[catagits/Catalyst-Manual.git] / lib / Catalyst / Manual / Tutorial / AdvancedCRUD / FormFu.pod

=head1 NAME


Catalyst::Manual::Tutorial::AdvancedCRUD::FormFu - Catalyst Tutorial - Part 9: Advanced CRUD - FormFu


NOTE:  This part of the tutorial is in progress and will be ready soon.

=head1 OVERVIEW

This is B<Part 9 of 10> for the Catalyst tutorial.

L<Tutorial Overview|Catalyst::Manual::Tutorial>

=over 4

=item 1

L<Introduction|Catalyst::Manual::Tutorial::Intro>

=item 2

L<Catalyst Basics|Catalyst::Manual::Tutorial::CatalystBasics>

=item 3

L<More Catalyst Basics|Catalyst::Manual::Tutorial::MoreCatalystBasics>

=item 4

L<Basic CRUD|Catalyst::Manual::Tutorial::BasicCRUD>

=item 5

L<Authentication|Catalyst::Manual::Tutorial::Authentication>

=item 6

L<Authorization|Catalyst::Manual::Tutorial::Authorization>

=item 7

L<Debugging|Catalyst::Manual::Tutorial::Debugging>

=item 8

L<Testing|Catalyst::Manual::Tutorial::Testing>

=item 9

B<Advanced CRUD::FormFu>

=item 10

L<Appendices|Catalyst::Manual::Tutorial::Appendices>

=back


=head1 DESCRIPTION

This portion of the tutorial explores L<HTML::FormFu|HTML::FormFu> and 
how it can be used to manage forms, perform validation of form input, 
as well as save and restore data to/from the database.

See 
L<Catalyst::Manual::Tutorial::AdvancedCRUD|Catalyst::Manual::Tutorial::AdvancedCRUD>
for additional form management options other than 
L<HTML::FormFu|HTML::FormFu>.


=head1 Install C<HTML::FormFu>

If you are following along in Ubuntu, it turns out that C<HTML::FormFu> 
is not yet available as a package at the time this was written.  To 
install it with a combination of C<apt-get> packages and traditional 
CPAN modules, first use C<apt-get> to install most of the modules 
required by C<HTML::FormFu>:

    sudo apt-get install libtest-nowarnings-perl libdatetime-format-builder-perl \
    libdatetime-format-strptime-perl libdatetime-locale-perl \
    libhtml-tokeparser-simple-perl liblist-moreutils-perl \
    libregexp-copy-perl libregexp-common-perl libyaml-syck-perl libparams-util-perl

Then use the following command to install directly from CPAN the modules 
that aren't available as Ubuntu/Debian packages via C<apt-get>:

    sudo cpan File::ShareDir Task::Weaken Config::Any HTML::FormFu \
    Catalyst::Controller::HTML::FormFu


=head1 C<HTML::FormFu> FORM CREATION

This section looks at how L<HTML::FormFu|HTML::FormFu> can be used to 
add additional functionality to the manually created form from Part 4.


=head2 Inherit From C<Catalyst::Controller::HTML::FormFu>

First, change your C<lib/MyApp/Controller/Books.pm> to inherit from
L<Catalyst::Controller::HTML::FormFu|Catalyst::Controller::HTML::FormFu>
by changing the C<use base> line from the default of:

    use base 'Catalyst::Controller';

to use the FormFu base controller class:

    use base 'Catalyst::Controller::HTML::FormFu';


=head2 Add Action to Display and Save the Form

Open C<lib/MyApp/Controller/Books.pm> in your editor and add the
following method:

    =head2 formfu_create
    
    Use HTML::FormFu to create a new book
    
    =cut
    
    sub formfu_create :Local :FormConfig {
        my ($self, $c) = @_;
    
        # Get the form that the :FormConfig attribute saved in the stash
        my $form = $c->stash->{form};
  
        # Check if the form has been submitted (vs. displaying the initial
        # form) and if the data passed validation.  "submitted_and_valid"
        # is shorthand for "$form->submitted && !$form->has_errors"
        if ($form->submitted_and_valid) {
            # Create a new book
            my $book = $c->model('DB::Books')->new_result({});
            # Save the form data for the book
            $form->save_to_model($book);
            # Set a status message for the user
            $c->flash->{status_msg} = 'Book created';
            # Return to the books list
            $c->response->redirect($c->uri_for('list')); 
            $c->detach;
        } else {
            # Get the authors from the DB
            my @authorObjs = $c->model("DB::Authors")->all();
            # Create an array of arrayrefs where each arrayref is an author
            my @authors;
            foreach (sort {$a->last_name cmp $b->last_name} @authorObjs) {
                push(@authors, [$_->id, $_->last_name]);
            }
            # Get the select added by the config file
            my $select = $form->get_element({type => 'Select'});
            # Add the authors to it
            $select->options(\@authors);
        }
        
        # Set the template
        $c->stash->{template} = 'books/formfu_create.tt2';
    }


=head2 Create a Form Config File

Although C<HTML::FormFu> supports any configuration file handled by
L<Config::Any|Config::Any>, most people tend to use YAML.  First
create a directory to hold your form configuration files:

    mkdir -p root/forms/books

Then create the file C<root/forms/books/formfu_create.yml> and enter the 
following text:

