Hi, I’m trying to build a small app to comment on images. Probably I’m almost there but currently stuck with updating a ‘file.yml' by a html-form. I’ve made two routes (shown below) “get ‘/:id/edit’ for showing the form with the particular image to comment on. When hitting save the ‘post ‘/edit’ will be called. My problem is that the post route doesn’t have the $id initialised. Is there someone around who can tell me how to solve this or point to me what I’m doing wrong? Thanks, Gert The structure is an AoH. The file.yml is like --- - collection: '' description: good id: 0 imgf: photo.jpg tags: '' - collection: '' description: '' etc.. ————end of yaml #--------------------------------------------------------------------- # # get EDIT # #--------------------------------------------------------------------- get '/:id/edit' => sub { my $filename = Dancer::FileUtils::read_file_content( Dancer::FileUtils::path( setting('appdir'), 'myImages.yml' ) ); my $data = from_yaml $filename; my @data = @{$data}; #print Dumper \@data; my $id = param('id'); template 'edit', { data => $data[$id], id => $id, }; }; #--------------------------------------------------------------------- # # post EDIT # #--------------------------------------------------------------------- post '/edit' => sub { my $data = get_AoH_imagelist(); my @data = @{$data}; my $id = param('id'); $data[$id] { description}= params->{description} ; #$data[2] { description}= params->{description} ; # this works but then all descriptions end up in the third group of hashes. my $filename = "myImages.yml"; write_file $filename, to_yaml($data); redirect '/'; };
On 02/10/2014 02:37 PM, Gert van Oss wrote:
Hi,
I’m trying to build a small app to comment on images. Probably I’m almost there but currently stuck with updating a ‘file.yml' by a html-form.
I’ve made two routes (shown below) “get ‘/:id/edit’ for showing the form with the particular image to comment on. When hitting save the ‘post ‘/edit’ will be called. My problem is that the post route doesn’t have the $id initialised. Is there someone around who can tell me how to solve this or point to me what I’m doing wrong?
Do you have a hidden from field in your form which passes the id to the post route? Regards Racke -- LinuXia Systems => http://www.linuxia.de/ Expert Interchange Consulting and System Administration ICDEVGROUP => http://www.icdevgroup.org/ Interchange Development Team
On 10 Feb 2014, at 14:48, Stefan Hornburg (Racke) <racke@linuxia.de> wrote:
On 02/10/2014 02:37 PM, Gert van Oss wrote:
Hi,
I’m trying to build a small app to comment on images. Probably I’m almost there but currently stuck with updating a ‘file.yml' by a html-form.
I’ve made two routes (shown below) “get ‘/:id/edit’ for showing the form with the particular image to comment on. When hitting save the ‘post ‘/edit’ will be called. My problem is that the post route doesn’t have the $id initialised. Is there someone around who can tell me how to solve this or point to me what I’m doing wrong?
Do you have a hidden from field in your form which passes the id to the post route?
Regards Racke
I don’t have a hidden field. I tried but then still wasn’t successful. (see below.. I skipped some fields) <form method="post" action="/edit"> <input type="text" name="id" id="id" value="[% data.id %]" disabled="disabled"/> <textarea name="description" rows="20" cols="20" id="Description">[% data.description %]</textarea> <input type="submit" name="submit" value="Save" class="submit-button" /> </form>
Remove disabled="disabled" and hide from the user with CSS. If it's disabled, I believe it won't be submitted. Daniel From: Gert van Oss <gertvanoss@me.com> To: Perl Dancer users mailing list <dancer-users@dancer.pm>, Date: 10/02/2014 13:53 Subject: Re: [dancer-users] updating a form Sent by: dancer-users-bounces@dancer.pm On 10 Feb 2014, at 14:48, Stefan Hornburg (Racke) <racke@linuxia.de> wrote: On 02/10/2014 02:37 PM, Gert van Oss wrote: Hi, I?m trying to build a small app to comment on images. Probably I?m almost there but currently stuck with updating a ?file.yml' by a html-form. I?ve made two routes (shown below) ?get ?/:id/edit? for showing the form with the particular image to comment on. When hitting save the ?post ?/edit? will be called. My problem is that the post route doesn?t have the $id initialised. Is there someone around who can tell me how to solve this or point to me what I?m doing wrong? Do you have a hidden from field in your form which passes the id to the post route? Regards Racke I don?t have a hidden field. I tried but then still wasn?t successful. (see below.. I skipped some fields) <form method="post" action="/edit"> <input type="text" name="id" id="id" value="[% data.id %]" disabled="disabled"/> <textarea name="description" rows="20" cols="20" id="Description">[% data.description %]</textarea> <input type="submit" name="submit" value="Save" class="submit-button" /> </form> _________________________ ______________________ dancer-users mailing list dancer-users@dancer.pm http://lists.preshweb.co.uk/mailman/listinfo/dancer-users
<input type="hidden" > is what you want. You could also change your action and route to pass <form method="post" action="/edit/[% data.id %]"> On Mon, Feb 10, 2014 at 8:58 AM, Daniel Perrett <dperrett@cambridge.org>wrote:
Remove disabled="disabled" and hide from the user with CSS. If it's disabled, I believe it won't be submitted.
