Self-Process php forms or not?

------=_NextPart_000_0024_01C9C4E1.6515C120
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

I=92m trying to understand the advantages behind opting by using a
Self-Process PHP Form, instead of having a form and then point the =
action of
the form to another .php page.=20
=20
Can anyone point me some resources about this. Why using one instead of
another. What are the main advantages?
=20
=20
=20
Regards,
M=E1rcio

------=_NextPart_000_0024_01C9C4E1.6515C120--

Re: Self-Process php forms or not?

I think the main advantage is that if something goes wrong processing the
datas, you can show the form again without redirecting again.

And if you have to change the behavior of the page, you have to change only
one file instead of two.

SanTa

----- Original Message -----
From: "MEM"
To: "'PHP-General List'"
Sent: Friday, April 24, 2009 2:34 PM
Subject: [PHP] Self-Process php forms or not?


I'm trying to understand the advantages behind opting by using a
Self-Process PHP Form, instead of having a form and then point the action of
the form to another .php page.

Can anyone point me some resources about this. Why using one instead of
another. What are the main advantages?



Regards,
Márcio


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: Self-Process php forms or not?

So, on your opinion, we can call that method, on some circumstances, a =
good
practice?

What about the moto: "let's separate business from presentation?"


Thanks once again,
M=E1rcio


> -----Original Message-----
> From: S=E1ndor Tam=E1s (HostWare Kft.) =
[mailto:sandortamas@hostware.hu]
> Sent: sexta-feira, 24 de Abril de 2009 13:53
> To: 'PHP-General List'
> Subject: Re: [PHP] Self-Process php forms or not?
>=20
> I think the main advantage is that if something goes wrong processing
> the
> datas, you can show the form again without redirecting again.
>=20
> And if you have to change the behavior of the page, you have to change
> only
> one file instead of two.
>=20
> SanTa



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: Self-Process php forms or not?

When you have it all in one file, the first thing you do is check to see =
if this request was submitted from the form. If not, you send the blank =
form. If it was, you validate all of the data. When a validation fails, =
you add error messages and resend the form with any fields that passed =
the validation already filled in. When validation succeeds, process and =
move on. No muss, no fuss.

Bob McConnell

-----Original Message-----
From: S=E1ndor Tam=E1s (HostWare Kft.) [mailto:sandortamas@hostware.hu]=20
Sent: Friday, April 24, 2009 8:53 AM
To: 'PHP-General List'
Subject: Re: [PHP] Self-Process php forms or not?

I think the main advantage is that if something goes wrong processing =
the=20
datas, you can show the form again without redirecting again.

And if you have to change the behavior of the page, you have to change =
only=20
one file instead of two.

SanTa

----- Original Message -----=20
From: "MEM"
To: "'PHP-General List'"
Sent: Friday, April 24, 2009 2:34 PM
Subject: [PHP] Self-Process php forms or not?


I'm trying to understand the advantages behind opting by using a
Self-Process PHP Form, instead of having a form and then point the =
action of
the form to another .php page.

Can anyone point me some resources about this. Why using one instead of
another. What are the main advantages?



Regards,
M=E1rcio


--=20
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: Self-Process php forms or not?

[snip] What about the moto: "let's separate business from =
presentation?"[/snip]

This depends on how strictly you're following any given model like MVC. =
IMHO you should use the right tool for the job.=20

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Self-Process php forms or not?

Well, if you keen on separating business from presentation (which is usually
a good practice), you can always do this:

if (isset($_POST['action']))
{
if (DoProcess($_POST))
{
PrintSuccess();
}
else
{
PrintFailure();
PrintForm();
}
}
?>

So you can call in fact the processing page, the real presentation can be in
another PHP file, as well as the processing functions. Of course, instead of
PrintForm() you can actually implant the real HTML code.
And by the way, if you keep the form and the processing parts in one file,
and create the form like this:

Re: Self-Process php forms or not?

Having a script that is self executing - when it posts back to itself
instead of a separate script - has absolutely nothing to do with the
separation of business and presentation. It is possible for a single script
to use separate components for the presentation, business and data access
layers.

--
Tony Marston
http://www.tonymarston.net
http://www.radicore.org

""MEM"" wrote in message
news:002b01c9c4dd$08569bc0$1903d340$@com...
> So, on your opinion, we can call that method, on some circumstances, a
> good
> practice?
>
> What about the moto: "let's separate business from presentation?"
>
>
> Thanks once again,
> Márcio


> -----Original Message-----
> From: Sándor Tamás (HostWare Kft.) [mailto:sandortamas@hostware.hu]
> Sent: sexta-feira, 24 de Abril de 2009 13:53
> To: 'PHP-General List'
> Subject: Re: [PHP] Self-Process php forms or not?
>
> I think the main advantage is that if something goes wrong processing
> the
> datas, you can show the form again without redirecting again.
>
> And if you have to change the behavior of the page, you have to change
> only
> one file instead of two.
>
> SanTa




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Self-Process php forms or not?

What you are describing is known as a "self executing" script where the
script posts back to itself. In other words it has two passes - the first
uses the GET method to build the screen for the user, which may or may not
be empty, while the second uses the POST method to send the user's changes
back to the server for validation and updating. By dealing with both the GET
and POST in a single script it means that you don't have to redirect to a
different script if you have to redisplay the data because of invalid use
input.

--
Tony Marston
http://www.tonymarston.net
http://www.radicore.org


""MEM"" wrote in message
news:002301c9c4d9$03515920$09f40b60$@com...
I'm trying to understand the advantages behind opting by using a
Self-Process PHP Form, instead of having a form and then point the action of
the form to another .php page.

Can anyone point me some resources about this. Why using one instead of
another. What are the main advantages?



Regards,
Márcio


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: Self-Process php forms or not?

Thanks to all for your replies.=20
I'm more elucidated about the possibilities now. I have seen here a lot =
of
keywords to start digging. :)

Thanks once again,
M=E1rcio

> -----Original Message-----
> From: Tony Marston [mailto:tony@marston-home.demon.co.uk]
> Sent: sexta-feira, 24 de Abril de 2009 14:20
> To: php-general@lists.php.net
> Subject: Re: [PHP] Self-Process php forms or not?
>=20
> Having a script that is self executing - when it posts back to itself
> instead of a separate script - has absolutely nothing to do with the
> separation of business and presentation. It is possible for a single
> script
> to use separate components for the presentation, business and data
> access
> layers.
>=20
> --
> Tony Marston
> http://www.tonymarston.net
> http://www.radicore.org
>=20
> ""MEM"" wrote in message
> news:002b01c9c4dd$08569bc0$1903d340$@com...
> > So, on your opinion, we can call that method, on some circumstances,
> a
> > good
> > practice?
> >
> > What about the moto: "let's separate business from presentation?"
> >
> >
> > Thanks once again,
> > M=E1rcio
>=20
>=20
> > -----Original Message-----
> > From: S=E1ndor Tam=E1s (HostWare Kft.) =
[mailto:sandortamas@hostware.hu]
> > Sent: sexta-feira, 24 de Abril de 2009 13:53
> > To: 'PHP-General List'
> > Subject: Re: [PHP] Self-Process php forms or not?
> >
> > I think the main advantage is that if something goes wrong =
processing
> > the
> > datas, you can show the form again without redirecting again.
> >
> > And if you have to change the behavior of the page, you have to
> change
> > only
> > one file instead of two.
> >
> > SanTa
>=20
>=20
>=20
>=20
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Self-Process php forms or not?

