Who's responsible for eForm

Originally developed by Raymond Irving (15-Dec-2004)
Version 1.3 - 1.4 extended by: Jelle Jager (TobyL) September 2006

Captcha image support - thanks to Djamoer
Multi checkbox, radio, select support - thanks to Djamoer
Styles (for these docs) 'borrowed' from Adam Crownoble's QuickEdit

What is eForm?

eForm converts a web form into an email which can be sent via email to specified users. Its main features are: html form mail with attachments, auto-respond, report generation using placeholders and extended form validation.

What's New

Installation

Snippet Parameters

eForm is very flexible and there's quite a collection of parameters you can use to get eForm to do what you want. Read some of the examples if you're unsure what to do.

Required parameters

• &formid
  This is a unique id used to identity a form during postbacks. This is useful in cases where more than one form exists on a page. Your form template should either have a hidden field with the same formid. <input type="hidden" name="formid" value="formName" /> or (from eForm 1.4.x) you can set the the id in the form tag itself: <form id="formName"...>;
• &tpl
  chunk name (non-numeric) or document id (numeric) to use as a form template (new in 1.4.4) You can now also use a snippet as the template source. No parameters are forwarded to the snippet call in this version. For the regular form fields you do not normally need to add placeholders, they automatically get inserted by eForm. The esception to this rule are in the case of event functions where you want to set specific values. Special placeholders available are: [+validationmessage+], [+postdate+],[+verimageurl+] & [+debugText+]. You should have the [+validatiomessage+] placeholder in all your forms. The others you may need depending on other parameters.
• &report
  chunk name (non-numeric) or document id (numeric) to use when generating reports. Tags: Same as for &tpl plus [+fieldname+], where fieldname stands for the name of each form field you wish to include.

Optional parameters

• &to (Optional)
  Email address to send eForm information to. For multiple recipients separate emails with a comma (,). If omitted the site settings email address will be used.
• &from (Optional)
  Sets the email address to appear in the From section of the email.
• &fromname (Optional)
  Sets the name of the sender in the From section of the email.
• &replyto (Optional)
  Email address or fieldname containing email address. Sets the email address to appear in the ReplyTo section of the email.
• &sendirect (Optional)
  This will use the form field called email to supply the email address to send the message to. Set to 1 to activate send direct. Defaults to 0.
• &cc (Optional)
  Same as &email but for Cc:
• &bcc (Optional)
  Same as &email but for Bcc:
• &ccsender (Optional)
  Set to 1 to send the user a copy of the submitted form. eForm will look for the user's email address inside a field called email. Defaults to 0.
• &subject (Optional)
  Subject to appear in email. Can include ((form fields)). E.g. &subject=`Purcase Order for ((firstname)) ((lastname))`.
• &noemail (Optional)
  Prevents eform from sending emails e.g. no-reply@mydomain.com. Set to 1 to disable emails. Defaults to 0.
• &mailselector (Optional)
  Sets the name of the form field to use as a selector to select a single email from the comma (,) delimited emails assigned the &toparameter. This selector field will act like a numeric index to select an email. It will start at 1 for the first email and ends at N for the last email in the list.
  
  For example: &to=`sales@me.com,support@me.com,billing@me.com` &mailselector=`topic`
  
