Jump to content
Larry Ullman's Book Forums
Sign in to follow this  
Matt

Multiple Forms On One Page Best Practice

Recommended Posts

Larry,

 

I had a quick question! I have a login form similar to the one in example 1 of the book. It appears on several of the public pages, however, I also sometimes have another form in the content area of the same page. What is the current best practice for determining which form has been submitted when there are multiple forms on the same page?

 

Obviously, this is not going to cut it:

if ($_SERVER['REQUEST_METHOD'] === 'POST') {

process form...

}

I have heard that there are a couple ways of doing this:

 

1) Include a hidden field with a unique name in the form and look for it in the $_POST array.

 

2) Give each submit button a unique name and look for it in the $_POST array.

 

The problem with the first option is that it creates extra markup in the page, but this is probably ok. The problem with the second is that in older versions of IE, if a user hits the 'Enter' key to submit a form, the submit button's name will not appear in the $_POST array.

 

What do you do in this situation?

 

Thanks for any help or advice you can give?

 

Matt

Share this post


Link to post
Share on other sites

I would have different forms be submitted to different pages. A page might commonly have, for example, a search form, a login form, and a contact form. But the results of submitting each of those ought to be different, so each ought to have a different ACTION value. 

 

In a situation where the user should end up on the same page they started off on, there are two options:

 

1. Use Ajax to handle the form submissions.

2. Redirect all forms back to the original place.

  • Upvote 1

Share this post


Link to post
Share on other sites

Larry,

 

Thanks for the great advice!

 

So, just to clarify, I would set the action of the login form to go to another page for processing and then redirect to a default page on successful login (which I do anyway). This makes perfect sense as the 'logout' link does exactly the same thing, even though it isn't actually a form. When a user fails their first attempt at login, I redirect them to a dedicated 'Login' page (similar to what Facebook and this forum does). In that case, I could just use the usual way of listening for the $_SERVER['REQUEST_METHOD'] === 'POST' as I have been doing since there won't ever be another form on that page.

 

For the other public facing forms, I could just use AJAX, even though progressive enhancement would suffer. The problem is, once a user is logged in there are a couple long forms for updating profile information and settings. In those cases I could submit the form to a different page and then redirect back to the original page like you suggested, but there is a problem, which is how to get the errors back to the original form as well so that they can be displayed to the user?

 

Thanks again,

 

Matt

Share this post


Link to post
Share on other sites

Yeah, if you have a page with a form on a single page, like a settings page, I would post that form submission back to the same page. Then you can show the errors easily. And it totally makes sense to do it that way. 

 

If you have a form that shows on every/multiple page, like login or search, I would post that form submission to a different page. Search forms get posted to a search results page and don't require redirects. Login forms would show errors on a login page (that might also include extra information/links to help in case of bad login), and would redirect back to the point of origin upon success. 

Share this post


Link to post
Share on other sites

Larry,

 

Thanks a lot for the detailed explanation! That clears everything up and I will implement the forms the way you suggested!

 

Matt

Share this post


Link to post
Share on other sites

Larry,

 

I just had a quick question. I implemented the separate page for handling login requests and it was pretty easy!

Is there anything I can do to make sure that search engines don't index the 'login' (and 'logout') pages as well

as handling it when a user tries to access the page directly?

 

Thanks,

 

Matt

Share this post


Link to post
Share on other sites

Just add them to a ROBOTS file and the search engines will respect it. Assuming the login form is POSTed to that page, you could either do nothing or indicate an error--including a status code--if the page is accessed via GET. 

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...