Hello,

on 04/24/2009 09:34 AM MEM said the following:
> I’m trying to understand the advantages behind opting by using a
> Self-Process PHP Form, instead of having a form and then point the action of
> the form to another .php page.
>
> Can anyone point me some resources about this. Why using one instead of
> another. What are the main advantages?

You may want to watch this tutorial video that explains why presenting
and processing a form with a single script is a better solution.

http://www.phpclasses.org/browse/video/1/package/1/section/u sage.html

Basically if you use the same script, if the form has invalid fields,
you can present the form with the previously submitted values.


--

Regards,
Manuel Lemos

Find and post PHP jobs
http://www.phpclasses.org/jobs/

PHP Classes - Free ready to use OOP components written in PHP
http://www.phpclasses.org/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: Self-Process php forms or not?

One last question about this:

I've done a self submit form, after hearing all the advantages expressed
here.=20
But how could we relate, without using javascript, a self submit form =
with a
"success page" or a "confirmation page" that doesn't show the form?

Can please someone throw me some infos about this please?


Ps- I've googled: "php redirect success page on self submit form" and
similar...=20



Regards,=20
M=E1rcio

> -----Original Message-----
> From: Bob McConnell [mailto:rvm@CBORD.com]
> Sent: sexta-feira, 24 de Abril de 2009 14:10
> To: PHP-General List
> Subject: RE: [PHP] Self-Process php forms or not?
>=20
> When you have it all in one file, the first thing you do is check to
> see if this request was submitted from the form. If not, you send the
> blank form. If it was, you validate all of the data. When a validation
> fails, you add error messages and resend the form with any fields that
> passed the validation already filled in. When validation succeeds,
> process and move on. No muss, no fuss.
>=20
> Bob McConnell
>=20
> -----Original Message-----
> From: S=E1ndor Tam=E1s (HostWare Kft.) =
[mailto:sandortamas@hostware.hu]
> Sent: Friday, April 24, 2009 8:53 AM
> To: 'PHP-General List'
> Subject: Re: [PHP] Self-Process php forms or not?
>=20
> I think the main advantage is that if something goes wrong processing
> the
> datas, you can show the form again without redirecting again.
>=20
> And if you have to change the behavior of the page, you have to change
> only
> one file instead of two.
>=20
> SanTa
>=20
> ----- Original Message -----
> From: "MEM"
> To: "'PHP-General List'"
> Sent: Friday, April 24, 2009 2:34 PM
> Subject: [PHP] Self-Process php forms or not?
>=20
>=20
> I'm trying to understand the advantages behind opting by using a
> Self-Process PHP Form, instead of having a form and then point the
> action of
> the form to another .php page.
>=20
> Can anyone point me some resources about this. Why using one instead =
of
> another. What are the main advantages?
>=20
>=20
>=20
> Regards,
> M=E1rcio
>=20
>=20
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>=20
>=20
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: Self-Process php forms or not?

May be it is best time to for you to start using Zend Framework -> Zend_For=
m

-----Original Message-----
From: MEM [mailto:talofo@gmail.com]
Sent: Thursday, October 01, 2009 3:01 PM
To: 'Bob McConnell'; 'PHP-General List'
Subject: RE: [PHP] Self-Process php forms or not?

One last question about this:

I've done a self submit form, after hearing all the advantages expressed
here.
But how could we relate, without using javascript, a self submit form with =
a
"success page" or a "confirmation page" that doesn't show the form?

Can please someone throw me some infos about this please?


Ps- I've googled: "php redirect success page on self submit form" and
similar...



Regards,
M=E1rcio

> -----Original Message-----
> From: Bob McConnell [mailto:rvm@CBORD.com]
> Sent: sexta-feira, 24 de Abril de 2009 14:10
> To: PHP-General List
> Subject: RE: [PHP] Self-Process php forms or not?
>
> When you have it all in one file, the first thing you do is check to
> see if this request was submitted from the form. If not, you send the
> blank form. If it was, you validate all of the data. When a validation
> fails, you add error messages and resend the form with any fields that
> passed the validation already filled in. When validation succeeds,
> process and move on. No muss, no fuss.
>
> Bob McConnell
>
> -----Original Message-----
> From: S=E1ndor Tam=E1s (HostWare Kft.) [mailto:sandortamas@hostware.hu]
> Sent: Friday, April 24, 2009 8:53 AM
> To: 'PHP-General List'
> Subject: Re: [PHP] Self-Process php forms or not?
>
> I think the main advantage is that if something goes wrong processing
> the
> datas, you can show the form again without redirecting again.
>
> And if you have to change the behavior of the page, you have to change
> only
> one file instead of two.
>
> SanTa
>
> ----- Original Message -----
> From: "MEM"
> To: "'PHP-General List'"
> Sent: Friday, April 24, 2009 2:34 PM
> Subject: [PHP] Self-Process php forms or not?
>
>
> I'm trying to understand the advantages behind opting by using a
> Self-Process PHP Form, instead of having a form and then point the
> action of
> the form to another .php page.
>
> Can anyone point me some resources about this. Why using one instead of
> another. What are the main advantages?
>
>
>
> Regards,
> M=E1rcio
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


Bu mesaj ve ekleri, mesajda gönderildi=F0i belirtilen ki=FEi/ki=FEilere =
özeldir ve gizlidir. Size yanlýþl=FDkla ula=FEmýþsa lütfen gö=
nderen kisiyi bilgilendiriniz ve mesaj=FD sisteminizden siliniz. Mesaj ve e=
klerinin i=E7eri=F0i ile ilgili olarak =FEirketimizin herhangi bir hukuki s=
orumlulu=F0u bulunmamaktad=FDr. =DEirketimiz mesaj=FDn ve bilgilerinin size=
de=F0i=FEikli=F0e u=F0rayarak veya ge=E7 ula=FEmas=FDndan, bütünlü=
ðünün ve gizlili=F0inin korunamamas=FDndan, virüs i=E7ermesinden ve=
bilgisayar sisteminize verebilece=F0i herhangi bir zarardan sorumlu tutula=
maz.

