I am new to CakePHP i tried to submit a form, which has an array input field.
Below is the code i used.
<?php echo $this->Form->checkbox('statusid.', array('value'=>$o['Order']['id'])); ?>
When i tried to submit the form i got a blackhole security error.
How can i fix it ?
I noticed that when i submitted the code below it works.
<?php echo $this->Form->checkbox('statusid', array('value'=>$o['Order']['id']));?>
Is there a way to make an array checkbox in CakePHP please guide me.
You can use the FormHelper and make a checkbox array named statusid this way.
<?php
echo $this->Form->create();
echo $this->Form->input('statusid.0', array('type' => 'checkbox', 'value' => $o['Order']['id']));
echo $this->Form->end();
?>
The issue with blackhole appears when 'hiddenField' is set to false. Although it's set to true by default, it's possible that OP has it defined somewhere globally for entire Form object.
<?php echo $this->Form->checkbox('statusid.', array(
'value' => $o['Order']['id'],
'hiddenField' => true)); ?>
Related
I have a textfield in yii, and want to insert data from database upon that page load. How can I achieve this?
I am able to successfully echo that database value, but not knowing how to insert it.
Lets say the textfield name is 'text', and stored value from db is 'val'.
$this->text = $val //I tried this way
Try like this normal way
CHtml::fileField('name' , 'value', array('id' => 'MuID','class'=>'MyClass'));
If you sending the model data to the View, you can use CActiveForm (check the basic CRUD operations in YII, Generate from GII)
Example: i have fetched user data which has id 0001 and i sent the model to the view
My View
<?php
$form = $this->beginWidget('CActiveForm', array(
'id' => 'my-form',
'enableAjaxValidation' => true,
'enableClientValidation' => true,
'clientOptions' => array(
'hideErrorMessage' => true,
'validateOnSubmit' => true,
)
));
?>
//It will show user name in textbox
<?php echo $form->fileField($model, 'user_name'); ?>
<?php $this->endWidget(); ?>
The db value is probably in a model right? You can use activeTextField to display database values in a textfield
Take a look at:
http://www.yiiframework.com/doc/api/1.1/CHtml#activeTextField-detail
It will probably look like this:
<?php
// simple textfield which will display the value
echo CHtml::activeTextField($yourmodel, 'field_that_contains_value');
// or if you're using a form:
echo $form->textField($yourmodel, 'field_that_contains_value');
// or if the value isn't in a model
echo CHtml::textField('name_of_field', $value);
?>
<input type="text" name="input_name" value="<?=$val?>"/>
Using CHtml helper:
echo CHtml::textField('name',$val);
Using ActiveForm
echo $form->activeTextField($model, 'attribute', array('value'=>$val));
I came across this problem when I used CHtml::ajaxSubmitButton to submit some of the data as a GET method. No Matter what i try, It always submits data as a POST method.
Anything that I might be doing wrong? Here's my code.
echo CHtml::beginForm(array('shoppingCart/addItem','GET'));
echo CHtml::textField('qty', 1, array('size' => 3));
echo CHtml::hiddenField('product_id', $model->product_id); echo CHtml::ajaxSubmitButton('submit',
array('shoppingCart/addItem'),
array(
'type'=>'GET',
//'data' => array()),
));
echo CHtml::endForm();
Regarding to this document the value of type will be overwritten.
public static function ajaxSubmitButton($label,$url,$ajaxOptions=array(),$htmlOptions=array())
{
$ajaxOptions['type']='POST';
$htmlOptions['type']='submit';
return self::ajaxButton($label,$url,$ajaxOptions,$htmlOptions);
}
So there is no way to use GET as long as you do not touch the core function.
