Andrew Pollack's Blog
Technology, Family, Entertainment, Politics, and Random Noise| Professional Services | Second Signal | Presentations | Andrew's Blog | Support |
Creating a form generating tool that lets non-technical publshers create rich web forms
By Andrew Pollack on 08/22/2010 at 12:13 AM EDTI've been working on a tool for a client that wants to be able to create web forms to use on their site without learning any programming at all. At the same time, I don't trust any data from the browser side on a web site. I always assume that the browser side is open to hackers. That means any submitted form data has to be validated before it is accepted. Here's what I did...
For publishing, I used the CKEditor, which is the web browser rich editor I've standardized on. For most web publishing uses, I use an icon set that doesn't include the buttons for creating fields and forms. For this use, I turned those back on. The result is that right off the bat I've got a slick editor that lets the publishers lay out the form any way they want. The output from the editor is a big chunk of html stored in a text field on the Domino form when it is submitted.
The tricky part comes when the new form layout is saved. A webQuerySave agent reads the html that contains the form and parses out all the fields, keeping track of the field names, values, option lists, field types, and so on. In short, the agent quickly grabs all the information needed to validate the forms that will ultimately get submitted by an end user. This was really the tricky part, since the HTML isn't xml compliant enough to use existing parsing tools. You've got to account for all kinds of perfectly common variation in how field parameters are specified. Once you get it right though, the possibilities really open up. Field names are checked against a list of reserved field names, and a simple list of the field names is saved back so that the publisher can pick from them to indicate which are to be required fields.
Displaying the finished form to users could be done several ways. One way to do it would be to use DXL to generate an actual Domino based form that matches the fields defined in the layout. The advantage there is that Domino would do all the validation for me and it would be immune to many of the kinds of security attacks that I'd otherwise have to code for myself. In my case, I opted not to go that way because there will be so many different forms. In my case, each of these custom forms has an ID that is used on the website using a special form built into those publishing tools. The custom form's ID is passed as a parameter to a generic form display page. The ID is taken from the parameter and an AJAX call quickly grabs the custom form code and inserts it onto the page. When the form is submitted, the action points to another agent which receives the user data and validates it against the form's definition.
The benefit here is that where we've already empowered non-technical content owners to create and manage rich sites themselves, now we've added the ability to let them design and publish their own forms right within the site in a way that doesn't limit the way the forms are laid out in any way.
Very cool stuff.
supported. I haven't tried file attachments -- not sure how I'll set it up to
receive them on the back end if I use them.
flow stuff, but it wouldn't take much to build a simple template system to jump
start users form design would it?
Anyway, congratulations, sounds like a great project.
cake walk to add.
the notes client?
create web forms. Entirely in Notes wouldn't make any sense to me.
based tools. Internet access is expensive, and there are additional issues with
security and access. For our company size, the web direction actually adds
overhead to business process activities. Notes and Domino cover most
requirements, but the Notes client lacks certain user interface surfaces.
When I see developers write about the virtues of Web 2.0 the only area where
Notes lags is in the interface capability. What I see happening is loads of
effort/money being poured into an effort to achieve what Notes/Domino have been
doing for the last decade.
you might want to try HTMLCleaner. It's a parser that takes in HTML that is not
(fully) XML compliant and returns a DOM. The CK stuff is good enough to not
loose any data in the process. I found HTMLCleaner to work better than JTidy
when used with LS2J. Need some sample code? Let me know.
and field data, but thanks.
fck) but, they used to have an xml flag somewhere in the config, that I thought
impacted how the html looked before it was submitted. I could be wrong on that
though.
I wrote an "application builder" tool that generates forms and views for the
Notes client, based on certain standard things we used in all our applications,
including layout.
However, I doubt it was as fancy as what you've got.
Still, it made creating new applications a snap--the "busy work" of form layout
was eliminated in favor of thinking about the workflow in the back (which in
turn was simplified using ProcessIt from Teamwork Solutions.)
Oh, by the way, the core mechanism I used was DXL.
Other Recent Stories...
- 01/26/2023Better Running VirtualBox or VMWARE Virtual Machines on Windows 10+ Forgive me, Reader, for I have sinned. I has been nearly 3 years since my last blog entry. The truth is, I haven't had much to say that was worthy of more than a basic social media post -- until today. For my current work, I was assigned a new laptop. It's a real powerhouse machine with 14 processor cores and 64 gigs of ram. It should be perfect for running my development environment in a virtual machine, but it wasn't. VirtualBox was barely starting, and no matter how many features I turned off, it could ......
- 04/04/2020How many Ventilators for the price of those tanks the Pentagon didn't even want?This goes WAY beyond Trump or Obama. This is decades of poor planning and poor use of funds. Certainly it should have been addressed in the Trump, Obama, Bush, Clinton, Bush, and Reagan administrations -- all of which were well aware of the implications of a pandemic. I want a military prepared to help us, not just hurt other people. As an American I expect that with the ridiculous funding of our military might, we are prepared for damn near everything. Not just killing people and breaking things, but ......
- 01/28/2020Copyright Troll WarningThere's a copyright troll firm that has automated reverse-image searches and goes around looking for any posted images that they can make a quick copyright claim on. This is not quite a scam because it's technically legal, but it's run very much like a scam. This company works with a few "clients" that have vast repositories of copyrighted images. The trolls do a reverse web search on those images looking for hits. When they find one on a site that looks like someone they can scare, they work it like ......
- 03/26/2019Undestanding how OAUTH scopes will bring the concept of APPS to your Domino server
- 02/05/2019Toro Yard Equipment - Not really a premium brand as far as I am concerned
- 10/08/2018Will you be at the NYC Launch Event for HCL Domino v10 -- Find me!
- 09/04/2018With two big projects on hold, I suddenly find myself very available for new short and long term projects.
- 07/13/2018Who is HCL and why is it a good thing that they are now the ones behind Notes and Domino?
- 03/21/2018Domino Apps on IOS is a Game Changer. Quit holding back.
- 02/15/2018Andrew’s Proposed Gun Laws
CKEditor but don't remember much about the field attributes.