Execute all commands specified within a form handler and formulate the HTTP response. This runs each command in the form-handler, in order of appearence in the configs. Form handlers are invoked on form submission and in all cases, there must be a full page HTTP response. Forms are protected by form-validation JavaScript by default, but this can be by-passed by robots and is anyway limited. The data can be nonsense but if the format is correct, it is likely to be passed on to the form-handler. Note that email validation can be inconclusive. Malformed email addresses are rejected in all cases, however other error conditions cannot always be detected. If the DNS is down, it will not be possible to determine if the domain name is invalid or has no destination mailservers. Even with the DNS up, the destination mailserver may be down, or it may reject the email for temporary reasons. The policy is to report invalid emails to the user, but only where they are proved invalid by means that are immeadiately to hand. In all other cases, emails that are not proved valid are assumed valid, so the rest of the form can be processed. While command outcomes are limited to either a fail, a success or a presumed success, remedial action for a failure will depend on the command. In cases where the original form can be modified to correct the error, the HTTP response should be to re-display the original form. Where the error cannot be corrected by the user the response should be to ask the user to try again later. The way this is handled is that all commands should be supplied with an error directive. At the end of the form-handler a <response> tag must be supplied to specify the HTTP response on success. The responses must be a full page, either an actual PAGE or a C-Interface FUNCTION that generates a page. The response cannot be an article (a partial page). Returns: None
| Return Type | Function name | Arguments |
|---|---|---|
| void | hdsApp::ProcForm | (hzHttpEvent*,hdsFormref*,hdsFormhdl*,) |
Declared in file: hzDissemino.h
Defined in file : hdsSystem.cpp
Function Logic:
Function body:
void hdsApp::ProcForm (hzHttpEvent* pE)hdsFormref* pFormref, hdsFormhdl* pFhdl,
{
// Execute all commands specified within a form handler and formulate the HTTP response.
//
// This runs each command in the form-handler, in order of appearence in the configs. Form handlers are invoked on form submission and in all cases, there must be a full page
// HTTP response. Forms are protected by form-validation JavaScript by default, but this can be by-passed by robots and is anyway limited. The data can be nonsense but if the
// format is correct, it is likely to be passed on to the form-handler.
//
// Note that email validation can be inconclusive. Malformed email addresses are rejected in all cases, however other error conditions cannot always be detected. If the DNS is
// down, it will not be possible to determine if the domain name is invalid or has no destination mailservers. Even with the DNS up, the destination mailserver may be down, or
// it may reject the email for temporary reasons. The policy is to report invalid emails to the user, but only where they are proved invalid by means that are immeadiately to
// hand. In all other cases, emails that are not proved valid are assumed valid, so the rest of the form can be processed.
//
// While command outcomes are limited to either a fail, a success or a presumed success, remedial action for a failure will depend on the command. In cases where the original
// form can be modified to correct the error, the HTTP response should be to re-display the original form. Where the error cannot be corrected by the user the response should
// be to ask the user to try again later. The way this is handled is that all commands should be supplied with an error directive. At the end of the form-handler a <response>
// tag must be supplied to specify the HTTP response on success.
//
// The responses must be a full page, either an actual PAGE or a C-Interface FUNCTION that generates a page. The response cannot be an article (a partial page).