    ---
    # indicator is the field that is used to test for form submission
    indicator: submit
    # Start listing the form elements
    elements:
        # The first element will be a text field for the title
        - type: Text
          name: title
          label: Title
          # This is an optional 'mouse over' title pop-up
          attributes:
            title: Enter a book title here
    
        # Another text field for the numeric rating
        - type: Text
          name: rating
          label: Rating
          attributes:
            title: Enter a rating between 1 and 5 here
    
        # Add a drop-down list for the author selection.  Note that we will
        # dynamically fill in all the authors from the controller but we
        # could manually set items in the drop-list by adding this YAML code:
        # options:
        #   - [ '1', 'Bastien' ]
        #   - [ '2', 'Nasseh'  ]
        - type: Select
          name: authors
          label: Author
    
        # The submit button
        - type: Submit
          name: submit
          value: Submit

B<NOTE:> Copying and pasting YAML from perl documentation is sometimes
tricky.  See the L<Config::General Config for this tutorial> section of
this document for a more foolproof config format.


=head2 Update the CSS

Edit C<root/src/ttsite.css> and add the following lines to the bottom of
the file:

    input {
        display: block;
    }
    select {
        display: block;
    }
    .submit {
        padding-top: .5em;
        display: block;
    }

These changes will display form elements vertically.  Note that the 
existing definition of the C<.error> class is pulling the color scheme 
settings from the C<root/lib/config/col> file that was created by the 
TTSite helper.  This allows control over the CSS color settings from a 
single location.


=head2 Create a Template Page To Display The Form

Open C<root/src/books/formfu_create.tt2> in your editor and enter the following:

    [% META title = 'Create/Update Book' %]
    
    [%# Render the HTML::FormFu Form %]
    [% form %]
    
    <p><a href="[% c.uri_for('list') %]">Return to book list</a></p>


=head2 Add Links for Create and Update via C<HTML::FormFu>

Open C<root/src/books/list.tt2> in your editor and add the following to
the bottom of the existing file:

    <p>
      HTML::FormFu:
      <a href="[% c.uri_for('formfu_create') %]">Create</a>
    </p>

This adds a new link to the bottom of the book list page that we can
use to easily launch our HTML::FormFu-based form.


=head2 Test The <HTML::FormFu> Create Form

Press C<Ctrl-C> to kill the previous server instance (if it's still
running) and restart it:

    $ script/myapp_server.pl

Login as C<test01> (password: mypass).  Once at the Book List page,
click the new HTML::FormFu "Create" link at the bottom to display the
form.  Fill in the following values: Title = "Internetworking with
TCP/IP Vol. II", Rating = "4", and Author = "Comer".  Click Submit,
and you will be returned to the Book List page with a "Book created"
status message displayed.

Also note that this implementation allows you to can create books with 
bogus information.  Although we have constrained the authors with the 
drop-down list (note that this isn't bulletproof because we still have 
not prevented a user from "hacking" the form to specify other values), 
there are no restrictions on items such as the length of the title (for 
example, you can create a one-letter title) and value for the rating 
(you can use any number you want, and even non-numeric values with 
SQLite).  The next section will address this concern.

B<Note:> Depending on the database you are using and how you established
the columns in your tables, the database could obviously provide various
levels of "type enforcement" on your data.  The key point being made in
the previous paragraph is that the I<web application> itself is not
performing any validation.


=head1 C<HTML::FormFu> VALIDATION AND FILTERING

Although the use of L<HTML::FormFu|HTML::FormFu> in the previous section 
did provide an automated mechanism to build the form, the real power of 
this module stems from functionality that can automatically validate and 
filter the user input.  Validation uses constraints to be sure that 
users input appropriate data (for example, that the email field of a 
form contains a valid email address).  Filtering can also be used to 
remove extraneous whitespace from fields or to escape meta-characters in 
user input.


=head2 Add Constraints

Open C<root/forms/books/formfu_create.yml> in your editor and update it 
to match:

    ---
    # indicator is the field that is used to test for form submission
    indicator: submit
    # Start listing the form elements
    elements:
        # The first element will be a text field for the title
        - type: Text
          name: title
          label: Title
          # This is an optional 'mouse over' title pop-up
          attributes:
            title: Enter a book title here
          # Add constraints for the field
          constraints:
            # Force the length to be between 5 and 40 chars
            - type: Length
              min: 5
              max: 40
              # Override the default of 'Invalid input'
              message: Length must be between 5 and 40 characters

        # Another text field for the numeric rating
        - type: Text
          name: rating
          label: Rating
          attributes:
            title: Enter a rating between 1 and 5 here
          # Use Filter to clean up the input data
          filter:
            # Remove everything except digits
            - NonNumeric
          # Add constraints to the field
          constraints:
            - Required
            # Make sure it's a number
            - Integer
            message: "Digits only, please."
            # Filters apply before constraints.
            # If a user gives the rating "excellent", the NonNumeric filter would remove the entire string as it contains no digits. 
            # Remove the NonNumeric filter and let the Integer constraint handle the validation and error message.
    
