Sending form data with Actionscript 3

January 8, 2008 at 9:37 am · Filed under as3 tutorial

So I just spent a few hours trying to figure out how to submit form data with Actionscript. It really isn't very hard, so I have discovered after a little research. I am going to show you an example of how to do it which I wouldn't describe as "best practice" but it works.

The reason I describe this as less than best practice is because when you send data to the sever you get no response. So, even though it works 99.9 per cent of the time, you do not get a confirmation that the server received your request.

All my client wants is for a user to be able to enter his / her email address in to a box and have and email sent and then add that email address to an email. So really we are just sending some text to my client from a form. We want the user to enter the text and click send and have it be sent without another browser window opening.

The model for this is as follows: flash will send data to a URL with the POST method and a PHP file will get the data and send an email to my client.

So we need 2 things:

The actionscript...

PLAIN TEXT
Actionscript:
  1. var request:URLRequest = new URLRequest( "http://mysite.com/submit.php" );
  2.  
  3. var variables:URLVariables = new URLVariables();
  4. variables.email = emailSubmitText;
  5.  
  6. request.data = variables;
  7.  
  8. request.method = URLRequestMethod.POST;
  9.  
  10. sendToURL(request);

and the PHP:

PLAIN TEXT
PHP:
  1. $emailAddress = $_POST['email'];
  2.  
  3. $to = "eddie@teamcolab.com";
  4. $subject = "You have a new subscriber";
  5. $body = $emailAddress;
  6. if (mail($to, $subject, $body)) {
  7. echo("Your message was sent");
  8. } else {
  9. echo("There was a problem.");
  10. }

17 Comments »

  1. Gleapsite said,

    January 29, 2008 @ 5:35 pm

    If someone were malicious they could hijak your php script in order to spam the target email address. from the linux prompt:

    wget –post-string ‘email=insert my spam message here…’ \
    http://yoursite.com/emailscript.php

    from php you can call the same command using shell_exec() function, or use the bultin php HTTP request:

    http_post_data ( “yoursite.com” , “email=spamspamspam”)

    So how do we protect from that? well first, we can build in distrust into the PHP backend. we can Regex the $_POST[’email’] variable to validate it as an email:

    if(eregi(”^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$”, $email)){
    //send email
    }else{
    //possible spamming/hacking attempt
    }


    We can also build in sessions and AI so the server only allows X requests per UNIT_OF_TIME from a certain client.

    Of course your current implementation is reasonably secure by obscurity: someone would need to be dedicatedly looking for holes in your site, but auto-compromising bots probably wouldn’t catch it.

    On a side note, I’ve subscribed to your RSS.

  2. Eddie said,

    January 30, 2008 @ 11:46 am

    I am glad that you posted this comment because my code was definitely lacking proper validation. That said I think you should look at this article:

    http://www.ilovejackdaniels.com/php/email-address-validation

    This seems fairly comprehensive.

  3. Gleapsite said,

    January 30, 2008 @ 5:11 pm

    I love ilovejackdaniels. his cheat sheets are hanging up in my office, they’re the best web development quick reference guides.

  4. Peter said,

    April 22, 2008 @ 3:40 am

    I am confused as to how you call the variable “email”. Everytime I try to enter a var value for my input text it tells me its not possible in actionscript 3.0 and that i should use 1.0 or 2.0….

  5. Eddie said,

    April 22, 2008 @ 7:28 am

    Are you talking about in the Actionscript or the PHP?

    Eddie

  6. DeepBlock said,

    June 24, 2008 @ 6:34 pm

    nice, any listener rather the process completed successfully or not?

  7. AS3 Tutorial - Sending form data AS3 + PHP « Flash Enabled Blog said,

    June 25, 2008 @ 12:23 am

    […] can find at this tutorial the source code of AS3 and PHP script, in order to submit data to an email. No Comments Leave […]

  8. dhan said,

    July 2, 2008 @ 4:12 pm

    Use URLLoader.load to get a return message from php.

  9. Eddie said,

    July 3, 2008 @ 12:17 pm

    @dhan,

    Thanks! I meant to update this post with that information but haven’t had the time.

    Eddie

  10. lifeso said,

    July 19, 2008 @ 11:33 pm

    Здравствуйте!Мне Очень понравился этот сайт! Великолепно!. Как у вас хватило сил на такую кропотливую работу для публикаций текстов и вообще подбора всего материала?! Желаю вам “Так Держать!” и не останавливаться на достигнутом, у Вас хороший старт! Предлагаю оценить так же мой сайт.

  11. Dominges said,

    July 24, 2008 @ 12:14 am

    Мимо такого сайта не пройдешь, и уж тем более не забудешь оставить отличный отзыв, как делают это все! сайта и я в правду нужный!

  12. Detrus said,

    September 15, 2008 @ 3:27 pm

    This is a good method for sending mail when the swf file is on a different domain than the php file that sends the email.

    if you use loader.load(request) you need to set up a crossdomains.xml file on the domain of the php file. Otherwise flash gives a security sandbox violation

  13. Олег said,

    September 20, 2008 @ 10:17 am

    Статья совпала с моими раздумиями. Посоветую друзьям.

  14. parker said,

    October 21, 2008 @ 8:46 pm

    you could just create a RegExp object within flash to test the email instead of php. then request cookies with the SharedObject object to detect whether or not that computer has entered data already, then block the machine that way.

  15. lul said,

    October 29, 2008 @ 1:00 am

    how is the email confirmed - isn’t a button listener required in the actionscript? Am i missing something?

  16. Eddie said,

    October 29, 2008 @ 9:34 am

    What do you mean by confirmed? Do you mean how does the actionscript know if the email actually sent?

  17. Натан said,

    November 11, 2008 @ 5:48 pm

    Что-то подобное у меня уже год из головы не выходит!

RSS feed for comments on this post · TrackBack URI

Leave a Comment