first of all sorry for my bad english.
The problem is as follows:
I try to do add and edit post in Blog system.
My pseudocode:
private function getPostForm()
{
$form=$this->createFormBuilder()
->add(...
}
public function addPost()
{
$form=$this->getPostForm... (is a createFormBuilder
// form to create new post
// display form to add - send to updatePost
}
public function editPost()
{
$form=$this->getPostForm... (is a createFormBuilder
// get post id and display form to edit post
// send to updatePost
}
public function updatePost()
{
// get data from post and validate
$form->bind(...
// if validate is true => save
if($form->isValid())....
// if not => get errors and display
else {
// redirect and display errors and post data
}
My problem - when form is not valid, I would like redirect user to add/edit post and display errors thanks to user can't refresh page (eg. F5 key) when data will be sent and not valid.
How to do it correctly?
Maybe, you should do like this. If all is correct do update and redirect, if validation fail display view again
public function updatePost()
{
....
if($form->isValid()){
//yours update logic
return $this->redirect(..);
}
return $this->render('create.html.twig', array(
'form' => $form->createView();
));
}
Related
I am trying to make an small app so I have choosen Fat Free Framework. I need to show some messages based on successful or error. Suppose if I want to add an user then if successfully added show message that user has been added successfully or if not show error message that user cannot be added. I cannot figure it out. Here is my UsersController code
public function index(){
$user = new User($this->db);
$this->f3->set('users',$user->all());
//there should be a way to decide if its error message or success and after display,
//it shouldn't be displayed again for the same task.
//or may be it should be check in view file, I don't know where is the correct place
// to do it
$this->f3->set('page_head','User List');
$this->f3->set('view','users/list.htm');
}
public function create(){
if($this->f3->exists('POST.create')){
$user = new User($this->db);
$user->add();
//set session here to show in view file after redirect to list page
$this->f3->reroute('/users');
} else{
$this->f3->set('page_head','Create User');
$this->f3->set('view','users/create.htm');
}
}
My flash messages controller looks like this: https://github.com/ikkez/f3-flash/blob/master/lib/flash.php
To set a message i do:
if ($this->resource->updateProperty(array('_id = ?', $params['id']), 'published', true)) {
\Flash::instance()->addMessage('Your post was published. Hurray!', 'success');
} else {
\Flash::instance()->addMessage('This Post ID was not found', 'danger');
}
$f3->reroute('/admin/post');
To render the messages i include this template in my layout https://github.com/ikkez/fabulog/blob/master/app/ui/templates/alert.html which calls a function that dumps and clears all messages, so they will only be displayed once. You can also use the SESSION in a template token like {{#SESSION.flash}} and use it for <repeat> in the template.
Here's my setup for an email contact form:
www.example.com/includes/contact_form.php
www.example.com/includes/contact_submit.php
www.example.com/contact/
/contact/ includes contact_form.php, and the form points to contact_submit.php to run.
When contact_submit.php successfully sends the mail, it does a redirect back to /contact/ but includes a $_GET variable.
header('Location: /contact/index.php?success=yup');
Then in contact_form.php I have:
if (isset($_GET['success'])) { echo 'Your message has been received etc'; exit(); }
Everything works fine. I made it this way so that the form couldn't be F5/refresh resubmitted, and it is successful in that.
However, anyone can access the success page at any time by manually entering the url, even if they don't submit the form. Is there any way around that?
Ofcourse.
Use sessions for that:
class ResponseLog {
private function __construct(){}
public static function hasMessages(){
return (isset($_SESSION['response']['messages']) && !empty($_SESSION['response']['messages'])) ? true : false;
}
public static function setResponse(array $response){
$_SESSION['response'] = $response;
}
public static function getLastResponse(){
$response = isset($_SESSION['response'])) ? $_SESSION['response'] : null;
#unset($_SESSION['response']);
return $response;
}
}
And use it like this:
if(isset($_POST['form'])){
//validation and all to proccess request goes here
if(!$valid){
$response = array('request' => $_POST,'messages' => array('Incorrect email','Please enter forename'),'url' => '/my/form/where/it/happen/');
}
else {
$response = array('messages' => array('Success'),'url' => '/my/form/where/it/happen/');
}
ResponseLog::setResponse($response);
//redirect to contact form
}
In success page or fail:
if(ResponseLog::hasMessages()){
$response = ResponseLog::getLastResponse();
foreach($response['messages'] as $message){
echo $message;
}
}
With this you can store everything user does and can work with data as you need.
