|
|
Posted by Steve Pugh on 03/14/06 15:20
"Rebekha Ljoekelsoey" <rebekha.ljoekelsoey@ladt.org> wrote:
>
>"Steve Pugh" <steve@pugh.net> wrote in message
>news:grdd129l8nbfn4s5hchsdgfar1ua5qnbkg@4ax.com...
>> "Rebekha Ljoekelsoey" <rebekha.ljoekelsoey@ladt.org> wrote:
>>
>> >Can I ask for clarification regarding hidden elements in forms and the
>use
>> >of the mailto:
>>
>> Normally the answer is don't use mailto in forms because normally
>> people are trying to do something stupid like <form
>> action="mailto:name@server.co.uk">
>>
>> >I have recently been told that the inclusion of the mailto: will render
>the
>> >form inoperative
>> ><input type="hidden" name="recipient" value="mailto:name@server.co.uk">
>>
>> It might, it might not. The above is perfectly fine HTML. What it does
>> as part of a form submission is outside the realms of HTML.
>>
>> >Mailto: in the hidden field shouldn't be there are it makes the form
>> >inoperable.
>>
>> That depends entirely on the script that handles the submitted form
>> data. If the script is expecting an e-mail address then including
>> mailto: will screw things up. Of course of the script is expecting an
>> e-mail address and will just send the form submission to that e-mail
>> address then you have other problems...
>>
>> >Mailto: should only be used in a normal email link.
>>
>> And only then with care.
>>
>> >Your comments would be warmly appreciated
>>
>> What's the big picture?
>>
>Big picture. I recently had several candidates enter an examination and they
>all failed for including the mailto: in the hidden element of an html
>interactive form.
Why did they do so? Were they used to working with a form that
required such a construction (which is odd)? Did the exam question
give any information about why any hidden field would be needed at
all?
> The examining body said that this action resulted in
>making the form inoperative,
Which it might, as I explained above. (Assuming that 'inoperative'
means that the form submission will not be processed properly. There's
nothing about this construction, odd though it may be, that will stop
the form being submited, it just might all go wrong after that...)
> now I know and you know that this is not true
I know no such thing. As I haven't see the script on the server
handling the submission of the form (have you?) then I can't say
whether it can cope with this particular value in the submission.
>as all the mailto: in a hidden element produces is a copy of the forms
>content to be sent to the recipient
That doesn't sound at all likely. If the contents of the form
submssion are to be mailed to the address specified in a hidden form
field then that hidden form field should contain just an address. Not
an address preceeded by the characters mailto:.
The script handling the form submission may be able to handle it with
the extra characters as well, but why should it?
And as I implied earlier, any form-to-email system that relies on the
recipient being given in a hidden field is badly coded in the first
place. Does the script on the server check to see whether anyone has
tampered with the data and substituted a different address there? Does
it allow mailing to any domain? In other words is this is a gift horse
to spammers?
> along with the webmail thingy.
Now you've totally lost me.
>Very frustrating, but who can argue with OCR
Um, you can if you want to. But without seeing the syllabus, course
notes, the exam in question and your students' complete answers I
can't really say whether you'd be arguing from a correct or incorrect
position.
Steve
--
"My theories appal you, my heresies outrage you,
I never answer letters and you don't like my tie." - The Doctor
Steve Pugh <steve@pugh.net> <http://steve.pugh.net/>
Navigation:
[Reply to this message]
|