03-13-2012 04:46 PM
We currently do not offer any form of POST url as it wouldnt be very secure. You would need to authenticate and pass the information via the XML as you will see in our Api Documentation. If we didn thave you authenticate anyone could post information into your account. What you could do is to Script with your language of choosing and host it somewhere. Append the email address via the URL. For example, PHP would be http://www.domain.com/index.php?email=$Email where you can take that information and process the XML and echo the response back to the mobile device. This could be done in number of languages but that would be a short example of how to do it with PHP.
Support Engineer, Constant Contact
03-13-2012 05:38 PM
Thanks Ryan. I am not a programmer, but I am trying to understand how the form that my Mobile website uses would act differently from an email sign-up form on any other website, or a text to join, as far a security is concerned.
Here is what there documentation says:
You can use the Forms API to send user responses directly to your server or application in realtime.How it works
Enter the URL location to the file on your server that will handle the response data. When a mobile user submits their form response the data will be sent to this URL as POST data.
In testing, you should print the full POST array to see the naming conventions of the data.Sample
- Email Address
- Do You Like Widgets?
When a mobile user fills out and submits this form the following sample data will be sent to the URL you specified:email_address = email@example.com
name = John Doe
do_you_like_widgets? = yes
Along with your form fields, we will also automatically send along the following data with every request:
device_model = <the device model>
useragent = <the mobile user's useragent>
unique_user_id = <unique user identification string>
site_id = <your mobile site ID>
form_id = <unique form id>
timestamp = <unix timestamp of when form was submitted> Any help is greatly appreciated Ryan
03-14-2012 11:18 AM
Sending POST information directly to a URL will open up some security holes. There's no way to limit the information that is coming in, and there's no way to authenticate the transaction. Basically, someone could put whatever they wanted into your system. By using the API connection, the program that sends the information has to give us the correct account credentials before any information can be passed.
There are other companies and forms that do allow this type of information transfer, but we restrict it to keep your account safe. Text-To-Join, as well as other apps we create, integrate through a similar API connection to make sure all of the data is sent securely. The simple forms that we create through accounts are made in a way that lets us collect all the information directly through our site.
It looks like the documentation of your app is built to explain which variables a web developer should look for when creating a webpage to accept the POST data. You would be able to use this documentation in conjunction with our API to get these responses into your CTCT database.