I hope this help :)
Warn: I wrote it from mind, so it's untested code and it can be implemented better it's just for view how to work with user session and responses.
PS: But is a lot of ways how to do it, for example see flash messages in some framework and you will be see how it works with sessions etc.
You can use the referrer page if you want, and throw an error or redirect if it is not the form page, but it is not so good. You can also check whether the fields and form name have been posted.
$_SERVER['HTTP_REFERER']
I have a method in CI which basically adds a user to a table - if any form validation occurs it reloads the view - if successful it reloads the view to show that the user was added successfully. As seen below:
public function loadPeopleView(){
//loads unit page view
$this->load->model('people_model');
$people['people'] = $this->people_model->getPeople();
$this->load->view("header");
$this->load->view("people page/people_view", $people);
$this->load->view("footer");
}
public function addPerson(){
$this->form_validation->set_rules('personName', 'personName', 'required|min_length[6]|max_length[150]|trim|xss_clean');
$this->form_validation->set_rules('personPet', 'personPet', 'required|trim|min_length[3]|max_length[30]|xss_clean');
if($this->form_validation->run()){
$this->load->model('');
$this->people_model->addPerson();
$this->loadPeopleView();
} else{
//if validation fails - returns the peopl view this display error messages
$this->loadPeopleView();
}
}
my issue is when someone adds a person the browser remains on:
localhost/peoplecontroller/addperson
if the user keeps refreshing the page - loads of people will continue to be added in - is there anyway I can put the page back to:
localhost/peoplecontroller/
without having to use a redirect as I still want any error messages from the form validation to appear
I am only giving you an example please arrange according save and return functionality
public function addPerson(){
$this->load->model('people_model'); // load model
// validation
$this->form_validation->set_rules('personName', 'personName', 'required|min_length[6]|max_length[150]|trim|xss_clean');
$this->form_validation->set_rules('personPet', 'personPet', 'required|trim|min_length[3]|max_length[30]|xss_clean');
// check validation not clear
if ($this->form_validation->run() == FALSE) {
//if validation fails - returns the peopl view this display error messages
// also set error dat back
// setting up send back values to view
$this->data['personName'] = $this->input->post('personName');
$this->data['personPet'] = $this->input->post('personPet');
// get this->data values as a variable in view like $personName
// load view
$this->load->view("header");
$this->load->view("people page/people_view", $this->data);
$this->load->view("footer");
}
else{ // after validation success
// do your saving db stuff and set success message in session flash and redirect to
$this->people_model->addPerson();
// get and show message flash in your view
$this->session->set_flashdata('message', 'Please check card details and try again');
redirect('results', 'refresh');
}
}
I wanted to create a dynamic signup.php. The algorithm is as follow:
Algorithm
when signup.php is requested by client, the code will attempt to check whether user send any data in $_POST.
if $_POST does not contains any data (means it's the first time user request for signup.php), a signup form will be return to the user, allowing user to enter all his/her details and again send back to signup.php through submit button.
if $_POST does contains data (means user has fill up the signup form and is now sending all the data back to signup.php), then the php code will attempt validate all those data and return result showing user has been successfully registered or error if failed to do so.
The problem I'm having right now is how am I going to check whether it's the first time user request for signup.php or not?
Use isset() to check if $_POST contains data.
http://php.net/isset
To answer your question, "how am I going to check whether it's the first time user request for signup.php or not?", honestly, probably for other users......
There are a few ways, cookies, storing request ips in a database, bleh, bleh, bleh. But...... None of them are guaranteed. The user can disable cookies, use a dynamic ip, etc. You could issue a unique hash and place it as a login.php?q=encValueForUniquePageRequest
but...... The architecture you laid out won't be practical.