        # Add a select list for the author selection.  Note that we will
        # dynamically fill in all the authors from the controller but we
        # could manually set items in the select by adding this YAML code:
        # options:
        #   - [ '1', 'Bastien' ]
        #   - [ '2', 'Nasseh'  ]
        - type: Select
          name: authors
          label: Author
          # Convert the drop-down to a multi-select list
          multiple: 1
          # Display 3 entries (user can scroll to see others)
          size: 3
          # One could argue we don't need to do filters or constraints for
          # a select list, but it's smart to do validation and sanity
          # checks on this data in case a user "hacks" the input
          # Add constraints to the field
          constraints:
            # Make sure it's a number
            - Integer
    
        # The submit button
        - type: Submit
          name: submit
          value: Submit
    
    # Global filters and constraints.
    constraints:
      # The user cannot leave any fields blank
      - Required
      # If not all fields are required, move the Required constraint to the fields that are.
    filter:
      # Remove whitespace at both ends
      - TrimEdges
      # Escape HTML characters for safety
      - HTMLEscape

B<NOTE:> Copying and pasting YAML from perl documentation is sometimes
tricky.  See the L<Config::General Config for this tutorial> section of
this document for a more foolproof config format.

The main changes are:

=over 4

=item *

The C<Select> element for C<authors> is changed from a single-select
drop-down to a multi-select list by adding configuration for the 
C<multiple> and C<size> options in C<formfu_create.yml>.

=item *

Constraints are added to provide validation of the user input.  See
L<HTML::FormFu::Constraint|HTML::FormFu::Constraint> for other
constraints that are available.

=item *

A variety of filters are run on every field to remove and escape 
unwanted input.  See L<HTML::FormFu::Filter|HTML::FormFu::Filter>
for more filter options.

=back


=head2 Try Out the Updated Form

Press C<Ctrl-C> to kill the previous server instance (if it's still 
running) and restart it:

    $ script/myapp_server.pl

Make sure you are still logged in as C<test01> and try adding a book 
with various errors: title less than 5 characters, non-numeric rating, a 
rating of 0 or 6, etc.  Also try selecting one, two, and zero authors. 
When you click Submit, the HTML::FormFu C<constraint> items will 
validate the logic and insert feedback as appropriate.  Try adding blank 
spaces at the front or the back of the title and note that it will be 
removed.


=head1 CREATE AND UPDATE/EDIT ACTION

Let's expand the work done above to add an edit action.  First, open 
C<lib/MyApp/Controller/Books.pm> and add the following method to the 
bottom:

    =head2 formfu_edit
    
    Use HTML::FormFu to update an existing book
    
    =cut
    
    sub formfu_edit :Local :FormConfig('books/formfu_create.yml') {
        my ($self, $c, $id) = @_;
    
        # Get the specified book
        my $book = $c->model('DB::Books')->find($id);
    
        # Make sure we were able to get a book
        unless ($book) {
            $c->flash->{error_msg} = "Invalid book -- Cannot edit";
            $c->response->redirect($c->uri_for('list'));
            $c->detach;
        }
    
        # Get the form that the :FormConfig attribute saved in the stash
        my $form = $c->stash->{form};
    
        # Check if the form has been submitted (vs. displaying the initial
        # form) and if the data passed validation.  "submitted_and_valid"
        # is shorthand for "$form->submitted && !$form->has_errors"
        if ($form->submitted_and_valid) {
            # Save the form data for the book
            $form->save_to_model($book);
            # Set a status message for the user
            $c->flash->{status_msg} = 'Book edited';
            # Return to the books list
            $c->response->redirect($c->uri_for('list'));
            $c->detach;
        } else {
            # Get the authors from the DB
            my @authorObjs = $c->model("DB::Authors")->all();
            # Create an array of arrayrefs where each arrayref is an author
            my @authors;
            foreach (sort {$a->last_name cmp $b->last_name} @authorObjs) {
                push(@authors, [$_->id, $_->last_name]);
            }
            # Get the select added by the config file
            my $select = $form->get_element({type => 'Select'});
            # Add the authors to it
            $select->options(\@authors);
            # Populate the form with existing values from DB
            $form->defaults_from_model($book);
        }
    
        # Set the template
        $c->stash->{template} = 'books/formfu_create.tt2';
    }

Most of this code should look familiar to what we used in the 
C<formfu_create> method (in fact, we should probably centralize some of 
the common code in separate methods).  The main differences are:

=over 4

=item *

We accept C<$id> as an argument via the URL.

=item *

We use C<$id> to look up the existing book from the database.

=item *

We make sure the C<$id> and book lookup returned a valid book.  If not, 
we set the error message and return to the book list.

=item *

If the form has been submitted and passes validation, we skip creating a 
new book and just use C<$form-E<gt>save_to_model> to update the existing 
book.

=item *

If the form is being displayed for the first time (or has failed 
validation and it being redisplayed), we use
 C<$form-E<gt>default_from_model> to populate the form with data from the 
database.