Daniel
From: Gert van Oss <gertvanoss@me.com> To: Perl Dancer users mailing list <dancer-users@dancer.pm>, Date: 10/02/2014 13:53 Subject: Re: [dancer-users] updating a form Sent by: dancer-users-bounces@dancer.pm ------------------------------
On 10 Feb 2014, at 14:48, Stefan Hornburg (Racke) <*racke@linuxia.de*<racke@linuxia.de>> wrote:
On 02/10/2014 02:37 PM, Gert van Oss wrote: Hi,
I'm trying to build a small app to comment on images. Probably I'm almost there but currently stuck with updating a 'file.yml' by a html-form.
I've made two routes (shown below) "get '/:id/edit' for showing the form with the particular image to comment on. When hitting save the 'post '/edit' will be called. My problem is that the post route doesn't have the $id initialised. Is there someone around who can tell me how to solve this or point to me what I'm doing wrong?
Do you have a hidden from field in your form which passes the id to the post route?
Regards Racke
I don't have a hidden field. I tried but then still wasn't successful. (see below.. I skipped some fields)
<form method="post" action="/edit">
<input type="text" name="id" id="id" value="[% data.id %]" disabled="disabled"/>
<textarea name="description" rows="20" cols="20" id="Description">[% data.description %]</textarea>
<input type="submit" name="submit" value="Save" class="submit-button" /> </form>
_________________ _________________________ _____ dancer-users mailing list dancer-users@dancer.pm http://lists.preshweb.co.uk/mailman/listinfo/dancer-users
_______________________________________________ dancer-users mailing list dancer-users@dancer.pm http://lists.preshweb.co.uk/mailman/listinfo/dancer-users
Hey, I also use hidden field for such a thing: <input type="hidden" value=[% p_id %] name="p_id"> Best regards, Attila On Mon, Feb 10, 2014 at 3:00 PM, James Baer <jamesfbaer@gmail.com> wrote:
<input type="hidden" > is what you want.
You could also change your action and route to pass <form method="post" action="/edit/[% data.id %]">
On Mon, Feb 10, 2014 at 8:58 AM, Daniel Perrett <dperrett@cambridge.org>wrote:
Remove disabled="disabled" and hide from the user with CSS. If it's disabled, I believe it won't be submitted.
Daniel
From: Gert van Oss <gertvanoss@me.com> To: Perl Dancer users mailing list <dancer-users@dancer.pm>, Date: 10/02/2014 13:53 Subject: Re: [dancer-users] updating a form Sent by: dancer-users-bounces@dancer.pm ------------------------------
On 10 Feb 2014, at 14:48, Stefan Hornburg (Racke) <*racke@linuxia.de*<racke@linuxia.de>> wrote:
On 02/10/2014 02:37 PM, Gert van Oss wrote: Hi,
I'm trying to build a small app to comment on images. Probably I'm almost there but currently stuck with updating a 'file.yml' by a html-form.
I've made two routes (shown below) "get '/:id/edit' for showing the form with the particular image to comment on. When hitting save the 'post '/edit' will be called. My problem is that the post route doesn't have the $id initialised. Is there someone around who can tell me how to solve this or point to me what I'm doing wrong?
Do you have a hidden from field in your form which passes the id to the post route?
Regards Racke
I don't have a hidden field. I tried but then still wasn't successful. (see below.. I skipped some fields)
<form method="post" action="/edit">
<input type="text" name="id" id="id" value="[% data.id %]" disabled="disabled"/>
<textarea name="description" rows="20" cols="20" id="Description">[% data.description %]</textarea>
<input type="submit" name="submit" value="Save" class="submit-button" /> </form>
_________________ _________________________ _____ dancer-users mailing list dancer-users@dancer.pm http://lists.preshweb.co.uk/mailman/listinfo/dancer-users
_______________________________________________
dancer-users mailing list dancer-users@dancer.pm http://lists.preshweb.co.uk/mailman/listinfo/dancer-users
_______________________________________________ dancer-users mailing list dancer-users@dancer.pm http://lists.preshweb.co.uk/mailman/listinfo/dancer-users
On 02/10/2014 02:53 PM, Gert van Oss wrote:
On 10 Feb 2014, at 14:48, Stefan Hornburg (Racke) <racke@linuxia.de> wrote:
On 02/10/2014 02:37 PM, Gert van Oss wrote:
Hi,
I’m trying to build a small app to comment on images. Probably I’m almost there but currently stuck with updating a ‘file.yml' by a html-form.
I’ve made two routes (shown below) “get ‘/:id/edit’ for showing the form with the particular image to comment on. When hitting save the ‘post ‘/edit’ will be called. My problem is that the post route doesn’t have the $id initialised. Is there someone around who can tell me how to solve this or point to me what I’m doing wrong?
Do you have a hidden from field in your form which passes the id to the post route?
Regards Racke
I don’t have a hidden field. I tried but then still wasn’t successful. (see below.. I skipped some fields)
<form method="post" action="/edit">
<input type="text" name="id" id="id" value="[% data.id %]" disabled="disabled"/>
<textarea name="description" rows="20" cols="20" id="Description">[% data.description %]</textarea>
<input type="submit" name="submit" value="Save" class="submit-button" /> </form>
Ok, so the question is whether the correct id appears in the rendered HTML form and thus is available to the post route? And writing the data from this form directly into your file opens a big hole for XSS if you display the same data on your website. Also we could do some YAML injection :-). Regards Racke -- LinuXia Systems => http://www.linuxia.de/ Expert Interchange Consulting and System Administration ICDEVGROUP => http://www.icdevgroup.org/ Interchange Development Team
I'd do what James said - change your template so that the form submits to /edit/:id (e.g. <form action=/edit/42" method="post">), then change your edit route to post '/edit/:id' => sub { ... } That'll handle it nicely, and is a bit more RESTful, too. Also, random comments: In the get route, you load the data straight from a YAML file, but in the post route, you call get_AoH_imagelist() to get it - incomplete refactor, perhaps? When you say: my $data = get_AoH_imagelist(); my @data = @{$data} You could condense that to: my @data = @{ get_AoH_imagelist() }; On Mon, 10 Feb 2014 14:37:29 +0100 Gert van Oss <gertvanoss@me.com> wrote:
Hi,
I’m trying to build a small app to comment on images. Probably I’m almost there but currently stuck with updating a ‘file.yml' by a html-form.
I’ve made two routes (shown below) “get ‘/:id/edit’ for showing the form with the particular image to comment on. When hitting save the ‘post ‘/edit’ will be called. My problem is that the post route doesn’t have the $id initialised. Is there someone around who can tell me how to solve this or point to me what I’m doing wrong?
Thanks, Gert
The structure is an AoH. The file.yml is like
--- - collection: '' description: good id: 0 imgf: photo.jpg tags: '' - collection: '' description: '' etc..
————end of yaml
#--------------------------------------------------------------------- # # get EDIT # #--------------------------------------------------------------------- get '/:id/edit' => sub { my $filename = Dancer::FileUtils::read_file_content( Dancer::FileUtils::path( setting('appdir'), 'myImages.yml' ) ); my $data = from_yaml $filename; my @data = @{$data};
#print Dumper \@data; my $id = param('id'); template 'edit', { data => $data[$id], id => $id, }; };
#--------------------------------------------------------------------- # # post EDIT # #---------------------------------------------------------------------
post '/edit' => sub { my $data = get_AoH_imagelist(); my @data = @{$data}; my $id = param('id'); $data[$id] { description}= params->{description} ; #$data[2] { description}= params->{description} ; # this works but then all descriptions end up in the third group of hashes. my $filename = "myImages.yml"; write_file $filename, to_yaml($data); redirect '/'; };
-- David Precious ("bigpresh") <davidp@preshweb.co.uk> http://www.preshweb.co.uk/ www.preshweb.co.uk/twitter www.preshweb.co.uk/linkedin www.preshweb.co.uk/facebook www.preshweb.co.uk/cpan www.preshweb.co.uk/github
Thanks for all helpful replies and additional comments! I will have some more refactoring to do ; ) Finally I now get what this RESTful is about (didn’t play with it earlier). Point about security is taken. Gert On 10 Feb 2014, at 15:18, David Precious <davidp@preshweb.co.uk> wrote:
I'd do what James said - change your template so that the form submits to /edit/:id (e.g. <form action=/edit/42" method="post">), then change your edit route to post '/edit/:id' => sub { ... }
That'll handle it nicely, and is a bit more RESTful, too.
Also, random comments:
In the get route, you load the data straight from a YAML file, but in the post route, you call get_AoH_imagelist() to get it - incomplete refactor, perhaps?
When you say:
my $data = get_AoH_imagelist(); my @data = @{$data}
You could condense that to:
my @data = @{ get_AoH_imagelist() };
On Mon, 10 Feb 2014 14:37:29 +0100 Gert van Oss <gertvanoss@me.com> wrote:
Hi,
I’m trying to build a small app to comment on images. Probably I’m almost there but currently stuck with updating a ‘file.yml' by a html-form.
I’ve made two routes (shown below) “get ‘/:id/edit’ for showing the form with the particular image to comment on. When hitting save the ‘post ‘/edit’ will be called. My problem is that the post route doesn’t have the $id initialised. Is there someone around who can tell me how to solve this or point to me what I’m doing wrong?
Thanks, Gert
The structure is an AoH. The file.yml is like
--- - collection: '' description: good id: 0 imgf: photo.jpg tags: '' - collection: '' description: '' etc..
————end of yaml
#--------------------------------------------------------------------- # # get EDIT # #--------------------------------------------------------------------- get '/:id/edit' => sub { my $filename = Dancer::FileUtils::read_file_content( Dancer::FileUtils::path( setting('appdir'), 'myImages.yml' ) ); my $data = from_yaml $filename; my @data = @{$data};
#print Dumper \@data; my $id = param('id'); template 'edit', { data => $data[$id], id => $id, }; };
#--------------------------------------------------------------------- # # post EDIT # #---------------------------------------------------------------------
post '/edit' => sub { my $data = get_AoH_imagelist(); my @data = @{$data}; my $id = param('id'); $data[$id] { description}= params->{description} ; #$data[2] { description}= params->{description} ; # this works but then all descriptions end up in the third group of hashes. my $filename = "myImages.yml"; write_file $filename, to_yaml($data); redirect '/'; };
-- David Precious ("bigpresh") <davidp@preshweb.co.uk> http://www.preshweb.co.uk/ www.preshweb.co.uk/twitter www.preshweb.co.uk/linkedin www.preshweb.co.uk/facebook www.preshweb.co.uk/cpan www.preshweb.co.uk/github
_______________________________________________ dancer-users mailing list dancer-users@dancer.pm http://lists.preshweb.co.uk/mailman/listinfo/dancer-users
participants (6)
-
Attila Bárdi -
Daniel Perrett -
David Precious -
Gert van Oss -
James Baer -
Stefan Hornburg (Racke)