BSlover Posted July 29, 2013 Share Posted July 29, 2013 Hi, In a form I am adding "1278|Toyname" as a value in a drop down. This way if they select a certain toy, I can have the ID and the toy name they are referring too. I would like to post this info in my contact form and I would like to separate via the | (Pipe) and store the id "1278" in a field called id and "Toyname" in a field named toy when the form is posted. I know I have to use the explode function to seperate but I dont even know where to begin. Thank you in advance, Bill Quote Link to comment Share on other sites More sharing options...
Psycho Posted July 29, 2013 Share Posted July 29, 2013 Well, you should begin by not doing this. You should only pass the ID. Doing it the way you propose can cause data consistency issues. You can always determine the meta data (e.g. the name) by using the ID. Not knowing the specifics of how your contact form is used, I can't give you a qualified solution. If your contact form is sending an email and you want the toy name in the content of that email, then the page that receives the value from the form should do a query to look up the toy name. However, if the contact form is used to create a record/message in your database where there will be an associated "toy" then you should store the toy ID as a value associated with that record. Then when a user views that record you could dynamically retrieve the toy name. To expand on why you should not do this, here is just one example: Let's say the contact for is for a user to send an email to a support rep about a particular toy. Plus, let's further assume that toy names will not change often (if at all). Then the only way the ID and Name could be incorrectly passed would be: 1) If there is a code error that incorrectly sets the value for the select options (which could easily happen if the names have certain characters and aren't correctly handled). 2. The user "hacks" the form to send different data than what you intended. Never trust data that a user submits (POST, GET, COOKIE, etc.). Don't assume that because you created a select list that the user necessarily submitted a value from that list. It is very easy to submit any values you wish, regardless of what is in the form,. Quote Link to comment Share on other sites More sharing options...
BSlover Posted July 29, 2013 Author Share Posted July 29, 2013 Thank you for the reply and concerns. However, it is not generating an email and I have server side validation installed. If you are familiar with Form Tools API (formtools.org) that is what I am using. Doing a search, I have seen that this is how it should be handled. Exploding the two values based on the separator. Well, you should begin by not doing this. You should only pass the ID. Doing it the way you propose can cause data consistency issues. You can always determine the meta data (e.g. the name) by using the ID. Not knowing the specifics of how your contact form is used, I can't give you a qualified solution. If your contact form is sending an email and you want the toy name in the content of that email, then the page that receives the value from the form should do a query to look up the toy name. However, if the contact form is used to create a record/message in your database where there will be an associated "toy" then you should store the toy ID as a value associated with that record. Then when a user views that record you could dynamically retrieve the toy name. To expand on why you should not do this, here is just one example: Let's say the contact for is for a user to send an email to a support rep about a particular toy. Plus, let's further assume that toy names will not change often (if at all). Then the only way the ID and Name could be incorrectly passed would be: 1) If there is a code error that incorrectly sets the value for the select options (which could easily happen if the names have certain characters and aren't correctly handled). 2. The user "hacks" the form to send different data than what you intended. Never trust data that a user submits (POST, GET, COOKIE, etc.). Don't assume that because you created a select list that the user necessarily submitted a value from that list. It is very easy to submit any values you wish, regardless of what is in the form,. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.