Writing Smart Web-based Forms--tutorial.jcwcn.com

web programmers have to deal with form data validation at some point in their careers. The technique described in this article will help you help the user submit correct information.

So, what's the technique? Building smart forms... well, smart validation, actually. You are validating your forms on the server side, aren't you? You don't want to validate only on the client side.

I can't tell you how many web sites I've visited that don't handle input errors correctly. They either have forms that simply refresh with a generic "Your input has errors" message or they only report the first input error the validation script encounters (you'll have to turn off client-side scripting to view this gem).

An example on PowerASP.com has the beginnings of TheRightIdea™ and is worth a once-over. However, they miss the logical way of form validation and processing. The article details how to process forms and report one or more input errors using a form handler script and a redirect back to the form if there are input errors. Other than the fact that this method isn't the most logical way of doing things, there is also a loss of all of the users input unless they are also passed along in the querystring. Wasn't this supposed to be easy?

Writing smart forms can be easy if you want it to be. I'm going to use ASP in the actual examples, but the general concept can be applied using any language �� except ColdFusion; you just can't do ANYTHING good with that (direct flames to flames@mattwarden.com).

The Basic Concept

There are a number of benefits gained by displaying and handling a form in the same file. First, we have all of the code related to that form in a single location (with the exception of code in include files). Second, we have available to our script every submitted form variable. The general flow of our form processing is as follows:

Form Processing Flow

As you can see, we are validating the form before redirecting to any other page. In other words, the form is submitting to itself. Within this script, there is logic which determines whether it should display the form or process submitted form information. We are only moving from our script if the submitted form passes our validation. If the information does not pass validation, we re-display the form. We also pre-fill the form fields with the information already submitted and mark the fields that didn't pass our validation. This makes it easier for the user to supply the correct information.

So, let's say Joe User fills out the following form:

Form

We don't like some of his input and our validation methods rejected it. Joe didn't even fill in his last name. He didn't even try with his email address. And that zip code is not the zip code for Evoltageddon, NH.

How do we present these issues to Joe User? Should we just tell him he screwed up and have him doing the work trying to figure out what is wrong (even though we've already figured out what's wrong)? No. We indicate to him that there is a problem with his submission with some generic text and highlight the fields that need to be corrected. The important part here is that both his correct and incorrect data is preseved so he doesn't have to re-type the correct information and he can also see what was wrong with his other information. So, we show Joe something like this:

Form With Input Errors

You could take it a step further and display what was wrong with each field, but that is overkill for most situations. In this example, the only field that could warrant an explanation is the zip code field. However, the marked fields should do fine and there is only a very small chance that Joe will get confused.

What does this mean? Well, when you're building forms (and form handlers) you should:

Make the form self-submitting
Add logic to either show or process the form
Validate submitted information on the server-side
Redirect to the next page if information validates
If the submission does not validate, re-display the form pre-filled with submitted info and problem fields highlighted

The Basic Code

How can we determine whether to display or process the form?

Some people like to pick a form field and test it for a value. For instance:

if isEmpty(trim(request.form("firstname"))) then
	' display the form
else
	' process the form
end if

This method isn't the best way to do things. If I fill in every field but the first name field, the form is simply re-displayed, with no error notification (because the code doesn't know there's an error).

Another method is to pick the name of the submit button as the field to test:

if isEmpty(trim(request.form("submitButton"))) then
	Call displayForm()
else
	Call processForm()
end if

The above code simply checks if request.form("submitButton") has a value. If it doesn't, it calls a subroutine called displayForm(). This subroutine simply writes the HTML for the form. If it does have a value, it calls processForm(), a subroutine that validates the form input. You could also skip the subroutines (but, it's so much cleaner looking, eh?) and slop all the code for each condition within the if test itself. However, when you scroll halfway down your script and see an else and you don't know what expression the corresponding if tested, you'll understand why I did it this way ;-)

Still, I don't like this method much. If the value attribute of the submit button tag is omitted, isEmpty(trim(request.form("submitButton"))) will always be true. This is an easy thing to catch, but why bother when there are easier ways of doing things?