That is by design. You can use CHtml::ajaxButton instead:
CHtml::ajaxButton('My Label','controller/action',array(
'type'=>'GET',
), array(
'type'=>'submit',
);
I'm using CakePHP's SecurityComponent. And it's very essential as it saves forms from CSRF attacks. My project has total 10-12 forms and this is my first CakePHP project. After enabling SecurityComponent I was in a bit trouble but could get rid off after some careful minutes. This is the last form of my project and seems everything is correct to me but still the form is being black holed :(. Can anybody please tell me the problem? I don't want to disable CSRF checking or SecurityComponent. Here is my view code:
<?php
echo $this->Form->create('Record');
?>
<script type="text/javascript"> var me = new MetroExam(); </script>
<div class="exam_paper">
<div class="question_box" id="q_b">
<div class="q_n_a_header">
<div class="instructions">
<b>Instructions:</b><br>
<?=$inst['value_text']; ?>
</div>
<div id="timer">Please wait</div>
</div>
<div id="q_paper">
<img id="q" style="display: none;" src="/oes/<?=$exam['path'].'?ts='.time(); ?>">
<img id="loading_img" src="/oes/img/loading.gif">
</div>
</div>
<div class="ans_box" id="a_b">
<!-- information about answer paper. !important -->
<?php
$i = 0;
//these fields are essential for evaluating ans paper
echo $this->Form->hidden('submit', array('value' => 'true'));
echo $this->Form->hidden('start_time', array('value' => ''));
echo $this->Form->hidden('end_time', array('value' => ''));
echo $this->Form->hidden('duration', array('value' => ''));
echo $this->Form->hidden('valid', array('value' => ''));
echo $this->Form->hidden('passed', array('value' => ''));
//options for all radio
$options = array(
'1' => 'A',
'2' => 'B',
'3' => 'C',
'4' => 'D'
);
if($exam['choices'] == 5){
$options['5'] = 'None';
}
$questions = (int)$exam['questions']; // 40 <= $exam['questions'] <= 100
$i = 1;
while($questions--){
echo '<div class="'.(($i%2)==1?'each_answer_even':'each_answer_odd').'" id="ans-'.$i.'">';
echo '<div class="q_number">'.($i <= 9 ? '0'.$i : $i).'</div>';
$name = 'ans'.str_pad($i, 3, '0', STR_PAD_LEFT);
$attributes = array('empty' => false, 'legend' => false, 'onclick' => 'me.answer_click('.$i.')');
echo '<div class="mcq">'.$this->Form->radio($name, $options, $attributes).'</div>';
echo '</div>';
$i++;
}
echo $this->Form->end('Submit');
?>
</div>
</div>
This is basically a MCQ exam form. Where each group has 4 or 5 radio buttons and total 40 to 100 groups in a form. I'm using CakePHP 2.4. Thanks in advance.
As per the comments, the problem appears because you are changing the hidden values of the form. The way SecurityComponent works, is that it "locks" the name of the fields, so an evildoer can't add new fields or change the values once the form is sent. But it is even more strict with the hidden values, because it locks the field name and value. So by changing it with jQuery you're blackhole-ing your own form.
There's a nice little post where I learned this, take a look at it. The author there also explains two ways of bypassing this problem. One is to disable the security for hidden fields, so the hash calculated for the token doesn't include those values... which isn't really secure...
And another solution is to modify the FormHelper, and tell it to "lock" the hidden fields names but not the values. I don't remember what version of Cake the author uses for the example, but the code given there should be practicaly the same. So with that solution, you can tell the form to not be so strict with you with an option array.
Oh, and the other option given there (this is what I normally use) (I just read it now there... I thought I figure that on my own... oh well), is to just use normal input text fields for the ones you want hidden, and add a css style like display:none.
It's up to you what you think is best. I like the css option because is simpler, and really, if someone is going to mess with my css evily (with firebug or something like that), they might just as well do it with the values of hidden fields, it doesn't require any more effort. You should take all the extra steps and verifications when handling that form submission anyway. But like I said, up to you which do you think is best for your situation.
In addition to what was already posted, here's something else what might be causing the problem: in my case, a hidden input had it's name overwritten.
$this->Form->create('ExampleModel'):
$this->Form->input('foo_bar', array(
'type' => 'hidden',
'name' => 'foo_bar',
));
As a result, the final $this->request->data had the corresponding key $this->request->data['foo_bar']. It was not within the $this->request->data['ExampleModel'] array, and that's what the problem was.
To fix the issue, I had to remove the name key from the template, making the input belong to the model's data, and then just change the controller to accept that value.
Hope this helps someone else.
Update: this would also work on a form not attached to any model, e.g.:
$this->Form->create(false, array(
'url' => '/example',
)):
I'm trying to place data in hidden text in yii, but I don't know how.
I need a similar code to a regular php syntax:
<input type="hidden" name="field_name" value="a"/>
It's supposed to be a field with static value of a. I just need it to go with my $_POST variables for error checking.
