By Dubber Dan on

I'd like to set up a webform on my site so that users can complete a request for a prescription. I don't necessarily need them to register to use the facility but do need to make it secure, so I guess that means using SSL and PGP. I've got a few questions I wonder if you might be able to advise:

1. I presume it would it be best to use SSL for the page that the form sits on AND then PGP when emailing the results. Would be be secure enough to remove one or other of those and if so which?

2. How easy is it to embed an SSL page into a Drupal site? Would I need to embed it in a frame?

Thanks for your help.

Categories: Drupal 4.7.x

Comments

Dubber Dan’s picture

Dubber Dan commented

anyone?

adoucette’s picture

adoucette commented

Have you had any replies or figured out how to do it? I would like to do a similar health-care related webform on a site and would really appreciate your feedback on this... Let me know,
Ari

Dubber Dan’s picture

Dubber Dan commented

No replies and haven't figured it out yet.... Mainly due to not having the time recently but will look again in the new year.

Anyone?

hbryan’s picture

hbryan commented

So, is this even possible? I hope to be able to pgp encrypt form results as well as invoke a secure certificate.

Dubber Dan’s picture

Dubber Dan commented

I would have thought so, but haven't found out how yet and no-ones come up with any suggestions.

steingard’s picture

steingard commented

I came across this posting when looking for a solution

I also came across this page: http://drupal.org/node/65371
Which basically says that this is the solution: http://drupal.org/node/65632

I have yet to test to see if it does the trick, but I hope you find it useful.

hbryan’s picture

hbryan commented

The Secure Cert issue turns out to be a non-issue for me, I simply put the full "https" URL in the path for the menu item that goes to our donation page.

The form is another matter. I have to think it's possible to create a php form that mails encrypted results in Drupal but if someone reading this forum knows how they sure ain't talkin.

hbryan’s picture

hbryan commented

I don't know what posessed me to try this but I solved my problem.

I pasted the old html form from our old site into the body of a drupal node, chose PHP under 'input format' and DID NOT use the <?PHP ?> tags.

Seems to work like a charm. Is there any reason I'm not aware of that I shouldn't have it this way?

yan’s picture

yan commented

I'm looking for a way to send gpg-encrypted messages through Drupal (could be the contact form or a webform). The SSL part looks ok for me with the Secure Pages Module. But I couldn't find any hints on how to use gpg/pgp. That'd be a great thing to have..

yan’s picture

yan commented

This might be helpful:

Using GnuPG with PHP
http://devzone.zend.com/article/3753-Using-GnuPG-with-PHP

I'd love to make a module out of this. But I don't have the skills to do so. I hope somebody does.

Anonymous’s picture

Anonymous (not verified) commented

But I couldn't find any hints on how to use gpg/pgp.

Now we have the GnuPG API. It's the first step to use OpenPGP with Drupal modules like Contact Forms, Mass Contact, and others.

We should ask for OpenPGP (GPG) support in the issue queues of suitable modules.

yan’s picture

yan commented

Great to hear that! I hope there will be a 5.x version, too.

I just published an issue for the Webform module regarding the new API:
#326481: Add support for the OpenPGP API