This message and attachments are confidential and intended for the individu=
al(s) stated in this message. If you received this message in error, please=
immediately notify the sender and delete it from your system. Our company =
has no legal responsibility for the contents of the message and its attachm=
ents. Our company shall have no liability for any changes or late receiving=
, loss of integrity and confidentiality, viruses and any damages caused in =
anyway to your computer system.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Self-Process php forms or not?

On 10/1/09 8:00 AM, "MEM" wrote:

> One last question about this:
>
> I've done a self submit form, after hearing all the advantages expressed
> here.
> But how could we relate, without using javascript, a self submit form with a
> "success page" or a "confirmation page" that doesn't show the form?
>
> Can please someone throw me some infos about this please?

i use one php script that knows how to deliver more than one html page
depending on the outcome of processing of form input and the rest.

i'm sure there are other ways.



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Self-Process php forms or not?

On Thu, 2009-10-01 at 09:30 -0400, Tom Worster wrote:
> On 10/1/09 8:00 AM, "MEM" wrote:
>
> > One last question about this:
> >
> > I've done a self submit form, after hearing all the advantages expressed
> > here.
> > But how could we relate, without using javascript, a self submit form with a
> > "success page" or a "confirmation page" that doesn't show the form?
> >
> > Can please someone throw me some infos about this please?
>
> i use one php script that knows how to deliver more than one html page
> depending on the outcome of processing of form input and the rest.
>
> i'm sure there are other ways.
>
>
>

The way I always tend to do something like this is as follows:

$errors = false;
if(isset($_REQUEST['submit']))
{
// process form here
// if it doesn't validate $errors to true

// you can either redirect here, or display the confirmation message
}
if(!isset($_REQUEST['submit']) || $errors)
{
// display form
// if $errors is true populate the form with user submitted data
}


Thanks,
Ash
http://www.ashleysheridan.co.uk




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: Self-Process php forms or not?

I've used the form page with a the following code (at the bottom - but
before any output is done) to redirect to a thank you page:

if ($submittedcorrectly)
{
header("Location: thankyou.htm");=20
exit();
}

HTH
J

-----Original Message-----
From: MEM [mailto:talofo@gmail.com]=20
Sent: 01 October 2009 13:01
To: 'Bob McConnell'; 'PHP-General List'
Subject: RE: [PHP] Self-Process php forms or not?

One last question about this:

I've done a self submit form, after hearing all the advantages expressed
here.=20
But how could we relate, without using javascript, a self submit form =
with a
"success page" or a "confirmation page" that doesn't show the form?

Can please someone throw me some infos about this please?


Ps- I've googled: "php redirect success page on self submit form" and
similar...=20



Regards,=20
M=E1rcio

> -----Original Message-----
> From: Bob McConnell [mailto:rvm@CBORD.com]
> Sent: sexta-feira, 24 de Abril de 2009 14:10
> To: PHP-General List
> Subject: RE: [PHP] Self-Process php forms or not?
>=20
> When you have it all in one file, the first thing you do is check to
> see if this request was submitted from the form. If not, you send the
> blank form. If it was, you validate all of the data. When a validation
> fails, you add error messages and resend the form with any fields that
> passed the validation already filled in. When validation succeeds,
> process and move on. No muss, no fuss.
>=20
> Bob McConnell
>=20
> -----Original Message-----
> From: S=E1ndor Tam=E1s (HostWare Kft.) =
[mailto:sandortamas@hostware.hu]
> Sent: Friday, April 24, 2009 8:53 AM
> To: 'PHP-General List'
> Subject: Re: [PHP] Self-Process php forms or not?
>=20
> I think the main advantage is that if something goes wrong processing
> the
> datas, you can show the form again without redirecting again.
>=20
> And if you have to change the behavior of the page, you have to change
> only
> one file instead of two.
>=20
> SanTa
>=20
> ----- Original Message -----
> From: "MEM"
> To: "'PHP-General List'"
> Sent: Friday, April 24, 2009 2:34 PM
> Subject: [PHP] Self-Process php forms or not?
>=20
>=20
> I'm trying to understand the advantages behind opting by using a
> Self-Process PHP Form, instead of having a form and then point the
> action of
> the form to another .php page.
>=20
> Can anyone point me some resources about this. Why using one instead =
of
> another. What are the main advantages?
>=20
>=20
>=20
> Regards,
> M=E1rcio
>=20
>=20
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>=20
>=20
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php


--=20
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Self-Process php forms or not?

