Drupal 7 search parameters - search

I want to create a custom search box and use that to interact with Drupal's search module. Currently everything works pretty well. However, i would also need to use a proper token with the search. I have no idea what key Drupal uses to form this token.
Currently i have:
<form class="search-form" action="/search/node" method="post" id="search-form" accept-charset="UTF-8">
<input type="text" name="keys" class="search_box" value="Search ..." />
<input type="hidden" name="form_id" id="search-form" value="search_theme_form" />
<input type="hidden" name="form_token" value="<?php print drupal_get_token('search_theme_form'); ?>" />
</form>
This works well enough to display the results of one page. If i try to navigate to the second results page, all the results are thrown away.

You should probably use the more proper
$form = drupal_get_form('search_block_form');
return drupal_render($form);
http://api.drupal.org/api/drupal/modules--search--search.module/function/search_form/7

It turned out to be as simple as changing the form from post to get. Here's the html for a working solution.
<form class="search-form" action="/search/node" method="post" id="search-form" accept-charset="UTF-8">
<input type="text" name="keys" class="search_box" value="Search ..." />
</form>
You don't need to define tokens or anything of the sort.

And in theme use:
<?php
$form = drupal_get_form('search_block_form');
echo render($form);
?>

Related

How to Remember Pass Values Without Exposing To HTML? (NodeJS/ejs)

I tried to Google search but I did not even know what to search for!
My current problem is: say I have a customer order an item, it will show in his list of orders and he can then edit the order in the future by clicking a button next to the order.
Currently the button submits a hidden form which contains all information needed to identify a particular order and this form is passed into the edit order page through a post request. Although the form is hidden, when page source is viewed the information will still be accessible by the user.
How do I avoid exposing the information to the user? I.e do everything in the backend.
<form method="POST" action="/edit_order">
<input type="hidden" name="owner_email" value=<%=all.owner_email %>>
<input type="hidden" name="owner_email" value=<%=all.transactionId %>>
<input type="hidden" name="start_date" value=<%=moment(all.start_date).format() %>>
<input type="hidden" name="end_date" value=<%=moment(all.end_date).format() %>>
<button type="submit" class="btn btn-secondary">Change this order</input>
</form>

What url masking method worked in Javascript disabled browser?

I have tried iframing but it doesn't worked in Javascript disabled browser. Anyone please tell me how can I mask an url and still worked in Javascript disabled situation, thanks in advance.
Use POST, rather than GET. Something like this early in the page:
<form action="nextpage" method="post">
<input type="hidden" name="parameter1" value="value1" />
...etc...
This page
</form>
<form action="otherpage" method="post">
<input type="hidden" name="parameter1" value="value1" />
...etc...
That page
</form>
Bit more longwinded, but it will work.

Expression engine: This form has expired. Please refresh and try again

I've got a problem with the contact form in Expression Engine. I'm using the code from the docs but after submitting I'm getting this error :
This form has expired. Please refresh and try again.
My code:
{exp:email:contact_form user_recipients="no" recipients="my#emailadress.com" charset="utf-8"}
<h2>Support Form</h2>
<p>
<label for="from">Your Email:</label><br />
<input type="text" id="from" name="from" size="40" maxlength="35" value="{member_email}" />
</p>
<p>
<label for="subject">Subject:</label><br />
<input type="text" id="subject" name="subject" size="40" value="Contact Form" />
</p>
<p>
<label for="message">Message:</label><br />
<textarea id="message" name="message" rows="18" cols="40">
Support Email from: {member_name}
Sent at: {current_time format="%Y %m %d"}
</textarea>
</p>
<p>
<input name="submit" type='submit' value='Submit Form' />
</p>
{/exp:email:contact_form}
I'm using Expression Engine 2.8.0. Thanks guys!
EE requires an XID to be in the form. There is a global variable you can use to generate an XID hash:
<input type="hidden" name="XID" value="{XID_HASH}" />
http://ellislab.com/blog/entry/putting-the-secure-in-secure-mode-forms
For us, adding this to the config.php 'fixed' the problem (more like, put a bandaid on it since it's not an ideal situation)
$config[‘disable_csrf_protection’] = “y”;
I was having this problem only in Chrome and not in Firefox or Safari. I dug into the PHP and realized that it failed this check in Csrf.php:
// Fetch data, these methods enforce token time limits
$this->fetch_session_token();
$this->fetch_request_token();
// Main check
if ($this->request_token === $this->session_token)
{
return TRUE;
}
Then I realized that I had set Chrome to block cookies. I set it so Chrome would allow cookies and I am no longer getting that error message.
I think that's a problem with the secure forms XID hash. You can only submit a form once while using "secure forms" (to stop spammers hijacking them).
A quick way of disabling it is to open system/expressionengine/config/config.php and add this down the bottom to disable it. See if that makes a difference for you.
$config["secure_forms"] = "n";
Obviously using secure forms is preferable though.