=back

Then, edit C<root/src/books/list.tt2> and add a new link below the 
existing "Delete" link that allows us to edit/update each existing book. 
The last E<lt>tdE<gt> cell in the book list table should look like the 
following:

    <td>
      [% # Add a link to delete a book %]
      <a href="[% c.uri_for('delete', book.id) %]">Delete</a>
      [% # Add a link to edit a book %]
      <a href="[% c.uri_for('formfu_edit', book.id) %]">Edit</a>
    </td>


=head2 Try Out the Edit/Update Feature

Press C<Ctrl-C> to kill the previous server instance (if it's still 
running) and restart it:

    $ script/myapp_server.pl

Make sure you are still logged in as C<test01> and go to the 
L<http://localhost:3000/books/list> URL in your browser.  Click the 
"Edit" link next to "Internetworking with TCP/IP Vol. II", change the 
rating to a 3, the "II" at end of the title to the number "2", add 
Stevens as a co-author (control-click), and click Submit.  You will then 
be returned to the book list with a "Book edited" message at the top in 
green.  Experiment with other edits to various books.


=head2  Config::General Config for this tutorial

If you are having difficulty with YAML config above, please save the
below into the file C<formfu_create.conf> and delete the
C<formfu_create.yml> file.  The below is in
L<Config::General|Config::General> format which follows the syntax of
Apache config files.

   constraints   Required
   <elements>
       <constraints>
           min   5
           max   40
           type   Length
           message   Length must be between 5 and 40 characters
       </constraints>
       filter   TrimEdges
       filter   HTMLEscape
       name   title
       type   Text
       label   Title
       <attributes>
           title   Enter a book title here
       </attributes>
   </elements>
   <elements>
       constraints   Integer
       filter   TrimEdges
       filter   NonNumeric
       name   rating
       type   Text
       label   Rating
       <attributes>
           title   Enter a rating between 1 and 5 here
       </attributes>
   </elements>
   <elements>
       constraints   Integer
       filter   TrimEdges
       filter   HTMLEscape
       name   authors
       type   Select
       label   Author
       multiple   1
       size   3
   </elements>
   <elements>
       value   Submit
       name   submit
       type   Submit
   </elements>
   indicator   submit
   

=head1 AUTHOR

Kennedy Clark, C<hkclark@gmail.com>

Please report any errors, issues or suggestions to the author.  The
most recent version of the Catalyst Tutorial can be found at
L<http://dev.catalyst.perl.org/repos/Catalyst/trunk/Catalyst-Manual/lib/Catalyst/Manual/Tutorial/>.

