I have the following input:
<input id="whereInput" type="text" name="where" placeholder="around..." geodata="-73.6050237,45.5511518" value="Current Location">
I want to pass the geodata as the value to the get parameter, but not its value.
in other words I want where=-73.6050237,45.5511518 but not where=Current%20Location
Thanks,
Store the value you actually want to submit in a hidden input with a different name.
If the submitted value is "Current Location" then read the data from the other field instead.
Related
in my FE-User-Registration Extension i want to add a 2nd Password-Field, just for checking the spelling of the first password entered.
I don't like to add an extra field for this in the database, because it's only for first entering the password and changing the password purpose.
If the normal password-field and the reenter-password-field are the same, it should be stored in the database. (I also make a salted password here, but it's not important for the issue.)
I tried the following
<label for="reenter_password" class="reenter_password">
Reenter Password*
</label><br>
<f:form.password id="reenter_password"/>
This makes no errors, but i don't get the value.
<label for="reenter_password" class="reenter_password">
Reenter Password*
</label><br>
<f:form.password property="reenter_password" id="reenter_password"/>
This makes the following Error:
Exception while property mapping at property path "": Property "reenter_password" was not found in target object of type "RM\Rmregistration\Domain\Model\User"
I know if i make an extra field called reenter_password in my Model, SQL, it would work, but like I said above I don't want to store this to the database.
Is there any way to get the value, and checks it, without storing it to the database with Fluid?
Try to put your input like this in your fluid template :
<input id="reenter_password" type="password" name="reenter_password">
And see what you've got in \TYPO3\CMS\Core\Utility\GeneralUtility::_POST() in your controller action.
I'd use an AbstractValueObject and validate this one, then, in your update action, take one of the values of the AbstractValueObject and set it in your entity.
A lot of folks on Stack Overflow are probably trying to fix forms that don't submit, but I'm actually hoping to do the opposite!
What I'd like to do for an art project is make a form with a "joke" field -- say, your SSN, your bank account number, your fingerprints or retina scans or DNA code, or something super personal like that. But I don't want the number in our server logs, and I don't want it to be transmitted over the internet at all. I don't want any legal liability!
Basically the idea is just to ask for something audacious, but not to handle the data that may or may not come from users who actually put it in.
So, is there a way to make a field that acts as a normal form field, but where nonetheless we would feel "safe" that users who actually do put their sensitive info in the field will be protected?
What's the "safest" approach to something like this?
Form fields require a name to be submitted:
If any of the following conditions are met, then skip these substeps for this element:
[…]
The field element is not an input element whose type attribute is in the Image Button state, and either the field element does not have a name attribute specified, or its name attribute's value is the empty string.
[…]
So you could simply use an input without name attribute:
<input type="text">
Be careful with your "jokes", if you want that the information of the field is not submitted, then, you can simply leave it out of the form element like this:
<form action="... >
<input type="... >
</form>
<input type="... > <!-- This field won't be submitted-->
I have a form in commonspot, which uses hidden field to pass the information to next form,which it got from a previous form, but I'm not sure about the syntax for the default value of hidden fields. I have tried using form.fieldname, evaluate(form.fieldname), and #form.filedname#.
Can anyone help me with this ?
Thanks,
AA
Ardash - you should paste some actual code to help us understand what you mean.
In general if you want a "default" value (for the case where the item doesn't exist previously) you should use cfparam like so:
<cfparam name="form.myField" default="*some default value*"/>
Then in your hidden field you can safely do this:
<input type="hidden" name="myField" value="<cfoutput>#form.myField#</cfoutput>"/>
Hope this helps. Paste some code for a better response :)
You can list the field names submitted to the page using this method:
<cfoutput>#form.fieldnames#</cfoutput>
alternatively, you can get the field names and data:
<cfdump var="#form#">
This might help you figure out what is going on.
There's a place into my screen that I populate a label with a specific string value after some interaction with my user during the runtime. I use javascript for that.
Is there anyway to get the value of this lavel with my controller after its POST method is activated ?
Thanks, guys !
Option #1
Put the value in an HTML <input> element with a name attribute? Might need to dress down
the input element, since it will look like a textbox.
Option #2
Mirror the value in a hidden input <input type="hidden" value="yourValue" /> inside the form you're posting.
Is it possible to validate a radio group (so something is checked off, or chosen) using server-side validation with Perl? If so, how?
I already have it for JavaScript, but I want this form to be able to be submitted even without JavaScript enabled. Thus I will need the validation on the server-side.
There is no fixed name for the radio group, it can change, however there must be a name, so that #names = $cgi->param() will give all the names.
I'm thinking along something that will give me the type, like the type in JavaScript, to determine if it's a radio button in a group.
Your CGI script receives form fields as name-value pairs without any information as to what type of visual form element generated the values.
Your CGI script must know the names of the input variables whose values it is going to validate. Having the names supplied to the script based on untrusted user input is risky IMHO—that includes using another field whose value is the name of the radio group.
Say, you have a variable called contact_me which can take on values "yes" and "no". There is absolutely no reason for your CGI script to care if the value was provided using
<select name="contact_me">
<option value="yes" selected="1">Please do!</option>
<option value="no">Oh no!!!</option>
</select>
or using
<input type="radio" name="contact_me" value="yes" checked="1">
<input type="radio" name="contact_me" value="no">
or if the user typed her answer into the text field
<input name="contact_me">
The only thing your CGI script needs to concern itself with is if the value of contact_me is "yes" or "no".
It looks like you do not have a firm grasp of CGI. Please see The World Wide Web Security FAQ: CGI (Server) Scripts as a starting point.
Please stop all of your CGI development until you understand the ramifications. I retract this remark in light of your comments clarifying the use of a config file to define parameter names (which, in principle, is orders of magnitude safer).
Pass another hidden input field containing the name of the radiogroup, then just read
#values = $cgi->param($cgi->param("radiogroup_name")); // IIRC