script on the server in the same folder as the mark up.
Now test your form and the PHP's security to make sure that it works as expected.
|
jacobjohn7 |
Mon, 11/08/08@22:47
|
|
Hi kemistri, is there anywhere I can go for ABSOLUTE beginners with regard to forms... is there an easy way..? It will seem easy to yourself, but I do not understand code at all, (as I have said) so point number 1 is already a confusing area for me... all I know about is how to create an HTML file via dreamweavers design side (NOT code) sorry to explain this again, but you guys who are conversant with code must understand that someone coming on here without knowledge of code, and with a problem can't understand references to anything suggesting writing any code... however simple.. with PHP, for example do you insert PHP within HTML files, or do they sit seperately.. to add further confusion someone else has advised that I look for a CGI form template... the site is on 123reg server (not my choice) anyway, all help and time to given to give help is appreciated. John
|
jacobjohn7 |
Mon, 11/08/08@22:49
|
|
ie: what is the 'mark up' ? I put my html files up to the server and it adds the relevent graphic files needed automatically..... so where does the from details go?
|
Kemistri |
Tue, 12/08/08@00:11
|
|
The hard reality is that you need to understand code in order to develop websites: otherwise, you will get stuck as soon as you try to do even a basic thing like this that takes you out of your WYSIWYG comfort zone. You will make it easier for yourself (and those who try to help you) if you have some basic coding knowledge and you understand commonly used terminology.
Mark up is the term that we use for HTML/XML/etc. Plain text content languages in other words.
PHP can be inserted into an HTML/XHTML/XML document, but it is not good practice. Just like it isn't good practice to bung CSS declarations in an HTML document, and for the same reasons. It's less flexible; itmakes your life harder down the line; and it's a bit messy.
Do not touch old-fashioned CGI with a bargepole unless you want a great big security hole. PHP is not just used for its power but its security potential too. It can do things that Perl-based coding can never do.
|
jacobjohn7 |
Tue, 12/08/08@09:07
|
|
thanks kemistri, i know what you are saying re:learning fundamentals of coding.. (prob a dummies guide would be a good starting point) but I am not going to learn it in time for my current problem.... only thing is I had info from 123reg that they accept CGI and not PHP... so is it a case of advising a switch to a better server...
I have looked a form mail.. and downloaded an 'amendable' version (if i only knew which parts to amend!) so in theory I just upload that seperately to server, and i will work out what its connected to/meant to be doing for the website.. I just cant get my mind round why in simple terms there isnt a box on dreamweaver to supply email link in with regard to the submit button.... anyway, my search continues. But at least I know what not to touch now... thanks again. Anyone out there, who was in the same boat as myself and found a good non coder friendly solution to this problem... help greatly appreciated.
|
Kemistri |
Tue, 12/08/08@12:20
|
|
Your hosting situation renders this more than a little academic, to be honest, but the host will need to change if you want to use a form and do it properly. With a Perl-based CGI, you might as well leave a plain-text mailto link and live with all the attendant problems that it will bring.
If you want to pursue the PHP method in the future, let me know.
|
SimpleSimon1 |
Tue, 12/08/08@18:06
|
|
A Perl/CGI Solution I know Kemistri has a pretty low opinion of Perl/CGI solutions and, if I had his knowledge, I'd probably feel the same. However, being a relative newbie, I too needed a fairly easy solution
I hear what Kemistri says about the relative lack of security compared with PHP and I'm sure he's correct. However, a couple of extra wrinkles on a basic PERL script were suggested to me (see below). All I can say is that, so far, they do seem to have worked....
Forms seem a bit scary but, when you've read a couple of articles, you realise that they're actually pretty easy. I achieved this (click here) with no knowledge of PERL or PHP. All I used was a standard drop-in mail script which can be downloaded from many places on the web (whoever's hosting your site will almost certainly have a copy available to you).
Generating the form was pretty easy cos Dreamweaver did all work. However, even if you're coding by hand, a quick glance at my HTML code should show you how it's done.
Once you've got the form, you need a script to actually send the email. Generally people will tell you to use the FormMail script (download from the developers website) and your hosting ISP will almost certainly have a copy, as well.
However, many people (including the author of FormMail) suggest that the original FormMail script is now generally recognised as insecure (see few few paras of article here click here).
Consequently, they recommend using nmsFormMail as a drop-in replacement (available here click here)
Take a look at the html source on my contact form and you should see how it all hangs together. The key line you're looking for (which actually links the form to the script) is:
<form name="ContactForm" id="ContactForm" method="post" action="scripts/LetsTalk.cgi">
LetsTalk.cgi is simply the renamed FormMail script.