---- Original Message ----=0A> From: Mert Oztekin com.tr>=0A> To: MEM ; Bob McConnell ; PHP-=
General List =0A> Sent: Thursday, October 1, 200=
9 5:16:40 AM=0A> Subject: RE: [PHP] Self-Process php forms or not?=0A> =0A>=
May be it is best time to for you to start using Zend Framework -> Zend_Fo=
rm=0A> =0A> -----Original Message-----=0A> From: MEM [mailto:talofo@gmail.c=
om]=0A> Sent: Thursday, October 01, 2009 3:01 PM=0A> To: 'Bob McConnell'; '=
PHP-General List'=0A> Subject: RE: [PHP] Self-Process php forms or not?=0A>=
=0A> One last question about this:=0A> =0A> I've done a self submit form, =
after hearing all the advantages expressed=0A> here.=0A> But how could we r=
elate, without using javascript, a self submit form with a=0A> "success pag=
e" or a "confirmation page" that doesn't show the form?=0A> =0A> Can please=
someone throw me some infos about this please?=0A> Use of javascript=
to validate form is not required but will help with (processing) load on t=
he server side. However, you should always validate and sanitize all user =
input on server side if you want to maintain good data integrity in your DB=
and security. Why? In case someone uses cURL or another TCP app to do GE=
T/POST to your app (server) ;) As for redirecting w/o javascript, it's ea=
sy. Here's a sample: entryForm.php post to $self or other $url > $sel=
f / $url validates the form >=0A* if valid form > redirect via header()=0A =
or > include/require another modular page (suggested)=0A* =
else invalid form > show entryForm.php with errors You can either pass=
the variables via GET in your redirect or use $_SESSION variables. I pref=
er $_SESSION since you really make your app modular and have access to thos=
e variables from any include/require page. If you're really innovative, yo=
u could expand on it to have more performance ;) Regards,=0ATommy=0A=
=0A> =0A> Ps- I've googled: "php redirect success page on self submit form"=
and=0A> similar...=0A> =0A> =0A> =0A> Regards,=0A> Márcio=0A> =0A> > =
-----Original Message-----=0A> > From: Bob McConnell [mailto:rvm@CBORD.com]=
=0A> > Sent: sexta-feira, 24 de Abril de 2009 14:10=0A> > To: PHP-General L=
ist=0A> > Subject: RE: [PHP] Self-Process php forms or not?=0A> >=0A> > Whe=
n you have it all in one file, the first thing you do is check to=0A> > see=
if this request was submitted from the form. If not, you send the=0A> > bl=
ank form. If it was, you validate all of the data. When a validation=0A> > =
fails, you add error messages and resend the form with any fields that=0A> =
> passed the validation already filled in. When validation succeeds,=0A> > =
process and move on. No muss, no fuss.=0A> >=0A> > Bob McConnell=0A> >=0A> =
> -----Original Message-----=0A> > From: Sándor Tamás (HostWare K=
ft.) [mailto:sandortamas@hostware.hu]=0A> > Sent: Friday, April 24, 2009 8:=
53 AM=0A> > To: 'PHP-General List'=0A> > Subject: Re: [PHP] Self-Process ph=
p forms or not?=0A> >=0A> > I think the main advantage is that if something=
goes wrong processing=0A> > the=0A> > datas, you can show the form again w=
ithout redirecting again.=0A> >=0A> > And if you have to change the behavio=
r of the page, you have to change=0A> > only=0A> > one file instead of two.=
=0A> >=0A> > SanTa=0A> >=0A> > ----- Original Message -----=0A> > From: "ME=
M" =0A> > To: "'PHP-General List'" =0A> > Sent: Friday, April 24, 2009 2:34=
PM=0A> > Subject: [PHP] Self-Process php forms or not?=0A> >=0A> >=0A> > I=
'm trying to understand the advantages behind opting by using a=0A> > Self-=
Process PHP Form, instead of having a form and then point the=0A> > action =
of=0A> > the form to another .php page.=0A> >=0A> > Can anyone point me som=
e resources about this. Why using one instead of=0A> > another. What are th=
e main advantages?=0A> >=0A> >=0A> >=0A> > Regards,=0A> > Márcio=0A> >=
=0A> >=0A> > --=0A> > PHP General Mailing List (http://www.php.net/)=0A> > =
To unsubscribe, visit: http://www.php.net/unsub.php=0A> >=0A> >=0A> > --=0A=
> > PHP General Mailing List (http://www.php.net/)=0A> > To unsubscribe, vi=
sit: http://www.php.net/unsub.php=0A> =0A> =0A> --=0A> PHP General Mailing =
List (http://www.php.net/)=0A> To unsubscribe, visit: http://www.php.net/un=
sub.php=0A> =0A> =0A> Bu mesaj ve ekleri, mesajda gönderildiği be=
lirtilen kişi/kişilere özeldir ve =0A> gizlidir. Size yanl=
ışlıkla ulaşmışsa lütfen gönderen k=
isiyi bilgilendiriniz ve =0A> mesajı sisteminizden siliniz. Mesaj ve e=
klerinin içeriği ile ilgili olarak =0A> şirketimizin herhang=
i bir hukuki sorumluluğu bulunmamaktadır. Şirketimiz mesaj=
ın =0A> ve bilgilerinin size değişikliğe uğrayarak=
veya geç ulaşmasından, bütünlüğün=
ün =0A> ve gizliliğinin korunamamasından, virüs iç=
ermesinden ve bilgisayar sisteminize =0A> verebileceği herhangi bir za=
rardan sorumlu tutulamaz.=0A> =0A> This message and attachments are confide=
ntial and intended for the individual(s) =0A> stated in this message. If yo=
u received this message in error, please =0A> immediately notify the sender=
and delete it from your system. Our company has no =0A> legal responsibili=
ty for the contents of the message and its attachments. Our =0A> company sh=
all have no liability for any changes or late receiving, loss of =0A> integ=
rity and confidentiality, viruses and any damages caused in anyway to your =
=0A> computer system.=0A> =0A> --=0A> PHP General Mailing List (http://www.=
php.net/)=0A> To unsubscribe, visit: http://www.php.net/unsub.php=0A

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: Self-Process php forms or not?

At 1:00 PM +0100 10/1/09, MEM wrote:
>One last question about this:
>
>I've done a self submit form, after hearing all the advantages expressed
>here.
>But how could we relate, without using javascript, a self submit form with a
>"success page" or a "confirmation page" that doesn't show the form?
>
>Can please someone throw me some infos about this please?


MEM:

Here's what I do -- it's pretty simple.

I use a hidden input variable I call "step" and monitor it as the
user clicks whatever form submit they are on -- it works like so:

$step = isset($_POST['step']) ? $_POST['step'] : 0;

switch ($step)
{
case 0: // present the first form to the user
// collect data
// you can enhance the user experience by using javascript here.
//
break;

case 1: // present second form to the user
// clean data
// if data OK then record data in db
// if data not OK then send user back
break;

case 2: //present the third form to the user
// success, or confirmation, or thank you page
break;
}

Now, to make things easier for the user, be sure to set session
variables for all the data collected in the first form so that IF you
send the user back to the first form, the user doesn't have to
reenter everything.

HTH,

tedd
--
-------
http://sperling.com http://ancientstones.com http://earthstones.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Self-Process php forms or not?

On 10/1/09 10:13 AM, "tedd" wrote:

> At 1:00 PM +0100 10/1/09, MEM wrote:
>> One last question about this:
>>
>> I've done a self submit form, after hearing all the advantages expressed
>> here.
>> But how could we relate, without using javascript, a self submit form with a
>> "success page" or a "confirmation page" that doesn't show the form?
>>
>> Can please someone throw me some infos about this please?
>
>
> MEM:
>
> Here's what I do -- it's pretty simple.
>
> I use a hidden input variable I call "step" and monitor it as the
> user clicks whatever form submit they are on -- it works like so:
>
> $step = isset($_POST['step']) ? $_POST['step'] : 0;
>
> switch ($step)
> {
> case 0: // present the first form to the user
> // collect data
> // you can enhance the user experience by using javascript here.
> //
> break;
>
> case 1: // present second form to the user
> // clean data
> // if data OK then record data in db
> // if data not OK then send user back
> break;
>
> case 2: //present the third form to the user
> // success, or confirmation, or thank you page
> break;
> }
>
> Now, to make things easier for the user, be sure to set session
> variables for all the data collected in the first form so that IF you
> send the user back to the first form, the user doesn't have to
> reenter everything.

i do pretty much the same thing. each form in my html template files has a
form name tucked away in a hidden input element. the only difference from
your method is that the names are unique across the application.



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: Self-Process php forms or not?

Thanks a lot to all,

I will see what best fits my limited knowledge, and choose the possible
option.

