With the help of the Workflow Designer module it is possible to easily create powerful and flexible Webforms.
One benefit from Workflow Designer HTTP Handler is, that the function is also possible, when your CRM is behind a firewall and you don’t want to open it for public users.
(Maybe secured by HTTP Login, Client Certificates etc. or simpel private IP)
1. Create your Webform
You could use the internal Webforms Builder to create the HTML code of the Form or use a CMS to create the Form.
It is important to use fieldnames, equal to fieldnames in your CRM to make it easier.
2. Create the Workflow
After the creation of the Workflow this is another complex point and you need to configure it carefully if you don’t want to lost requests.
The HTTP Handler works with Permission entries. You could allow single IP’s or IP ranges access to one or more workflows. They cannot access other workflows then the configured ones. Otherwise they are able to trigger every action in your system.
- Open the HTTP Handler Settings
- Add a new Permission Entry
The most important information is the Target URL. They is required within the action attribute of your <form ..> HTML Tag.
The Title is something for you to remember the usage of this permission entry.
Within the next field “IP’s for this permission” you need to add a list of IP/CIDR/IP Ranges, which could call this Target URL. If you decide to use the HTTP Handler without a gateway script, you need only to enter a “*” within this field.
This allow every IP to access. Per default the access is denied for all IP’s.
You could use single IP’s or IP ranges in the following formats:
- 192.168.0.*
- 192.168.0.100-192.168.0.160
- 192.168.0.0/24
To configure Triggers is only available for deprecation reason and cannot used in a efficient way.
The last Field allows you to enable single Workflows to be executed within this Permission Entry. The number before the Workflows is important, because it the ID you need to use in Webform.
Pay attention: Theoretically EVERY Workflow you enable in this list, could be executed by bad guys. There is no additional security layer, if IP match.
Press “Save” after you finished the configuration.
3. Update HTML Code of form or adjust the CMS Settings
In this step the setup with Gateway Script and without Gateway Script differ.
3.1 Without gateway script
In this setup the user directly request a Short URL in your VtigerCRM.
You need to take the “Target URL” and set it into the Webforms action attribute, with two additions:
- You need to add the Workflow ID you want to execute with the parameter “workflow_id”.
- You need to add the parameter direct with value 1 to give Workflow Designer the information he shouldn’t respond with a JSON string and instead directly redirect the User
Your final URL will look similar to this:
<vtigerDomain>/shorturl.php?id=1234567890ABCDEF&direct=1&workflow_id=13
In this example URL 13 is the ID of the Workflow, which should be executed. You get this ID from the workflow overview or the permission entry configuration.
3.2 With the gateway script
The gateway script allows you to pass a security layer in front of your CRM without to share the credentials with public internet. You found the file here: https://gist.github.com/swarnat/a38daa31cfb5130af171e8ac92c0bd22
Within this script you setup the Target URL, you get within Http Handler Editor and attach the workflow_id, like described in 4.1.
4. Test the Setup
If you test the form and get a message “ACCESS_DENIED for <IP>”, then you misconfigure the Permission Entry and needs du adjust the IP rules. If this happens, you also get a small number in Workflow Designer Sidebar and a log entry within the HTTP Handler, which helps you to better figure out the correct URL.
