This is the most complete configuration help I could find. It contains an example form definition that you can modify. The only thing really missing from this help file is a simple statement that you can add as many fields as you want to your form - both hidden and user modifiable - and that all the data in these fields will be included in the email. You can even use a ComboBox (select field), Radio Buttons, and the like.
Though the help says that only post is supported, gdform.asp contains code to process both post and get.
The following special fields are not included in the body of the email message.
|If this is a valid email address, it will appear in the email's from address
Otherwise, a dummy name will be used
|This becomes the email's subject line
|This is the url of the page that will be displayed when the script finishes.
If this is missing, then the site's home page will be displayed.
gdform.asp reads the form variables and places them in an XML-type file in a specific directory. Eventually (about every 10 or 15 minutes, depending on the system), another program reads these text files and creates the emails. This is the reason that gdform.asp only works in the root directory ... it always creates the special directory off the directory it is currently sitting in. But the robot only searches one specific directory per account.
Of course, experienced programmers can download and view the php (Linux) or asp (Windows) scripts and see that this is how they work ... but that is beyond most users.
Configuring GoDaddy Email
Once this is done, the basic procedure is very simple
To change the email To address, use the Hosting Control Center .. as explained above. Unfortunately, it only allows a single address for all the sites hosted on your account.
This is an example
|What was typed
Notice that this uses 3 lines
|What was in the email
No space between line and Third
First line Third Line
First lineThird Line
|Linux systems do not have this problem even though gdform.php produces a similar xml-type file. Perhaps the parser works better.
Exploring with FTP, I discovered an undocumented directory - BadGDFormMail. In it I found several spam emails that had been sent via my form ... and one valid email.
I am not sure what the errors were ... these are all text files that have already been processed to remove the XML tags.
I can tell by the formatting that the spam files were NOT sent via the form. It appears that the script file was called directly.
I have noticed that a lot of spam that comes via gdform.asp is lacking my custom fields. Since many GoDaddy sites use the same server-side script, with the same name, it appears that some spammers are just trying all the accounts and using the "standard" well known field names ... but not the custom names that I added to my pages.
So ... one way to reduce this type of spam is to intentionally add a hidden form field, with a name that you make up, and to test that it has the correct value. If it does not match, then the "email" is a fake and should not be sent.
The other thing you should do is to rename gdform.asp so that spammers can not find it without actually reading your pages.