0

I have a dynamic HTML form whereby I use Javascript to add/remove fields depending on what the user answers on the form. The form contains three steps with their own questions, and each step is disabled after the user completes it while the next step is automatically generated by my javascript code for them to continue filling out the form.

The problem I ran into was that I found all my disabled form elements were not submitted when the form was posted to PHP, and it turned out this was standard functionality. You can't submit disabled elements in a form, that's how it goes.

So I did the following:

$("#submitAll").click(function() {
            enableStep1();
            enableStep2();
        });

So when the user clicks the submit button, they're taken to the thank you page and their form, for a split second before, is all enabled so that it would be submitted. I feel kind of nervous about this, is it a terrible idea and does anyone know what could go wrong?

I've already read about other solutions, like in this question here, but I'm wondering if my solution isn't completely terrible.

Community
  • 1
  • 1
pjcat
  • 49
  • 4
  • 4
    Ever heard of [readonly](http://stackoverflow.com/questions/16109358/readonly-attribute-syntax-for-input-text)? Disables input but allows for successful submission. – Machavity May 01 '15 at 12:19
  • Writing code to solve an already-solved (`readonly`) problem is usually a bad idea :) – joews May 01 '15 at 12:28

1 Answers1

0

Yes it is a bad practice because JavaScript can be disabled and then your form is not working as expected anymore. Maybe you should look into the readonly property for form elements.

To be clear: taking users that have JavaScript disabled into account isn't really something you have to worry about anymore. But still it's bad practice because there are build in tools to get the job done and you don't need JavaScript to hack around it.

Bas Slagter
  • 9,831
  • 7
  • 47
  • 78
  • that moment when you realize you typed `you're` instead of `your` – Abdul Ahmad May 01 '15 at 12:24
  • @AbdulAhmad minor issue ;) – Bas Slagter May 01 '15 at 12:25
  • But since it's dynamic, wouldn't it not work at all anyway if Javascript was disabled? – pjcat May 01 '15 at 12:26
  • @pjcat that depends on how you set things up. It's good to think about your application working also without JavaScript enabled. Of course this is a bit difficult when building a Single Page App or something but it doesn't reallly sound like you have that. – Bas Slagter May 01 '15 at 12:29
  • If you're worried about people without JavaScript, you need to go back to 1998. While you need to do server-side validation to ensure a malicious person who disables JavaScript can't break your system, the idea of saying "you shouldn't do this because someone might not have JavaScript" is an edge case these days. Are there specific sites that need to take this into account? Sure. The web in general? No. – dmeglio May 01 '15 at 12:29
  • @dman2306 you are absolutely right. Maybe I should refrase my answer a bit. It's still a valid point though. – Bas Slagter May 01 '15 at 12:31
  • @Baszz yes, it is. I agree your answer is correct, use readonly. However, of course, he's going to use JavaScript to make them readonly so the point about JavaScript is still moot :) – dmeglio May 01 '15 at 12:32
  • Alright man, thanks a lot for the answer, and thanks to all the other commentors too. – pjcat May 01 '15 at 12:40