The method I prefer uses the server variable REQUEST_METHOD. Most likely, when Joe User first visits your form page, his browser will use the GET method. When the form is submitted, the browser will use the POST method (you are using method="POST" when writing forms, aren't you?). So, an easy way to check to see if the form has been submitted it to check the REQUEST_METHOD:

if ucase(trim(request.ServerVariables("REQUEST_METHOD")))="GET" then
	Call displayForm()
elseif ucase(trim(request.ServerVariables("REQUEST_METHOD")))="POST" then
	Call processForm()
else
	' are you supporting any other request methods?
end if

What is an easy way to make a form self-submitting?

Simple. Another server variable available is SCRIPT_NAME. This holds the root-relative path as well as the filename of the current script.

<!-- expanded tag for readability -->
<form 
	method="POST" 
	name="userdetails" 
	action="<%Response.Write request.ServerVariables("SCRIPT_NAME")%>"
>

How can I pre-fill fields with submitted data after an input error has been found?

Also fairly simple. Because the form is self-submitting, you have all the submitted form information at your disposal.

<input type="text" name="firstname" value="<%Response.Write request.form("firstname")%>"><br>
<input type="text" name="lastname" value="<%Response.Write request.form("lastname")%>"><br>

Note that if you already have these form values stored in variables (which you should if you've already run the submitted values through validation), you should use those values rather than accessing them from the request object. More

It gets a little complicated if the form's purpose is to edit saved data in the database. The form will already have data in it before the user inputs anything. So, if they change something and there's an error with what they've changed, do you show the data from the database and let them re-edit that, or do you display what they've just entered? Truthfully, it's a mix. Here, we're going to give importance to the form data just submitted:

<%

function getValue(byval sImportant, byval sPassive)
	' notice that we aren't checking for
	' a valid value, just *any* value
	if not isEmpty(sImportant) then
		getValue = sImportant
	else
		getValue = sPassive
	end if
end function

%>

<!-- tags expanded for readability -->
<input type="text" name="firstname" 
	value="<%Response.Write getValue(request.form("firstname"),Recordset("firstname"))%>"
><br>

<input type="text" name="lastname" 
	value="<%Response.Write getValue(request.form("lastname"),Recordset("lastname"))%>"
><br>

The function getValue(...) above simply takes two values. The first value is the value that should be returned if it has a value. If it does not have a value, we use the second value. If the second value is simply an emptry string, then an empty string will be returned. Since our first value is from the submitted form (if there is a submitted form), then we are using the form input if it exists. Otherwise, we're using the data from the database.

So, how do I do this validation?

Well, it obviously depends on the information you're validating. However, in my experience, there are a few things that makes everything go a lot easier.

We need to know two things. First, we need to know if all the data validated. We also need to know which bits of data validated and which did not.

<%

' general true/false for 
' validation of entire submission
Dim bGoodPost

' specific true/false for 
' validatin of each bit of data
Dim bGoodFname, bGoodLname, bGoodEmail

' data vars
Dim sFname, sLname, sEmail, sReferringFriend

sFname = trim(request.form("firstname"))
sLname = trim(request.form("lastname"))
sEmail = trim(request.form("emailaddr"))
sReferringFriend = trim(request.form("referrer"))

if isEmpty(sFname) then bGoodFname=false else bGoodFname=true
if isEmpty(sLname) then bGoodLname=false else bGoodLname=true
if not isValidEmail(sEmail) then bGoodEmail=false else bGoodEmail=true

bGoodPost = (bGoodFname and bGoodLname and bGoodEmail)

if bGoodPost then
	' validates!!!
else
	' re-display the form with values pre-filled 
	' and problem fields highlighted
end if
%>

