Rajeev Prasad <rp.ne...@yahoo.com> wrote:
>Hi, > >without using CGI.pm how can i collect the values of a multiselect >element? > >say for e.g.: > >< select name="hobbies" id="hobbies" multiple> ><option>Reading Books</option> ><option>Writing Stories</option> ><option>Collecting Coins</option> ><option>Cross Stitching</option> ><option>Tenis</option> ><option>Playing Cricket</option> >< /select> > >when the form is submitted, i have to get the selected values in an >array. how can i do that? > Have your controller parse the post data. See below for my real motivation for replying. > > >*if you are curious, (as per my understanding) even though CGI.pm would >make it easy to get values out of parameters passed to the script by >the web form. I would still have to do validation of values passed >seperately. so why should i use a big module just to collect form data? >i am using TT to display the form/HTML and javascript to validate >input. You validate data with js? Are you fucking crazy? So, you think that if I want to hand you bad data I'm actually going to use your form to do it? I'm not (read NOT) saying to remove this. What I'm saying is to use js to validate for people (like me) who don't read carefully before they click 'go' or whatever. You DON'T trust any data at this point. You've got a few other points to validate that you might be able to trust: reverse proxy, db (ie, pg can validate columns), orm resultset / model, or the controller. Doing validation in some of these places might put load where you don't want it however this can be considered validation. JS validation is just a ui thing. You should also write js to sanitize db data when being sent to a user. That way, if some xss got through on the up side, they don't get it on the down side. Get it? Ps, don't put validation (or any other logic in your template). Its a view - not for logic. Pps, use placeholders or dbic (which does things right for you). -- To unsubscribe, e-mail: beginners-unsubscr...@perl.org For additional commands, e-mail: beginners-h...@perl.org http://learn.perl.org/
