Hello and welcome to our community! Is this your first visit?
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 5 of 5
  1. #1
    New to the CF scene
    Join Date
    Feb 2013
    Thanked 0 Times in 0 Posts

    How do I pull a web form form another web site and place it onto my web site?

    I currently have a landing page that I need a web form to be placed on.

    the company I work with that handles my email marketing has 1 web form and it is hosted on a link that they gave me.

    currently I have a button on my website that says "click here for your coupon" and when the user clicks the button they will be directed to an external web page that shows the web form and is hosted on a URL provided to me by the company that does my email marketing.

    the issue here is that when I am creating a goal in Google Analytics I am unable to say that the goal has been accomplished because when the user submits the web form they are on a different website.

    The company will not build out the web form for me in code that I can copy onto my website, they will only give me the link to where they have the web form hosted.

    This is a real issue for me because I want to be able to track people on my Google Analytics that come and fill out the web form.

    MY QUESTION IS: Is there a way to pull the web form from the URL they provided for me in order to get it to show on my web form, this way when people fill out the web form they are filling it out on my website and when they submit the web form it will bring them to a different thank you page?


    p.s. - I don't know much about Javascript but I have heard that I can accomplish this with Javascript, which is why I have placed this here.

  2. #2
    Senior Coder Rowsdower!'s Avatar
    Join Date
    Oct 2008
    Some say it's everything.
    Thanked 397 Times in 390 Posts
    You can't get page contents from other domains via javascript (this was found to be an enormous security hole and gave rise to "XSS" attacks - google it if you want some background on that). JSON is a commonly used structured way of side-stepping that, but it requires a JSON API to be offered by the third-party, which is probably not the case for you. But if your main goal is to get an analytics record of the activity you have a few options that I can think of:

    1. You can (probably, unless the marketing company has some hidden inputs generated with session data or something of that nature that requires a visit to their form in order to populate them first) make your own form on your own page with the same input names and just use their form's "action" attribute on your form (in other words, submit it to wherever they submit their form). This might work, and is easiest, though I don't know if your analyitcs will be what you want since the submission of the form itself is not done to your own website. Things that will break this method include the aforementioned session/cookie-based hidden inputs and the possibility that their form recipient page will only accept submissions whose header information indicates that the referring URL is their own form's URL. You won't be able to defeat either of those barriers with this simple method.
    2. You can do what a lot of websites do and use a server-side script to generate a page with a redirect to actually take the user to the off-site form. A lot of times you will see this done where an offsite link will be replaced with something like http://www.example.com/offsite.php?href=http://www.externalsite.com/path/to/location where your site is example.com, and your offsite.php file is a script that generates a page with a meta refresh tag or a javascript process to make the user navigate to the offsite http://www.externalsite.com/path/to/location page after you have already loaded analytics and saved their traffic information. You will often see this with a message that you are being directed to an off-site page...if you are not redirected within "X" seconds, please click this link to continue...blah blah blah... This option will work no matter what changes the 3rd-party makes to their form/submission process because you are just adding a step that you control into the navigation to their page. The drawback is that you still have the third-party form for users to use, rather than your own form. But if analytics is all you care about, this is a robust and easy way to track people at least visiting the sign-up form. You won't be able to tell how many of them actually complete the registration form, but that may not be important to you. This requires absolutely minimal PHP and you can learn to code this for yourself very quickly.
    3. You can use an iframe (or perhaps AJAX) with an onclick event handler attached to your existing button (the one that takes the user to the third party site) that loads what I will call a "ping" page for analytics before taking the user off-site. It would probably be important to delay the user's departure until after the iframe loaded and analytics actually ran so you would have to use preventDefault and then manually send them offsite once the iframe loaded or AJAX completed. This could get a little complicated in terms of making sure you stop the page navigation until analytics loads, but still make sure that the user gets to their destination in the end (even if analyitcs fails for some reason - so you need to have a lot of backup plans coded in). But, once completed, it will work basically like the option above except without the interstitial page. So you might prefer this cleaner-looking approach.
    4. You can create the form on your own website and submit the form to your own website, and then do the form submission to the 3rd party from the server via PHP's cURL library. Basically, your form submission target on your own website will be a PHP page that takes the form data and either a) visits the third party form page in order to generate session information if it is needed, or b) simply processes a $_GET or $_POST submission of the form data to the third party website's form submission destination (acting much like a proxy). The third-party website sees this as normal traffic and PHP can use cookies and sessions like a normal browser would do. That is the first, and sometimes only, step needed to defeat the two potential barriers I mentioned in the first option. Worst-case scenario is that you will have to look at their javascript (if they use it) and reverse-engineer the process they use to generate any unique identifier data so you can mimic that in PHP. This method in general takes a lot more work to get set up, but the analyitics are entirely your own and the third-party provider is never seen by the user. The drawback to this is that updates to the basic form structure on the third-party site can break your script and require you to update the process to fit their changes.