Here we have four variables. The first, bGoodPost stores whether the entire form submission passes validation. This value is determined by the required fields in the submitted form. In this example, firstname, lastname, emailaddr are all required. referrer is not required and therefore we don't care whether it has a value (though you may still want to validate it if it does have a value, depending on the situation). So, we need to validate these required fields. bGoodFname, bGoodLname, bGoodEmail will hold whether each of these values are valid. For sFname and sLname, all we do is check for a value. For sEmail, we run it through our own email-validating function (not shown here, use your imagination ;-). Like I said in the beginning, bGoodPost is true only if all of the required bits of information pass our validation. An easy way to check for this is to use the line:

bGoodPost = (bGoodFname and bGoodLname and bGoodEmail)

Here, bGoodPost will only be true if bGoodFname, bGoodLname, and bGoodEmail are all true. This is exactly what we want.

Also note that if bGoodPost then is the same as if bGoodPost=true then.

After I've validated, how do I mark problem fields?

The easiest way to do this is to use the same subroutine you used to display the form in the first place. In this example, it was called displayForm(). Now we have to add the highlighting functionality so that the user knows which fields had errors. Ok, at this point (assuming the form has already been submitted), we know whether the first name, last name, and email address are valid. The variables bGoodFname, bGoodLname, bGoodEmail tell us which values are valid and which are not. So, depending on how you want to go, you can use one of the following methods to highlight the fields with errors:

<!-- method 1 -->
...
<tr>
<td><font 
	face="arial"
	<%if not bGoodFname then response.write " color=""#ff0000""%>
>First Name</font>
<input 
	type="text" 
	name="firstname"
	value="<%Response.Write request.form("firstname")%>"
></td>

<!-- method 2, the cleaner method -->
<td<%if not bGoodFname then response.write " class=""error""%>>
First Name
<input 
	type="text" 
	name="firstname"
	value="<%Response.Write request.form("firstname")%>"
></td>

Now, we run into a problem when the form is first viewed (before submission). All of those variables are going to be false. So, up where we're doing validation, we need to account for this case:

function isValidEmail(byval sEmail)
	' very simple email validation function.
	returnVal = false
	if not isEmpty(sEmail) then
		if instr(sEmail, "@") > 0 and instr(sEmail, ".") > 0 then
			returnVal = true
		end if
	end if
	isValidEmail = returnVal
end function

if isEmpty(sFname) then bGoodFname=false else bGoodFname=true
if isEmpty(sLname) then bGoodLname=false else bGoodLname=true
if not isValidEmail(sEmail) then bGoodEmail=false else bGoodEmail=true

bGoodPost = (bGoodFname and bGoodLname and bGoodEmail)

if ucase(trim(request.ServerVariables("REQUEST_METHOD")))="GET" then
	bGoodFname=true
	bGoodLname=true
	bGoodEmail=true
end if

And I'm sure you can think up some nice ways of getting around checking the REQUEST_METHOD twice in the same script ;-)

Cool?

A Caveat

Sending a response.redirect (or equivalent in your language of choice) generates a HTTP response code of 302 (the requested file has been found but it is in a different location). Rather than it executing the redirection by requesting the new location, in very old browsers an "Object Moved" page might be displayed. This is obviously not something we want. In ASP, there is a method of the Server object called Transfer(). Server.Transfer() is a server-side redirect, rather than a client-side redirect. If this is available to you (ASP3/IIS5 and probably in other languages), you will want to consider using that rather than sending a 302 header.

--
mattwarden
mattwarden.com

Matt Warden spends his spare time writing up author bios for his accounts on various websites... er... you know what? It's all here somewhere anyways. No use repeating myself...

40 comments on this article. Log in to add your comment | Rate this article: Rate this node 1 star.

Both sides considered...

Submitted by MartinB on May 3, 2001 - 03:49.

Very nice Matt - you've covered the business process requirements and the technical solution. It's way too easy to jump into solution mode without thinking about exactly what you're trying to resolve.

No Client-side validation?

Submitted by mwarden on May 3, 2001 - 13:38.

