I have a database of clients. Before entering a new client, I want to make sure that that client is not already in the database. So I want to put a search form at the top of my page to search by client number, and client name. Further down the page, I'll have another form to enter and submit the client's information. Would this be the best way to go about something like this? How would you approach this? i'm using drupal 6.
It is better that when the user is inserting a new customer name, an autocomplete shows the names matching the characters inserted by the user; if the user wrote "Mic", and in the database there is a customer with the name "Michael Greenpeace", the autocomplete will show "Michael Greenpeace", and the user will understand there is already a record for that customer.
Even without the autocomplete (which would help the user to understand if the data for the customer has been already inserted in the database, and continue with the next customer), a user that inserted the name of an existing customer should see the existing data; this would help the user to avoid rewriting data that are already updated (customer information need to be updated, sometimes, and not only inserted).
Related
I'm developing an online store website which has several products and user can submit comment for each single product.
So when the user opens a product webpage, they can submit their comments via comment form. In order to do that I've put a hidden input in the comment form which holds the id of the product however, it can be easily manipulated.
I've search a lot and I know that you can never trust data sent by the clients but I suppose there must be a way to make sure that the comment sent is exactly for the product the user is seeing right now. Because user can see a product on the website and change the product id in the hidden input of the comment form and submit it to the server.
Please help.
Thanks in advance.
I have recently learned tutorial about restful APIs.In that, my instructor suggested me that if we want to delete any document we should pass id in the parameter of the request. But now I am confused How do we handle this implementation on the client side.I mean how can even the programmer on the front side could be aware of that particular document ID. Does he need to go to the database each time?
Common practice for accessing a record in db is to use its unique identifier, to get or update or delete the record.
On the client side (if you mean user interface) when user wants to delete a document, he/she must see the document somewhere in the interface. Suppose a page with a table containing a list of all (for instance) books in the db. On each row, you have book title and author's name and the id of the book document in the db.
So you can use that id to call the delete rest API.
In a nutshell, when you want to delete something you must have got it from db to simply see it, so the id is at your hand.
When you want to delete a some doc from the database you need to get all documents to the front end to see what do we need to do to this data right ?
Imagine any database GUI that u have worked with..
let's say phpmyadmin when using mysqli
in that case you have php mydamin's GUI so that u can clearly see what are the tables and how things persist in the database. you need to see that in order for you to make decision
. Like that you will need to bring at least a portion of that data to the front end for user to see it and choose what portion of data the user want's to make changes or delete.
so when we have a set of data in the front end like a list, if a user select one item from that list the id or the name of that item can be send to the server side and make the task if the user wishes to do
that's why you need an Id or a identification field of that particular data..
I have an embedded view in a main form (same database) with a single category of a client code that is custom generated. The view displays all other documents that have that main document's client code in a hidden field.
This works perfectly, except for one user where the embedded view is blank, and the message "category not found" is displayed. This happens for all documents viewed. Anyone else that opens the exact same main documents can see the correct list in the embedded view. The documents are definitely there.
I've pressed F9 a few times, and the "category not found" keeps coming up. I've also shutdown Notes and deleted the cache file, and restarted. There have been no changes to the database for a long time, and this started for this one user a few days ago.
I have no idea whats causing this.
Check readers/authors fields in documents that should be displayed in your embedded view. May be that user just can't see them.
Before I get too stressed, I generally try this:
Remove the database from the user's workspace
Compact the workspace (2nd tab of workspace properties)
Close Notes
Delete cache.ndk
Restart Notes
If that doesn't work, I'd check that the user can see the documents in another way (i.e. if you send a doclink to the user, can the user open it (alternatively, try opening the embedded view directly through View - Goto. Don't forget to use CTRL-SHIFT at the same time if the view is hidden)? If not, the user may have lost a role, or dropped out of a group that provides access.
¿The view is "shared" and not "shared, private at first view"? In that case, you have to delete de "private version" of the view for that user
¿The embedded view is calculated, and show one view for a group of users and a second view for another group? Maybe you're searching the problem in the wrong view
¿The single category is based on a formula or on a calculated field? In that case, the formula calculates a different value for that user
I'm new to the Zend Framework and I have a problem to create an edit form with the Zend_Form.
My problem is that I need to store the entry ID during editing, I've seen some examples that are using a hidden form field, but a hidden field can be manipulated by a user.
So: how can I set a form field which gets populated by $form->populate($data); and is available after submiting the request but is not editabel/visible to the user in any way?
Thanks for any help!
I'm not sure if there's really a point in trying to hide the value.
Consider the following:
To display the correct editor form, you need the ID of the object that is to be edited.
Before allowing the user to edit a certain ID, you would check if the user can edit it or not.
Thus, if you put the ID in the form, it shouldn't really matter:
When you POST the edit form, you should again check that the user can still edit the ID.
If the user changes the hidden ID, it doesn't really matter. They could still go and edit the other ID by finding it on the site. (This is assuming your check didn't tell you the user does not have access)
what kind of data you wanna hide?
data should be in post or get.if you dont put your data in your form,then you will have to use GET which is less secure than POST.
If you have some data and you dont want the user to see those data,then you should not put those data in a form.you can store and retrieve hidden data using forms submitted values.lets suppose your hidden field is users password.you dont need to send password back to the client when client is editing the form.you can manipulate password in your controller according to the user`s submitted first name and last name.
If you still insist, you may wanna try encrypting data using ZF and echo ing your value and setting encrypted data into a hidden form element.
Zend_Form generates an HTML form element with the form elements you specify. So its element capabilities are narrowed to a simple HTML form.
The hidden form element is used to pass those data that the user is not supposed to enter by hand. But as you yourself said it, there is no guaranty it could not be tampered. so no security is provided by using a hidden form value.
Most of times you'd better use server side values (like stored in sessions) to reference to values that are to be protected from user.
I suggest you keep the ID in a session value, and then you could use the session key in the hidden form field. this way the user can not change the target ID. However you are not able to use the $form->populate($values) on this in one step. you would have to set the target value with other steps:
fetch data from the session
set the form element value with the fetched data
I am new to Drupal and trying to get hand on it.
I am not able to find how to have the following functionality on my site. If anyone can help me out, it would be great for me.
I need to have a form that will take 2 fields one of which is supposed to be the login id(how to retrive login id?). I need to store this and display in tabular form also on a new page. Lastly I want to provide an edit form for this functionality using the same form but its use will be like whenever a person adds value in this form, it checks in Table1, if entry is not present it adds in table, else it updates the table.
Apart from this I need to store all the updations in a seperate table or something like that, so that I am able to see the history of all the changes
Eg:
ADD Form:
Fields:
- LoginID
- Phone number
Show Table Page(Tabular with the stored information)
Edit Form(same as above form):
Fields:
- LoginID
- Phone number
Now If I add my phone number to this it will get stored. Later when I try to modify my number it should update in initial table but also store the history of old and new entry in a separate table so that I can perform varies options on it.
I also dont know how to add/enable form fields in drupal. :(
Thanks
I'm not entirely sure what you're asking, but I think the Computed Field module might be helpful. The module allows you to define custom hooks that run when a node is saved.
If you're not creating nodes and are using something like the Webform module, you should be able to write a module to process the data.