Web Marketing TODAY - Your trusted Internet marketing resource since 1995.
What's this? Contact  
Site Guides:Marketing ManagersConsultants & Designers Boosting Traffic & SalesJust Getting Started
Home
Web Marketing Today (Free)
Ads and Affiliates
Carts/Transactions
Conversion/Testing
Design/Usability
E-Commerce
E-Mail Marketing
Link Strategies
Local Marketing
Marketing Tools
Miscellaneous
New Media
Paid Search
Recommendations
SEO
Web Analytics
Boost your sales with Web Marketing Today Premium Edition
Web Marketing Today Premium
Secure Login
Subscribe now
Address Change
Speaker
Professional Speaker
Phone Consulting
About Us
Team Bios
Contact Us
Advertise Here
Press
Awards & Kudos
Site Map
Privacy Policy
Related Site
Joyful Heart
Renewal Ministries: Internet Bible studies, articles, and stories

Design/Usability Email this article
 Printer friendly page

Online Forms Offer Better Data, More Security, and Less Spam

Dr. Ralph F. Wilson, Web Marketing Today
Apr 2, 2008, 08:35

Dr. Ralph F. WilsonUnless you are a hermit or have terribly poor Internet manners, you'll want to give your online visitors a way to contact you by e-mail.

The Mailto: Link

The easiest method, of course, is to include a mailto: link on your webpage, such as: "Please contact me if you desire." When your visitor clicks on the hyperlinked words, it pulls up the visitor's e-mail program to send an e-mail. The HTML syntax is relatively simple:

Please contact me if you desire.

By adding the subject after a question mark you can segregate these e-mails by subject line as they are delivered to you.

Please contact me if you desire.

Nearly anyone can add a mailto: link to a webpage. But there are two drawbacks:

  • Spam. The underlying e-mail address is inevitably sucked up by spambots, resulting in an increasing deluge of spam.
  • Incomplete Data. Though you can control the subject line and will retrieve your sender's e-mail address (and perhaps name), you often don't get essential information such as phone number, address, etc. that enables you to provide immediate help.

Online Forms

A step forward is the use of an online form that provides fields for each piece of data you ask for. You can make some fields required, thus providing data consistency and completeness. An old standby is Matt Wright's legendary FormMail program written in Perl (http://www.scriptarchive.com/formmail.html). Matt plugged some serious security holes in 2002, but such programs continue to have two weaknesses:

  • Spam. Though hidden from view, your recipient e-mail address may still accessible by spambots unless the program is custom written.
  • Security. Many generic form programs like FormMail can expose to view the file structure of your server, making it much easier for malicious or thieving hackers to attack your server, find your server password file, download your data, or perhaps even corrupt or destroy your site. Hackers also attempt to insert characters into data fields that will trigger errors that, in turn, expose your web server's file structure.

More Secure Forms

Modern forms are designed for greater security against both spam and hackers.

  • Hidden configuration files. These days most forms hide sensitive data such as recipient e-mail address and file structure in a configuration file that cannot be viewed from a browser interface.
  • Field verification can prevent hackers from entering characters into your fields to provoke errors. Verification is best accomplished "server-side" by your forms program, rather than "client-side" using JavaScript on your visitor's web browser -- which can be bypassed by hackers.
  • JavaScript field verification, however, helps you get more consistent, error-free data from your visitors, avoiding skipped fields, incorrect characters in a field, etc.
  • CAPTCHA applications are a type of graphic challenge-response system. They display a word that (hopefully) can't be read by a hacker's computer, forcing hackers to personally look at each form they fill out. Hackers still pester some, but a CAPTCHA application does cut down on wholesale form spamming.
  • ScanAlert (www.scanalert.com) from McAfee is a paid service that regularly attempts to hack into your website, looking for poorly written programs and older versions of server software, PHP, MySQL, as well as other security problems. Sites that withstand this kind of scrutiny can display the HackerSafe logo, which has been often demonstrated to increase sales 10% to 15%. Without this kind of service, your site is likely to become vulnerable to attack without you even being aware of problems.