Is it possible to avoid modifying the models and controllers just to put the field in?I cant use gii cause I only have snippets of code with me.Sorry as well as I have little understanding of yii so I have no clue if what I'm saying about the last 2 sentences is correct.
in views
hidden field with model and form:
<?php echo $form->hiddenField($model, 'name'); ?>
or without model
<?php echo CHtml::hiddenField('name' , 'value', array('id' => 'hiddenInput')); ?>
Yii hidden input :
<?php echo $form->hiddenField($model,'fieldName',array('value'=>'foo bar')); ?>
In Yii2 this has changed too:
<?= Html::activeHiddenInput($model, 'name') ;?>
References:
http://www.yiiframework.com/forum/index.php/topic/49225-activeform-how-do-you-call-label-input-and-errors-individually/
https://github.com/yiisoft/yii2/issues/735
if data from database and value or size field:
echo $form->hiddenField($experience,'job_title',array('size'=>'50','value'=>$experience_data['job_title'])); ?>
Yii 1
<?php echo $form->hiddenField($model, 'name'); ?>
Yii2
<?= Html::activeHiddenInput($model, 'attribute', ['value' => 'Some Value']) ?>
Also, worth noting for Yii2, the array parameter works different to a normal form field.
E.G. A normal input would look more like this.
<?= $form->field($model, 'attribute', ['inputOptions' => ['placeholder' => 'Some Placeholder', 'value' => 'Some Input Value']]) ?>
Hope this helps.
for yii2 you can try this
<?= $form->field($model, 'user_type',['inputOptions' => ['value' => '2']])->hiddenInput()->label(false) ?>
It worked for me
Alternatively,
echo CHtml::activeHiddenField($model,"[$i]id", array("value" => $model->id));
This would set hidden field value as the id from model. The [$i] is useful for multiple record update.
Here are two ways to do that...
without model
echo CHtml::hiddenField('name' , 'value', array('id' => 'name'));
with model
echo $form->hiddenField($model, 'name');
The Zend Form is proving to be a bit tricky for me, even as much as I am working with it lately...
I have this form and I am attempting to dynamically create the several checkboxes for it. It is working out alright, except I cannot seem to get the 'value' attribute to change.
In my Zend form class I have this snippet...
// psychotic symptoms
$this->addElement('checkbox', 'psychoticsymptom', array(
'label' => 'psychoticsymptom',
'name' => 'psychoticsymptom',
));
In my view (phtml) I am calling it like this...
<div class="element">
<?php // Psychotic Symptoms
$Criteria = new Criteria();
$Criteria->add( DictionaryPeer::CATEGORY, 'MAR: Psychotic Symptoms' );
$Criteria->addAscendingOrderByColumn( 'Ordinal' );
$this->PsychoticSymptomsList = DictionaryPeer::doSelect( $Criteria );
foreach( $this->PsychoticSymptomsList as $Symptom ) {
$form->psychoticsymptom->setValue($Symptom->getDictionaryId());
$form->psychoticsymptom->setAttrib('name', $Symptom->getWord());
echo $Symptom->getDictionaryId(); // prove my id is coming through... (it is)
$form->psychoticsymptom->getDecorator('label')->setTag(null);
echo $form->psychoticsymptom->renderViewHelper();
$form->psychoticsymptom->setLabel($Symptom->getWord());
echo $form->psychoticsymptom->renderLabel();
echo '<br />';
}
?>
</div>
Everything seems to be working fine, except the value attribute on each checkbox is rendering a value of '1'. I have tried moving the 'setValue' line to several different positions, as to set the value before the form element renders but I am having no luck getting this to work. It's worth any effort to me because I need to do the same type of operation in many areas of my application. I would have done this a bit different too, but I am re-factoring another application and am trying to keep some things unchanged (like the database for instance).
Any help is much appriciated
Thanks
you can try to overwrite the "checkedValue" and "uncheckedValue". check this reference
$this->addElement('checkbox', 'psychoticsymptom', array(
'label' => 'psychoticsymptom',
'name' => 'psychoticsymptom',
'checkedValue' => 'checked Value',
'uncheckedValue' => 'unchecked Value'
));
You seem to only have one psychoticsymptom element "checkbox" which your adding (changing) the value too for each $this->PsychoticSymptomsList.
Maybe you would be better off using a multicheckbox element instead.