//
// Arguments: 1) pE The HTTP event pointer
// 2) pFormref Form reference
// 3) pFhdl Form handler
//
// Returns: None
_hzfunc("hdsApp::ProcForm") ;
hzList<hdsExec*>::Iter ei ; // Command iterator
hzChain Z ; // For formulating response
hzChain errorReport ; // For formulating response
hzPair P ; // For checking presence of submitted data
hdsInfo* pInfo ; // Session
hdsFormdef* pFormdef ; // Form
hdsField* pFld ; // Field pointer
hdsExec* pExec ; // Exec function
hdsResource* pResponse ; // Resource to respond with
hdsPage* pPage = 0; // Page to respond with
hdsCIFunc* pFunc = 0; // C-Interface function to respond with
hzAtom atom ; // Atom for fetching values
hzSysID newCookie ; // For cookie generation
hzXDate now ; // Time now
hzString S ; // Temp string
hzString unam ; // Username (if form is login)
hzString pass ; // Password (if form is login)
hzIpaddr ipa ; // Client IP address
hzSDate expires ; // For cookie expiry
uint32_t nIndex ; // Name value pair iterator
// hdsUsertype usrType ; // User type (for loging in)
hzEcode rc = E_OK ; // Return code
pInfo = (hdsInfo*) pE->Session() ;
ipa = pE->ClientIP() ;
now.SysDateTime() ;
// Check for form reference and form handler
if (!pFormref) Fatal("No form reference supplied") ;
if (!pFhdl) Fatal("No form handler supplied") ;
m_pLog->Log("Processing form reference %p flags %x handler %p and info %p\n", pFormref, pFormref->m_flagVE, pFhdl, pInfo) ;
pFormdef = pFhdl->m_pFormdef ;
if (!pFormdef)
Fatal("Form handler (%s) has no form", *pFhdl->m_Refname) ;
m_pLog->Log("Processing form reference %p and info %p\n", pFormref, pInfo) ;
m_pLog->Log("Processing form %p %s with %d fields and info %p\n", pFormdef, *pFormdef->m_Formname, pFormdef->m_vecFlds.Count(), pInfo) ;
pE->m_pContextForm = pFormref ;
// Check if there is input
if (!pE->Inputs())
{
rc = E_NODATA ;
m_pLog->Log("Form has no data\n") ;
goto respond ;
}
// Check if input actually fits the expected format. Each field in the form ...
for (nIndex = 0; nIndex < pE->m_Inputs.Count() ; nIndex++)
{
P = pE->m_Inputs[nIndex] ;
m_pLog->Log("Doing field %s %s\n", *P.name, *P.value) ;
pFld = pFormdef->m_mapFlds[P.name] ;
if (!pFld)
{
m_pLog->Log("No such field as %s\n", *P.name) ;
rc = E_NOTFOUND ;
}
}
if (rc != E_OK)
goto respond ;
// for (nIndex = 0 ; nIndex < pFormdef->m_mapFlds.Count() ; nIndex++)
// {
// pFld = pFormdef->m_mapFlds.GetObj(nIndex) ;
// }
// See if a session is needed
if (pFhdl->m_flgFH & VE_COOKIES)
{
if (!pInfo)
{
newCookie = MakeCookie(ipa, pE->EventNo()) ;
expires.SysDate() ;
expires += 365;
pE->SetSessCookie(newCookie) ;
pInfo = new hdsInfo() ;
pE->SetSession(pInfo) ;
m_SessCookie.Insert(newCookie, pInfo) ;
m_pLog->Log("New cookie %016x and session %p\n", *now, newCookie, pInfo) ;
}
}
// Perform exec functions
for (ei = pFhdl->m_Exec ; ei.Valid() ; ei++)
{
m_pLog->Log("CASE 5\n") ;
pExec = ei.Element() ;
if (!pExec)
{
m_pLog->Log("ERROR. Null exec at posn %d\n", nIndex) ;
continue ;
}
m_pLog->Log("HAVE EXEC %s\n", Exec2Txt(pExec->m_Command)) ;
rc = pExec->Exec(errorReport, pE) ;
m_pLog->Out(errorReport) ;
errorReport.Clear() ;
if (rc == E_OK)
{
m_pLog->Log("Sucess exec %s at posn %d (err=%s)\n", Exec2Txt(pExec->Whatami()), nIndex, Err2Txt(rc)) ;
continue ;
}
// Failed
m_pLog->Log("Failed exec %s at posn %d (err=%s)\n", Exec2Txt(pExec->Whatami()), nIndex, Err2Txt(rc)) ;
if (pExec->m_FailGoto || pExec->m_pFailResponse)
{
// The exec step has a fail directive
if (errorReport.Size())
pE->m_appError = errorReport ;
if (pExec->m_pFailResponse)
pResponse = pExec->m_pFailResponse ;
else
{
if (pExec->m_FailGoto[0]== CHAR_PERCENT)
{
S = ConvertText(pExec->m_FailGoto, pE) ;
m_pLog->Log("Converted error page directive %s to %s\n", *pExec->m_FailGoto, *S) ;
pResponse = m_ResourcesName[S] ;
if (!pResponse)
pResponse = m_ResourcesPath[S] ;
}
else
{
m_pLog->Log("Using named error page %s\n", *pExec->m_FailGoto) ;
pResponse = m_ResourcesName[pExec->m_FailGoto] ;
if (!pResponse)
pResponse = m_ResourcesPath[pExec->m_FailGoto] ;
}
}
if (!pResponse)
SendErrorPage(pE, HTTPMSG_OK, *_fn, "Could not find an error page for exec %s in form %s", Exec2Txt(pExec->Whatami()), *pFhdl->m_Refname) ;
else
{
pPage = dynamic_cast<hdsPage*>(pExec->m_pFailResponse) ;
if (pPage)
{
m_pLog->Log("Using error page %s\n", *pPage->m_Title) ;
pPage->Display(pE) ;
}
else
{
pFunc = dynamic_cast<hdsCIFunc*>(pResponse) ;
pFunc->m_pFunc(pE) ;
}
}
return ;
}
}
// Formulate response. This is a case of running the process associated with form and/or the button used to submit the form. And
// then either presenting the results or going to a specified page.