Regards,
M=E1rcio

> -----Original Message-----
> From: Tom Worster [mailto:fsb@thefsb.org]
> Sent: quinta-feira, 1 de Outubro de 2009 20:11
> To: tedd; 'PHP-General List'
> Subject: Re: [PHP] Self-Process php forms or not?
>=20
> On 10/1/09 10:13 AM, "tedd" wrote:
>=20
> > At 1:00 PM +0100 10/1/09, MEM wrote:
> >> One last question about this:
> >>
> >> I've done a self submit form, after hearing all the advantages
> expressed
> >> here.
> >> But how could we relate, without using javascript, a self submit
> form with a
> >> "success page" or a "confirmation page" that doesn't show the form?
> >>
> >> Can please someone throw me some infos about this please?
> >
> >
> > MEM:
> >
> > Here's what I do -- it's pretty simple.
> >
> > I use a hidden input variable I call "step" and monitor it as the
> > user clicks whatever form submit they are on -- it works like so:
> >
> > $step =3D isset($_POST['step']) ? $_POST['step'] : 0;
> >
> > switch ($step)
> > {
> > case 0: // present the first form to the user
> > // collect data
> > // you can enhance the user experience by using javascript here.
> > //
> > break;
> >
> > case 1: // present second form to the user
> > // clean data
> > // if data OK then record data in db name=3Dstep
> value=3D2>
> > // if data not OK then send user back name=3Dstep
> value=3D0>
> > break;
> >
> > case 2: //present the third form to the user
> > // success, or confirmation, or thank you page
> > break;
> > }
> >
> > Now, to make things easier for the user, be sure to set session
> > variables for all the data collected in the first form so that IF =
you
> > send the user back to the first form, the user doesn't have to
> > reenter everything.
>=20
> i do pretty much the same thing. each form in my html template files
> has a
> form name tucked away in a hidden input element. the only difference
> from
> your method is that the names are unique across the application.
>=20
>=20
>=20
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Self-Process php forms or not?

Hello,

on 10/01/2009 09:00 AM MEM said the following:
> One last question about this:
>
> I've done a self submit form, after hearing all the advantages expressed
> here.
> But how could we relate, without using javascript, a self submit form with a
> "success page" or a "confirmation page" that doesn't show the form?
>
> Can please someone throw me some infos about this please?
>
>
> Ps- I've googled: "php redirect success page on self submit form" and
> similar...

All you need to do is to include an hidden field in the form. Then check
the respective $_POST or $_GET variable is set. If it is not set, show
the form for the first time. If it is set, validate the form and process
it. If the form is not valid, show the form again with previously
submitted values.

This tutorial video explains this workflow:

http://www.phpclasses.org/browse/video/1/package/1/section/u sage.html

This example script demonstrates how to setup your code. It uses a
function of a forms class name WasSubmiteed() to check if the form is
being presented for the first time or is being submitted:

http://www.meta-language.net/forms-examples.html?example=tes t_form&code=1

--

Regards,
Manuel Lemos

Find and post PHP jobs
http://www.phpclasses.org/jobs/

PHP Classes - Free ready to use OOP components written in PHP
http://www.phpclasses.org/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Self-Process php forms or not?

I try to avoid the use of hidden form elements as much as possible,
especially for tracking whether a user has submitted a form or not...

I use name="submit" for the submit button instead, that will pass the
value of the submit button to the action script.

above all i use a template engine, smarty to take care of the
presentation for me(like deciding whether to show the form and/or a
success/failure message)

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Self-Process php forms or not?

Hello,

on 10/02/2009 04:41 AM kranthi said the following:
> I try to avoid the use of hidden form elements as much as possible,
> especially for tracking whether a user has submitted a form or not...
>
> I use name="submit" for the submit button instead, that will pass the
> value of the submit button to the action script.
>
> above all i use a template engine, smarty to take care of the
> presentation for me(like deciding whether to show the form and/or a
> success/failure message)

That only works if the user clicks on that submit button. If the user
hits the enter key in a text input, the form is submitted but the submit
input variable is not set. That is why an hidden input is a safer solution.

--

Regards,
Manuel Lemos

Find and post PHP jobs
http://www.phpclasses.org/jobs/

PHP Classes - Free ready to use OOP components written in PHP
http://www.phpclasses.org/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Self-Process php forms or not?

>> That only works if the user clicks on that submit button. If the user
>> hits the enter key in a text input, the form is submitted but the submit
>> input variable is not set. That is why an hidden input is a safer solution.

i doubt that, because i use the above mentioned method in nearly all
of my projects, and all of them are working fine.

P.S: i prefer keyboard to mouse as a input device

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Self-Process php forms or not?

and yes i forgot to mention... i avoid hidden form elements because
they can be modified very easily and hence pose a security threat.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Self-Process php forms or not?

On Fri, 2009-10-02 at 13:55 +0530, kranthi wrote:
> and yes i forgot to mention... i avoid hidden form elements because
> they can be modified very easily and hence pose a security threat.
>

You say you don't use hidden fields because they can be modified too
easily, yet you say you check for the submit button? Which out of the
two do you do, as last time I checked, modifying one form field is as
easy as changing any other!

Also worth noting, you can only successfully check for the name="submit"
value if there is only one submit button in your form, as that is then
the default (and only) submit that the form can use, so it uses that. If
you have more than one submit button (and this includes image input
elements) then using the keyboard will use the first submit field it
finds I believe.

Thanks,
Ash
http://www.ashleysheridan.co.uk




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Self-Process php forms or not?

>> You say you don't use hidden fields because they can be modified too
>> easily, yet you say you check for the submit button? Which out of the
>> two do you do, as last time I checked, modifying one form field is as
>> easy as changing any other!
I completely agree with you. changing submit text is as easy as
changing hidden fields, but its less likely for a user to modify a
submit button as compared to a hidden field. moreover it just reduces
my typing load. (This is just my practice)

>> Also worth noting, you can only successfully check for the name="submit"
>> value if there is only one submit button in your form, as that is then
>> the default (and only) submit that the form can use, so it uses that. If
>> you have more than one submit button (and this includes image input
>> elements) then using the keyboard will use the first submit field it
>> finds I believe.
Cant agree with you on this though. as far as i know using name=""
(names of the two buttons may/may not be unique) is the only way to
track form submission for forms with multiple submit buttons. Please
point out if you think otherwise

--
Kranthi.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: Self-Process php forms or not?

I want to apologize to you all. I have mentioned two things on the same
basket, but it was not appropriate. Since a confirmation page is not the
same thing as a success page.

Let's forget about the confirmation page, since it's not required.



I'm now understanding that even if the form is submitted to self, we can
still use a redirect to a "success_message_page.php". However, we must =
do
this redirect, AFTER the form has submitted to himself. It's the only =
thing
that we have to pay attention here, correct?

Since we are not dealing with a confirmation page, or a multi-step form, =
the
hidden field isn't necessary.

It's this correct assumptions?