Copyright 20066-2008, Kennedy Clark, under Creative Commons License
(L<http://creativecommons.org/licenses/by-nc-sa/2.5/>).
Commit	Line	Data
b80f58e5	1	=head1 NAME
b80f58e5	2
f279297a	3
f279297a	4
b80f58e5	5	Catalyst::Manual::Tutorial::AdvancedCRUD::FormFu - Catalyst Tutorial - Part 9: Advanced CRUD - FormFu
	6
	7
c010ae0d	8	NOTE: This part of the tutorial is in progress and will be ready soon.
c010ae0d	9
b80f58e5	10	=head1 OVERVIEW
	11
	12	This is B<Part 9 of 10> for the Catalyst tutorial.
	13
	14	L<Tutorial Overview\|Catalyst::Manual::Tutorial>
	15
	16	=over 4
	17
	18	=item 1
	19
	20	L<Introduction\|Catalyst::Manual::Tutorial::Intro>
	21
	22	=item 2
	23
	24	L<Catalyst Basics\|Catalyst::Manual::Tutorial::CatalystBasics>
	25
	26	=item 3
	27
	28	L<More Catalyst Basics\|Catalyst::Manual::Tutorial::MoreCatalystBasics>
	29
	30	=item 4
	31
	32	L<Basic CRUD\|Catalyst::Manual::Tutorial::BasicCRUD>
	33
	34	=item 5
	35
	36	L<Authentication\|Catalyst::Manual::Tutorial::Authentication>
	37
	38	=item 6
	39
	40	L<Authorization\|Catalyst::Manual::Tutorial::Authorization>
	41
	42	=item 7
	43
	44	L<Debugging\|Catalyst::Manual::Tutorial::Debugging>
	45
	46	=item 8
	47
	48	L<Testing\|Catalyst::Manual::Tutorial::Testing>
	49
	50	=item 9
	51
d682d02d	52	B<Advanced CRUD::FormFu>
b80f58e5	53
	54	=item 10
	55
	56	L<Appendices\|Catalyst::Manual::Tutorial::Appendices>
	57
	58	=back
	59
	60
	61	=head1 DESCRIPTION
	62
cca5cd98	63	This portion of the tutorial explores L<HTML::FormFu\|HTML::FormFu> and
	64	how it can be used to manage forms, perform validation of form input,
	65	as well as save and restore data to/from the database.
	66
	67	See
	68	L<Catalyst::Manual::Tutorial::AdvancedCRUD\|Catalyst::Manual::Tutorial::AdvancedCRUD>
	69	for additional form management options other than
	70	L<HTML::FormFu\|HTML::FormFu>.
	71
	72
	73	=head1 Install C<HTML::FormFu>
	74
	75	If you are following along in Ubuntu, it turns out that C<HTML::FormFu>
	76	is not yet available as a package at the time this was written. To
	77	install it with a combination of C<apt-get> packages and traditional
	78	CPAN modules, first use C<apt-get> to install most of the modules
	79	required by C<HTML::FormFu>:
	80
	81	sudo apt-get install libtest-nowarnings-perl libdatetime-format-builder-perl \
	82	libdatetime-format-strptime-perl libdatetime-locale-perl \
	83	libhtml-tokeparser-simple-perl liblist-moreutils-perl \
	84	libregexp-copy-perl libregexp-common-perl libyaml-syck-perl libparams-util-perl
	85
	86	Then use the following command to install directly from CPAN the modules
	87	that aren't available as Ubuntu/Debian packages via C<apt-get>:
	88
	89	sudo cpan File::ShareDir Task::Weaken Config::Any HTML::FormFu \
	90	Catalyst::Controller::HTML::FormFu
	91
	92
	93	=head1 C<HTML::FormFu> FORM CREATION
	94
	95	This section looks at how L<HTML::FormFu\|HTML::FormFu> can be used to
	96	add additional functionality to the manually created form from Part 4.
	97
	98
	99	=head2 Inherit From C<Catalyst::Controller::HTML::FormFu>
	100
	101	First, change your C<lib/MyApp/Controller/Books.pm> to inherit from
	102	L<Catalyst::Controller::HTML::FormFu\|Catalyst::Controller::HTML::FormFu>
	103	by changing the C<use base> line from the default of:
	104
	105	use base 'Catalyst::Controller';
	106
	107	to use the FormFu base controller class:
	108
	109	use base 'Catalyst::Controller::HTML::FormFu';
	110
	111
	112	=head2 Add Action to Display and Save the Form
	113
	114	Open C<lib/MyApp/Controller/Books.pm> in your editor and add the
	115	following method:
	116
d682d02d	117	=head2 formfu_create
cca5cd98	118
59d6a035	119	Use HTML::FormFu to create a new book
cca5cd98	120
	121	=cut
	122
d682d02d	123	sub formfu_create :Local :FormConfig {
cca5cd98	124	my ($self, $c) = @_;
	125
	126	# Get the form that the :FormConfig attribute saved in the stash
	127	my $form = $c->stash->{form};
	128
166c90a0	129	# Check if the form has been submitted (vs. displaying the initial
166c90a0	130	# form) and if the data passed validation. "submitted_and_valid"
cca5cd98	131	# is shorthand for "$form->submitted && !$form->has_errors"
	132	if ($form->submitted_and_valid) {
	133	# Create a new book
	134	my $book = $c->model('DB::Books')->new_result({});
	135	# Save the form data for the book
	136	$form->save_to_model($book);
	137	# Set a status message for the user
	138	$c->flash->{status_msg} = 'Book created';
	139	# Return to the books list
	140	$c->response->redirect($c->uri_for('list'));
	141	$c->detach;
9cb64a37	142	} else {
	143	# Get the authors from the DB
	144	my @authorObjs = $c->model("DB::Authors")->all();
	145	# Create an array of arrayrefs where each arrayref is an author
	146	my @authors;
	147	foreach (sort {$a->last_name cmp $b->last_name} @authorObjs) {
	148	push(@authors, [$_->id, $_->last_name]);
	149	}
	150	# Get the select added by the config file
	151	my $select = $form->get_element({type => 'Select'});
	152	# Add the authors to it
	153	$select->options(\@authors);
	154	}
	155
cca5cd98	156	# Set the template
d682d02d	157	$c->stash->{template} = 'books/formfu_create.tt2';
cca5cd98	158	}
	159
	160
	161	=head2 Create a Form Config File
	162
	163	Although C<HTML::FormFu> supports any configuration file handled by
	164	L<Config::Any\|Config::Any>, most people tend to use YAML. First
	165	create a directory to hold your form configuration files:
	166
	167	mkdir -p root/forms/books
	168
d682d02d	169	Then create the file C<root/forms/books/formfu_create.yml> and enter the
cca5cd98	170	following text:
	171
	172	---
9cb64a37	173	# indicator is the field that is used to test for form submission
cca5cd98	174	indicator: submit
9cb64a37	175	# Start listing the form elements
cca5cd98	176	elements:
9cb64a37	177	# The first element will be a text field for the title
cca5cd98	178	- type: Text
	179	name: title
	180	label: Title
9cb64a37	181	# This is an optional 'mouse over' title pop-up
cca5cd98	182	attributes:
cca5cd98	183	title: Enter a book title here
d682d02d	184
d682d02d	185	# Another text field for the numeric rating
cca5cd98	186	- type: Text
	187	name: rating
	188	label: Rating
	189	attributes:
	190	title: Enter a rating between 1 and 5 here
d682d02d	191
	192	# Add a drop-down list for the author selection. Note that we will
	193	# dynamically fill in all the authors from the controller but we
	194	# could manually set items in the drop-list by adding this YAML code:
	195	# options:
	196	# - [ '1', 'Bastien' ]
	197	# - [ '2', 'Nasseh' ]
	198	- type: Select
	199	name: authors
	200	label: Author
	201
9cb64a37	202	# The submit button
cca5cd98	203	- type: Submit
	204	name: submit
	205	value: Submit
	206
0171092f	207	B<NOTE:> Copying and pasting YAML from perl documentation is sometimes
1fba2369	208	tricky. See the L<Config::General Config for this tutorial> section of
1fba2369	209	this document for a more foolproof config format.
0171092f	210
cca5cd98	211
	212	=head2 Update the CSS
	213
	214	Edit C<root/src/ttsite.css> and add the following lines to the bottom of
	215	the file:
	216
d682d02d	217	input {
cca5cd98	218	display: block;
cca5cd98	219	}
d682d02d	220	select {
cca5cd98	221	display: block;
cca5cd98	222	}
d682d02d	223	.submit {
	224	padding-top: .5em;
	225	display: block;
cca5cd98	226	}
cca5cd98	227
d682d02d	228	These changes will display form elements vertically. Note that the
	229	existing definition of the C<.error> class is pulling the color scheme
	230	settings from the C<root/lib/config/col> file that was created by the
	231	TTSite helper. This allows control over the CSS color settings from a
	232	single location.
cca5cd98	233
	234
	235	=head2 Create a Template Page To Display The Form
	236
d682d02d	237	Open C<root/src/books/formfu_create.tt2> in your editor and enter the following:
cca5cd98	238
	239	[% META title = 'Create/Update Book' %]
	240
	241	[%# Render the HTML::FormFu Form %]
	242	[% form %]
	243
8a7c5151	244	<p><a href="[% c.uri_for('list') %]">Return to book list</a></p>
cca5cd98	245
	246
	247	=head2 Add Links for Create and Update via C<HTML::FormFu>
	248
	249	Open C<root/src/books/list.tt2> in your editor and add the following to
	250	the bottom of the existing file:
	251
	252	<p>
	253	HTML::FormFu:
8a7c5151	254	<a href="[% c.uri_for('formfu_create') %]">Create</a>
cca5cd98	255	</p>
cca5cd98	256
d682d02d	257	This adds a new link to the bottom of the book list page that we can
	258	use to easily launch our HTML::FormFu-based form.
	259
cca5cd98	260
d682d02d	261	=head2 Test The <HTML::FormFu> Create Form
cca5cd98	262
	263	Press C<Ctrl-C> to kill the previous server instance (if it's still
	264	running) and restart it:
	265
	266	$ script/myapp_server.pl
	267
0909d46f	268	Login as C<test01> (password: mypass). Once at the Book List page,
	269	click the new HTML::FormFu "Create" link at the bottom to display the
	270	form. Fill in the following values: Title = "Internetworking with
	271	TCP/IP Vol. II", Rating = "4", and Author = "Comer". Click Submit,
	272	and you will be returned to the Book List page with a "Book created"
	273	status message displayed.
d682d02d	274
	275	Also note that this implementation allows you to can create books with
	276	bogus information. Although we have constrained the authors with the
59d6a035	277	drop-down list (note that this isn't bulletproof because we still have
	278	not prevented a user from "hacking" the form to specify other values),
	279	there are no restrictions on items such as the length of the title (for
	280	example, you can create a one-letter title) and value for the rating
	281	(you can use any number you want, and even non-numeric values with
	282	SQLite). The next section will address this concern.
cca5cd98	283
	284	B<Note:> Depending on the database you are using and how you established
	285	the columns in your tables, the database could obviously provide various
	286	levels of "type enforcement" on your data. The key point being made in
	287	the previous paragraph is that the I<web application> itself is not
	288	performing any validation.
	289
	290
	291	=head1 C<HTML::FormFu> VALIDATION AND FILTERING
	292
d682d02d	293	Although the use of L<HTML::FormFu\|HTML::FormFu> in the previous section
	294	did provide an automated mechanism to build the form, the real power of
	295	this module stems from functionality that can automatically validate and
	296	filter the user input. Validation uses constraints to be sure that
	297	users input appropriate data (for example, that the email field of a
	298	form contains a valid email address). Filtering can also be used to
	299	remove extraneous whitespace from fields or to escape meta-characters in
	300	user input.
cca5cd98	301
cca5cd98	302