I want to make it clear that I am not downing client-side validation of form input. What I am downing is the use of client-side validation alone. A good rule is: write the client-side validation to help the user correct possible obvious errors (so the user doesn't have to refresh the page to fix his or her email address), and write server-side validation to ensure you get good data. Client-side validation should only be used to help the user, NOT to make sure you have good data. The reason for this is simple; client-side scripting can be turned off.

Client-side isn't the world

Submitted by agraetz on May 4, 2001 - 08:15.

I agree. Client-side validation is nice. But you have no means of being 100% sure it's going to happen. That is why, IMHO, you need to use both. I believe it's best to let a user know right away when they've inputed something incorrectly. But I'd rather have them have to go through the fuss of submitting the form & getting kicked back to the form with a message than simply getting some error message that gets kicked off because a required field in the database was null (or whatever the case is).

Accessibility Problem

Submitted by OKolzig37 on May 8, 2001 - 05:13.

Good article, but I have one accessibility problem with your format. Merely coloring the label for the form field red is not good for accessibility because some color blind users will have problems with distinguishing what's wrong with the form. This falls under the WAI guidelines: Checkpoint 2.1. http://www.w3.org/TR/1999/WAI-WEBCONTENT-19990505/ This states to "Ensure that all information conveyed with color is also available without color, for example from context or markup." Other than that, great example.

OKolzig37...

Submitted by mwarden on May 8, 2001 - 05:28.

Excellent point. What would you suggest? I know there are suggestions in the link you provided, but I'd like to hear what you think is the best solution in this situation.

mwarden...

Submitted by OKolzig37 on May 8, 2001 - 07:26.

Well, the solution I use is the old stand by, a text description of the error involved, in the same red color, either with strong or em around it so that not only is the message there, but it is still emphasized for all users, be they the majority with the usual browsers or be they color blind or even text readers (which would speak the strong or em text differently - thereby indicating its importance). Another similar common problem that wasn't mentioned in this article, but comes up as well, is in how to mark required fields. Also, don't use color to indicate which fields are required (we had a client ask for this before). Instead, use some identifying mark (the asterisk is a good standby, although it might even be better for accessibility, now that I think about it, to simply say "required") to indicate which fields are required, and color that if you like for greater emphasis.

Confused

Submitted by hyperizer on May 8, 2001 - 11:19.

Where do you usually put the validation code? In your processForm sub?

Unclear?

Submitted by mwarden on May 8, 2001 - 12:16.

I'm sorry you are confused. No, the validation must occur before you process the form input. Otherwise, how would you know whether to process infor input or redisplay the form indicating errors?

Got It

Submitted by hyperizer on May 8, 2001 - 16:37.

I think I've figured it out. I was confused because in your examples, you initialize sFname and the other variables using the form data, so isEmpty will always return true, even if the form field just contained an empty string.

hyperizer...

Submitted by mwarden on May 8, 2001 - 16:54.

Yes, and this is what we want. The only way to distinguish between an empty form field and a non-existent form field value is to test for the request method, as I do in the last code section ;-)

Submitted by hyperizer on May 8, 2001 - 17:09.
Sorry, what I meant to say is isEmpty always returns false, even if the form field contained an empty string. if isEmpty(sFname) then bGoodFname=false will never happen, because presumably you've already initialized sFname by grabbing the form data sFname = Request.Form("sFname") See what I mean?
login or register to post comments

Not so!

Submitted by mwarden on May 8, 2001 - 17:26.

If the form field has no value, then it is the same as saying sFname = "". When a variable has an empty string as a value, isEmpty(variable) will be true.

But, you did make me do some testing to make sure ;-)

Weird

Submitted by hyperizer on May 8, 2001 - 17:49.

Strange, it didn't work right on my machine. Must be some quirk in the way I have things setup. Thanks for the help.

Accessibility and testing for empty form fields

Submitted by MartinB on May 8, 2001 - 23:41.