  On the web form the topic fields is actually a dropdown menu. when the user selects a topic from the list the value 1,2 or 3 will be sent to eForm which will then be used to select one of the three emails assigned to the &toparameter. This email address will be the address used to send the email to.
• &mobile (Optional)
  Mobile email address. This email is used to send a short notification message to a mobile device.
• &mobiletext (Optional)
  Text message to send to mobile device. Can include ((form fields)). E.g. &mobiletext=`Order for ((firstname))`.
• &thankyou (Optional)
  Chunk name (non-numeric) or document id (numeric) to use as a thank you message displayed to the user after a successful submit. Tags: same as for &tpl
• &gotoid (Optional)
  Document id to load after sending message. See also &thankyou
• &category (Optional)
  Category ID or name used to categorize eForms. If category is not found a new category will be created. This will appear in the subject of the email sent to the user.
• &keywords (Optional)
  Comma delimited keywords or [+formfields+] used when searching databank. E.g. [+firstname+], [+lastname+], [+email+]
• &autosender (Optional)
  Email to display as sender of the auto-respond message. e.g. no-reply@mydomain.com
• &autoSenderName (new in 1.4.4) (Optional)
  Name to display as sender of the auto-respond message.
• &automessage (Optional)
  Chunk name (non-numeric) or document id (numeric) to use as an auto-responder message. Tags: same as for &tpl. eForm will send the auto-respond message to the email address specified in a field called email.
• &allowhtml (Optional)
  Set to 1 to allow user to enter html tags. XSS could be possible i.e. in thankyou chunk if allowed. Defaults to 0.
• &language (Optional)
  Support for multilingual validation and error messages. Uses same language names as MODX.
• &vericode (Optional)
  Enables verification code. The template contain a vericode field and a [+vericode+] placeholder.
• &debug (Optional)
  Set to 1 for extended error messages in form validation. Mostly for debugging #LIST and #SELECT validation.
• &sendAsHtml (Optional)
  Force email messages to be in html. Possible values: &sendAsHTML=`1`: Send all messages as html, &sendAsHTML=`report,autotext,mobile`: Send specified messages as html
• &sendAsText (Optional)
  Force email message to be in plain text. Possible values: &sendAsText=`1`: Send all messages as text only, &sendAsText=`report,autotext,mobile`: send specified messages as text only
• &sessionVars (Optional)
  Comma delimited list of $_SESSION variable names. These will be added to the list of field values before the form is displayed and can for instance be used to populate (hidden) fields. When using this parameter make sure you are not disclosing sensitive information from the session!! A hidden field is not all that hidden afterall.
  As eForm does not parse the complete form 1st time around you will have to have the same placeholders in the form template so the form can receive the values. So for example: [!eForm &sessionVars=`jobID` ... !] and <input type="hidden" value="[+jobID+]" />
• &postOverides (Optional)
  Used in combination of &sessionVars. Normally session variables will overide posted values. By setting &postOverides=`1` posted values will take precedence.
• &reportAbuse (Optional)
  Setting &reportAbuse=`1` will send an email to the system specified email address if email injection attempts are noticed by eForm. (Use sparingly...)
• &cssStyle (Optional)
  Adds a style declaration to the <head> section of the page when either the form is displayed or the thank you page is displayed (only if the &thankyou parameter is set). Values can be a document id (numeric), chunk name or (relative or absolute) url to css file. Multiple values can be separated by a comma (in fact all three values can be mixed).
  examples:
  [!eForm &cssStyle=`assets/site/forms.css,chunkName` ... !]
[!eForm &cssStyle=`chunkName` ... !]
[!eForm &cssStyle=`http://mysite.com/assets/styles/forms.css` ... !]
  Chunks (and documents if a doc id is given) can return a values in the form of:
  1. an inline style block, eg. <style type="text/css">/*some styles*/</style>
  2. a link to stylesheet(s), eg. <link href="assets/site/forms.css" rel="stylesheet" type="text/css">
  3. a comma separated list of urls, eg. assets/site/forms.css,assets/site/more.css,assets/site/gone_overboard.css
• &jScript (Optional)
  Similar to &cssStyle but for adding javascript to the <head> of the page document. Currently Javascript is only added when the form is displayed.
• &protectSubmit(Optional) defaults to 1 (on)
  Protects against submitting a form multiple times with the same data. Submitting the form becomes disabled after the first successful submit while the value from key form fields remains the same. This is achieved by setting (and comparing) a session variable with an md5 hash from these key fields. Which fields are compared depends on the value of &protectSubmit.Possible values are 0 (off), 1 (all 'required' fields are used) or you can set a comma separated list of field names. To ensure that the session variable works separatedly for different forms the session variable name is based on &formid ({formid}_hash).
• &submitLimit (Optional) off (0) by default
  Enforces a time limit (in minutes) between form submits. After the form has been submitted successfully it can not be submitted again for &submitLimit minutes irrespective of the form data. When used in combination with &protectSubmit submitLimit takes precedence, meaning that when the time limit has expired the form can be submitted again regardless of the setting of &protectSubmit (it will unset the session variable). As with &protectSubmit this parameter uses a session variable with a variable name based on &formid.
• &requiredClass (Optional)
  Css class name. Will add class in (empty) required form fields on validation. Existing classes will be preserved.
  If you have already set a class for a field or label and you get unexpected css results check the order in which you have declared the classes. The &requiredClass is added to the beginning of any classes already set.
• &invalidClass (Optional)
  Css class name. Will add class in invalid form fields on validation. Existing classes will be preserved.
• &runSnippet (new in 1.4.4) (Optional)
  Expects a snippet name. Snippet will be run before any eForm handling. One parameter, the &&formid will be passed to the snippet. Any return value from the snippet is discarded. This can be used to insert functions as an alternative to declaring a separate snippet in the document. Sadly eForm will silently ignore a snippet that does not exist due to the way $modx->runSnippet handles snippet return values.
• &snipFolder (new in 1.4.4) (Optional)
  For those that want to keep different versions of eForm active. You can now save all of eForm's files in a different directory and set the &snipFolder accordingly. You can for instance save version 1.4.4 in the 'assets/snippets/eform/1.4.4' folder and set &snipFolder=`eform/1.4.4`. The value of &snipFolder is added to the basic snippets folder 'assets/snippets/'.It should not include a closing slash (/)!
• &attachmentField (new in 1.4.5) (Optional)
  The name of the form field that contains a comma separated list of filenames located in &attachmentFolder that are attached to the mail sent to the &to address. Usefull if you want to create/set attachments in event functions.
• &attachmentFolder (new in 1.4.5) (Optional)
  The folder (relative to the MODX basepath) that contains the files specified by &attachmentField. It should not include a closing slash (/)!
• &errorTpl (new in 1.4.6) (Optional)
  Chunk name or text to use as a error template. Placeholders available: [+ef_message_text+] for the language specific intro message and [+ef_wrapper+] for the error messages.
• &errorRequiredTpl (new in 1.4.6) (Optional)
  Chunk name or text to use as a template for the list of required fields. Placeholders available: [+ef_required_list+] for the language specific intro message.
• &errorRequiredSeparator (new in 1.4.6) (Optional)
  Chunk name or text to use as a separator between two elements in the list of required fields. E.g. &errorRequiredSeparator=`, `.

