0

This question is more than 8 years old. Now, with CakePHP 4.1.x, I am wondering if this [annoying] restriction has been changed, so for example the programmer can instruct CakePHP to add a disabled field into the INSERT statement. I was studying the documentation but I didn't find anything.

What do I mean:

The table user_comments is referring with user_id the table users. The user_comments form has a drop-down control for user_id which offers the users.name entries for a selection.

For the "add" action the shown/pre-selected entry in the drop-down can be easily determined assigning the "default" option the id value existing in the users table. This is all done in the $this->Form->control() function.

But the pre-selected value for user_id in the drop-down must NOT be changed and is clearly needed in the INSERT statement.

Making the drop-down element readonly isn't a solution because its selection can be still changed. The only way to assure the selected item in the drop-down cannot be changed is to make it disabled. And this is now the problem, because a disabled control isn't included in the INSERT statement and the INSERT fails as the user_id field isn't in the entity and it's needed in the user_comments table.

I hope somebody understands what I want to express.

My question:

Does CakePHP >= 4.1 offer an option which includes disabled fields in the entity?

Is there a way the browser submits a disabled field?

Update:

As Greg pointed out, this has nothing to do with CakePHP so I updated my question.

Peter VARGA
  • 4,780
  • 3
  • 39
  • 75
  • The technicalities of your described problem aside, why do you have a select field with users, when it's not supposed to be used for selecting a (different) user in the first place? – ndm Oct 10 '20 at 20:33
  • You'd do it just like described in the linked answer, you use a hidden field for the required value, and display the name separately.That's a perfectly fine solution. But where does the selected user id actually come from initially, why is it available on the server side on the first request, but not on second request? – ndm Oct 10 '20 at 20:43
  • a) Disabled fields not being included in the data is not a Cake thing, it's a web browser thing; they simply don't send that field. b) Disabled fields (and hidden ones!) can still have their values changed quite trivially with modern developer tools built into most browsers. – Greg Schmidt Oct 10 '20 at 23:05
  • @GregSchmidt a) Indeed, I wasn't aware of this fact. I found [this](https://stackoverflow.com/questions/1355728/values-of-disabled-inputs-will-not-be-submitted) where it's explained. Thank you Greg for your hint! b) Yes, of course. But this is a web application which is for a company with a _closed user group_ and all changes are logged. If an employee should be such a smart guy and try to invalidate the data he will be fired and the operation will be rolled back. – Peter VARGA Oct 10 '20 at 23:16
  • If your generic code is smart enough to add a disabled flag on those fields, I'm not clear why it can't also be smart enough to add a hidden field for them. Then you wouldn't need your JavaScript hack. – Greg Schmidt Oct 11 '20 at 03:58
  • @GregSchmidt I am not ignoring you. I must now finish something urgent [as usual in the programmer's life] and then I will update my question and notify you so you can check what I am doing wrong and why it's currently easier for me using the JS hack to remove the `disabled` property [my generic code can be only that smart as I am :-)] . I can say this: I have a problem to fill the input field with the referenced `users.name` field according the `id` value. I will be more specific in the update using also screenshot. Thx – Peter VARGA Oct 11 '20 at 09:30

1 Answers1

0

Currently I am using this approach:

I have one PHP script which generates on the fly for 50 tables the personalised form. To this script I add the below JQuery code which is executed when the submit button is clicked. This code sets the disabled property to false - that simple.

Apparently this is enough that CakePHP adds this field into the entity. May be there is a more elegant solution.

Update:

As Greg pointed out that it's the browser who is ignoring a disabled element. Removing the disabled property lets the browser then submit the input element. It has nothing to do with CakePHP.

The legend for the below code:

$foreignKey has for example - refering to my question - the value user_id. I set the form id tag with $formId in the $this->Form->create() function as I need it for JQuery. This code is at the end of the PHP script which creates the form.

$dasherize = Inflector::dasherize($foreignKey);
$submitInjection = "$('#{$formId}').submit( function() {
    $('#{$dasherize}').prop('disabled', false);
});
";

echo $this->Html->scriptBlock($submitInjection, ['block' => 'script']);
Peter VARGA
  • 4,780
  • 3
  • 39
  • 75