ForgeLocal documentation · v1.2.0

Forms & Integrations

Connect the quote, service, schedule, contact and careers forms without exposing secrets or implying automatic confirmation.

1. Default behaviour

All forms use data-demo-form. JavaScript prevents submission, validates required fields, shows an error summary, simulates a short loading state and displays a local success message. No network request is made.

2. Quote form

pages/request-quote.html uses four steps. quote-form.js handles steps and saves a draft to localStorage. The fields cover identity, contact, address, property type, category, service, urgency, preferred period, budget, details and consent.

3. Service-request form

pages/request-service.html is for existing customers or maintenance visits. It explicitly states that a preferred date is not confirmed.

4. Schedule request

pages/schedule-request.html displays a live summary through schedule.js. It has no live availability and cannot book an appointment.

5. Netlify Forms

  1. Remove or adapt the demonstration submit handler for the chosen form.
  2. Add name="quote-request" method="POST" data-netlify="true" to the form.
  3. Keep a hidden form-name input if required by the current Netlify documentation.
  4. Deploy through Netlify and submit a test using non-sensitive data.
  5. Configure notifications, spam controls and retention in the provider dashboard.

6. Formspree

  1. Create a real form in Formspree.
  2. Set method="POST" and the provider-issued HTTPS action.
  3. Remove the demo prevention only for that form.
  4. Test validation, success, failure, consent and spam handling.

7. Custom backend endpoint

Set a reviewed HTTPS endpoint, validate and sanitize every field on the server, implement rate limiting and CSRF controls where applicable, return accessible success and error responses, and define secure retention.

8. CRM webhook placeholder

Never put private webhook URLs, tokens or credentials in frontend JavaScript. Send data to your own secure server, then relay it to the CRM.

9. Error and success states

Keep the error summary, inline messages, aria-invalid state and aria-live status region. Test using keyboard and screen reader after integration.

10. Duplicate prevention and spam

The demo disables the submit button after success and includes a honeypot. Production forms still need server-side idempotency, rate limits and provider spam controls.

11. File uploads

The careers form includes a résumé filename placeholder only. Do not add file uploads without reviewing size, type, malware scanning, privacy, storage and accessibility.

Version 1.2.0

Estimator and form behaviour

The estimator never transmits data and reads editable ranges from config.js. The existing forms remain frontend demonstrations until an endpoint is connected. Keep the non-binding and no-transmission messages visible unless real backend behaviour replaces them.