The page I'm currently working on has an "add another" option, which inserts a fieldset containing a title and a list of 3 input boxes. Each of these input boxes, for form submission sake, needs to be given a name with an incremented value. ("field1_1", "field1_2" etc)
I know that I could add the fields by dynamically creating elements with $('<input/>', {...}); but for more than a few elements this makes for code that's hard to read and difficult to maintain.
I'm currently using jQuery's .load() function to pull in the file but through searching I can't find a way to pass variables to the response, and therefore can only use preset name attribute values.
Is this possible, or is the method above the only way?
Put your template into a dummy script, with unknown type to avoid errors:
<script id="template1" type="text/template">
<h2>{title}</h2>
<input type="text" name="field{id}_1">
<input type="text" name="field{id}_2">
<input type="text" name="field{id}_3">
</script>
Then use replace (with "g" global option as replace usually replaces first only) to insert your values.
var template = $('#template1').html();
template = Template.replace(/\{title\}/g, mytitle);
template = Template.replace(/\{id\}/g, nextId);
$('#somewhere').append(template);
You can of course concatenate the replaces, but going for readable here.
This method allows complex HTML without messing up the code with loads of string manipulation. Your template looks like the final result so no mental translation required. Very low-maintenance technique.
The placeholders can just be simple names (without braces) to avoid regex delimiters, so long as the names will not match anything else in the template. I just use braces so the placeholders stand out in the template (again for maintenance purposes).
Related
Static Page A has a form with an action submitting to a Authorization page B which is a dynamic page. After authorization, B will redirect to a callback url C which is passed to B by A.
Besides redirecting to page C, B also post some parameters indicated the auth states. uin is a most important parameter that will be used in the content of page C namely the scripts. The scripts need uin to send Ajax request later. Question is how can I pass uin to the static page C?
A quick and dirty idea I got is to wrap the static page C with a PHP file, and output the data in a hidden div for example:
<?php
$html = file_get_contents("callback.html")
$div = "<div stype='display:none' uin={$_POST['uin']}></div>"
//add this div to $html and print it, need a little more work to figure out how to do this
?>
Is there a better way of doing this , because this is sort of 'idiot' I think...
Your code: (with stype typo fixed)
$div = "<div style=\"display:none\" uin={$_POST['uin']}></div>";
Looking at this code, the biggest problem I can see with it is that you're outputting a $_POST value without doing any escaping on it.
This a potential security threat; consider what would happen if someone provided a form that posted to your site, with the uin value set to a string of HTML code, starting with > to close the div. Their code would appear in your site, exactly as if you'd put it there. With a careful bit of styling, they could use this make your site look and behave however they want. Not great.
You can fix that by using wrapping the $_POST variable in html_entities() so it is properly escaped when it is output to the site.
Or, in this case, since it is (or appears to be) a numeric ID value, you could simply cast it as an int to ensure that it contains no unwanted data, no matter what the actual post data contains:
$uin = (int)$_POST['uin'];
...and then use $uin in the output rather than the raw post data.
The second point I'd make is one of validity. uin is not a valid HTML attribute. It may work, but it's not valid. The correct standards-compliant way to do custom attributes in HTML is to use a data attribute, like so:
$div = "<div style=\"display:none\" data-uin={$uin}></div>";
... ie the names of all custom attributes should start with data-
This is recommended because it allows you to have custom attributes with the same name as real attributes without risking any problems. eg you could have data-style, without colliding with the real style attribute.
It also means that the HTML spec can have new attributes added to it without risking clashes with other people's code. eg if a future version of HTML includes a uin attribute that future browsers use to do something clever with the element, it would cause problems with your code. Those problems would not happen if you use data-uin. (okay, so uin is an unlikely name for a new standard HTML attribute, but the point stands)
Perhaps you should store parameters from page B in user session. Than on page C you can use these parameters (after calling session_start() before anything is outputted to the browser). Also, if you are using javascript, consider placing uin in javascript variable instead of html div. Something like <script type="text/javascript">var uin = 123; </script>.