Some Helpful Tools

Here are form tools that may prove helpful. As you look for a program for your site: (1) observe how highly it is rated and by how many users, (2) read user reviews, (3) see if an online forum is available for support and user questions, and (4) look for a recent update date, a sign that a program is still under active development.

  • PHP Form Mail Script from Stadtaus.com offers a powerful program that provides form customization within your site, error messages, hidden configuration, attachments, customizable e-mail templates, and a CAPTCHA feature. Free for non-commercial sites, $29 or 19 EUR for a license. Installation service is available, but is relatively simple for those with some basic programming skills. http://stadtaus.com/en/php_scripts/formmail_script/
  • The PHP Resource Index under "Form Processing" lists and provides ratings for more than 150 programs written in PHP. http://php.resourceindex.com/Complete_Scripts/Form_Processing/
  • The CGI Resource Index under "Form Processing" lists and provides ratings for more than 100 programs written in Perl. http://cgi.resourceindex.com/Programs_and_Scripts/Perl/Form_Processing/
  • Stephen Poley, "JavaScript form validation – doing it right," offers sound guidelines, examples, and code for field-by-field JavaScript verification. http://www.xs4all.nl/~sbpoley/webmatters/formval.html
  • Jcap (CAPTCHA Validation JavaScript)  by Jonathan Feaster (Archreality, January 10, 2006) is a JavaScript implementation of a CAPTCHA application. It installs with relative ease and works well. It lacks, however, an alternate e-mail address for sight-challenged users.

Here are more articles about Design/Usability


AddThis Social Bookmark Button

Three free e-books Subscribe to our free e-mail newsletter -- Web Marketing Today®, published to 108,000+ confirmed opt-in subscribers worldwide. Just to encourage you to take this step, I'm including three free e-books that you can download and read: The Web Marketing Checklist: 32 Ways to Promote Your Website, 12 Website Design Decisions Your Business Will Need to Make, and Making & Marketing E-Books, each worth $12 -- just for subscribing. No catch.RSS feed
First Last
E-mail
Country (2-letter abbreviation)
Preferred Format Plain text HTML

We respect your privacy and never sell or rent our subscriber lists. Subscribing will not result in more spam! I guarantee it!

 

Home | WMT Premium | WMT Free | Books | Video | Contact Us
Search | Research Room | Advertising | About Us | Consulting | Speaking

Wilson Internet Services
http://www.wilsonweb.com
PO Box 308, Rocklin, CA 95677, USA
Phone +1 (916) 652-4659 (MF 8 am-4 pm Pacific Time)

Copyright © 1995-2008 by Ralph F. Wilson, all rights reserved. Content, graphics, and HTML code are protected by US and International Copyright Laws, and may not be copied, reprinted, published, translated, hosted, or otherwise distributed by any means without explicit permission. Trademarks and terms of use.


Completely revised and updated. Purchase now!

Products & Services

Dr. Wilson's Books

  • Guide to Search Engine Optimization (2007)
  • How to Promote Your Site thru Article Marketing
  • Social Bookmarking and Marketing
  • Report on Pay Per Click (PPC) Bid Management Software
  • Research Guide to Online Niche-Finding
  • The E-Mail Marketing Handbook (2nd Edition)
  • How to Promote Your Local Business on the Internet
  • PayPal Buyers Survey 2004
  • 10 Steps to E-Business on a Shoestring
  • How to Develop a Landing Page 2005
  • The Shopping Cart Report
  • Report on Affiliate Management Software 2005
  • Optimize Your Webstore Sales
  • How to Optimize Your Landing Pages Scientifically
  • Reciprocal Linking Tools
  • Planning Your Internet Marketing Strategy See the table of contents and sample chapter.


    Dr. Wilson's Recommendations
    A/B Split-Testing Software
    Content Management Systems
    E-Commerce Tools
    E-Mailing Services/Software
    Pay Per Click (PPC) Advertising
    Search Eng. Optimiz. Tools
    Video Marketing
    SEO Services
    Web Analytics


    SiteSell
    Site Build It!