respond:
if (rc == E_OK)
{
if (pFhdl->m_pCompletePage)
pResponse = pFhdl->m_pCompletePage ;
else
{
if (pFhdl->m_CompleteGoto[0]== CHAR_PERCENT)
{
S = ConvertText(pFhdl->m_CompleteGoto, pE) ;
m_pLog->Log("Converted response page directive %s to %s\n", *pFhdl->m_CompleteGoto, *S) ;
pResponse = m_ResourcesName[S] ;
if (!pResponse)
pResponse = m_ResourcesPath[S] ;
}
else
{
m_pLog->Log("Using named response page %s\n", *pFhdl->m_CompleteGoto) ;
pResponse = m_ResourcesName[pFhdl->m_CompleteGoto] ;
if (!pResponse)
pResponse = m_ResourcesPath[pFhdl->m_CompleteGoto] ;
}
}
if (!pResponse)
SendErrorPage(pE, HTTPMSG_NOTFOUND, *_fn, "Could not find a response page for form %s", *pFhdl->m_Refname) ;
else
{
pPage = dynamic_cast<hdsPage*>(pResponse) ;
if (pPage)
{
m_pLog->Log("Using response page %s\n", *pPage->m_Title) ;
pPage->Display(pE) ;
}
else
{
pFunc = dynamic_cast<hdsCIFunc*>(pResponse) ;
pFunc->m_pFunc(pE) ;
}
}
}
else
{
if (errorReport.Size())
pE->m_appError = errorReport ;
if (pFhdl->m_pFailDfltPage)
pResponse = pFhdl->m_pFailDfltPage ;
else
{
if (pFhdl->m_FailDfltGoto[0]== CHAR_PERCENT)
{
S = ConvertText(pFhdl->m_FailDfltGoto, pE) ;
m_pLog->Log("Converted error page directive %s to %s\n", *pFhdl->m_FailDfltGoto, *S) ;
pResponse = m_ResourcesName[S] ;
if (!pResponse)
pResponse = m_ResourcesPath[S] ;
}
else
{
m_pLog->Log("Using named error page %s\n", *pFhdl->m_FailDfltGoto) ;
pResponse = m_ResourcesName[pFhdl->m_FailDfltGoto] ;
if (!pResponse)
pResponse = m_ResourcesPath[pFhdl->m_FailDfltGoto] ;
}
}
if (!pResponse)
SendErrorPage(pE, HTTPMSG_OK, *_fn, "Could not find an error page for form %s", *pFhdl->m_Refname) ;
else
{
pPage = dynamic_cast<hdsPage*>(pFhdl->m_pFailDfltPage) ;
if (pPage)
{
m_pLog->Log("Using error page %s\n", *pPage->m_Title) ;
pPage->Display(pE) ;
}
else
{
pFunc = dynamic_cast<hdsCIFunc*>(pResponse) ;
pFunc->m_pFunc(pE) ;
}
}
}
m_pLog->Log("Processed form %p %s with %d fields and info %p\n", pFormdef, *pFormdef->m_Formname, pFormdef->m_vecFlds.Count(), pInfo) ;
}