Lastly, the people on my second link (Horizon Web Developement) have come up with a neat way of stopping spambots using your form (thus saving you having to set up keyword filtering). The article describes exactly how it is done but basically, it's a very simple script mod (two lines of code) (plus a hidden field on your form).
Although I know nothing about PERL, after reading the article at the link (and the 'rwedge solution' in the associated codingforums link), it took me slightly less than 2 mins to configure the script and implement the anti-spam changes in it and the form. IMPORTANT: If you are going to do this, don't forget to comment out the CGI.pm as described in the blog comments.
The result seems to work perfectly (so far, at least!).
The nice thing about this approach was that it needed no coding skill - the hidden field mod was done by cut and paste from the blog. Kemistri is one of our resident PHP experts and he can do the same sort of thing via a PHP script. However, I get the impression that PHP isn't for novices like me.
Anyway, nmsFormMail PERL script or PHP script....either should work so the choice is yours.
Good Luck, Simon
|
Kemistri |
Tue, 12/08/08@18:50
|
|
There are one or two problems with filtering hidden form fields, one of which I hope is already obvious, but I'll cover it anyway. Most assistive technologies (those that ignore most or all CSS) will not take notice of any visibility declarations and thus will present that content to their users. So while Joe Average ignores the field and gets his message through, anyone for whom CSS is an issue will usually fill in the filtered field and their message will fail.
Quite apart from that, spambots sending messages to you alone are just one small part of the security picture. Bigger issues include form hijack; multiple submissions; code injection; flaw exploitation; abuse and foul language; and so on. It's not very nice out there unfortunately and while you're far from certain to be hit by these issues, you may be.
By the way Simon; you may want to replace your Javascript field validation ASAP. It only takes a script blocker (or JS disabled in the browser) to bypass client-side validation. All validation needs to be done server-side, where it is fully under your control.
|
MAJ |
Tue, 12/08/08@22:02
|
|
I see Kemistri is still trying to baffle people. ;)
Try this simple, free, PHP feedback form, jacobjohn7, click here It doesn't filter out bad language etc. (IIRC) but it's secure in the fact that it can't be accessed to find out your email address. It's a good one to get you started and fairly easy to understand when you open it in Notepad. When you follow the wizard on that page you will be presented with some code, copy and paste that code into Notepad and save it as "feedback.php" (witout the quote marks). That's the PHP bit done.
Now create three pages in Dreamweaver:
1. feedback.htm -- that's your form as it will appear on your site.
2. thankyou.htm -- thanks your visitor for sending feedback.
3. error.htm -- page that appears if your visitor doesn't fill in the form correctly.
Then upload: feedback.php, feedback.htm, thankyou.htm and error.htm to the same folder as your other pages.
Your feedback.htm file will look something like this in code view of Dreamweaver (paste between the Head tags):
<form action="feedback.php" method="post">
<table border="0" cellpadding="8" cellspacing="8" summary="feedback form">
<tr><td>Name:</td><td><input type="text" name="name" size="25" /></td></tr>
<tr><td>Email address:</td><td><input type="text" name="email" size="41" /></td></tr>
<tr>
<td colspan="2">
Comments or Queries:<br />
<textarea rows="15" cols="45" name="comments"></textarea>
</td>
</tr>
<tr>
<td align="center" colspan="2">
<input type="submit" value="Send Feedback" /><br />
<a href="click here">Powered by thesitewizard.com</a>
</td>
</tr>
</table>
</form>
|
MAJ |
Tue, 12/08/08@22:37
|
|
But as Kemistri says above, since your host doesn't support PHP, it wont work.........
|
jacobjohn7 |
Tue, 12/08/08@23:03
|
|
many thanks maj. now thats more or less straight forward. Now I have someone giving advice based on the market, and not on what they know. I will tell you how I get on, but many thanks for giving time to give advice.
|
Kemistri |
Tue, 12/08/08@23:46
|
|
MAJ, that comment is unnecessary and unfair: I am trying to help people.
Your suggested script definitely does not rank as secure by any modern standard. Off-the-peg scripts are very rarely complete, unfortunately, but that is one of the least effective and is effectively flawed as a result: for example, the strings that I usually use would have to be taken from at least two of the most thorough scripts that I have seen.
Incidentally, your form seems to be missing its labels, IDs, and tabindex markers. I'm not sure if that's deliberate for the sake of the example, but it just leaves newbies thinking that there's nothing more to add.
|
|
[1] 2
|
|
Total threads 330646 | Total posts 2151670 | Total users 295505
|
|
Forums > Webdesign
|
Back to top
|