Please advice,
Regards,
M=E1rcio



> -----Original Message-----
> From: kranthi [mailto:kranthi117@gmail.com]
> Sent: sexta-feira, 2 de Outubro de 2009 11:12
> To: ash@ashleysheridan.co.uk
> Cc: Manuel Lemos; php-general@lists.php.net; MEM; Bob McConnell
> Subject: Re: [PHP] Self-Process php forms or not?
>=20
> >> You say you don't use hidden fields because they can be modified =
too
> >> easily, yet you say you check for the submit button? Which out of
> the
> >> two do you do, as last time I checked, modifying one form field is
> as
> >> easy as changing any other!
> I completely agree with you. changing submit text is as easy as
> changing hidden fields, but its less likely for a user to modify a
> submit button as compared to a hidden field. moreover it just reduces
> my typing load. (This is just my practice)
>=20
> >> Also worth noting, you can only successfully check for the
> name=3D"submit"
> >> value if there is only one submit button in your form, as that is
> then
> >> the default (and only) submit that the form can use, so it uses =
that.
> If
> >> you have more than one submit button (and this includes image input
> >> elements) then using the keyboard will use the first submit field =
it
> >> finds I believe.
> Cant agree with you on this though. as far as i know using name=3D""
> (names of the two buttons may/may not be unique) is the only way to
> track form submission for forms with multiple submit buttons. Please
> point out if you think otherwise
>=20
> --
> Kranthi.


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Self-Process php forms or not?

At 1:55 PM +0530 10/2/09, kranthi wrote:
>and yes i forgot to mention... i avoid hidden form elements because
>they can be modified very easily and hence pose a security threat.

That depends upon how sloppy you are in coding.

NONE of my hidden variables pose any security problems whatsoever.

Cheers,

tedd


--
-------
http://sperling.com http://ancientstones.com http://earthstones.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: Self-Process php forms or not?

At 3:06 PM +0100 10/2/09, MEM wrote:
>I want to apologize to you all. I have mentioned two things on the same
>basket, but it was not appropriate. Since a confirmation page is not the
>same thing as a success page.
>
>Let's forget about the confirmation page, since it's not required.
>
>I'm now understanding that even if the form is submitted to self, we can
>still use a redirect to a "success_message_page.php". However, we must do
>this redirect, AFTER the form has submitted to himself. It's the only thing
>that we have to pay attention here, correct?
>
>Since we are not dealing with a confirmation page, or a multi-step form, th=
e
>hidden field isn't necessary.
>
>It's this correct assumptions?
>
>Please advice,
>Regards,
>M=E1rcio

You can set it up any number of ways. There is no=20
absolute need for a redirect. Everything can be=20
done in one form, or not -- your choice.

Cheers,

tedd

--
-------
http://sperling.com http://ancientstones.com http://earthstones.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: Self-Process php forms or not?

> You can set it up any number of ways. There is no
> absolute need for a redirect. Everything can be
> done in one form, or not -- your choice.
>
> Cheers,
>
> tedd

Yes. But since I don't want to display a success information + form fields,
but only the success information,
I believe the only way we have to do this is by either use javascript and
update a div or similar, or using only php, by redirecting to another page.

Is this correct?


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: Self-Process php forms or not?

At 3:35 PM +0100 10/2/09, MEM wrote:
> > You can set it up any number of ways. There is no
>> absolute need for a redirect. Everything can be
>> done in one form, or not -- your choice.
>>
>> Cheers,
>>
>> tedd
>
>Yes. But since I don't want to display a success information + form fields,
>but only the success information,
>I believe the only way we have to do this is by either use javascript and
>update a div or similar, or using only php, by redirecting to another page.
>
>Is this correct?

No -- and you are not listening.

I gave you the way to do it, but you are taking another path. As
always, it's your choice.

Cheers,

tedd

--
-------
http://sperling.com http://ancientstones.com http://earthstones.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Self-Process php forms or not?

> Yes. But since I don't want to display a success information + form fields,
> but only the success information,
> I believe the only way we have to do this is by either use javascript and
> update a div or similar, or using only php, by redirecting to another page.
>
> Is this correct?

Whether or not it's the only way, redirecting to a success page is
probably the best way, from a user-experience perspective. It keeps
the browser history sane and avoids possible trouble with
page-refreshes.

Google for "post redirect get" and you'll find all sorts of
discussions of this pattern. Here's one of the clearer articles that
came up on the first page of results, when I ran that search:

http://www.andypemberton.com/engineering/the-post-redirect-g et-pattern/

Ben

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Self-Process php forms or not?

Hello,

on 10/02/2009 05:23 AM kranthi said the following:
>>> That only works if the user clicks on that submit button. If the user
>>> hits the enter key in a text input, the form is submitted but the submit
>>> input variable is not set. That is why an hidden input is a safer solution.
>
> i doubt that, because i use the above mentioned method in nearly all
> of my projects, and all of them are working fine.
>
> P.S: i prefer keyboard to mouse as a input device

Sorry, what I meant is that if you have multiple submit buttons in your
form, say "Preview", "Save" and "Cancel", if you hit enter in a text
input it will not set the variables for all buttons. At most only one
button variable is set, which usually is the first button in the HTML,
but you have no way to change which will be set.

If you use an hidden field is easier to determine whether the form was
submitted or not, as you do not have to check variables for all buttons.

--

Regards,
Manuel Lemos

Find and post PHP jobs
http://www.phpclasses.org/jobs/

PHP Classes - Free ready to use OOP components written in PHP
http://www.phpclasses.org/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Self-Process php forms or not?

Hello,

on 10/02/2009 05:25 AM kranthi said the following:
> and yes i forgot to mention... i avoid hidden form elements because
> they can be modified very easily and hence pose a security threat.

How can hidden field be changed in a way that submit buttons can't? I do
not see any security threat scenario.

--

Regards,
Manuel Lemos

Find and post PHP jobs
http://www.phpclasses.org/jobs/

PHP Classes - Free ready to use OOP components written in PHP
http://www.phpclasses.org/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Self-Process php forms or not?

Hello,

on 10/02/2009 07:11 AM kranthi said the following:
>>> You say you don't use hidden fields because they can be modified too
>>> easily, yet you say you check for the submit button? Which out of the
>>> two do you do, as last time I checked, modifying one form field is as
>>> easy as changing any other!
> I completely agree with you. changing submit text is as easy as
> changing hidden fields, but its less likely for a user to modify a
> submit button as compared to a hidden field. moreover it just reduces
> my typing load. (This is just my practice)

How come an user can modify a hidden field is more likely to change
submit button? I don't think an average user will modify anything at all.


