Ken Elliott wrote:
>>> They send this as a page request to the server. The server processes it
> as though it actually came from viewing the page, emailing me the
> "response".
>
>>> Does that sound right?
>
> Yes. The response to a form will be something like http: // mydomain.com /
> replypage.pgp ?username=joe & color=red
> (I added spaces to prevent it from displaying as a link)
>
> Your server will take the file 'replypage.pgp' and process it. PGP will
> extract the variables 'username' and 'color'. In your case, I suspect the
> script will craft an email to you with that data, and generate a reply page
> for the non-existant user. Thus you see an email from your server.
>
Yes. I get an email and the user gets a "Thank You" page.
> Try if for yourself. Fill out the form and submit it. Copy the URL and
> modify the contents of the fields. Paste it back into the browser and
> you'll get another email. It's fun and the whole family can play...
>
This would work as suggested if the fields were passed as GETs, but they
are passed as POSTs. In any case, I see the principle involved. POSTs
are a bit more complicated, but can be generated from a script.
Paul
-- Paul M. Foster ----------------------------------------------------------------------- This list is provided as an unmoderated internet service by Networked Knowledge Systems (NKS). Views and opinions expressed in messages posted are those of the author and do not necessarily reflect the official policy or position of NKS or any of its employees.
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 15:10:19 EDT