Webform is the feature for making forms and surveys in Princeton Site Builder. After submission, customizable e-mails can be sent to administrators and/or submitters. Results can be exported into Excel or other spreadsheet applications. Webform also provides some basic statistical review of submissions.

Enable the Webforms A collection of features or functionality that can be enabled on sites. WDS has made several optional modules available to site administrators to enable on their site. For example, the "News" module enables the News content type and provide a News List Block for displaying news on a page.

The Webforms module must be enabled before you can add webforms.

Form Manager

The form manager provides a list of all available webforms.

Form manager features include:

  • Filtering webforms by keyword, category, and status
  • Sorting by the total number of submissions
  • Archiving of old forms

To access the form manager, from the Admin toolbar, click Webforms in the main admin toolbar.

How to create a Webform

Restricting Access

Access to Submit

By default, webforms are open to submission by anyone in the world. It might be desirable to restrict access to who can submit webform submissions.

You can easily restrict access to users that have an active Princeton Net ID (e.g. can log in via CAS). To do this:

  1. View the webform you'd like to control
  2. Click the Settings tab
  3. Click the Access sub-tab
  4. Under the access control settings for "Create Submissions", uncheck "Anonymous user" and leave only "Authenticated user" checked

The "Anonymous user" role is assigned to any visitor to your site that is not logged in (e.g. anyone in the world).

The "Authenticated user" role is assigned to anyone who has logged into your site. Anyone with an active Princeton Net ID can log into your site and will have this basic role. Such users will show up on your Users Dashboard, but only if you check the Show users with no roles checkbox at the top of that page.

When a webform is restricted and an anonymous (logged out) user attempts to access it, they will immediately be prompted to log in via CAS and will then be returned to the form after authentication.

If you'd like to create a link to the webform that prompts people to login, follow this format for the link's URL:


If you want tighter restrictions (e.g. only allow staff of a specific department to submit the form), please contact WDS.

Webform access control settings form

Limit to One Submission Per User

For forms that require authentication, sometimes it's helpful to further require that an individual only be able to submit the form once.

  1. Visit the Settings > Submissions admin page for the webform
  2. Scroll down and expand the Submission Limit Settings fieldset
  3. Expand the Per User fieldset
  4. Enter "1" for the field Per user submission limit. Do not use the checkbox titled "Limit users to one submission per webform/source A piece of data within a Drupal site. Nodes, users, comments, and taxonomy are all entities. Additionally, with custom code, developers can create new entity types when needed. For example, the Bibcite module which powers the Publications feature creates entities for references, contributors, and keywords. "
  5. Optionally provide a message that will be displayed to the user when they view the form again after having already submitted

Access to View Submissions

Users with the "webform submission viewer" role can view all webform submissions across all webforms. This is the only permission granted by that role.

Users with the "content manager" or "site admin" roles can view and manage (e.g. delete, edit) all webform submissions.

If you'd like to grant access for someone to view or manage submissions that don't have those roles, you can edit the webform and add individual users to provide this access. This is on the Settings > Access page for each webform.

Prefilling Fields With User Attributes

You can optionally configure webforms to automatically prefill a text field with some basic information from a logged in user. This feature of course requires that the user is logged into your website, so it's best to configure the form to only be submittable by Authenticated Users. This will force visitors to log in with their Princeton Net ID via CAS when visiting the form, thus making the attributes available. If you use these tokens on a form that doesn't require authentication, the token value will simply be blank (as of version 2.37).

To provide a default value of a user attribute for a text field:

  1. Go to the "Build" section of the webform
  2. Find the text field you want to edit and click Edit
  3. Click the Advanced tab in the pop-out sidebar
  4. Input a token from the choices below
  5. Save the field changes
A screenshot of the form component edit screen showing the default value field

Available token values

  • [cas:attribute:mail] - Full email address.
  • [cas:attribute:uid] - Net ID.
  • [cas:attribute:universityid] - The 9 digit university ID, sometimes referred to as PUID.
  • [cas:attribute:displayname] - Full first and last name with middle initial.
  • [cas:attribute:givenname] - First name.
  • [cas:attribute:sn] - Last name.
  • [cas:attribute:department] - The name of the user's department.
  • [cas:attribute:departmentnumber] - The department number.

Analyzing Results

There are a few ways to view results of a webform. First, browse to the Results tab when viewing a webform. From there:

  • Table View: The default page shows a list of submissions in a table. There's a button to customize which form components are displayed in the table. You can also sort submissions and view or delete individual submissions.
  • Download: Click the Download sub-tab to access a form to export submission data to a downloadable format. This allows you for analysis outside of the website.
  • Built-in Analysis: Finally, there is a lightweight analysis option that allows you to compare aggregate result data, which works best for forms that have predefined selections available. Available in version 2.30.
Webform admin tabs that show the "Analysis" sub-tab highlighted within the "Results" main tab

Preventing Spam Submissions

Spam is typically submitted to webforms that allow submission from anonymous users and is performed by automated bots and not real people. All webforms on Site Builder have some built in protections to help prevent spam submissions from being accepted. In some cases, these protections are not enough and you will still receive spam. To add further protection, you can add a CAPTCHA element to the bottom of your webform which will present a "challenge" to the submitter that is designed to detect if the submitter is a human.

Add the "CAPTCHA" element just as you would with any other form element. You can leave all the default settings for the element. The CAPTCHA will appear only for anonymous visitors, since the assumption is that if a submitter can authenticate with CAS, they are not likely to be a spammer.

For more information about strategies to mitigate spam, please view our documentation page about Webform Spam.

Duplicating a Webform

It is possible to recreate the same form, either on the same site or copied between sites.

When creating a copy of a form within the same site, you would navigate to the main Webforms admin page. Select "Duplicate" from the Operations menu in the same row as the form you want to copy.

Screenshot of Webform admin list, with the Duplicate option of the Operations menu selected.

You can edit the title, machine name, description, categories, and status when saving the new form. The duplicate form will include all fields, field settings, and all form settings, including emails and handlers. Submissions from the original form are not copied over to the duplicate form.

If you want to copy a webform between two Site Builder websites, please contact Web Development Services to perform this operation on your websites.

Mailchimp Integration

If you run a Mailchimp newsletter or email distribution list, it's possible to create a Webform to act as a signup form. Contact WDS for more details.