>>> Also worth noting, you can only successfully check for the name="submit"
>>> value if there is only one submit button in your form, as that is then
>>> the default (and only) submit that the form can use, so it uses that. If
>>> you have more than one submit button (and this includes image input
>>> elements) then using the keyboard will use the first submit field it
>>> finds I believe.
> Cant agree with you on this though. as far as i know using name=""
> (names of the two buttons may/may not be unique) is the only way to
> track form submission for forms with multiple submit buttons. Please
> point out if you think otherwise

As everbody has been telling you, if you check an hidden field it will
work regardless whether the user clicked on a button or hit enter on a
text input. With multiple buttons there is no way (except for using some
Javascript) to tell whether it was clicked a button or the user hit
enter in a text input.


--

Regards,
Manuel Lemos

Find and post PHP jobs
http://www.phpclasses.org/jobs/

PHP Classes - Free ready to use OOP components written in PHP
http://www.phpclasses.org/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Self-Process php forms or not?

On 10/2/09 10:24 AM, "tedd" wrote:

> At 1:55 PM +0530 10/2/09, kranthi wrote:
>> and yes i forgot to mention... i avoid hidden form elements because
>> they can be modified very easily and hence pose a security threat.
>
> That depends upon how sloppy you are in coding.
>
> NONE of my hidden variables pose any security problems whatsoever.

....because one always assumes that data supplied in an http request is
tainted. hence arguments about which exploit is more likely is rather
pointless.

a hidden input is really no different from any other form field. kranthi's
argument would be consistent if he felt that all form inputs should be
avoided because they are so easily modified as to pose a security threat.



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: Self-Process php forms or not?

At 7:11 PM +0100 10/2/09, MEM wrote:
>I don't want to take another path. The hidden fields seems the way to go.
>However, you gave me the example above, and I'm not understanding how can I
>pass from your example: A multi-step form.
>To what I was looking form: 1 step form with a success page that shows no
>form elements.
>
>Sorry if I've not understand. I was having no intention of doing so.
>
>Regards,
>M=E1rcio


M=E1rcio:

At some point here, you must take keyboard in hand and program this yourself=


If you took my code and ran it, then you would understand.

Here's a working example:

http://www.webbytedd.com/aa/step-form/

This only one of many ways to solve your problem, but it does solve it.

Cheers,

tedd

PS: Please reply to the list and not me=20
privately, unless you are hiring me (learned that=20
from Stut)
--
-------
http://sperling.com http://ancientstones.com http://earthstones.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Self-Process php forms or not?

At 9:42 AM -0400 10/3/09, Tom Worster wrote:
>On 10/2/09 10:24 AM, "tedd" wrote:
>
>> At 1:55 PM +0530 10/2/09, kranthi wrote:
>>> and yes i forgot to mention... i avoid hidden form elements because
>>> they can be modified very easily and hence pose a security threat.
>>
>> That depends upon how sloppy you are in coding.
>>
>> NONE of my hidden variables pose any security problems whatsoever.
>
>...because one always assumes that data supplied in an http request is
>tainted. hence arguments about which exploit is more likely is rather
>pointless.
>
>a hidden input is really no different from any other form field. kranthi's
>argument would be consistent if he felt that all form inputs should be
>avoided because they are so easily modified as to pose a security threat.

Exactly.

All data gathered via forms, hidden or not, must be sanitized.

Cheers,

tedd
--
-------
http://sperling.com http://ancientstones.com http://earthstones.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Self-Process php forms or not?

On 10/2/09 10:06 AM, "MEM" wrote:

> I'm now understanding that even if the form is submitted to self, we can
> still use a redirect to a "success_message_page.php". However, we must do
> this redirect, AFTER the form has submitted to himself. It's the only thing
> that we have to pay attention here, correct?
>
> Since we are not dealing with a confirmation page, or a multi-step form, the
> hidden field isn't necessary.
>
> It's this correct assumptions?

the server script that runs in response to an http request for uri X can
determine if "conditions of success" are met only after the server receives
the request for X. so, if i understand your question, yes.

i think your terminology is confusing you, e.g.: "AFTER the form has
submitted to himself". a form doesn't submit to itself. a form and a script
that processes it are SEPARATE THINGS.

it's better to think in terms of a user agent and a server communicating
with http requests and responses. the UA sends http requests for uris X, Y,
Z, etc. (with or without accompanying form data). the forms are part of html
pages the server sends to the UA in http responses. a user drives the UA.
PHP scripts are involved in the server's generation of responses. (a diagram
might help.)

now to your queston:

if a UA has an html page that it got in a response for uri X; and if the
page has a form; and if the form has no action attribute (or action=X); and
if the user submits the form; then the UA will send the server an http
request for X.

next the server receives the request for X and the server runs a certain
script, the php script you are coding.

now i'm assuming these are your requirements: if that script determines
failure, the user says at X and is asked to resubmit the form. if the script
determines success, the user will wind up at a new uri: Y. further, you want
to send the user over to Y by sending her UA an http response with
Location=Y redirection.

in these terms, the answer to your question should be pretty clear. your
script has to receive and process requests for X before it can decide if
it's going to respond to the UA with a Location=Y redirection or an html
page with a form and an error message.



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Self-Process php forms or not?

On 10/4/09 10:39 AM, "MEM" wrote:

>> i don't think so. if the user requests the page "a_form.php" then the
>> server
>> will normally execute the a_form.php script regardless whether the form
>> was
>> submitted or not.
>>
>> to display a blank form, the user probably requests a_form.php with the
>> GET
>> method and probably without any GET parameters. the script will run but
>> $_POST['submit'] is not set. so the script you show above will echo
>> "Sorry,
>> couldn't process the form". that will likely confuse the user.
>>
>
>
> Ok... but please have a look here, I've uploaded and tested that code, and I
> can assure you that the message doesn't appear when the form first load:
>
> http://pastebin.com/m21078fe3
> Note: if you use: "copy to clipboard" option the numbers will gone.

this has a different structure from what you showed us in your email earlier
today (Sunday, October 4, 2009 9:25 AM). this script has the structure:

$erros=array();
if(isset($_POST['submit']))
{

...

if (!$erros)
{

...

// all done, now redirect:
Redireciona("gracias.html");
}
else
{
echo ("Sorry. The form couldn't be processed.");
}

}
?>

as i said before, a script will execute regardless. but this new script
fragment does nothing except initialize $erros if $_POST['submit'] is not
set (e.g. if the user requests the page without POSTing the form). i don't
see a problem. this script also has the three cases i described clearly
separated.

now, what was your question?



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Self-Process php forms or not?

