(dv):FormMail

  • This page was last modified on October 18, 2011, at 11:34.
The (mt) Community Wiki is a collaborative project. Any (mt) Media Temple customer or employee may contribute. Not all articles and/or content have been tested for accuracy by (mt) Media Temple.

For officially moderated and tested articles, be sure to visit our KnowledgeBase.

From (mt) Community Wiki

Contents

Use FormMail to email yourself the results of HTML forms on your websites.

Please do not use any version of FormMail older than version 1.92.

(mt) Media Temple does not support the configuration or security of any third-party script. FormMail is a very popular script which is used to send mail from your server. Both of these features make it attractive to potential hackers and spammers. While the latest version of FormMail has been stable for quite some time, please note that (mt) Media Temple cannot guarantee its security when used in conjunction with your custom web forms.

About the script

FormMail can be implemented on your server with a single script, typically called formmail.pl. This script and its documentation are available at Matt's Script Archive.


"FormMail is a generic HTML form to e-mail gateway that parses the results of any form and sends them to the specified users. This script has many formatting and operational options, most of which can be specified within each form, meaning you don't need programming knowledge or multiple scripts for multiple forms. This also makes FormMail the perfect system-wide solution for allowing users form-based user feedback capabilities without the risks of allowing freedom of CGI access. There are several downloading options available below and more information on this script can be found in the Readme file. FormMail is quite possibily the most used CGI program on the internet, having been downloaded over 2,000,000 times since 1997."

- Matt's Script Archive


Getting a copy of the script

On your (dv) Dedicated-Virtual Server, you will have to manually upload the script. You can download a copy from Matt's Script Archive. You should then upload the script to the cgi-bin for your domain via FTP.

Make sure you change the permissions set to 755 (-rwxr-xr-x). See File Permissions for details.

Editing formmail.pl variables

You will need to modify the following variable in the formmail.pl script, on line 40, or the script will not work:

formmail.pl 

@referers = ('example.com', '70.32.68.238');

It is important to put each domain, email address, or IP address inside single quote marks, with commas separating entries.

Understanding the @referers variable

This determines access for two different functions of the script. First, it determines which domains can use this script to send mail. It is important to include the domain(s) that are going to have HTML forms that reference this script.

Second, in the default configuration of the script, this variable also determines which domains can receive mail from the script. You must include the domain or specific email address that you want to receive the notifications.

If you are using one of the copies of the script that we have provided, your primary domain will already be entered in this line.

Please do NOT make the domains listed in @referers too broad. For example, if you wanted to send the results to a Gmail or Yahoo email address, it is better not to include all of "gmail.com" or "yahoo.com" in your @referers line. This will open up the form to be hacked to send to and from thousands of users on these services. Instead, you should follow the additional instructions in the next section.

Specific recipients

For security reasons (see above), you may want to send to a specific email address, rather than all email addresses at a particular domain. In this case, you should edit your @recipients variable, on line 46, to be similar to the following:

formmail.pl 

@recipients = (&fill_recipients(@referers),'^norepmt@gmail\.com');

This will allow mail to be sent to the domains listed in the @referers variable above, as well as the single Gmail address.

Syntax Notes:

  • You must include a "^" in front of your email address, and a "\" in front of any periods.
  • You will have to add an extra set of parentheses in the code, one before the "&fill_recipients" and one after the quote mark on the final email address.

Your HTML form variables

  1. You will need to include a form action that references the formmail.pl script. For example:
    myform.html 
    <form method="POST" action="/cgi-bin/formmail.pl">

    Note that the path to the script is from the root folder for your domain.

  2. You must also include a recipient in your form. This should generally be a single, hidden value. It should NOT be a field that is entered by the form user. Here is an example of a good recipient entry:
    myform.html 
    
<input type=hidden name="recipient" value="username@example.com">
  3. You can use other fields that will interact with the formmail.pl script. Some common ones are:
    • Subject: give the resulting email a subject.
    • Email: allow a user to enter a return email address.
    • Redirect: upon submission, redirect the user to another page on your site.
    • See the complete listing of fields on Matt's Script Archive.
  4. Add the form items you were interested in originally, of course! You'll be emailed the results whenever someone submits the form.

This is not intended to be a tutorial on creating HTML forms. For more information on HTML forms, see the documentation at w3schools.

Example Form

Here is an example HTML form that uses the formmail.pl script:

myform.html 

<html>
<body>
<form method="POST" action="/cgi-bin/formmail.pl">
<input type=hidden name="recipient" value="username@example.com">

<input type=hidden name="subject" value="FormMail Test - Success">
<br />
Your name: <input type=text name="realname">
<br />
Your email address: <input type=text name="email">
<br />
Message body: <input type=text name="body" size="40">
<br />
<input type="submit" value="Submit">

</form>
</body>
</html>

When you submit this form, you'll get an email similar to the following:


Below is the result of your feedback form. It was submitted by MT Test (mttest@example.com) on Monday, July 5, 2010 at 18:02:41

body: Testing

FormMail errors and troubleshooting

Error: Bad Referer

  • This error means that the script was called by a domain that is not listed in the @referers line (line 40). Add this domain to @referers to resolve the error. See the "Editing formmail.pl variables" section for details.

Error: Bad/No Recipient

  • This error means that there is no "recipient" line in your HTML form, or that the specified recipient doesn't match the @referers or the @recipients line in the formmail.pl script. See either Step 2 from the "Your HTML form variables" section above, or "Editing formmail.pl variables," also above.

Error: 500 Internal Server Error

  • The formmail.pl script must have -rwxr-xr-x (chmod 755) permissions. By default, files uploaded to the cgi-bin will have fewer permissions, so if you uploaded your own copy of the script, you will need to change these.
  • Make sure that you have used the correct syntax in any lines you edited in the formmail.pl script. You must have single quotes around values in the @referers line, commas between entries, and semicolons at the end of the line. You should be able to find the details for these types of errors in your error logs.

Other notes:

  • If you make a mistake, you can always upload a fresh copy of the formmail.pl script.
  • @referers is spelled incorrectly in the script, but must remain spelled that way.
Retrieved from "http://wiki.mediatemple.net/w/(dv):FormMail"