W3C seems to think that number of user agents designed for disabled users don't handle empty form fields particularly well. They recommend putting a placeholder character in input and textarea fields, such as a space. This obviously has implications for simple field validation...

Space is ok!

Submitted by mwarden on May 14, 2001 - 14:08.

Actually, in my examples I used trim() which removes surrounding spaces. So, " hi martin " would become "hi martin" and " " would become "". So, using a space as a placeholder here would be just fine and wouldn't cause any problems.

Useful summary of issues involved...

Submitted by a_parker on May 21, 2001 - 05:54.

...I'll definitely be referring to this during my next site makeover. On the other hand, boy am I glad I'm writing PHP not ASP! All that code to check whether to display or process the form, when you can just write "if (isset($submit)) {} else {}" in PHP :)

Detecting form submit

Submitted by sgd on May 24, 2001 - 10:03.

a_parker, I use this in ASP: "<% if Request.ServerVariables("REQUEST_METHOD")="POST" then ... %>"

sorry

Submitted by iori605 on June 21, 2001 - 07:32.

sorry i don't use asp but what you've mentioned is more suited for commercial use because if you are providing free services you are filtering the morons by not telling them which fields they've not filled in/fillied in incorrectly. =)

great

Submitted by anselm on June 26, 2001 - 07:32.

great article! i use java script for client side and on server side your methods :) only my check email function differs from yours ;) thank you anselm

Too much?

Submitted by mwarden on July 31, 2001 - 13:06.

Here's an article where you can understand the ASP concepts assumed to be understood in my ASP code section:

Making Smart Pages.

Note that the similarity of the titles is a coincidence.

Empty String Error

Submitted by garygk on June 12, 2002 - 01:22.

Notice the part with the following code if isEmpty(sFname) then bGoodFname=false else bGoodFname=true if isEmpty(sLname) then bGoodLname=false else bGoodLname=true if not isValidEmail(sEmail) then bGoodEmail=false else bGoodEmail=true I've used this portion of the code and tried testing a form by deliberately submitting empty fields. However, instead of directing me to the problem fields, it show me an error stating that empty strngs cannot but inserted into the database. mwarden suggested I use sFname="" to replace the isEmpty line. After the replacement, the page worked perfectly. Hope this helps with people who encountered the similiar problem. =)

Code

Submitted by jdemaria on June 21, 2002 - 12:14.

Hello, I have been messing with this code for a couple of day now. And I just can't seem to get it working properly. If there is any of you that have this code working. Could you please send it to me. demaria.jarrad@aaa-calif.com Thanks so much for the help. Jarrad

Re: Client-side isn't the world

Submitted by bearwalk on August 13, 2002 - 02:40.

An easy way to use both client-side and server-side: if you define your field requirements in a centralized way, you can both validate on the serverside and have the script automatically output JavaScript to validate client-side.

<script type="text/javascript" src="/formhandler.js"></script>

<form action="foo" method="post">

In this example, my formhandler.js is a 2.7 kB file with the most basic validation functions. The array elements are first the name of the input field to validate, then an array  of requirements (or string, if it's only one) for that field. The requirements can be an email adress, a certain string length, a regexp etc.
  
  login or register to post comments

Newbie need more help

Submitted by indee on November 29, 2002 - 22:16.

Well your article is good but the problem with newbie's is that we need to see an example to see how the concept you have written about actually works. If this article comes with some kind of complete small example that will be really good. well the part I am confused is this one

"
>

you have written that pass the form to itself does this mean that the form is within the asp file itself. first it validtaes the input and if successful than process it. If you have some example as you explain in this article, could you be kind enough to email me at indee@programmers-den.com thank you.

Newbie need more help

Submitted by indee on November 29, 2002 - 22:18.

these are the code missed in previous comments

"
>

newbie need help

Submitted by indee on November 29, 2002 - 22:21.

hope this time will be ok

<form 
	method="POST" 
	name="userdetails" 
	action="<%Response.Write request.ServerVariables("SCRIPT_NAME")%>"
>

RE: newbie need help

Submitted by glaven on February 3, 2003 - 17:45.

if your script is called "form.asp" the example you gave above would turn into the following after being processed by the server.

so essentially the form is "posting to itself" because it sends all the form data to the same page the form is on. does that help? chris. p.s. i prefer to use...


