开发者

Passing data between states PHP

问答 作者:

So I am using Limonade PHP which has a RESTful design which emulates PUT, POST, D开发者_如何学PythonELETE routes for create, update, delete.

I am trying to develop some form validation which is going well. The major problem I am facing though is how to return my filtered data (which has failed validation) back to repopulate the create or edit form.

How would this be done? I currently have for creating a page:

/admin/page/new -> GET function

/admin/page -> POST function
+ validate
    + pass, update db
    + fail, add errors to flash, redirect to /admin/page/mew

It all falls down as I do not know how to populate the /admin/page/new with the invalid, but filtered data.

Have you used a session to carry the data to /admin/page/new? http://www.php.net/manual/en/session.examples.basic.php

edit: I just found this article: http://www.recessframework.org/page/towards-restful-php-5-basic-tips which recommends using a cookie over $_SESSION. It doesn't elaborate on why, but either one will achieve the result you want.

To get the data back to the redirected page, you either need to use session or litter the request with get vars for each element (not nice to look at, not nice for bookmarking, wouldn't suggest it).

I'd guess that 'add errors to flash' is using a session var (not familiar with Limonade).

Another alternative would be submitting the form with an AJAX call, then the form data wouldn't even change on an error.

Of course, you would still need a non-AJAX method working for backwards compatibility.

Update: Limonade Source confirms flash() uses $_SESSION. So you're already using session vars.

You can output the form without redirecting. Put the form in a script containing no other HTML elements. Have it set the value of any form input given in $_POST (after calling htmlspecialchars with the appropriate quote style). Include the form script in other scripts where appropriate.

In your utility functions:

function passthruFormInput($name) {
    if (isset($_POST[$name])) {
      echo htmlspecialchars($_POST[$name], ENT_QUOTES); 
    }
}

newForm.php (or whatever you want to call it):

<form action="..." method="POST" onsubmit="...(client side validation function)...">
    ...
    <input name="foo" value="<?php passthruFormInput('foo'); ?>"/>
    ...
</form>

If you generate the form dynamically, adapt the above to match. A few things feel off about this implementation and approach, but I can't quite put my finger on it.

Leaving the form script publicly accessible may not be a security problem, but it should either be outside the document root hierarchy or in a branch protected with ORDER Allow,Deny or mod_rewrite. It should probably go with the views.

继续阅读:phprest

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9