PHP Event Functions:

The eForm event functions are now incorporated into the parameters. They are:

• &eFormOnBeforeMailSent (Optional)
  Expects a list of comma separated function names. These functions will be called after the form has been validated and before the report and thankyou templates have been parsed and any emails have been sent out. See this example on how to use the events.
  • &$fields - (as reference) an associative array of field and placeholder values.
• &eFormOnMailSent (Optional)
  Expects a list of comma separated function names. These functions are called after all templates have been parsed and any emails were sent.
  • &$fields - (as reference) an associative array of field and placeholder values.
• &eformOnBeforeFormParse (Optional)
  Expects a list of comma separated function names. These functions are called after the templates are loaded and the formid is found valid. The function should accomodate the following parameter:
  • &$fields - (as reference) an associative array of field and placeholder values.
  • &$templates - (as reference) an associative array of loaded templates with indexes 'tpl', 'report','thankyou' & 'autotext'. Be aware that the latter three will only have a value if the form has been posted!
• &eFormOnBeforeFormMerge (Optional)
  Expects a list of comma separated function names. These functions will only be called whenever the form is displayed and just before all placeholders are merged. The function should accomodate the following parameter:
  • &$fields - (as reference) an associative array of field and placeholder values.
• &eFormOnValidate (Optional)
  Expects a function name. This function will be called directly after the form validation has taken place. You can use this event to add your own extra validation logic. The function should accomodate the following parameters
  • &$fields - (as reference) an associative array of field and placeholder values.
  • &$vMsg - (as reference) a numeric array of validation error messages.
  • &$rMsg - (as Reference) a numeric array of missing required fields.
  • &$rClass - (as Reference) an associative array of fieldnames and classes assigned.

Examples:

[!eForm? &to=`me@mydomain.com` &gotoid=`1` &tpl=`orders` &report=`orderreport` !]
[!eForm? &to=`sales@mysuppliers.com` &category=`Purchase Order` &tpl=`chunkPurchaseOrder` &report=`chunkPurchaseReport` !]

For all normal form fields eForm automatically inserts appropriate placeholders. However there are a few that you may need to add manually:

• [+validationmessage+] - This should be somewhere in your form template or document. It is used for any validation error messages. From 1.4.2 the way the placehloder is entered has changed. Firstly you no longer need to place it in the form template. You can now place it anywhere in your document (or even in the global page template). Secondly you don't need to place any hml tags around the placeholder (in fact you probably should not). Any html markup is now included in the $_lang['ef_validation_message'] variable in the eform language files (which you can change as required).
• [+vericode+] & [+verimageurl+] - These are needed in the form if you want to use the CAPTHCA code. See the Examples on how to use these.
• [+postdate+] - This placeholder can be used in reports and in the thankyou template and will be filled with the current date and time (date on the server that is)
• [+debug+] - From version 1.4.1 this is automatically placed (if debug is on) in the form and thankyou template. It is not automatically placed in the report template! This is to avoid any server side information to accidentally be sent out via email. If you need debug info in test emails you will have to add this placeholder in the report template yourself.

eForm is incorporating a form parser which extracts formatting and validation options from each form field. To set options for a field add the eform (pseudo) attribute to each required form field.

<input type="text" name="color" eform="A Color:string:1" />

The basic format of the eform attribute is:

[description/title]:[datatype]:[required]:[validation message]:[validation rule]

Extended Server Validation

This version instroduces extended server validation and word filtering using very flexible validation rules that can be set in the eform attribute. You can set 2 extra validation parameters, a custom error message and a validation or filter rule.

example: eform="Year of Birth:integer:1:Must be between 1950 and 2002:#RANGE 1950-2002"

Todo

• Custom css classes for invalid fields (add to or create class attributes)