i have made a static site with only html static pages but now i want a contact us from where in one can recieve the info entered by user via mail.so, basically i want to know whether i can send email using HTML like using javascript or something if yes then please help.
You can't send an email with just HTML (From the Front-End) unless you don't mind interacting with a third party service provider which can do the back-end process for you.
Otherwise, you need to use the Back-End, the most common and easiest way to do this is with PHP.
Your "send mail" code would ultimately have to execute on the server, which requires a postback from the HTML page, but the HTML page (or its (script) contents) can't (and shouldn't, even if possible) use local (the user's) settings and facilities to send email.
NO! JavaScript can’t email a form! but, there are alternatives to send the form data to an email address.
PHP mail() function is the best in my eye. Read more about it here: PHP mail() function
Related
I want to create a feedback form where the users input data and when they press submit button, all the data entered is received by the admin at an email address which has been predefined in the code.
i don't want to use "mailto" as it opens another service. Is there any way to send data to email through the HTML form itself?
Forms send data to the URL specified in the action attribute.
mailto: URLs, which you have sensibly ruled out, are highly unreliable.
The only other kind of URL which can be usefully used is an http(s) URL where it is then processed by server side code.
If you want to send the emails to a different address then you need to change the server side code so it doesn't use a single address.
After a lot of research, I have decided to use https://formsubmit.co for this purpose. The details are present in their documentation.
It was exactly what I wanted, and completes my requirements. Thank you to everyone for their help.
I have created a contact form through Wordpress. As of now, I am using a mailto tag, but it opens my Outlook every time. I want to send the contact form to the required email without any client-side action. For that, I planned to use a PHP script by using a plugin like PHP-Execute.
But, my boss is saying that I should avoid using a PHP script as it has bad security implications. Does anybody know what else can I use to send the contact form to my email that does not involves PHP scripts?
What you are asking is impossible. If you want to avoid mailto:, then you must use server-side technology. Because you are using Wordpress, the obvious choice here is PHP.
Your boss's argument makes no sense. Yes, server-side technology has risks. But that's an argument against using Wordpress or even having a website at all. It is not an argument against turning a form submission into an email on an existing Wordpress site.
There are plenty of good contact-form plugins. Use one of those and always keep it updated.
I would like to know if it's possible to provide an email certificate (signed by a recognised CA) so the user clicking on the mailto link can send encrypted email to the owner of the cert ?
hello#gmail.com
Is there any way to do that using the mailto link or using some JS ? Given the mailto link is handled by a local email client, should be possible ?
If there is no direct way to do this, how to make it?
One option is a web form for message sending, served via HTTPS. The server-side handler of the form would compose an encrypted mail on the server and then send it via SMTP. This provides almost the same level of security as direct encryption (given that your server is secure). Unfortunately there's no other simple way to do what you want. Of course, you can put a link for your .cer file download and tell the user to download the .cer file and use it to compose an encrypted mail, but how would you deal with GMail users and mobile users? Web form is more flexible and easier to use for the sender.
You can look up what you according to the current specification can do with a mailto URL in RFC 2368. You'll see that it only refers to the construction of the mail text and headers, not their encoding or encryption. There may be extensions for some mail clients, but that's not something one should generally count on.
Furthermore, Web mail users generally will have problems with such links anyways. Thus, for a solution that has to be usable by anyone, a scheme counting on some client side program is not a good choice.
Thus, some Web form as mentioned by #Eugene accessable only via https would best serve your requirements.
I have a contact form where the email is actually accessible in the source, because I'm using a cgi file to process it. My concern are the mail crawlers, and I was wondering if this is a no-go and I should switch to another more secure form. Or, if there was some tricks to 'confuse' the crawlers ? Thanks for your ideas.
If you're putting the destination address of the email in the HTML form, then not only is it a problem for mail crawlers, but spammers will use your contact form for spamming other people. All they would have to do is submit the same form with a different address in that field, and your mail server will happily send their message to a third party. You do not want to do this, as your server will quickly become blacklisted for sending spam.
If by source you mean the HTML source, then absolutely that's a problem. Can you edit the cgi file to hardcode it there?
I always convert the characters of email addresses (including the mailto statement if applicable) into character entities. This seems to work nicely, I have yet to receive automated spam on certain email addresses which are available in this manner on different websites. This converter illustrates what I mean.
Yes, you should avoid that to minimize spamming.
An easy way would be to just obfuscate the e-mail, replacing . with -dot- and # with -at- etc.
If a human needs the address, he knows what that he has to perform
If your CGI script takes this address as input, it has to de-obfuscate first, reverting all obfuscations.
Ok, get this.
I have been assigned to write an html form to be EMAILED to clients so that they can fill it in and submit it FROM THE EMAIL CLIENT! apparently emailing a link to the existing form on our website is not good enough.
I am still trying to get my head around this as it seems almost void of common sense, but anyways, my guess is that I will have no way of validating data, and if actually works, how will the user know? WTF?????
Get this, They will be emailing both a pdf and an html doc to clients, I tried putting my case forward but apparently the marketing pro's say IT IS POSSIBLE AND MUST BE DONE, WORKING BY FRIDAY!
This is not a good idea on many fronts:
Not all email clients will support a form post from HTML
see: http://www.campaignmonitor.com/blog/post/2435/how-forms-perform-in-html-emai/
No clientside validation
What's exactly wrong with a link?
How are you getting data from PDF form submission? You can get expensive form tools from Adobe: http://www.adobe.com/government/forms.html
Some spam / av checkers will dispose of form based emails.
There are only two possiblities: first one the mail client must have a php runtime environment to run the php script locally, also an embedded mail server - which isnt the case for the most of them. Second one is that your mail client acts like a browser and displays the form (which is located still on the internet) in his mail viewing window (which is perhaps possible but i dont know any common mail client doing this).
So you either submit a link to the form or you construct the mail this way, that there're placeholders to be filled and submitted like a normal mail response.
This idea is plainly wrong. You're creating a phishing vector for your company which could expose them to huge legal liability. Just ask them how much money they are going to be putting into the legal defense fund in order to pay out for the lawsuits they are going to lose.
An adobe pdf server is about the only reasonable method for doing this, but that takes lots of cash and work on your network to support a new type of server.
It's generally bad idea. Most email clients only allow limited HTML, with limited CSS and without any JavaScript at all.
See: http://www.sitepoint.com/code-html-email-newsletters/
Many mail clients will not allow submitting any form (at least with standard security settings).