<?php
= variableIWantPrinted 
?>

instead of...


<?php
 Response.Write variableIWantPrinted 
?>

it's shorter and just plain better!

one more time...

Submitted by glaven on February 3, 2003 - 17:58.

ok... for some reason that first code block did not work, at least, it didn't work when i viewed it. so i'll write it a different way. SHOULD READ: <form method="POST" name="userdetails" action="form.asp">

Form handling

Submitted by Telebrett on February 6, 2003 - 01:30.

I insert a hidden form field in the form

<input type="hidden" name="frmProcessor" value="1">

Then in my code

if Request.Form("frmProcessor") = "1" then ...

re: Form handling

Submitted by glaven on February 6, 2003 - 10:37.

Instead of testing for a hidden form field like the one above, why not just test for the existence of any of your form values?

That is, instead of asking "Did someone submit the form?" ask, "Is the variable 'name' available and does it contain a value?" The only time the variable 'name' would be available through the querystring is AFTER a form has been submitted.

Do you need someone to tell you when someone is standing in front of you trying to talk to you? No of course not. You only need to see them with your eyes. In the same way you don't need a variable to tell you the form has been submitted.

I'm not trying to be sarcastic or rude, but this is just what I realized after doing the same thing you suggest here. To me it's just easier. But if you prefer the other way go right ahead and continue doing it. Don't let me stop you.

Frustration

Submitted by Mishka on February 7, 2003 - 08:14.

For the life of me .. I cannot get this to return false. It always returns true.

if isEmpty(str_username) then bGoodstr_username = False Else bGoodstr_username = true 

So, I finally gave up on it and used this instead:

if str_username = "" then bGoodstr_username = False Else bGoodstr_username = true 

And Voila! It seems to be working just fine now. Any ideas why isEmpty doesn't work? Perhaps not available in the version of ASP I'm using? I think it's 3.0 .. but I have nfc how to check :)
I know this is an old article .. but it's still a great one. Thanks Matty!!

re: Frustration

Submitted by glaven on February 7, 2003 - 10:41.

well i don't know why *you* can't get a False from that, but IsEmpty(str_username) is not the same as If(str_username = ""). (as you've already seen.)

you might get some answers at MS' VBScript Function List

take a look at this test code i used...

Dim myVar
	
Response.Write("IsEmpty(myVar) = " & IsEmpty(myVar) & "
")
myVar = Request("hello")
Response.Write("IsEmpty(myVar) = " & IsEmpty(myVar) & "
")
If(myVar = "") Then
	Response.Write("myVar = """" : True!")
Else
	Response.Write("myVar = """" : False!")
End If

try tacking on ?hello= to whatever page you put that in and you might get some answers.

self-submission & form fields for next form?

Submitted by Sammi on September 9, 2003 - 12:30.

I understand the rationale behind self-submission but once you have finished validating the form you want to progress to the next page and do actual work with the submitted data. If I understand correctly, response.redirect or even server.transfer will lose the form data when going to the next page. How would you get around that? Wouldn't it be more reasonable to do some basic client side validation on the first page and then do server side validation in the page that has to do the real work? E.g. You want to search your database for records containing some keywords. You present the first page and allow the user to enter keywords to search on. After some client side validation (e.g. keywords are not blank) you then proceed to the next page that actually triggers the search and displays the results. Where is the flaw in this logic?

self-submission & form fields for next form?

Submitted by glaven on September 9, 2003 - 13:23.

