This is a meditation on processing data from HTML forms. There is a page at the Perl 5 wiki on that subject - it is a more practical list of available form processing libraries, here I wanted to ponder a bit more theoretically on that subject (and perhaps later update that other page).

What form processors do:

  1. Parsing the CGI parameters and constructing internal version of them. This might be basic (only parsing), through constructing a simple data structure (for hierarchical params - like param.subparam etc) to constructing objects (for dates).
  2. Validating
  3. Saving the values to the persistance layer (database)
  4. Loading values from the persistance layer for point 5
  5. Generating HTML (with error indicators etc).
Not all form processors need to do all of those parts (many don't generated HTML). And there are questions:
  1. Should the HTML be generated? I think it is useful as a 'first stage' approach. The logic of adding the error messages and inserting appriopriate error CSS classes is quite complicated so this saves a lot of work. But there should be also left a path for upgrading to using external form templates with the library - so that later, when the project grows the designers can use some more fancy constructs.
  2. Should validation be done on the internal representation (objects) or on the key value pairs from the first parsing? If it is done on internal representation - then how errors are supposed to be propagated to the HTML generator (which works on the key value pairs)?
  3. How to interface with specialized data validating libraries?
  4. When form should be saved to the database? Obviously only when it has valid parameters - but some people also check the HTTP method and other things.
  5. When values should be loaded from the database? Only if form is not submitted - but I also like to pass values to a form from a link - so I would like if it would not overwrite it with values from the db.