d682d02d	303	=head2 Add Constraints
cca5cd98	304
d682d02d	305	Open C<root/forms/books/formfu_create.yml> in your editor and update it
cca5cd98	306	to match:
	307
	308	---
9cb64a37	309	# indicator is the field that is used to test for form submission
cca5cd98	310	indicator: submit
9cb64a37	311	# Start listing the form elements
cca5cd98	312	elements:
9cb64a37	313	# The first element will be a text field for the title
cca5cd98	314	- type: Text
	315	name: title
	316	label: Title
9cb64a37	317	# This is an optional 'mouse over' title pop-up
cca5cd98	318	attributes:
cca5cd98	319	title: Enter a book title here
9cb64a37	320	# Add constraints for the field
cca5cd98	321	constraints:
59d6a035	322	# Force the length to be between 5 and 40 chars
cca5cd98	323	- type: Length
d682d02d	324	min: 5
59d6a035	325	max: 40
9cb64a37	326	# Override the default of 'Invalid input'
59d6a035	327	message: Length must be between 5 and 40 characters
f279297a	328
d682d02d	329	# Another text field for the numeric rating
cca5cd98	330	- type: Text
	331	name: rating
	332	label: Rating
	333	attributes:
	334	title: Enter a rating between 1 and 5 here
d682d02d	335	# Use Filter to clean up the input data
d682d02d	336	filter:
d682d02d	337	# Remove everything except digits
	338	- NonNumeric
	339	# Add constraints to the field
cca5cd98	340	constraints:
f279297a	341	- Required
9cb64a37	342	# Make sure it's a number
cca5cd98	343	- Integer
f279297a	344	message: "Digits only, please."
	345	# Filters apply before constraints.
	346	# If a user gives the rating "excellent", the NonNumeric filter would remove the entire string as it contains no digits.
	347	# Remove the NonNumeric filter and let the Integer constraint handle the validation and error message.
d682d02d	348
	349	# Add a select list for the author selection. Note that we will
	350	# dynamically fill in all the authors from the controller but we
	351	# could manually set items in the select by adding this YAML code:
	352	# options:
	353	# - [ '1', 'Bastien' ]
	354	# - [ '2', 'Nasseh' ]
	355	- type: Select
	356	name: authors
	357	label: Author
	358	# Convert the drop-down to a multi-select list
	359	multiple: 1
	360	# Display 3 entries (user can scroll to see others)
	361	size: 3
	362	# One could argue we don't need to do filters or constraints for
	363	# a select list, but it's smart to do validation and sanity
	364	# checks on this data in case a user "hacks" the input
d682d02d	365	# Add constraints to the field
d682d02d	366	constraints:
d682d02d	367	# Make sure it's a number
	368	- Integer
	369
9cb64a37	370	# The submit button
cca5cd98	371	- type: Submit
	372	name: submit
	373	value: Submit
d682d02d	374
f279297a	375	# Global filters and constraints.
cca5cd98	376	constraints:
f279297a	377	# The user cannot leave any fields blank
	378	- Required
	379	# If not all fields are required, move the Required constraint to the fields that are.
	380	filter:
	381	# Remove whitespace at both ends
	382	- TrimEdges
	383	# Escape HTML characters for safety
	384	- HTMLEscape
cca5cd98	385
0171092f	386	B<NOTE:> Copying and pasting YAML from perl documentation is sometimes
1fba2369	387	tricky. See the L<Config::General Config for this tutorial> section of
1fba2369	388	this document for a more foolproof config format.
0171092f	389
d682d02d	390	The main changes are:
	391
	392	=over 4
	393
	394	=item *
	395
	396	The C<Select> element for C<authors> is changed from a single-select
	397	drop-down to a multi-select list by adding configuration for the
	398	C<multiple> and C<size> options in C<formfu_create.yml>.
	399
	400	=item *
	401
	402	Constraints are added to provide validation of the user input. See
	403	L<HTML::FormFu::Constraint\|HTML::FormFu::Constraint> for other
	404	constraints that are available.
	405
	406	=item *
	407
	408	A variety of filters are run on every field to remove and escape
	409	unwanted input. See L<HTML::FormFu::Filter\|HTML::FormFu::Filter>
	410	for more filter options.
	411
	412	=back
	413
	414
	415	=head2 Try Out the Updated Form
	416
	417	Press C<Ctrl-C> to kill the previous server instance (if it's still
	418	running) and restart it:
	419
	420	$ script/myapp_server.pl
	421
59d6a035	422	Make sure you are still logged in as C<test01> and try adding a book
	423	with various errors: title less than 5 characters, non-numeric rating, a
	424	rating of 0 or 6, etc. Also try selecting one, two, and zero authors.
	425	When you click Submit, the HTML::FormFu C<constraint> items will
	426	validate the logic and insert feedback as appropriate. Try adding blank
	427	spaces at the front or the back of the title and note that it will be
	428	removed.
	429
	430
	431	=head1 CREATE AND UPDATE/EDIT ACTION
	432
	433	Let's expand the work done above to add an edit action. First, open
	434	C<lib/MyApp/Controller/Books.pm> and add the following method to the
	435	bottom:
	436
	437	=head2 formfu_edit
	438
	439	Use HTML::FormFu to update an existing book
	440
	441	=cut
	442
	443	sub formfu_edit :Local :FormConfig('books/formfu_create.yml') {
	444	my ($self, $c, $id) = @_;
	445
	446	# Get the specified book
	447	my $book = $c->model('DB::Books')->find($id);
	448
	449	# Make sure we were able to get a book
	450	unless ($book) {
	451	$c->flash->{error_msg} = "Invalid book -- Cannot edit";
	452	$c->response->redirect($c->uri_for('list'));
