Automatically verifying entries in Drupal webforms in 4 steps

Open Source Drupal

Node Author

Imagine you would like to have a form on your website that let’s visitors test your Cloud application. We wanted this for people who like to try our Drupal social intranet OpenLucius for free. To achieve this we need at least the following information: email address, name and organization.

We wanted to:

  1. Keep the threshold as low as possible.
  2. Verify the entered email address.
  3. Request additional information.
  4. Avoid spam bots.

We also wanted to automate as much as possible, as to not lose time on spam bots and people that are not serious. In Drupal this is all possible without coding a single line: with the use of the popular Drupal modules Webform and Token. Here is how in 4 steps:

1. Keep the threshold as low as possible

I assume you are somewhat familiar with the Webform module, if not: then check this. Create a form in which only one field is incorporated: email address. I am calling this form the ‘Lead form’.

Example frontend:


2. Verify the email address

Configure the webform in such a way that it sends a ‘verification email’ to the entered email address. A link is included in this verification email that a user should click; this way you will know for sure this email address really exists and that it is probably not a spam bot that filled out the Lead form.

Sending a verification email to the entered email address is possible in the Drupal Webform module. This can be done as follows:

Click the tab ‘Emails’ from the Lead form:

Select there ‘Component value’ and click ‘Add’. Then configure this email. Within this context it is important to include the verification link, this can be done below at ‘E-mail template’:

You can see I created here a link to a page on the website and incorporated an extra argument ‘?email=[submission:values:e_mail]’. When this is created nicely, it could look for example like this:

Creating a beautiful email template can be done with, for example, Mailchimp.

When people are clicking on this verification link they will be redirected (in our example) to the relevant page in your website and there you go: email is verified. Now we only need additional information (name and organization):

3. Request additional information

After clicking the verification link the following webform appears with the alias ‘/verification’. Here you will ask for additional information required to generate the relevant trial period. Our example:

This is also a webform, created with 3 fields.


You are seeing three fields of which ‘Name’ and ‘Organization’ are standard Text fields. You can see that ‘Email’ has a default value: this is the previously entered email address from the verification link (via the additional argument from the verification link ‘?email=[submission:values:e_mail]’). Webform has a nifty feature that handles this URL argument as a default value. How? Click ‘edit’ behind the field ‘Email’ and enter this token:

You can also see that the email field is disabled in the frontend, so people cannot enter another email address. This can also be set in the backend:

When people are filling in this profile, you will have all the information. And you can generate a shell or PHP script that automatically creates the setting and emails the credentials.

4. Avoid spam bots

The chance that spam bots get through this is relatively small: a manual human action is needed: clicking the verification link in the email. But to make the risk of spam (especially in the initial form) even smaller, it is wise to install, for example, the Honeypot module. This will reduce the chance that your entire database will be spammed.

Addendum: sending HTML emails from a webform

For your information: you will need the following modules to send HTML emails: Mailsystem and MimeMail. After the installation procedure it is advised to disable ‘include site style sheets’. Otherwise, chances are high the verification email will end up in the spam box:

Wrap up

Ok, that’s it. Questions or feedback? Let me know!