Search box like w3schools.com

I want to make a simple searchbox in my website. I think for my situation, the best way is to use something like w3schools.com did. When user types smth and press enter it redirects to google.com/search and it will search from only w3schools.com in google because there is site:www.w3schools.com is given in url. how can i do that?
A simple solution would be something like this:
<html>
<head></head>
<body>
<form method="get" name="searchform" action="http://www.google.com/search" target="_blank">
<input type="hidden" name="sitesearch" value="stackoverflow.com">
<input type="text" name="as_q" size="20" value="Search stackoverflow.com">
<input type="submit" value="Search" title="Search">
</form>
</body>
</html>
But you should also check this out:
http://www.google.com/cse/
Just browse source code and take everything you need, that trick will often do in case of HTML how-to's:
<form method="get" name="searchform" action="http://www.google.com/search" target="_blank">
<input type="hidden" name="sitesearch" value="www.yoursite.com">
<input type="text" name="as_q" size="20" value="Search yoursite.com">
<input type="submit" value="Search" title="Search">
</form>
Well. Actually it seems this is quite easy job. I have found the solution At:
http://www.askdavetaylor.com/how_can_i_add_a_google_search_box_to_my_web_site.html/
I think what you are looking for is Google Custom Search Engine. Start here: http://www.google.com/cse/docs/ , http://www.google.com/cse/manage/all

Add a form with POST method on a SharePoint 2010 page?

The HTML I got asked to add to a page is:
<div>
<div> Click below to enter</div>
<form id="formID" method=POST action="http://www.someWebsite.com">
<input type="submit" name="do_login" value="Log in" />
<input type="hidden" name="username" value="someUsername" />
<input type="hidden" name="password" value="somePassword" />
</form>
</div>
I know I can't add a form like that because there is already on that SharePoint created, I had a look at http://www.sharepointboris.net/2008/09/making-post-and-get-forms-from-sharepoints-pages/ but when I follow the example and save SharePoint still strips out most of the code so how can I achieve what I want in another way?
Thanks in advance.
For our SharePoint 2007 installation, I created a quiz web part. Basically, it pulls questions and answers from a list, but the actual questions are presented and submitted using a form with POST variables. It's probably much more complex and in-depth than you're looking to go, but I made a custom web part to present the form, read the post variables, and execute associated functions. The big plus to using a custom web part is that you're able to put in nearly any content you want, since you're coding it in ASP.NET.
What I did was to create a custom .aspx page (not through the sharepoint gui) with the code I posted in my question, uploaded the page to a library and then linked to it via a page viewer web part
You can get the form to work as normal if you remove the tags and place the form control inside a div like so:
<div>
<div> Click below to enter</div>
<div id="formID" method=POST action="http://www.someWebsite.com">
<input type="submit" name="do_login" value="Log in" />
<input type="hidden" name="username" value="someUsername" />
<input type="hidden" name="password" value="somePassword" />
</div>
</div>
This way sharepoint will accept everything inside the div tags. In a asp.net when you create a page in sharepoint, the whole page is containied withing a form that why sharepoint does not allow you to use another form within it.
Hope this helps

Resources