Welcome to WebmasterWorld Guest from

Forum Moderators: coopster & jatar k & phranque

Message Too Old, No Replies

Formmail - NMS Perl Script

Request help w/ a few variables

10:04 pm on Sep 29, 2009 (gmt 0)

New User

5+ Year Member

joined:Sept 29, 2009
posts: 1
votes: 0

Hello Webmaster Forum --

I am looking for a little help with Formmail. I'm using the updated NMS Perlscript (used to be "Matt's formmail" with security updates). It seems to be the only one that works on this site that I can find.

I'm not a programmer, and am concerned about setting up the formmail variables SAFELY, for a simple site w/ one email recipient.

The README file has me confused.
It states to populate "@allow_mail_to" and also has a "@recipients" variable.
It states that if confused (and already using the @allow_mail_to) it is best "NOT to put anything" for "@recipients" -- which by default, displays as this:

@recipients = ();

Is " (); " the same as "not putting anything"?

I ask because the same value " (); " for "@referers" is described in the same README file as No Referrer Checking, thus - allowing ANY other website to process your form.pl for THEIR web forms. And This value was also the default!

The README also states that there is risk in putting an address like you@domain.com because the "." can be faked, but then uses such addresses in it's examples. ((Is there a better way I should be writing URLs? I am using the "^")

Below are the fields I am confused about-- and Ask if you will kindly tell me if my syntax is producing the desired result. (safety for delivering form to one designated email address)

Many thanks in advance :)

$postmaster = 'formmail@domain.com';
@referers = qw(nn.nn.nn.nn);
@allow_mail_to = ('^kathy\@domain\.com');
@recipients = ('^kathy\@domain\.com');
%recipient_alias = (); <<?

[edited by: phranque at 11:49 am (utc) on Oct. 7, 2009]
[edit reason] obscured ip [/edit]

12:10 pm on Oct 7, 2009 (gmt 0)


WebmasterWorld Administrator phranque is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Aug 10, 2004
votes: 8

welcome to WebmasterWorld [webmasterworld.com], Kathy!

@recipients = ();
Is " (); " the same as "not putting anything"?

yes - this means an empty array.

you probably want the @referers to include your domain as well as your ip address.

i would guess the @allow_mail_to limits who the script can send email to - it prevents spamming if your form allows specification of recipients.

the @recipients hard codes the (list of) email recipient(s).

the %recipient_alias allows you to specify multiple (lists of) recipients so that email addresses aren't exposed in forms and the hash allows the configuration to be used by multiple forms.