[cvs] [Wiki] changed: Project/HordeForm
Chuck Hagenbuch
chuck at horde.org
Tue Jul 8 17:58:54 UTC 2008
chuck Tue, 08 Jul 2008 13:58:54 -0400
Modified page: http://wiki.horde.org/Project/HordeForm
New Revision: 17.6
Change log: mild cleanup, fix unintended wiki markup
@@ -127,9 +127,9 @@
view variables will be maintained
-I just discovered a hole in a white list validation technique I bored from a
+I just discovered a hole in a white list validation technique I
borrowed from a
PHP security book ‹ no, not Chris¹ book.
Beware in_array($_POST/GET[Œinput¹], $whitelist)
@@ -210,8 +210,9 @@
errors over session-namespaces to redirect between processing<->view.
the usage is like this:
+<code type="php">
// FORM-PROCESSING
$F = new Form('edit');
// common form-data
@@ -291,8 +292,9 @@
if (!($title = $F->value('title')))
$title = '<populate from db>';
<input type=text value=$title />
+</code>
@@ -342,10 +344,8 @@
-
-[Show Quoted Text - 12 lines]
We are in the middle of a discussion Alexey and I about QuickForm2
API for elements creation and I would like your opinion as well.
At this point, nothing is immutable since we aren't even talking
about alpha stage, so your preferences as users and developers is
@@ -367,13 +367,8 @@
This style is more "OO-ish" (*g*) and should also be more consistent in
usage.
-+1, therefore
-
-[...]
-
-[Show Quoted Text - 13 lines]
The other point we are discussing is about the extra parameter in
element creation. I suggest we always use an array, even when there
is only one extra parameter. Alexey suggests that we use a scalar if
there is only one extra parameter. For example, for a given "Year"
@@ -385,9 +380,9 @@
While I would use:
$form->addElement('year', 'aYear', array('startYear' => '2007'));
-+1 for this last style because it avoids confusion, too, and especially
+ +1 for this last style because it avoids confusion, too, and especially
also because sometimes later such elements might get a second, third,
... option.
More information about the cvs
mailing list