• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 426
  • Last Modified:

Modifying Forms in HTML Email

Hey, I'm trying to figure out whether it is possible to respond to an HTML form sent in an email.  I'm using a php script to send an email with some dropdown lists and text boxes.  I receive the email OK in Outlook Express, with the form elements displayed correctly.  Ideally, I'd like for a user to be able to modify a received form and hit the Reply button, which will send the form with all the user's changes and input back to our server for processing.

Is it even possible to send back a modified form via Reply?  In my tests, hitting Reply or Forward quotes the original form sent, and does not reflect changes the user may have made.  Is there a better way to have a user submit data filled out in an email form?

Any help would be appreciated!  Thanks.

0
DeathCheese
Asked:
DeathCheese
  • 3
  • 3
2 Solutions
 
seanpowellCommented:
Can't be done successfully, as most email clients will strip out the script required to process the form. The tried and true method is still the best - host the form on your site :-)
0
 
kellysgreenCommented:
Actually, I think you can do what you are asking. but let me see if I understand you correctly...

1) User1 fills out form on website, clicks submit.

2) form results are sent to Admin1 via email

3) Admin1 edits results, and submits them back to website.

To accomplish this, you should be able to format the initial email that Admin1 gets as HTML with a prope <form> </form> area, setting the action= value to the full URL to form parsing CGI on your webserver.  Sounds like that is the only thing you are missing...  then instead of Admin1 REPLYING to the email, they can just click the SUBMIT button embedded in the HTML form inside of the email.

ie:
<form action="http://mysite/formhandler.cgi">
<input name="Test" value="">
<input type="submit">
</form>
0
 
seanpowellCommented:
It appears that it's this:

1) User fills out form in "email client" and clicks submit.

2) form results are sent to server for processing via email

The problem is #1. You can't do this within an email...
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
kellysgreenCommented:
I dunno... it works great for me using either Mozilla or Outlook 2000 as my email client...
I just created an HTML formatted email which contains an HTML form, filled out the form & submitted the results to the web server (not a local web server either) without incident.  
0
 
seanpowellCommented:
It's because of the way your email client is set up. The latest security patches generally disable this type of scripting, so there's no way to know whether a user will be able to do this. It can be done - but it's not 100%. Indeed, it may only be 10%. Given that, the best way is to host the form on your site.

There are a number of ways to embed a form in an email that can do a "great" deal of damage - which is why the security has been tightened up :-)
0
 
kellysgreenCommented:
True, but I'm running Mozilla 1.5 and a fully patched Outlook 2000.  
Also --- one can reasonably inuit that the person who is receiving these HTML forms via email is a known entity and that their email client can be configured or modified as need be to allow for this.
0
 
DeathCheeseAuthor Commented:
The original idea is something like this:

1) User receives form in email.  Modifies it in email client.

2) User hits reply, and the results of the form are sent via email to my server.

Using an email client's standard "Reply" button to submit the data...in theory.  I wasn't sure if that was possible, and I'm leaning towards not possible now.  The other option, adding a submit button to the email form, seems more realistic.  I've got a simple form submitting from some test emails.  Though I understand that not all email clients may be able to handle the submit action.  It does certainly seem like a vulnerability.

Thanks for all your responses.
0

Featured Post

Become an Android App Developer

Ready to kick start your career in 2018? Learn how to build an Android app in January’s Course of the Month and open the door to new opportunities.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now