Configuring The formmail.cgi

The script itself is simple with out all the security. The security makes it bulky and complicated. But that is what you need today to prevent abuse. Fortunately the configuration is relatively simple.

To configue the script you will need to designate the paths to all the files used by the program.

# e-mail address to send the results to - the perl script will send the data to this address
$tomail = '';

#path to sendmail - this is the full path to sendmail on your server
$mailprog ='/usr/sbin/sendmail';

Define the page that people will be sent to after submitting the form. Many prople use this as a gatway page for lead generation and will send people to an affiliate signup or possibly a reward page with information that the user is signing up to receive.

# page to send user to after submitting form
$sendtopage = "";

# path to temporary directory must be chmod 0777
$tempdir = "./captcha/temp";

This directory will hod the captcha image verification files as well as the access log to prevent multiple accesses to the same program.

# Define fields to exclude
# prevent captcha and submit fields from being included in the form mail results
$form{'submit'} = "exclude";

By using excluded fields you can prevent unnecessary fields from appearing in the mail. You don't need to know what the image verification code was or the value of the submit button. If you have any additional fields you add, include them in this list or they will appear in the e-mail sent to the $tomail address.

# number of seconds to block from using forms
$timetoblock = 86400; # 86400 seconds is 24 hours

# maximum number of posts allowed in the time above
$maxtries = 4;


Configuring The Sendmail Form

The form is probably the most complicated part of the form mail system. However, you should be able to open the sample form with any WYSIWYG editor and add fields and edit current fields. The field names are only important to you so you know what data matches which questions. Your editor will will automatically name fields, but the might be named "FIELD_1", "FIELD_2" and so on. You will want the field names to represent the data you are requesting, such as "lastname", "firstname", "phonenumber" and so on.

There is alot to understand about forms and much more than I am going to write up on a website about perl programing. But lets review the basics that apply to the sample form.

For one, this program offers no form field validation, maily because we have no idea which fields you will define or what type of validating is needed. Bu you should have something to determine if the fields contain any information and preferably if it is in the format you need. We did at least set max lengths so the form cannot be overloaded with text. Beyond that, the fields could contain anything.