<$BlogRSDUrl$>

Internal Server Error

what the voices in my head tell me to write

Monday, April 12, 2004

Something which I have been thinking about for a while

I am currently working on a very nice (when it works properly) templating system for Ingenta which uses a whole bunch of Java technologies. Mainly JSTL and JSF but there are some Struts things in there and goodness knows what else.

I was reading some documentation for the JSF (thats Java Server Faces if you didn't know) and it seems very useful. It is more orientated towards html forms and development of web based interfaces for complex databases.

It has some very powerful API interfaces for generating form elements that become in effect self validating. I was looking into developing something like this when I was working for Pulse but never got anywhere as I was running out of time and had to abandon it.

The idea was that each form element would have a name attribute that contained the name of the table and field within it that the form element contained data for. The submitting page then took the name, decomposed it and used a "describe &li;table name> <field>" to find out what sort of data the database expects for that form control and do various validation checks on it depending on what the database was expecting

For text input the validation process would be fairly simple. Check it was text if it was a smalltext or varchar datatype check to see if there is no too much text and finally check for rude words and that's about it. Then of course you would convert html entities and strip html tags from the data before passing it into the database.

Things got more interesting when you have a limited number of values for the data. E.g. enum or set datatypes. Then you could check that you were really getting valid data and no one had tried sneaking in a nasty thing. Also you could check that a Enum database field would only have one value sent to it and a set could have more than one. This of course should be done by the form controls themselves by using checkboxes and radio buttons, but

  1. who do you trust
  2. its easier to deal with these sorts of errors before you get to the database layer.

Then the other half of the equation is writing a series of functions so you could do the following

<form> <?php $write_elements->add_form_element($tablename, $fieldname, $type); ?> </form>

(where $type is optional)

and the add_form_element() method goes off to the database and does a describe statement, works out what sort of form element is required, checks to see if you have specified a type that would over ride its defaults. (e.g. Choosing a <select> list instead of a series of checkboxes) and generates the rest of the html code for you.

I really should get round to working on this one day.

Permanent link and Comments posted by Rob Cornelius @ Monday, April 12, 2004

Comments: Post a Comment


Links to this post:

Create a Link

links to this post
    follow me on Twitter

    My recent photos

    Archives

    Creative Commons License
    This work is licensed under a Creative Commons License.

    RSS feeds and things

    Feed Button Help

    This page is powered by Blogger. Isn't yours?

    contact the author

    rob cornelius can be contacted by email use his name with an dot and googles web based email domain