    Any of the above options has the potential to do what you are looking for. So choosing the right method for you will depend on your goals, how comfortable you are with learning PHP, and how complicated the marketing company has made their own form.
    The object of opening the mind, as of opening the mouth, is to shut it again on something solid. G.K. Chesterton
    See Mediocrity in its Infancy
    It's usually a good idea to start out with this at the VERY TOP of your CSS: * {border:0;margin:0;padding:0;}
    Seek and you shall find... basically:
    validate your markup | view your page cross-browser/cross-platform | free web tutorials | free hosting

  3. Users who have thanked Rowsdower! for this post:

    mattman123 (02-25-2013)

  4. #3
    New to the CF scene
    Join Date
    Feb 2013
    Thanked 0 Times in 0 Posts
    that was explained incredibly well and I really appreciate the suggestions you gave.

    I am fairly new to coding - though I can read and alter html and CSS, I am just now learning how to write it for myself. I am a fast learner but I am afraid this might be a little bit beyond my understanding.

    I will be looking more in depth into the explanations you gave me, and once again I thank you for the time and effort you put into answering my question.

  5. #4
    Senior Coder rnd me's Avatar
    Join Date
    Jun 2007
    Thanked 626 Times in 605 Posts
    Quote Originally Posted by mattman123 View Post

    MY QUESTION IS: Is there a way to pull the web form from the URL they provided for me in order to get it to show on my web form, this way when people fill out the web form they are filling it out on my website and when they submit the web form it will bring them to a different thank you page?
    that depends on how the external page's form is coded. Sometimes, the backend like to issue a unique ID to the form. But, sometimes it's jut a dumb form.

    If that's the case, and it's certainly worth a shot, you should be able to view the page's source, copy the <form> tag, and paste that into your site. You might have to make the action attrib use a full url (starts with http), if they had a site-relative url coded into the form. You want it pointing to the same place on the 3rd party site.

    Again, no promises here, sometimes the form handler will reject off-site submits, but i've used such a pattern many times. It works on google docs forms, posting to tumblr, and yahoo searching for some known examples.

    Once you put the <form> on your site, you can do whatever you need to with GA, just like any other page.

    the other option is to modify the remote page's url to ping GA for your site (just feed it your siteID).

    ok, this is basically the same thing as #1 in the list of posted solutions, jsut a little easier to pull off since you don't have to type or match up fields...
    Create, Share, and Debug HTML pages and snippets with a cool new web app I helped create: pagedemos.com

  6. #5
    Supreme Master coder! Old Pedant's Avatar
    Join Date
    Feb 2009
    Thanked 4,947 Times in 4,908 Posts
    Actually, the most common "protection" that sites like this use is HTTP_REFERER.

    That is, the page that *processes* the form submittal looks to see WHAT page the <form> came from. If the page is not the one they expect (and that means the entire URL, including their site URL, must match), they reject the form submission.

    Now... HTTP_REFERER *can* be "spoofed". That is, you can write server-side code (not JavaScript) that will lie to the other site and say that indeed the <form> was submitted by the correct page on their site.

    But that's just the tip of the iceberg.

    That trick won't work with Google, just to pick an example, because they have much more sophisticated checks in place beyond that.

    And I'm not sure it works at all if the <form> and the page submitted to are https:// (never tried it, just don't know).

    SO... You can try all the above tricks, including spoofing the HTTP_REFERER, but there's no guarantee it's going to work, as RndMe said.


    By the by, the reason sites protect against what you are trying to do is because one of the most common hacker attacks is, indeed, to spoof a <form> submission in the process of attempting to login to protected sites. By spoofing, the hacker can hit your site with thousands of login requests per minute, trying to find the right username/password combination to get in.
    Be yourself. No one else is as qualified.


Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts