Secure SSL HTML Forms

tygrus2000 wrote on 6/8/2005, 9:43 PM

I want to insert an html form into my website that just will allow visitors to enter a few personal details and then submit them which sends it to my email, however, I would like it to be SSL secured.

I've come up with the code for the basic form, now how do I activate the SSL encryption on it.

Here is my sample code so far:

<FORM METHOD="POST" ACTION="mailto:ja.schmidt@shaw.ca">
<INPUT TYPE="text" NAME="name" SIZE="30">
<TEXTAREA NAME="comment" ROWS=6 COLS=40>
</TEXTAREA>
<SELECT NAME="Location" SIZE="1">
<OPTION SELECTED>U.S.A
<OPTION>Canada
<OPTION>Europe
<OPTION>Asia
<OPTION>South America
<OPTION>Australia
<OPTION>Africa
</SELECT>
<INPUT TYPE="submit">
<INPUT TYPE="reset">
</FORM>

Comments

Liam_Vegas wrote on 6/8/2005, 11:27 PM

Easy.... just add the SSL FX.... you find it under the "nothing to do with Vegas" preset.

Or.... you need to configure your web server for SSL encryption... which involves paying for one from companies like Verisign or Thawt

Do you have your own server or are you on a shared web server? Do you know if you can even have SSL on your web site?

SSL encryption is all about encrypting from the users browser to your server. Sounds like you also want to get the form submission to be encrypted and then emailed to you.... that IS VERY different than SSL encryption. I've done that sort of thing before... but it involved implementing varios encryption software on the server that is integrated with the emailing system installed there.

In the end... it looks like this is all very new to you... and the answer to your question is going way beyond what should likely be covered in this forum. I would honestly recommend you post your question on a forum which is more closely related to what you are needing to do.

r56 wrote on 6/9/2005, 5:40 AM

The form you are using is not adequate for this purpose as its action is an e-mail address. In most browsers the command will open the message window of the default e-mail client in the users system.

To give you a hint assuming that you have decided to take the SSL route and your form page resides in a "secure" folder:
You should have the server perform all code execution meaning, the server creating an e-mail object when you submit the form, formatting properly the text data and finally sending the data to the e-mail address.
This can be done only with server side scripting (which means using a language such as jscript or vb script in an asp page if it is on an IIS server for example).

Talk with your provider about the secure server requirements and to find out what mail objects, scripting language etc the server supports. Getting some basic information from your provider about the preferred way this should be done it will help you get the proper scripting guidance in a web development forum

Vassias