http://qs321.pair.com?node_id=11118677


in reply to Re^2: Pass hard coded param CGI post
in thread Pass hard coded param CGI post

I don't get it, though -- it seems to be a form in which the user is to enter a "token" in the input field named "id". If that field is merely to show an existing value for a token ("id") that's already on file, then I would think the "id" field that had been marked readonly would have a "value='<TMPL_VAR ID_ON_FILE>'" attribute as part of its inoput tag, where a value would be supplied by a program that's using the form as an template (HTML::Template) or something.

Replies are listed 'Best First'.
Re^4: Pass hard coded param CGI post
by marto (Archbishop) on Jun 30, 2020 at 08:16 UTC

    I don't believe we're getting the full picture, and there's no description of what OP is actually looking to do, however READONLY fields are useful in various circumstances, say for example a UI that allows users to delete something (as suggested here), prompting them with a page they can submit, cancel but not alter submission details for a record to be removed makes sense. Hopefully there is some sane, session based checks being made behinds the scenes, as it's fairly easy to mess around with such things if they are blindly accepting user input.

      Ah. I overlooked the sole point of the form -- to delete an existing entry rather than the typical editing screen. Thanks for this explanation and tip!