You have an syntax errors in your php code you need to mask the quotes around your inline style and you missed to add some colons:
<?php
$html = file_get_contents("callback.html");
$div = "<div style=\"display:none\" uin={$_POST['uin']}></div>";
//add this div to $html and print it, need a little more work to figure out how to do this
echo($html); // print variable $html
echo($div); // print variable $div
?>
So, I have this HTML form:
<form id="search_form" class="form_wrapp"
accept-charset="utf-8" method="get" action="http://testing.com/results">
<input class="inputbox" type="text" name="search_query">
<input class="ic_search" type="submit" value="">
<input type="checkbox" value="checkbox1" name="search_filter[]">
<label for="Checkbox1">Checkbox1</label>
<input type="checkbox" value="checkbox2" name="search_filter[]">
<label for="Checkbox2">Checkbox2</label>
</form>
and it redirects to this URL upon submit with the 2 checkboxes checked
results?search_query=dreams&search_filter[]=checkbox1&search_filter[]=checkbox2
It works like this (inside codeigniter I get the data with $this->input->get('search_filter')), but my question is: I am doing something wrong inside the form, or this is how it's supposed to work?
And I mean about: &search_filter[]=checkbox1&search_filter[]=checkbox2. Shouldn't it be something like: &search_filter[]=checkbox1,checkbox2 ? And if not, how can I make it work like that?
If you want it in the comma format you can do the following:
$filters = (array) $this->input->get('search_filter');
$filters = implode(',',$filters);
If you want to alter the format in which the form is submitted, assuming jquery for js:
$('#search_form').submit(function() {
var $hidden = $('<input type="hidden" name="search_filter" />').appendTo($(this)),
$filters = $('input[name^=search_filter]'),
value = '';
//loop through the filters check if there checked and add them to the value
$hidden.val(value);
$filters.remove();
});
Of course if the user doesn't have js enabled it will submit natively
Am I doing something wrong inside the form, or this is how it's supposed to work?
That's how it's supposed to work. At least if you need to read query string with PHP, those brackets need to be there to read the whole query string without each search_filter value being overwritten by the next one.
And if not, how can I make it work like that?
If you have to, you can use a POST request instead, process the submission, and redirect to the URL of your choice with whatever query string you want.
From your comment:
I wanted to make the url like this &search_filter[]=checkbox1,checkbox2 just to make it a bit more "beautiful"
Don't worry about that, seriously. The only time this matters is when you're doing extreme SEO and you don't want two URLs that point to the same place. It's common practice in those cases to remove all unused keys and alphabetize them so that all URLs with query strings are consistent, but mangling them into something custom still isn't a part of that.
Besides that, don't fight against the behavior - work with it - it's not "broken" and making it "beautiful" won't matter to anyone, plus you'll have to guess/remember which pages process query strings the correct way, and which ones use your "custom" method.
I am doing something wrong inside the form, or this is how it's supposed to work?
That is how it is supposed to work
Shouldn't it be something like: &search_filter[]=checkbox1,checkbox2 ?
Then you couldn't tell the difference between two items and one item that had a comma in it.
And if not, how can I make it work like that?
Obtrusive JavaScript. Don't do that. Forms work well the way they work.
That's perfectly normal. form data is always sent in key=value pairs, with one single value. Submitting key=value,value is not part of the HTTP spec, and would have the values treated as a single monolithic string, not two separate comma-separated values.
You can certainly use some JS to rebuild your form on the fly to use the value,value format, but then you'll have to mod your server-side scripts to accept that new format as well. PHP won't auto-split the values before you, because it's not a standard representation.
&search_filter[]=checkbox1,checkbox2
Why you need this?
Use this like:
<?php
$searchFilter = $this->input->get('search_filter');
foreach($searchFilter as $filter)
// some actions with filters.
You search_filter[] is simple array with values from checkbox inputs.
Is it possible to do a tal:replace="whatever" but maintain certain attributes of the element/tag?
For example, if you have the following:
<input type='text' value='test' name='hello' class='specialClass' tal:replace="customInput"/>
Is it possible to have your customInput replace the current input but somehow also have the specialClass class as well?
I can't tell if PHPTAL allows things like this or if I need to override some PHPTAL method for replacing...
No, you can't. tal:replace completely replaces the element with text, so there is nothing to put these attributes on.
Attributes are preserved with tal:content.
In case of <input>, you'd rather use value="${customValue}" or tal:attributes="value customValue".
PHPTAL doesn't parse any markup at run time, so if you have something that generates <input>'s HTML dynamically for you, then you need to modify that code yourself.
