Welcome to WebmasterWorld Guest from 54.167.83.224

Forum Moderators: phranque

Message Too Old, No Replies

can you send a form in an email?

is this possible

     
10:57 am on Jun 25, 2009 (gmt 0)

Junior Member

5+ Year Member

joined:Nov 7, 2007
posts: 46
votes: 0


Can you send an HTML form in an email that will POST the form data to a MySQL database or, at worse, to my email?

I can't find much about this and it does strike me that I never really get forms showing up in my inbox. So is it

1. Something people don't do because it's difficult?
2. Something people don't do because it's impossible?
3. Something people don't do because it's a stupid idea?

12:23 pm on June 25, 2009 (gmt 0)

Senior Member

WebmasterWorld Senior Member piatkow is a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month

joined:Apr 5, 2006
posts:3284
votes: 12


No idea if it is theoretically possible but the sheer varety of email systems available means that it isn't feasible. Put the form on a page and include a link.
12:28 pm on June 25, 2009 (gmt 0)

Junior Member

5+ Year Member

joined:Nov 7, 2007
posts: 46
votes: 0


Thanks for replying Piatkow. That seems like a very sensible way of looking at it.

Can I make the form only available to people to have received the email?

The aim is to make the experience look and feel personal, rather than a big, open, public experience.

12:30 pm on June 25, 2009 (gmt 0)

Senior Member

WebmasterWorld Senior Member 5+ Year Member

joined:Feb 12, 2006
posts:2492
votes: 22


you probably could do it. if you use GET it would only ever send a URL anyway, which is just a text string.

you'd just have to make sure that the URL on the form was an absolute one.

and you'd have to thoroughly check and santise any data that you receive from it. because there would be nothing to stop anyone rewriting the form's HTML before they press submit. you could literally receive anything.

1:01 pm on June 25, 2009 (gmt 0)

Junior Member

5+ Year Member

joined:Nov 7, 2007
posts: 46
votes: 0


Ah! Didn't think of that Londrum (people re-writing the HTML)

So I guess the most secure way is to do what Piatkow says and point my email recipients at a HTML page hosted by me?

However, I think I have to go and read about GET/POST to understand your first line. I know its the two main ways but I barely know what POST means (it puts the data into the db, right?)

1:20 pm on June 25, 2009 (gmt 0)

Senior Member

WebmasterWorld Senior Member 5+ Year Member

joined:Feb 12, 2006
posts:2492
votes: 22


neither GET or POST will put the data into a database by themselves. they are just different ways of sending the same stuff over.

it is what you do with the data when you receive it that puts it into the database.

you'd still have to properly check the data even if the form was hosted on your own site, because there's nothing to stop people rewriting the form there either. (they'd just have to download the HTML, change it, and make sure the URL sent it straight back to yours. it's surprisingly easy to do)

if you don't check the data, both ways are as insecure as each other.

1:27 pm on June 25, 2009 (gmt 0)

Junior Member

5+ Year Member

joined:Nov 7, 2007
posts: 46
votes: 0


Oh!

Looks like I'd better turn this bloody laptop off, stop playing Scrabble on Facebook and actually read this "PHP & My SQL for DUMMIES" book that's cluttering up my desk.

Thanks Londrum.

1:52 pm on June 25, 2009 (gmt 0)

Senior Member

WebmasterWorld Senior Member kaled is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Mar 2, 2003
posts:3710
votes: 0


I've never tried it, but if you can use <iframe> in an html email, that would be the simplest solution (by simply using a standard form).

However, since people do not expect forms in their email, I doubt that any method used to achieve this is a good idea.

Kaled.

2:51 pm on June 25, 2009 (gmt 0)

Senior Member

WebmasterWorld Senior Member rocknbil is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Nov 28, 2004
posts:7999
votes: 0


I've played around with this a bit.

Email clients are not browsers; they don't post forms like browsers do. If you send a properly formatted html email, the form indeed appears in the email but when you try to submit it just goes to the URL in the action of the form, like a link. It doesn't bring any of the form fields with it.

It *might* work in web-based mail services, but those are likely to squelch forms for security reasons.

Recent discussion [webmasterworld.com]

3:46 pm on June 25, 2009 (gmt 0)

Junior Member

5+ Year Member

joined:Nov 7, 2007
posts:46
votes: 0


rocknbil - thanks for that redirect. The other thread is well worth reading.

Kaled - <iframe> sounds interesting too. There's anotehr thing I'll have to go and look up.

9:25 am on June 26, 2009 (gmt 0)

Administrator

WebmasterWorld Administrator phranque is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Aug 10, 2004
posts:10542
votes: 8


the iframe still won't work unless you have a web enabled email client or web email.
you should design your email to work as plain text.
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members