I forgot to highlight code samples in my last post. Sorry about that.
If we have these simple models:
db.define_table('person',
Field('name', 'string'))
db.define_table('common_allergies',
Field('name', 'string'))
The common_allergies is a table full of common allergies that people may
have like 'peanuts' or 'bee stings'. This table is pre-populated by the
system.
When a user fills out a form, the form asks two things: the person's name
and the person's allergies.
The form for the person's name is a simple string text input. But the list
of allergies the person can select needs to be checkboxes.
I have something like this:
fields = []
allergies = db().select(db.common_allergies.ALL)
for allergy in allergies:
fields.append(Field('allergy', 'boolean', default=allergy.name))
form = SQLFORM.factory(db.person, *fields)
if form.process().accepted:
# Check to make sure the list of values returned from the allergy
checkboxes exist in the common_allergies table. If it doesn't exist, fail
the form validation
# If all checks went well, insert this person's data into respective
database tables.
There are two problems with this:
- The boolean fields 'allergy' only shows one checkbox, which is the last
one in the list when I do {{=form.custom.widget.allergy}} in the view. How
do I get back a list of allergies that have been checked by the user?
- The value of the checkbox can be changed on the clientside and then
submitted. How would I check against this and make sure that the submitted
allergy values exist in the database table? Assuming I have a list returned
to me, I could do something like this inside form.process().accepted:
if form.process().accepted:
should_save = True
for allergy in checked_allergies:
check = db(db.common_allergies.name==allergy).select()
if check.is_empty():
# error the form
should_save = False
if should_save:
# Save the user's data
But this seems a bit messy and complicated.
How would I generate the checkboxes for the common_allergies table and how
would these checkbox values be validated against the database table to
prevent client-side tampering?
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
