devxlogo

Logging users’ e-mail addresses

Logging users’ e-mail addresses

Question:
Is there a way to log my users’ e-mail addresses using Java?

I thought of using a mailto form but the user would have to press a button, making this inconvenient and messy for me to access!

I am getting about four hits a day on a site that is not advertised and is really meant as a way for me to access my backed-up reports from school! I would like to see who is on my site and e-mail them to find out how they found it.

I also want to implement a warning informing users that their e-mail addresses are being logged. I know it can be done because I have been getting e-mail from sites that I have visited and I never sent them mail or clicked any buttons other than links. If you can assure me this is possible, and maybe send me the code, I would greatly appreciate it!

Answer:
You cannot obtain a user’s e-mail address using Java applets,and that’s a good thing. Java’s security manager prevents appletsfrom querying system resources such as the user’s name or homedirectory. This is to prevent malicious applets from collectingthis data and abusing it for aan evil purpose like spoofinge-mail messages from the unsuspecting user’s computer systemand so forth. Java is not the right answer here.

Your Web server, on the other hand, has complete knowledge of who’sconnecting to the Web site to retrieve HTML files. So you could, for example, embed a CGI script reference in your HTML pages thatcollected that information and saved it in a file on your serversystem somewhere.

This is how several web page “hit” counterswork. It will tell you at least which systems are connectingto your Web site — but it won’t let you know the user’s e-mailaddress.

What you’ve seen on Web pages is probably done using some incarnationof CGI script backends, or they’ve used JavaScript. Unlike Java,JavaScript is not very strict about security (in fact it has somevery serious security flaws) and does allow the Web page to find outthings like the user’s e-mail address and then pass that informationto the Web server, where it can be saved for later use.

If you really want to try that (some would argue this is ahighly unethical thing to do) I suggest you look at JavaScript.

devx-admin

Share the Post: