Matt Posted June 2, 2015 Share Posted June 2, 2015 Larry, I had a quick question! I have a login form similar to the one in example 1 of the book. It appears on several of the public pages, however, I also sometimes have another form in the content area of the same page. What is the current best practice for determining which form has been submitted when there are multiple forms on the same page? Obviously, this is not going to cut it: if ($_SERVER['REQUEST_METHOD'] === 'POST') { process form... } I have heard that there are a couple ways of doing this: 1) Include a hidden field with a unique name in the form and look for it in the $_POST array. 2) Give each submit button a unique name and look for it in the $_POST array. The problem with the first option is that it creates extra markup in the page, but this is probably ok. The problem with the second is that in older versions of IE, if a user hits the 'Enter' key to submit a form, the submit button's name will not appear in the $_POST array. What do you do in this situation? Thanks for any help or advice you can give? Matt Link to comment Share on other sites More sharing options...
Larry Posted June 3, 2015 Share Posted June 3, 2015 I would have different forms be submitted to different pages. A page might commonly have, for example, a search form, a login form, and a contact form. But the results of submitting each of those ought to be different, so each ought to have a different ACTION value. In a situation where the user should end up on the same page they started off on, there are two options: 1. Use Ajax to handle the form submissions. 2. Redirect all forms back to the original place. 1 Link to comment Share on other sites More sharing options...
Matt Posted June 4, 2015 Author Share Posted June 4, 2015 Larry, Thanks for the great advice! So, just to clarify, I would set the action of the login form to go to another page for processing and then redirect to a default page on successful login (which I do anyway). This makes perfect sense as the 'logout' link does exactly the same thing, even though it isn't actually a form. When a user fails their first attempt at login, I redirect them to a dedicated 'Login' page (similar to what Facebook and this forum does). In that case, I could just use the usual way of listening for the $_SERVER['REQUEST_METHOD'] === 'POST' as I have been doing since there won't ever be another form on that page. For the other public facing forms, I could just use AJAX, even though progressive enhancement would suffer. The problem is, once a user is logged in there are a couple long forms for updating profile information and settings. In those cases I could submit the form to a different page and then redirect back to the original page like you suggested, but there is a problem, which is how to get the errors back to the original form as well so that they can be displayed to the user? Thanks again, Matt Link to comment Share on other sites More sharing options...
Larry Posted June 5, 2015 Share Posted June 5, 2015 Yeah, if you have a page with a form on a single page, like a settings page, I would post that form submission back to the same page. Then you can show the errors easily. And it totally makes sense to do it that way. If you have a form that shows on every/multiple page, like login or search, I would post that form submission to a different page. Search forms get posted to a search results page and don't require redirects. Login forms would show errors on a login page (that might also include extra information/links to help in case of bad login), and would redirect back to the point of origin upon success. Link to comment Share on other sites More sharing options...
Matt Posted June 8, 2015 Author Share Posted June 8, 2015 Larry, Thanks a lot for the detailed explanation! That clears everything up and I will implement the forms the way you suggested! Matt Link to comment Share on other sites More sharing options...
Matt Posted June 14, 2015 Author Share Posted June 14, 2015 Larry, I just had a quick question. I implemented the separate page for handling login requests and it was pretty easy! Is there anything I can do to make sure that search engines don't index the 'login' (and 'logout') pages as well as handling it when a user tries to access the page directly? Thanks, Matt Link to comment Share on other sites More sharing options...
Larry Posted June 15, 2015 Share Posted June 15, 2015 Just add them to a ROBOTS file and the search engines will respect it. Assuming the login form is POSTed to that page, you could either do nothing or indicate an error--including a status code--if the page is accessed via GET. Link to comment Share on other sites More sharing options...
Matt Posted June 22, 2015 Author Share Posted June 22, 2015 Larry, Thanks for that! I have implemented the robots.txt file. Matt Link to comment Share on other sites More sharing options...
Recommended Posts