Sorry :(
To check that request is POST:
<?php
if($_SERVER['REQUEST_METHOD']=='POST'){
//process new user
}
?>
Example:
<?php
Class signup_controller extends controller{
private $data = array();
private $model = array();
function __construct(Core $core){
parent::__construct($core);
/* load models - assign to model */
$this->model['page'] = $this->core->model->load('page_model', $this->core);
$this->model['auth'] = $this->core->model->load('auth_model', $this->core);
/* check script is installed - redirect */
if(empty($this->core->settings->installed)){
exit(header('Location: '.SITE_URL.'/setup'));
}
}
function index(){
/* do signup - assign error */
if($_SERVER['REQUEST_METHOD'] == 'POST'){
if($this->model['auth']->create_user(1)===false){
$this->data['error'] = $this->model['auth']->auth->error;
}
}
/* not logged in */
if(empty($_SESSION['logged_in'])){
/* assign form keys */
$_SESSION['csrf'] = sha1(uniqid().(microtime(true)+1));
$_SESSION['userParam'] = sha1(uniqid().(microtime(true)+2));
$_SESSION['passParam'] = sha1(uniqid().(microtime(true)+3));
$_SESSION['emailParam'] = sha1(uniqid().(microtime(true)+4));
/* get partial views - assign to data */
$this->data['content_main'] = $this->core->template->loadPartial('partials/signup', null, $this->data);
$this->data['content_side'] = $this->core->template->loadPartial('about/content_side', null, $this->data);
/* layout view - assign to template */
$this->core->template->loadView('layouts/2col', 'content', $this->data);
}
/* signed in - redirect */
else{
exit(header('Location: ./user'));
}
}
}
?>
This is a pretty basic thing but I can't figure out how to solve this "properly" with Zend Framework:
Scenario:
Page displays form 1,
Page display form 2
This is a pretty basic thing but I can't figure out how to solve this "properly" with Zend Framework:
Scenario:
Page displays form 1,
Page displays form 2
class FooController extends Zend_Controller_Action {
...
public function form1Action(){
if ($this->getRequest()->isPost()) {
// save data from form1 in database
$this->_forward('form2');
}
// display form1
}
public function form2Action(){
if ($this->getRequest()->isPost()) {
// save data from form2 in database
$this->_forward('somewherelese');
}
// display form2
}
}
When the user posts form1, first the if-condition in form1Action is executed (which is what I want), but also the if-condition in form2Action.
What would be toe proper way to "unset $this->getRequest()->isPost()"?
Note: the forms are build "by hand" (not using Zend Form)
You have three options:
Use _redirect instead of _forward. Forward redirects under the same request. Redirect will create a new request.'
Set a param in your _forward call, which you can check for in your second form: Such as 'form' => 2. More information.
Use the built in multipage forms that are included in Zend_Form out of the box.
You could always set a class variable in action one and if it is true, don't run the code in action two.
Something like:
class FooController extends Zend_Controller_Action {
private $_fromAction1 = false;
...
public function form1Action(){
if ($this->getRequest()->isPost()) {
// save data from form1 in database
$this->_fromAction1 = true;
$this->_forward('form2');
}
// display form1
}
public function form2Action(){
if ($this->getRequest()->isPost() && !$this->_formAction1) {
// save data from form2 in database
$this->_forward('somewherelese');
}
// display form2
}
}
This last option did not work for me.
$this->_forward() creates a new instance of the controller, so setting a variable in the first instance does not affect the one in the new.
My solution was making $_fromAction1 static to share the variable between the 2 instances.
class FooController extends Zend_Controller_Action {
private static $_fromAction1 = false;
...
public function form1Action(){
if ($this->getRequest()->isPost()) {
// save data from form1 in database
FooController::_fromAction1 = true;
$this->_forward('form2');
}
// display form1
}
public function form2Action(){
if ($this->getRequest()->isPost() && !FooController::_formAction1) {
// save data from form2 in database
$this->_forward('somewherelese');
}
// display form2
}
}