Forcing User to Enter Email to View a Page

[spenland]

Hi everyone. I'm trying to create a page that would consist of a text box that would force users to enter there email, that would be submitted to my email address, that would then allow them to enter a page where they can download documents about our company. I wouldn't want them to have to enter their email everytime they visit so I'm sure this would involve some sort of cookie. Anyone have any ideas?

Thanks!

[steve0]

So basically you want the email address to serve as a login ID?

A few questions..

What is the server running on?
Are you using asp, php, perl, etc?
Is there a database involved?
Will the emails be validated? (e.g javascript to check for format)
Will you be sending a verification email to the address? ("Click this link to enable your account")

[spenland]

Sure that would work. Although I won't need anyone to really login at this point but it may be useful to have that for the future. Basically I just want to block people from accessing product info unless we know who they are (my industry has a lot of people who like to "borrow" product brochures and steal ideas) So I just want a name, email address, and maybe a company name that they would a user would push submit, and arrive to me in an email (I know how to do this part using a form)

A database would be nice if not to difficult, I would like the emails to be validated. And the server runs PHP.

I don't need them to enable the account via email. I think a cookie would be needed here so that when people try and go the page it will recognize through the cookie that they have already entered their email, etc.

I hope that makes it clear!

Thanks

[drumdance]

A cookie would work for repeat visitors. But if you want them to verify the email address you'll need to generate a confirmation code, send an email to that address with the confirmation code and a link to another page to verify it. It could actually be the same script with a special variable in it for handling confirmations.

If you envision this evolving into a membership type system, you might want to look for some of the membership software packages out there and go ahead and install it now. You can find decent ones for a few hundred dollars, maybe even under $100.

[steve0]

Without validation, competitors, brochure theives, lurkers wouldn't ever think of using an email address that is not their own.. would they? webmaster@yourcompany.com, abuse@hotmail, looking@yourstuff.com

The email address is worthless without some sort of challenge/response.

But everyone on the net is who they say they are..so never mind.. ;)

[googlejunkie]

hello spenland,

You could simply use an autoresponder with link information for the downloadable documents. You would still receive their email addresses. You could also use php to place the email address submitted to place it in a text file or mysql database. If an email address comes back as not able to send then simply take it off the list.

A lot of sites use this method when they want to give out a sample of an Ebook.

I am sure if you went to hotscripts there are more automated solutions and for free.

[trishacupra]

Ok, so you want to collect email addresses and details from people before they can access your information.

So, your form would be a request by the visitor to view your info. So I'll call this form the 'request form' for clarity here.

Do you need to approve each individual's access to the info? Do you need to know who they are before you show them your info, or do you just want to be able to see who is getting your info, and be able to send them updates and promotions?

I don't know anything about using databases and stuff, so here is my low-tech idea...

If you need to approve visitors, then have a standard email you can send to approved visitors containing a link to a web page where they can download documents about your company. You could call this page 'www dot yourcompany dot com slash approved' or something.

If you don't need to approve them, just have the request form sent to an autoresponder that sends the same message as you would have manually sent out in the first scenario.

The approved visitors can bookmark the url you sent them, and/or keep the email you sent, so they don't have to go through that process again - they just return straight to 'www dot yourcompany dot com slash approved' or whatever.

Hope this low-tech idea helps. :)

Trisha

[Warren Contreras]

This is all built in to most Content Management Systems. For instance, I use Xoops, and all I would need to do is show public information to anonomous users but require registration before they can see or download protected material. When they register, require them to respond to a validation email and you have their name and email address as well as have them in a database all automatically.

In the admin control panel you can set the levels required to see or access any function of the website by clicking a box. An absolute novice can set this all up in a matter of minutes. If you need help, contact me.

Cheers,

[davebarnes]

spenland,

Quote:

that would force users to enter there email

Let us hope your coding is better than your grammar.

,dave

[Dawson]

That's horrible, Mr. Barnes. ;)

As a rule of thumb for security, do not have anything available on the web that could potentially damage your company. Just retrieving their email will not grant you anywhere near the level of security you want.

You could write a user agreement, stating that they will use the document only in the way you deem acceptable. (Good luck enforcing it.)

Is it absolutely necassary that you have these available online? And, if it is entirely necassary, then are they really all that sensitive?

Oh yes, and also: you can never trust information submitted from users. To do so would be folly. (I believe about 90% of hacking done on the web happens because developers do not validate information they recieve well enough.) What is to stop me from putting in the name John Booth, instead of my real name?

Hope this helps.

[deluxar]

Quote:

Originally Posted by spenland

Basically I just want to block people from accessing product info unless we know who they are (my industry has a lot of people who like to "borrow" product brochures and steal ideas) So I just want a name, email address, and maybe a company name that they would a user would push submit, and arrive to me in an email (I know how to do this part using a form)

if borrowing and stealing ideas is your concerns, no matter how you want them to authenticate, you have no way to block them. anyone can enter false information to get a login to access them. even with any user agreement, you have no way to keep track in case anyone stole the ideas. If the info are really important, don't put online at all. or grant login to those you really know. However, a complicated registration procedure may help you scare some out at least.

deluxar

[spenland]

Of course I am aware of the fact that people can put fake email addresses in. To be honest I'm not really worried about it. I think I like Trisha's low tech idea the best since I don't really want to spend a lot of time on this. I do all the marketing, graphic design, and web design for the company so to say I am busy is an understatement. Maybe that's why my grammer may have an occassional error Grandpa Barnes :)

Thanks everyone!