On 10/4/09 10:55 AM, "tedd" wrote:

> At 3:39 PM +0100 10/4/09, MEM wrote:
>>> i don't think so. if the user requests the page "a_form.php" then the
>>> server
>>> will normally execute the a_form.php script regardless whether the for=
m
>>> was
>>> submitted or not.
>>>=20
>>> to display a blank form, the user probably requests a_form.php with th=
e
>>> GET
>>> method and probably without any GET parameters. the script will run bu=
t
>>> $_POST['submit'] is not set. so the script you show above will echo
>>> "Sorry,
>>> couldn't process the form". that will likely confuse the user.
>>>=20
>>=20
>>=20
>> Ok... but please have a look here, I've uploaded and tested that code, a=
nd I
>> can assure you that the message doesn't appear when the form first load:
>>=20
>> http://pastebin.com/m21078fe3
>> Note: if you use: "copy to clipboard" option the numbers will gone.
>>=20
>>=20
>>=20
>> Regards,
>> M=E1rcio
>=20
> The problem, as I see it, is that you are not
> willing to write a simple example and get that to
> work. Instead, you complicate things beyond your
> ability to understand.
>=20
> My advice, step back -- write a simple example
> that does what you want and then expand it.

i agree that it does seem a bit as though M=E1rcio is in such a hurry to make
something work that the tasks of learning and understanding the fundamental=
s
are being left aside. while that's maybe understandable, it's a bit
frustrating when we're trying to explain the fundamentals.



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: Self-Process php forms or not?

> i agree that it does seem a bit as though M=E1rcio is in such a hurry =
to
> make
> something work that the tasks of learning and understanding the
> fundamentals
> are being left aside. while that's maybe understandable, it's a bit
> frustrating when we're trying to explain the fundamentals.


Thanks a lot.

Tedd, Tom,
I perfectly understand. I can only apologize.=20
Unfortunately, I'm really REALLY on a rush.=20
But as an additional information, I'm marking all this e-mails for =
latter
reference and study.=20

>as i said before, a script will execute regardless. but this new script
fragment does nothing except initialize >$erros if $_POST['submit'] is =
not
set (e.g. if the user requests the page without POSTing the form). i =
don't
see a >problem. this script also has the three cases i described clearly
separated.
>now, what was your question?

None. I've not properly see the structure that I was in, and according =
to
that mistake, I've taking wrong conclusions.

But thanks for pointing it out.



Regards and, once again, thanks for your feedback, and I'm really sorry =
for
not been able to properly learn with your advices. :s
M=E1rcio


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: Self-Process php forms or not?

At 7:25 PM +0100 10/4/09, MEM wrote:
>
>Unfortunately, I'm really REALLY on a rush.

I saw a bumper sticker the other day which read:

Humpty Dumpty was rushed

Cheers,

tedd

--
-------
http://sperling.com http://ancientstones.com http://earthstones.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Self-Process php forms or not?

On Oct 2, 2009, at 3:00 AM, Manuel Lemos wrote:

> Hello,
>
> on 10/02/2009 04:41 AM kranthi said the following:
>> I try to avoid the use of hidden form elements as much as possible,
>> especially for tracking whether a user has submitted a form or not...
>>
>> I use name="submit" for the submit button instead, that will pass the
>> value of the submit button to the action script.
>>
>> above all i use a template engine, smarty to take care of the
>> presentation for me(like deciding whether to show the form and/or a
>> success/failure message)
>
> That only works if the user clicks on that submit button. If the user
> hits the enter key in a text input, the form is submitted but the
> submit
> input variable is not set. That is why an hidden input is a safer
> solution.

If you need the button to be *clicked*...



Or something along those lines.

~Philip

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Self-Process php forms or not?

Hello,

on 10/05/2009 03:02 PM Philip Thompson said the following:
>>> I try to avoid the use of hidden form elements as much as possible,
>>> especially for tracking whether a user has submitted a form or not...
>>>
>>> I use name="submit" for the submit button instead, that will pass the
>>> value of the submit button to the action script.
>>>
>>> above all i use a template engine, smarty to take care of the
>>> presentation for me(like deciding whether to show the form and/or a
>>> success/failure message)
>>
>> That only works if the user clicks on that submit button. If the user
>> hits the enter key in a text input, the form is submitted but the submit
>> input variable is not set. That is why an hidden input is a safer
>> solution.
>
> If you need the button to be *clicked*...
>
>
>
> Or something along those lines.

That does not make much sense and is pointless. First that syntax you
mentioned probably requires JQuery or some other large Javascript
library. something like this['submitButton'].click() would emulate the
click event. Second, by the time that onsubmit is called, the event that
triggered it was already dispatched. Emulating the click on a button
would probably fire the form submission and onsubmit code would be run
again, leading to an infinite loop sucking machine CPU.


--

Regards,
Manuel Lemos

Find and post PHP jobs
http://www.phpclasses.org/jobs/

PHP Classes - Free ready to use OOP components written in PHP
http://www.phpclasses.org/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Self-Process php forms or not?

On Oct 5, 2009, at 7:42 PM, Manuel Lemos wrote:

> Hello,
>
> on 10/05/2009 03:02 PM Philip Thompson said the following:
>>>> I try to avoid the use of hidden form elements as much as possible,
>>>> especially for tracking whether a user has submitted a form or
>>>> not...
>>>>
>>>> I use name="submit" for the submit button instead, that will pass
>>>> the
>>>> value of the submit button to the action script.
>>>>
>>>> above all i use a template engine, smarty to take care of the
>>>> presentation for me(like deciding whether to show the form and/or a
>>>> success/failure message)
>>>
>>> That only works if the user clicks on that submit button. If the
>>> user
>>> hits the enter key in a text input, the form is submitted but the
>>> submit
>>> input variable is not set. That is why an hidden input is a safer
>>> solution.
>>
>> If you need the button to be *clicked*...
>>
>>
>>
>> Or something along those lines.
>
> That does not make much sense and is pointless. First that syntax you
> mentioned probably requires JQuery or some other large Javascript
> library. something like this['submitButton'].click() would emulate the
> click event. Second, by the time that onsubmit is called, the event
> that
> triggered it was already dispatched. Emulating the click on a button
> would probably fire the form submission and onsubmit code would be run
> again, leading to an infinite loop sucking machine CPU.

It makes perfect sense and is not pointless. Yes, it is library-
specific javascript. However, it was used to show an example and make
a point. I assume that most the subscribers here are able to decipher
the code and determine what the intent was. And no, this will not
cause an infinite loop. The onsubmit is called first and will process
whatever action you specify, and then move on. *If* the submit button
wasn't *clicked* and you needed it to be, then this would emulate that
functionality. I'm not saying this is the best solution on how to deal
with the previous question.... but it is *a* solution.

Here's some code that you can see there's no infinite loop and shows
which events are called first.

------------------
session_start();
$_SESSION['timesSubmitted'] = isset ($_POST['submitted']) ?
$_SESSION['timesSubmitted'] + 1 : 0;
?>

Times submitted: