[pLog-svn] r6524 - plog/branches/lifetype-1.2/class/data/forms

Jon Daley plogworld at jon.limedaley.com
Mon Jun 9 10:26:28 EDT 2008


 	I agree for that form field, and textboxes in general, I think. 
I am not as sure about other fields - what does it mean to set a checkbox 
or other types with different values other than the expected?
 	It also seems strange that I type in HTML (not realizing, or 
perhaps even remembering that I did), hit update. Get a validation error, 
and the text shows "Mark Wu".  I wonder why that didn't validate for a 
while, and then just hit update again and it works, and I think - hrm, 
that's odd, LifeType must be flaky, since it worked the second time and 
not the first time.
 	The user can almost always hit back and recover the data, if it 
was a bunch that he doesn't want to retype.

On Mon, 9 Jun 2008, Mark Wu wrote:

> Take blogAbout field for example, if a user already enterd all information
> about his blog,  but he just forgot blogAbout does not accept html tags and
> just put <b>Mark Wu</b> in the end of blogAbout.
>
> When he hit the sumbit button, he will lost all his changes..
>
> So, I think the better way is just give the "filterd" data back to him and
> tell him what's going on, and he can keep edit the blogAbout.
>
> My original idea post in mailing list is get the "filterd" data back to
> user, not just a blank field. I think it is more user friendly.
>
> Mark
>
>> -----Original Message-----
>> From: plog-svn-bounces at devel.lifetype.net
>> [mailto:plog-svn-bounces at devel.lifetype.net] On Behalf Of Jon Daley
>> Sent: Monday, June 09, 2008 7:38 PM
>> To: LifeType Developer List
>> Subject: Re: [pLog-svn] r6524 -
>> plog/branches/lifetype-1.2/class/data/forms
>>
>>  	I like all of the changes, but I am unsure about this
>> one.  If there is something wrong with the data, I think I
>> would rather see a blank field than a field that has been
>> modified.  Both from a developer's and user's standpoint.
>>  	One argument for displaying the filtered value from the
>> user's standpoint is if they accidentally typed in HTML and
>> didn't mean to, then we take care of it.
>>  	However, since we don't know what sort of validation
>> was supposed to be done on this field, perhaps filtering HTML
>> isn't the right answer, and I would rather blank it out, than
>> have either bad data passed to the user, or some security
>> hole that we haven't thought of yet.  The user can usually
>> hit the back button if you are worried about him recovering data.
>>  	Passing back unknown data to the user seems like a bad idea.
>>
>> On Mon, 9 Jun 2008, mark at devel.lifetype.net wrote:
>>
>>> Author: mark
>>> Date: 2008-06-09 04:00:51 -0400 (Mon, 09 Jun 2008) New
>> Revision: 6524
>>>
>>> Modified:
>>>
>> plog/branches/lifetype-1.2/class/data/forms/formvalidator.class.php
>>> Log:
>>> We still need the value but filtered with
>> Textfilter::filterAllHTML()
>>>
>>> Modified:
>>> plog/branches/lifetype-1.2/class/data/forms/formvalidator.class.php
>>> ===================================================================
>>> ---
>> plog/branches/lifetype-1.2/class/data/forms/formvalidator.cl
>> ass.php	2008-06-09 07:32:35 UTC (rev 6523)
>>> +++
>> plog/branches/lifetype-1.2/class/data/forms/formvalidator.cl
>> ass.php	2008-06-09 08:00:51 UTC (rev 6524)
>>> @@ -110,6 +110,10 @@
>>>
>> $this->_validationResults["$fieldName"] = $validationResult;
>>> 				if($validationResult)
>>>
>> $this->_fieldValues["$fieldName"] = $fieldValue;
>>> +				else {
>>> +					lt_include(
>> PLOG_CLASS_PATH."class/data/textfilter.class.php" );
>>> +
>> $this->_fieldValues["$fieldName"] =
>> Textfilter::filterAllHTML( $fieldValue );
>>> +				}
>>>
>>> 				// if one of the validations is
>> false, then cancel the whole thing
>>> 				$finalValidationResult =
>> $finalValidationResult &&
>>> $validationResult;
>>>
>>> _______________________________________________
>>> pLog-svn mailing list
>>> pLog-svn at devel.lifetype.net
>>> http://limedaley.com/mailman/listinfo/plog-svn
>>>
>>
>> --
>> Jon Daley
>> http://jon.limedaley.com
>> ~~
>> What happens if you get scared half to death twice?
>> _______________________________________________
>> pLog-svn mailing list
>> pLog-svn at devel.lifetype.net
>> http://limedaley.com/mailman/listinfo/plog-svn
>
> _______________________________________________
> pLog-svn mailing list
> pLog-svn at devel.lifetype.net
> http://limedaley.com/mailman/listinfo/plog-svn
>

-- 
Jon Daley
http://jon.limedaley.com
~~
You never knew you could learn that much just by slapping a tube.
-- Professor Vanderven


More information about the pLog-svn mailing list