| Justin Patrin 2006-12-14, 7:10 pm |
| On 12/14/06, Vignesh M P N <manivig@iit.edu> wrote:
> Hi
>
>
>
> I have used the combination of HTML Quickform and Smarty template pretty
> well. I always use the display() method of Smarty Template.
>
>
>
> But now for a specific use, for a simple login page with username and
> password fields, I have to use the fetch() method and "echo" the result
> returned by the fetch() method. The user interface is working fine, but when
> I submit the form, a weird thing happens. All the values of the form are
> being passed through the URL, like, "<url of the php
> page>?lusername=testuser&lpasswd=testme&welcomeimg.x=0&welcomeimg.y=0"
>
>
>
> This is a serious threat as the username and password are passed through the
> URL. Also the form doesn't have any POST variables on submitting the form,
> though I instantiate the form this way,
>
> $form = new HTML_QuickForm('form', 'POST', $_SERVER['PHP_SELF']);
>
>
>
> The same form works fine if I use display() method, but I can't use the same
> for some reason. I believe that technically it should work fine when I use
> the combination of "fetch()" and "echo".
>
>
>
> Please let me know what I am missing here. Sorry I didn't provide any code
> fragments as they are huge.
>
I'm really not sure what you mean by using "fetch() and echo" instead
of "display()" but it sounds like you have some kind of error in your
Smarty template. For example, if you're now writing the <form> tag
yourself you could be forgetting to make it a POST form.
Just give the snippets where you output the form. Just the
"display()"/"fetch() echo" lines.
--
Justin Patrin
|