[Catalyst] Re: Form validation in insert() and update()?

[A. Pagaltzis]

* Dave Rolsky <autarch at urth.org> [2007-05-20 22:10]:
> On Sun, 20 May 2007, A. Pagaltzis wrote:
> >Why not stash the message in the query string for the redirect
> >target? Or a hash key.
> 
> A couple problems. The biggest is that besides messages, I also
> pass along the submitted form data, so the form can be
> displayed with what the user submitted. That won't fit in a
> query string in many cases.

That state should really be exposed in the URI. (Then your blank
form page is potentially cachable because the state of that
resource never changes, f.ex.)

So if the blank form is `/order/form`, you’d stash the form data
away somewhere under ID `7z32a` (f.ex) and redirect them to
`/order/form/7z32a` (or `/order/form?populate=7z32a`). The data
could be in the session, as long as it’s keyed off of an ID that
shows up in the URI and the ID is unique across all
users/sessions. Stick the ID in a hidden field in the form so you
can garbage the data immediately if the submit goes through.
(Else you’ll have to expire the data after a while.)

This way, you don’t have a page whose content changes based on
implicit state on the server that isn’t contained in the client’s
request – the REST way.

F.ex., the user can then have two windows open showing the same
form, type different things into each of them, submit them both
nearly simultaneously, and get failure for both, and still not
suffer a race condition where one form overwrites the other’s
prepopulation data.


* Matt S Trout <dbix-class at trout.me.uk> [2007-05-21 02:00]:
> I tend to redirect on 'OK' and stay put on 'Apply'.
> 
> A failure doesn't redirect.
> 
> An 'Apply' of a -create- redirects to an edit form.
> 
> Not -exactly- restful but seems to work well.

Hmm, that’s perfectly RESTful.


Regards,
-- 
Aristotle Pagaltzis // <http://plasmasturm.org/>