I am trying to pass a string that already contains quotation marks from one php file to another via a hyperlink and the GET method.
I am retrieving thousands of lines which contain quotation marks in a while loop and saving the output to a variable as follows:
while ($trouble_row = mysql_fetch_array($trouble_result)) {
$ticketid = $trouble_row['ticketid'];
$ticketno = $trouble_row['ticket_no'];
$created = $trouble_row['createdtime'];
$modified = $trouble_row['modifiedtime'];
$title = $trouble_row['title'];
$solution = $trouble_row['solution'];
$hoursattended = $trouble_row['cf_629'];
$hoursbilled = $trouble_row['cf_628'];
$csv .= "$firstname $lastname,$ticketno,$created,$modified,$hoursattended,$hoursbilled,$title,$solution\n";
}
The variable $title sometimes contains an entry that looks like this:
The user "tom" is having problems.
The variable $csv is collecting all the results from each pass and creating a CSV formatted string that I then need to pass to a new php script, which I am trying to do using a hyperlink:
a href="export_csv.php?csv=$csv">Export to CSV</a>
Unfortunately the embedded quotation marks are recognized by the hyperlink and cut off the majority of the output. Any suggestions on how to collect the data differently, store it differently, or pass it differently would be greatly appreciated!
For parameters in links, you need to use urlencode():
echo 'Export to CSV';
note however that GET requests have length limits starting in the 1-2k area (depending on browser and server).
Alternative approaches:
Forms
One method that is immune to length limits is creating a <form> element for each link with method="post" and adding the values in <input type='hidden'> inputs. You would then style the submit button of the form like a link.
<form action="export_csv.php" method="post">
<input type="hidden" name="csv" value=".......">
<button type="submit">Click here </button> <!-- Use CSS to style -->
</form>
Sessions
Another very elegant way to pass the data would be
Generating a random key
Saving the CSV data in a $_SESSION variable with the random key
Passing the random (short) key in the URL instead of the full data
You'd just have to take care of deleting unused random keys (and their data) frequently.
These kinds of links couldn't be bookmarked, of course.
Use urlencode() before creating the hyperlink url, and use urldecode() to get the original string.
use urlencode() for embedding into a link, and html_special_chars() for embedding into form fields.
url_encode and url_decode.
Quickest and easiest solution given what you already have is probably to change this:
Export to CSV
To something like this:
Export to CSV
I have some multi line text saved in MySql database (VARCHAR 255). When i load it, and process it using standard php function "nl2br", it echoes fine (multi line). But, when i load multi line text from database, make it "nl2br" and then send it to javascript (so it gets displayed in textarea), it won't be displayed! What's wrong?
echo "<SCRIPT>FillElements('".$subject."','".$text."');</SCRIPT>";
P.S.
FillElements function:
function FillElements(Sub,Txt)
{
document.getElementById('txtSubject').value=Sub;
document.getElementById('txtMessage').value=Txt;
}
textareas don't actually store the contents in an attribute like value in the same manner as input elements. They actually store the contents in in between the <textarea> and </textarea> tags. Meaning that the contents is actually treated as CDATA in the document.
<textarea>
This is my Content
</textarea>
Produces a text area with "This is my Content" as the contents.
The implication of this is that you cannot use the code you have to alter the contents of a textarea. You have to alter the innerHTML property of the textarea. I have set up a simple example here:
http://jsfiddle.net/wFZWQ/
As an aside, since you are populating the fields using PHP on the creation of the page, why not merely fill the data in the HTML markup, this seems like a long way round to do it.
Also, since you don't appear to be using it, have you seen [jQuery][1] it abstracts alot of things out, so instead of typing document.getElementById("the_id") to get an element you can use CSS selectors and merely write $("#the_id") to get the same element. You also get a load of useful functions that make writing javascript mucxh easier.
[1]: http://jquery.com jQuery
Newline tags (<br />) don't cause actual new lines in <textarea>.
You can pass the "real" newlines (\n) to your <textarea>, though.
I created a fiddle for that.
EDIT: For the updated FillElements code:
$subject = "String\nWith\nMultiple\nLines";
printf('<script type="text/javascript">FillElements(%s)</script>',
json_encode($subject)
);
My guess is that your HTML source code looks like this:
<script>FillElements("foo","foo
bar
baz");<script>
Correct?
In JavaScript, strings cannot span multiple lines...