	453	$c->detach;
	454	}
	455
	456	# Get the form that the :FormConfig attribute saved in the stash
	457	my $form = $c->stash->{form};
	458
166c90a0	459	# Check if the form has been submitted (vs. displaying the initial
166c90a0	460	# form) and if the data passed validation. "submitted_and_valid"
59d6a035	461	# is shorthand for "$form->submitted && !$form->has_errors"
	462	if ($form->submitted_and_valid) {
	463	# Save the form data for the book
	464	$form->save_to_model($book);
	465	# Set a status message for the user
	466	$c->flash->{status_msg} = 'Book edited';
	467	# Return to the books list
	468	$c->response->redirect($c->uri_for('list'));
	469	$c->detach;
	470	} else {
	471	# Get the authors from the DB
	472	my @authorObjs = $c->model("DB::Authors")->all();
	473	# Create an array of arrayrefs where each arrayref is an author
	474	my @authors;
	475	foreach (sort {$a->last_name cmp $b->last_name} @authorObjs) {
	476	push(@authors, [$_->id, $_->last_name]);
	477	}
	478	# Get the select added by the config file
	479	my $select = $form->get_element({type => 'Select'});
	480	# Add the authors to it
	481	$select->options(\@authors);
	482	# Populate the form with existing values from DB
	483	$form->defaults_from_model($book);
	484	}
	485
	486	# Set the template
	487	$c->stash->{template} = 'books/formfu_create.tt2';
	488	}
	489
	490	Most of this code should look familiar to what we used in the
	491	C<formfu_create> method (in fact, we should probably centralize some of
	492	the common code in separate methods). The main differences are:
	493
	494	=over 4
	495
	496	=item *
	497
	498	We accept C<$id> as an argument via the URL.
	499
	500	=item *
	501
	502	We use C<$id> to look up the existing book from the database.
	503
	504	=item *
	505
	506	We make sure the C<$id> and book lookup returned a valid book. If not,
	507	we set the error message and return to the book list.
	508
	509	=item *
	510
	511	If the form has been submitted and passes validation, we skip creating a
	512	new book and just use C<$form-E<gt>save_to_model> to update the existing
	513	book.
	514
	515	=item *
	516
	517	If the form is being displayed for the first time (or has failed
	518	validation and it being redisplayed), we use
	519	C<$form-E<gt>default_from_model> to populate the form with data from the
	520	database.
	521
	522	=back
	523
	524	Then, edit C<root/src/books/list.tt2> and add a new link below the
525	existing "Delete" link that allows us to edit/update each existing book.
526	The last E<lt>tdE<gt> cell in the book list table should look like the
527	following:
528
529	<td>
530	[% # Add a link to delete a book %]
8a7c5151	531	<a href="[% c.uri_for('delete', book.id) %]">Delete</a>
59d6a035	532	[% # Add a link to edit a book %]
8a7c5151	533	<a href="[% c.uri_for('formfu_edit', book.id) %]">Edit</a>
59d6a035	534	</td>
	535
	536
	537	=head2 Try Out the Edit/Update Feature
	538
	539	Press C<Ctrl-C> to kill the previous server instance (if it's still
	540	running) and restart it:
	541
	542	$ script/myapp_server.pl
	543
	544	Make sure you are still logged in as C<test01> and go to the
	545	L<http://localhost:3000/books/list> URL in your browser. Click the
	546	"Edit" link next to "Internetworking with TCP/IP Vol. II", change the
	547	rating to a 3, the "II" at end of the title to the number "2", add
	548	Stevens as a co-author (control-click), and click Submit. You will then
	549	be returned to the book list with a "Book edited" message at the top in
	550	green. Experiment with other edits to various books.
d682d02d	551
cca5cd98	552
1fba2369	553	=head2 Config::General Config for this tutorial
	554
	555	If you are having difficulty with YAML config above, please save the
	556	below into the file C<formfu_create.conf> and delete the
	557	C<formfu_create.yml> file. The below is in
	558	L<Config::General\|Config::General> format which follows the syntax of
	559	Apache config files.
	560
	561	constraints Required
	562	<elements>
1fba2369	563	<constraints>
	564	min 5
	565	max 40
	566	type Length
	567	message Length must be between 5 and 40 characters
	568	</constraints>
	569	filter TrimEdges
	570	filter HTMLEscape
	571	name title
	572	type Text
	573	label Title
	574	<attributes>
	575	title Enter a book title here
	576	</attributes>
	577	</elements>
	578	<elements>
1fba2369	579	constraints Integer
	580	filter TrimEdges
	581	filter NonNumeric
	582	name rating
	583	type Text
	584	label Rating
	585	<attributes>
	586	title Enter a rating between 1 and 5 here
	587	</attributes>
	588	</elements>
	589	<elements>
	590	constraints Integer
	591	filter TrimEdges
	592	filter HTMLEscape
	593	name authors
	594	type Select
	595	label Author
	596	multiple 1
	597	size 3
	598	</elements>
	599	<elements>
	600	value Submit
	601	name submit
	602	type Submit
	603	</elements>
	604	indicator submit
	605
	606
0171092f	607
cca5cd98	608	=head1 AUTHOR
	609
	610	Kennedy Clark, C<hkclark@gmail.com>
	611
	612	Please report any errors, issues or suggestions to the author. The
	613	most recent version of the Catalyst Tutorial can be found at
	614	L<http://dev.catalyst.perl.org/repos/Catalyst/trunk/Catalyst-Manual/lib/Catalyst/Manual/Tutorial/>.
	615
d682d02d	616	Copyright 20066-2008, Kennedy Clark, under Creative Commons License
cca5cd98	617	(L<http://creativecommons.org/licenses/by-nc-sa/2.5/>).
0909d46f	618