Mailform

Mailform is a cgi-bin script that takes the data submitted on an HTML form, and mails it to an e-mail address. The program is written in Perl.

  • The program source is available: bytes.
  • The start of an FAQ about mailform is available.
  • This program was originally designed to teach a class on how to create web forms.

Example

Here is an example of a form, and its source. All forms should start and end with:

  <form method="post" action="https://www2.ucsc.edu/its/cgi-bin/mailform">
  </form>

Between these two tags, insert the following mailform fields and your own fields. All forms using this script must contain a mailform-notify field. This field should contain the electronic mail address where you want to send the content of the form. This field must always be fixed to prevent anonymous re-mailing. For example:

  <input name="mailform-notify" type="hidden" value="username@ucsc.edu">

It may also contain the following fields which are used to modify the default behavior of the script. Here is a list of these fields and what they contain by default.

  mailform-title       Mailform
  mailform-bgcolor     #FFFFFF
  mailform-h1          (same as mailform-title)
  mailform-address     (none)
  mailform-reply       The form was sent.
  mailform-required    (none)
  mailform-wrapmargin  (none)
  mailform-environment (none)
  mailform-csv         (none)
  mailform-file        (none)
  mailform-confirm     (none)
  mailform-captcha     (none)
  mailform-sortkeys    (none)
  mailform-sortvalues  (none)

Here is an example of how you can modify them by inserting hidden fields in your form:

  <input name="mailform-title" type="hidden"
    value="UC Santa Cruz, ITS - Sample form">
  <input name="mailform-h1" type="hidden"
    value="&lt;img align=center
      src="https://www2.ucsc.edu/its/images/itslogo.jpg"
      alt="[ITS icon]"&gt;
      ITS - Sample form reply">
  <input name="mailform-address" type="hidden"
    value="UC Santa Cruz - ITS - 
      &lt;a href="mailto:username@ucsc.edu"&gt;
      Jacques Delsemme&lt;/a&gt;">
  <input name="mailform-reply" type="hidden"
    value="Thank you for trying the sample form!">
  <input name="mailform-required" type="hidden"
    value="Name Comments">
  <input name="mailform-wrapmargin" type="hidden"
    value="Comments">
  <input name="mailform-environment" type="hidden"
    value="HTTP_REFERER">
  <input name="mailform-confirm" type="hidden" value="yes">

As you can see, you need to quote any characters that could be misconstrued to be a tag, or a quote, so that they are not interpreted as the form is displayed, but rather when the reply page is displayed by the mailform program instead. Here are the most common encodings:

  "	"
  <	&lt;
  >	&gt;
  &	&amp;

Hidden tag descriptions

Here is an alphabetical list of the hidden tags:

mailform-address
Default: (none). Address at the bottom of the reply form. Used only for error messages if mailform-reply contains a URL.
mailform-bgcolor
Default: #FFFFFF. Background color of reply form. Used only for error messages if mailform-reply contains a URL.
mailform-captcha
Default: (none). If this field is present (e.g. with a value of "yes"), the form will display a captcha to prevent automated submissions of this form which should reduce the amount of spam received at the notify address. Use it only if you really need it, since it reduces the accessibility of your page to some extent.
mailform-confirm
Default: (none). If this field is present (e.g. with a value of "yes"), the email message will be carbon copied to the address listed in the E-mail field (the latter field becomes mandatory if mailform-confirm exists).
mailform-csv
Default: (none). If this field is present (e.g. with a value of "yes"), the fields will be formatted as CSV (Comma Separated Values) which is useful to import in a spreadsheet. The first line shows the names of the fields, the second line shows the values: you would save the names of the fields on the first row of your spreadsheet, then save the data (e.g. cut-and-paste) on the following lines. This is in addition to the "field name-TAB-field value" lines normally sent via email.
mailform-environment
Default: (none). Here are the most often requested environment variables:
  • HTTP_USER_AGENT: name and version of the browser
  • HTTP_REFERER: URL of the form being used
  • REMOTE_HOST: hostname
  • REMOTE_ADDR: host IP address
mailform-file
Default: (none). Save the CSV (Comma Separated Values) data in a file. This file must be writable by the web server (use with caution: allowing others to write in a file allows others the ability to delete the content of the file as well). If the file doesn't exist, the names of the fields are written as the first row, then the data; otherwise only the data is written.
The data in the form is still sent to the address specified in mailform-notify field.
mailform-h1
Default: Mailform. H1 heading of reply form. Used only for error messages if mailform-reply contains a URL.
mailform-notify
Default: (none). The only mandatory tag. It must contain a valid email address of where to send the content of the form.
mailform-reply
Default: The form was sent. Instead of a phrase, you can also insert a fully qualified URL (starting with http://) to point to a reply page of your own design.
mailform-required
Default: (none). List of required fields. The form will not be sent until people fill in those fields. Note that the program has no way to know whether it contains meaningful data, only that it contains some.
mailform-sortkeys
Default: (none). If this field is present (e.g. with a value of "yes"), the form will sort the keys (i.e. the names of the fields). If not defined, the order of the keys depends on how the browser sends them out (usually from the top to the bottom of the page).
mailform-sortvalues
Default: (none). If this field is present (e.g. with a value of "yes"), the form will sort the values (i.e. the contents of the fields, if a field is defined multiple times). If not defined, the order of the values depends on how the browser sends them out (usually from the top to the bottom of the page).
mailform-title
Default: Mailform. Title of reply form. Used only for error messages if mailform-reply contains a URL.
mailform-wrapmargin
Default: (none). This field is rarely needed any more since modern browsers interpret correctly the wrap field in the <textarea> tag.

Other tags recognized by mailform

E-mail
If you use an input field named E-mail or Email, its content will be used as the return address to the mail message, so that you can use the reply feature of your mail program to reply to the person who filled in the form. Note that you are at the mercy of the person filling out their email address correctly. Mailform only checks that the address contains an @ sign.
If mailform-confirm is defined, then the E-mail field becomes mandatory.

The mailform script

Here is the source of the Perl script. If you invoke the script by itself, you will get a short sample form, with a link to this documentation page for more information.

This script is located in /its/cgi-bin/mailform on the www2.ucsc.edu server (use its full pathname https://www2.ucsc.edu/its/cgi-bin/mailform if your form is not located on the www2 server). This URL can only be used by forms originating from within the ucsc.edu or ucolick.org domains. To use it elsewhere, copy the source to your own cgi-bin directory, or ask your webmaster to do so.

All use of this form is logged to discourage abuse.