Webforms

Webform is the feature for making forms and surveys in Princeton Site Builder. After submission, customizable e-mails can be sent to administrators and/or submitters. Results can be exported into Excel or other spreadsheet applications. Webform also provides some basic statistical review of submissions.

Enable the Webforms A collection of features or functionality that can be enabled on sites. WDS has made several optional modules available to site administrators to enable on their site. For example, the "News" module enables the News content type and provide a News List Block for displaying news on a page.

The Webforms module must be enabled before you can add webforms.

Form Manager

The form manager provides a list of all available webforms.

Form manager features include:

  • Filtering webforms by keyword, category, and status
  • Sorting by the total number of submissions
  • Archiving of old forms

To access the form manager, from the Admin toolbar, click Webforms in the main admin toolbar.

How to create a Webform

Restricting Access

Access to Submit

By default, webforms are open to submission by anyone in the world. It might be desirable to restrict access to who can submit webform submissions.

You can easily restrict access to users that have an active Princeton Net ID (e.g. can log in via CAS). To do this:

  1. View the webform you'd like to control
  2. Click the Settings tab
  3. Click the Access sub-tab
  4. Under the access control settings for "Create Submissions", uncheck "Anonymous user" and leave only "Authenticated user" checked

The "Anonymous user" role is assigned to any visitor to your site that is not logged in (e.g. anyone in the world).

The "Authenticated user" role is assigned to anyone who has logged into your site. Anyone with an active Princeton Net ID can log into your site and will have this basic role. Such users will show up on your Users Dashboard, but only if you check the Show users with no roles checkbox at the top of that page.

When a webform is restricted and an anonymous (logged out) user attempts to access it, they will immediately be prompted to log in via CAS and will then be returned to the form after authentication.

If you'd like to create a link to the webform that prompts people to login, follow this format for the link's URL:

https://websitenamehere.princeton.edu/cas?destination=/webpagenamehere

If you want tighter restrictions (e.g. only allow staff of a specific department to submit the form), please contact WDS.

Webform access control settings form

Access to View Submissions

Users with the "webform submission viewer" role can view all webform submissions across all webforms. This is the only permission granted by that role.

Users with the "content manager" or "site admin" roles can view and manage (e.g. delete, edit) all webform submissions.

If you'd like to grant access for someone to view or manage submissions that don't have those roles, you can edit the webform and add individual users to provide this access. This is on the Settings > Access page for each webform.

Prefilling Fields With User Attributes

You can optionally configure webforms to automatically prefill a text field with some basic information from a logged in user. This feature of course requires that the user is logged into your website, so it's best to configure the form to only be submittable by Authenticated Users. This will force visitors to log in with their Princeton Net ID via CAS when visiting the form, thus making the attributes available.

To provide a default value of a user attribute for a text field:

  1. Go to the "Build" section of the webform
  2. Find the text field you want to edit and click Edit
  3. Click the Advanced tab in the pop-out sidebar
  4. Input a token from the choices below
  5. Save the field changes
A screenshot of the form component edit screen showing the default value field

Available token values

  • [cas:attribute:mail] - Full email address.
  • [cas:attribute:uid] - Net ID.
  • [cas:attribute:universityid] - The 9 digit university ID, sometimes referred to as PUID.
  • [cas:attribute:displayname] - Full first and last name with middle initial.
  • [cas:attribute:givenname] - First name.
  • [cas:attribute:sn] - Last name.
  • [cas:attribute:department] - The name of the user's department.
  • [cas:attribute:departmentnumber] - The department number.

Preventing Spam Submissions

Spam is typically submitted to webforms that allow submission from anonymous users and is performed by automated bots and not real people. All webforms on Site Builder have some built in protections to help prevent spam submissions from being accepted. In some cases, these protections are not enough and you will still receive spam. To add further protection, you can add a CAPTCHA element to the bottom of your webform which will present a "challenge" to the submitter that is designed to detect if the submitter is a human.

Add the "CAPTCHA" element just as you would with any other form element. You can leave all the default settings for the element. The CAPTCHA will appear only for anonymous visitors, since the assumption is that if a submitter can authenticate with CAS, they are not likely to be a spammer.

For more information about strategies to mitigate spam, please view our documentation page about Webform Spam.