"If I understand correctly, response.redirect or even server.transfer will lose the form data when going to the next page." Unless you send them via the querystring during the redirect. Response.Redirect("http://newspot.com/page.asp?key1=value1&key2=value3&etc=etc") "You present the first page and allow the user to enter keywords to search on. After some client side validation (e.g. keywords are not blank) you then proceed to the next page that actually triggers the search and displays the results. Where is the flaw in this logic?" What if someone submits data without using your form? They can modify the querystring and then press and have their data sent bypassing your client-side checking. You shouldn't rely on client-side validation because it's only meant to take the load off of the server as well as try to increase the usability/user experience. Server-side validation on the other hand cannot be bypassed (afaik).

self-submission & form fields for next form?

Submitted by Sammi on September 10, 2003 - 03:13.

Using something like:
"http://newspot.com/page.asp?key1=value1&key2=value3&etc=etc" has its limitation. If I understand correctly this translates to using the GET request method which limits to amount of data that can pass to the next page. So I think that you have no choice but to use a form with a PUT method.
As for the client vs server side validation I agree with you. Client side vailation should not replace server side validation. I just provided a possible scenario.

self-submission & form fields for next form?

Submitted by glaven on September 10, 2003 - 08:26.

"If I understand correctly this translates to using the GET request method which limits to amount of data that can pass to the next page."

Yes this is correct. But at the same time, I don't think most people have this problem, I know I never have. And besides, your design (not you personally but people in general) is likely flawed if you have so much data to pass the GET method is not going to do the job.

"So I think that you have no choice but to use a form with a PUT method."

1. We're not talking about the original form though, we're talking about redirecting to another page. If you're redirecting to another page and the data you need to send is too big for GET, your other choices are to use session variables and/or cookies. You could also go to the trouble of writing another page that immediately submitted a form using the POST method but that's overkill.

2. That's POST, not PUT.

Re: self-submission & form fields for next form?

Submitted by mrbester on September 11, 2003 - 09:40.

"And besides, your design (not you personally but people in general) is likely flawed if you have so much data to pass the GET method is not going to do the job."

A sweeping assumption to say the least. What about an article submission in a content management system? How about uploading files? Doesn't work at all with GET (You have to do another sneaky trick with ServerVariables to detect a multipart form). Also, you can even get the scenario when too much text goes through a POST call (rare, but I've had it happen to me), and you have to use multipart style form again.

Writing another page that immediately submits may break a security model and not be allowed (the old bung "my details of to some sleazy site on page enter" trick), but if your form is large, and you're going to save to database anyway, you can use a temporary table in the database to store it with the unique id (if running Session, use the ASPSESSIONID cookie value, if not [the app runs quicker that way], generate your own). Cookies have even less storage space than the GET in a browser so that won't work. Using Session vars would work only if you're using Sessions and you're not storing the data in heavy objects.

Re: self-submission & form fields for next form?

Submitted by glaven on September 11, 2003 - 09:50.

good points mrbester. thanks for your comments.

Accessibility problem

Submitted by zah_ali on September 23, 2005 - 14:09.

Hi there, just stumbled across this page in the last few days. Re: accessibility problems and more specifically colouring the field red, I'd suggest that the label for the field also turns bold once there's an error. At least this wont be dependant on colour, and you can then inform the user that the bold item(s) need reviewing.

I think this might get you past the checkpoint of not having colour convey information BUT...there's also the problem of how do you highlight which fields need re-examining when a user is using a screen reader such as JAWS?

Regards Zah

need help with this..

Submitted by asfia on June 2, 2007 - 03:51.

hi.. iam getting as error msg whenever i use line

<%if not bGoodFname then response.write " color=""#ff0000""%>

says expected end of line.. another thing is iam using formOK variable.. so, if my login name is ok, its calue is true, else it is false.. now.. in the form , iam coding

<td > <% if formOK = false then Response.Write("ERROR!")%> 
Login </td>

and it displays ERROR every time.. even on first load.. what am i doing wrong..i've out of practice for 2 yrs

discuss this topic to forum

[Print][Close][Bookmark:digg+,reddit+,del.icio.us+,dzone+]