What is JotForm?
JotForm is a free online form builder which helps you create online forms without writing a single line of code. No sign-up required.

At JotForm, we want to make sure that you’re getting the online form builder help that you need. Our friendly customer support team is available 24/7.

We believe that if one user has a question, there could be more users who may have the same question. This is why many of our support forum threads are public and available to be searched and viewed. If you’d like help immediately, feel free to search for a similar question, or submit your question or concern.


  • Profile Image

    the Jotform example on jotforms with a password, and how to make this safer

    Asked by ebizz on February 03, 2011 at 05:07 AM

    Hi Aytekin,

    We have read all your comments on hw to include a password in a jotform so that submit can only work if the correct static password is entered. You also mentioned that this is not a 100% safe system as the password itself can be seen in that jotform source code (which the viewer of the jotform can easily analyse)

    I have another case and perhaps this is safer. In fact our jotform is not to be submitted by a website visitor, but by ourselves : we use a jotform to fill in ourselves information that needs to go into the email also inputted into that form, so that this email gets an autoresponder email containing the info we submitted.

    to explain the exact use :

    we input in a jotform contractual terms, and upon submission, the customer gets a autorespond email with all this info (in fact this is now a contract in an email)

    In the email the customer will receive, he can see in the header of the autoresponder email 2 items :

    1) the jotform form ID mentioned onits own

    2) and jotform.com

    if somebody is clever enough, he can figure out that this form (whihc he's not supposed to be able to access, is located on www.jotform.com/formID

    Is ther any way the header info can NOT include the form ID ?

    This way a receiver of an autoresponder can not find out what the original form number was, adn can therefore not fill in the submit himself (because the form is only for our own use)

     

    Thanks in advance for your time spend on this answer, and keep Jotform growing !!!!

     

     

     

     

     

     

     

     

     

     

  • Profile Image
    JotForm Founder

    Answered by aytekin on February 03, 2011 at 05:25 AM

    I think you mean the X-Related-FormID header on the emails. No, we cannot remove that since we use that for debugging purposes.

  • Profile Image

    Answered by mirou795 on June 03, 2012 at 10:04 PM

    <script type="text/javascript" src="//form.myjotform.com/jsform/21547830051548"></script>