?
Solved

Form Mail – Complete Solution

Posted on 2005-04-12
14
Medium Priority
?
171 Views
Last Modified: 2013-12-25
Hi Guys,

I’m looking for several form mail solutions here so I am prepared to provide the points accordingly. I require a simple ‘Feedback’ form mail to allow visitors to enter a name, email address and of course the feedback itself.

Secondly, I would like to have a ‘Tell A Friend’ page on my site as well. I would like to to BCC an address that I specify as well. This field must be one I can remove if I don’t want to receive the Emails however!

I am happy to provide the HTML layout of the forms, and the Emails if someone feels they are able to help me. We can also discuss further points... :-)

Hope someone can help!!!!
0
Comment
Question by:SR301
  • 7
  • 6
14 Comments
 
LVL 51

Accepted Solution

by:
ahoffmann earned 500 total points
ID: 13770742
First FormMail: http://nms-cgi.sourceforge.net/

Second: Are you aware that such a page could be used to send spams or other unsolicited mails?
 If you don't check each To: Bcc: Cc: and mail body yourself that may become a high risk.


0
 

Author Comment

by:SR301
ID: 13771112
If I'm only dealing with the persons name, email address and that of a friend with a message I set, how could that be an issue ?
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 13771182
> ..  I would like to have a ‘Tell A Friend’ page
I guess you mean that this is a input field where a user keys in an email address of her choice.
0
Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

 

Author Comment

by:SR301
ID: 13771803
Exactly ! Beyond that, you can't really send SPAM to someone...

So, If you feel you are able to help me come up with a custom solution, I'm happy to pass on the points... :)
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 13772770
> .. you can't really send SPAM to someone..
what you want to implement makes it a 30 second task for me to make your site a spam-relay sending tons of mails with you as sender :-))

Please rethink about that functionality, or describe what you want to do.
0
 

Author Comment

by:SR301
ID: 13773051
Well, if I can't allow users to inform friends of my website and then pass on an Email to myself to let me know such an operation has been completed, what can I do ??? What options do I have ???

Hell, whats the point of me having the feedback form ??
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 13773170
> Hell, whats the point of me having the feedback form
not having you in the feedback is the problem, but allowing *any* email address as recipient.
0
 
LVL 18

Assisted Solution

by:kandura
kandura earned 500 total points
ID: 13776422
I agree with ahoffman, that it is a potential spam gateway to allow sending uncontrolled mail from any address to any address through your site. I see spam attempts on my web servers every day on urls such as /cgi-bin/formmail.pl.

On the other hand, the feature you want is very nice to have, and can be a great community builder.
If you take care to strip the messages from all forms of html, and use a non-standard url (that is, don't install an off-the-shelf script in its default location), you're pretty safe, in practical terms anyway.
Just keep an eye on the traffic!
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 13776828
> use a non-standard url ... you're pretty safe, in practical terms anyway.
practical that costs me 31 instead of 30 seconds ;-)

if the result of the form to be send as mail is not controlled by humans, the risk of unwanted use is very high.
The only (currently known) way to prevent from use by automatic scripts are captchas (or client certs or something similar).

0
 

Author Comment

by:SR301
ID: 13777209
Is limited only to CGI scripts ? Or for all languages? (PHP, ASP and so on?)

kandura: In regards to not using a off the shelf script, thats exactly what I DIDN'T want to do because I not only wanted to have full control, but avoid any of these problems... Is it possible somehere can help me with this and as I said before, come up with a custom solution ?
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 13779237
>  Or for all languages?
all.
this is a logical problem, not a language-specific

> come up with a custom solution ?
as I said: use captchas or something similar
0
 

Author Comment

by:SR301
ID: 13787328
What the hell are "captchas" lol ?
0
 

Author Comment

by:SR301
ID: 13787334
Never mind, the penny has just dropped...
OK, With that now said, are you able to help me in this regard ?
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Making a simple AJAX shopping cart Couple years ago I made my first shopping cart, I used iframe and JavaScript, it was very good at that time, there were no sessions or AJAX, I used cookies on clients machine. Today we have more advanced techno…
This article will show, step by step, how to integrate R code into a R Sweave document
Learn the basics of lists in Python. Lists, as their name suggests, are a means for ordering and storing values. : Lists are declared using brackets; for example: t = [1, 2, 3]: Lists may contain a mix of data types; for example: t = ['string', 1, T…
The viewer will learn how to count occurrences of each item in an array.
Suggested Courses
Course of the Month16 days, 8 hours left to enroll

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question