With another afternoon's work on the contact form processor, it's good enough now to put it up on the site. (And if it's not, I'm going to find out about its shortcomings pretty quickly.)

I'm using SwiftMailer to generate and send mail via SMTP, and submissions are now done with AJAX, so adding a little javascript to the bottom of the page allows users/visitors to stay right in place without any scary redirects.

To cut down the form spam a bit I've added a couple of items:

  • I'm checking for a key to be present in the request header before allowing any submissions to be processed. (This key can be forged – it's not full-on OAuth2 – but it'll avoid most bot submissions, I think.)
  • I've added CORS support. So, at least in CORS-compliant browsers, I can restrict the submission origin to a single site. In this case, mine!

As is, the form processor is intended to be as user-friendly as possible for my website visitors. It's still not particularly friendly for someone who might want to "just pop it onto my website". There are a few things that are hard-coded into it that probably need to be refactored into something more flexible. And to get it working on your site, you need to know a little javascript, and you need to know how to configure a server environment file (among other things). Its not "plug-and-play".

(If you're code-inclined, and want to play, you can find the current version on GitHub.)

That said, I hope it will work easily for you when you visit here. You can use it now on my new contact page!


Image, Form Design by Sean MacEntee is licensed under Creative Commons.