homepage Welcome to WebmasterWorld Guest from 54.161.236.229
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Visit PubCon.com
Home / Forums Index / WebmasterWorld / Webmaster General
Forum Library, Charter, Moderators: phranque & physics

Webmaster General Forum

    
can you send a form in an email?
is this possible
dr_paul




msg:3940149
 10:57 am on Jun 25, 2009 (gmt 0)

Can you send an HTML form in an email that will POST the form data to a MySQL database or, at worse, to my email?

I can't find much about this and it does strike me that I never really get forms showing up in my inbox. So is it

1. Something people don't do because it's difficult?
2. Something people don't do because it's impossible?
3. Something people don't do because it's a stupid idea?

 

piatkow




msg:3940171
 12:23 pm on Jun 25, 2009 (gmt 0)

No idea if it is theoretically possible but the sheer varety of email systems available means that it isn't feasible. Put the form on a page and include a link.

dr_paul




msg:3940172
 12:28 pm on Jun 25, 2009 (gmt 0)

Thanks for replying Piatkow. That seems like a very sensible way of looking at it.

Can I make the form only available to people to have received the email?

The aim is to make the experience look and feel personal, rather than a big, open, public experience.

londrum




msg:3940174
 12:30 pm on Jun 25, 2009 (gmt 0)

you probably could do it. if you use GET it would only ever send a URL anyway, which is just a text string.

you'd just have to make sure that the URL on the form was an absolute one.

and you'd have to thoroughly check and santise any data that you receive from it. because there would be nothing to stop anyone rewriting the form's HTML before they press submit. you could literally receive anything.

dr_paul




msg:3940187
 1:01 pm on Jun 25, 2009 (gmt 0)

Ah! Didn't think of that Londrum (people re-writing the HTML)

So I guess the most secure way is to do what Piatkow says and point my email recipients at a HTML page hosted by me?

However, I think I have to go and read about GET/POST to understand your first line. I know its the two main ways but I barely know what POST means (it puts the data into the db, right?)

londrum




msg:3940194
 1:20 pm on Jun 25, 2009 (gmt 0)

neither GET or POST will put the data into a database by themselves. they are just different ways of sending the same stuff over.

it is what you do with the data when you receive it that puts it into the database.

you'd still have to properly check the data even if the form was hosted on your own site, because there's nothing to stop people rewriting the form there either. (they'd just have to download the HTML, change it, and make sure the URL sent it straight back to yours. it's surprisingly easy to do)

if you don't check the data, both ways are as insecure as each other.

dr_paul




msg:3940204
 1:27 pm on Jun 25, 2009 (gmt 0)

Oh!

Looks like I'd better turn this bloody laptop off, stop playing Scrabble on Facebook and actually read this "PHP & My SQL for DUMMIES" book that's cluttering up my desk.

Thanks Londrum.

kaled




msg:3940225
 1:52 pm on Jun 25, 2009 (gmt 0)

I've never tried it, but if you can use <iframe> in an html email, that would be the simplest solution (by simply using a standard form).

However, since people do not expect forms in their email, I doubt that any method used to achieve this is a good idea.

Kaled.

rocknbil




msg:3940272
 2:51 pm on Jun 25, 2009 (gmt 0)

I've played around with this a bit.

Email clients are not browsers; they don't post forms like browsers do. If you send a properly formatted html email, the form indeed appears in the email but when you try to submit it just goes to the URL in the action of the form, like a link. It doesn't bring any of the form fields with it.

It *might* work in web-based mail services, but those are likely to squelch forms for security reasons.

Recent discussion [webmasterworld.com]

dr_paul




msg:3940314
 3:46 pm on Jun 25, 2009 (gmt 0)

rocknbil - thanks for that redirect. The other thread is well worth reading.

Kaled - <iframe> sounds interesting too. There's anotehr thing I'll have to go and look up.

phranque




msg:3940777
 9:25 am on Jun 26, 2009 (gmt 0)

the iframe still won't work unless you have a web enabled email client or web email.
you should design your email to work as plain text.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / WebmasterWorld / Webmaster General
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved