You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@myfaces.apache.org by Vadim Dmitriev <dm...@mail.ru> on 2007/08/29 02:26:40 UTC

[Trinidad] Looking for client-side partial page validation

Hi!

As far as I know ADF had some limitation regarding client-side
validation with subforms. Suppose we have following block in a page:
<tr:form>
    <tr:inputText required="true" />
    <tr:subform>
        <tr:inputText />
        <tr:commandButton />
    </tr:subform>
</tr:form>

In that case if we will try to submit that page via commandButton with
outer input field empty - validation error will occur on client, while
with client-side validation disabled this request will be absolutely
valid (i.e. no server-side validation exceptions will be thrown).

Yesterday i faced that problem with trinidad. Maybe there is some quick
workaround? I really don't want to take "immediate/binding/submitted
value" way. Not to mention that that method leads to skipping subform
validation :)

I took a quick look into trinidad's client-side validation
implementation and found interesting block of code in the
_multiValidation() function related to skipping all subform's fields
validators if user submitted outer form. Maybe it will be easier for me
(if at all possible) to modify that filtering process to skip outer form
validators if subform is submitted?

Thank you in advance!

P.S. I understand that AJAX-enabled server-side validation is actually
fast and consumes very little of traffic, but my boss stands for "if we
can do it on client-side - we'll do it on client". So I have choice of
either "fixing" said problem in trinidad itself or writing all
client-side validation from scratch.

Re: [Trinidad] Looking for client-side partial page validation

Posted by Vadim Dmitriev <dm...@mail.ru>.

Solution simple enough not to be obvious :)
Thanks, you saved me a lot of time.

Danny Robinson wrote:
> I think your issue is mixing components outside of the subform. 
> Instead, just use multiple subforms. Try something like this, which
> works fine for me. :
>
>   <tr:document>
>     <tr:messages/>
>     <tr:form>
>       <tr:subform>
>         <tr:inputText required="true" label="Sub 1:"/>
>         <tr:commandButton text="Submit 1"/>
>       </tr:subform>
>
>       <tr:subform>
>         <tr:inputText required="true" label="Sub 2:"/>
>         <tr:commandButton text="Submit 2"/>
>       </tr:subform>
>
>       <tr:subform default="true">
>         <tr:inputText required="true" label="Sub Default:"/>
>         <tr:commandButton text="Submit Default"/>
>       </tr:subform>
>
>       <tr:commandButton text="Submit Outside"/>
>     </tr:form>
>   </tr:document>
>
>
> On 8/28/07, *Vadim Dmitriev* <dmgloss@mail.ru
> <ma...@mail.ru>> wrote:
>
>     Hi!
>
>     As far as I know ADF had some limitation regarding client-side
>     validation with subforms. Suppose we have following block in a page:
>     <tr:form>
>         <tr:inputText required="true" />
>         <tr:subform>
>             <tr:inputText />
>             <tr:commandButton />
>         </tr:subform>
>     </tr:form>
>
>     In that case if we will try to submit that page via commandButton with
>     outer input field empty - validation error will occur on client, while
>     with client-side validation disabled this request will be absolutely
>     valid (i.e. no server-side validation exceptions will be thrown).
>
>     Yesterday i faced that problem with trinidad. Maybe there is some
>     quick
>     workaround? I really don't want to take "immediate/binding/submitted
>     value" way. Not to mention that that method leads to skipping subform
>     validation :)
>
>     I took a quick look into trinidad's client-side validation
>     implementation and found interesting block of code in the
>     _multiValidation() function related to skipping all subform's fields
>     validators if user submitted outer form. Maybe it will be easier
>     for me
>     (if at all possible) to modify that filtering process to skip
>     outer form
>     validators if subform is submitted?
>
>     Thank you in advance!
>
>     P.S. I understand that AJAX-enabled server-side validation is actually
>     fast and consumes very little of traffic, but my boss stands for
>     "if we
>     can do it on client-side - we'll do it on client". So I have choice of
>     either "fixing" said problem in trinidad itself or writing all
>     client-side validation from scratch.
>
>
>
>
> -- 
> Chordiant Software Inc.
> www.chordiant.com <http://www.chordiant.com>

Re: [Trinidad] Looking for client-side partial page validation

Posted by Danny Robinson <da...@gmail.com>.

I think your issue is mixing components outside of the subform.  Instead,
just use multiple subforms. Try something like this, which works fine for
me. :

  <tr:document>
    <tr:messages/>
    <tr:form>
      <tr:subform>
        <tr:inputText required="true" label="Sub 1:"/>
        <tr:commandButton text="Submit 1"/>
      </tr:subform>

      <tr:subform>
        <tr:inputText required="true" label="Sub 2:"/>
        <tr:commandButton text="Submit 2"/>
      </tr:subform>

      <tr:subform default="true">
        <tr:inputText required="true" label="Sub Default:"/>
        <tr:commandButton text="Submit Default"/>
      </tr:subform>

      <tr:commandButton text="Submit Outside"/>
    </tr:form>
  </tr:document>


On 8/28/07, Vadim Dmitriev <dm...@mail.ru> wrote:
>
> Hi!
>
> As far as I know ADF had some limitation regarding client-side
> validation with subforms. Suppose we have following block in a page:
> <tr:form>
>     <tr:inputText required="true" />
>     <tr:subform>
>         <tr:inputText />
>         <tr:commandButton />
>     </tr:subform>
> </tr:form>
>
> In that case if we will try to submit that page via commandButton with
> outer input field empty - validation error will occur on client, while
> with client-side validation disabled this request will be absolutely
> valid (i.e. no server-side validation exceptions will be thrown).
>
> Yesterday i faced that problem with trinidad. Maybe there is some quick
> workaround? I really don't want to take "immediate/binding/submitted
> value" way. Not to mention that that method leads to skipping subform
> validation :)
>
> I took a quick look into trinidad's client-side validation
> implementation and found interesting block of code in the
> _multiValidation() function related to skipping all subform's fields
> validators if user submitted outer form. Maybe it will be easier for me
> (if at all possible) to modify that filtering process to skip outer form
> validators if subform is submitted?
>
> Thank you in advance!
>
> P.S. I understand that AJAX-enabled server-side validation is actually
> fast and consumes very little of traffic, but my boss stands for "if we
> can do it on client-side - we'll do it on client". So I have choice of
> either "fixing" said problem in trinidad itself or writing all
> client-side validation from scratch.
>



-- 
Chordiant Software Inc.
www.chordiant.com

Re: [Trinidad] Looking for client-side partial page validation

Posted by Vadim Dmitriev <dm...@mail.ru>.


Adam Winer wrote:
> On 8/28/07, Vadim Dmitriev <dm...@mail.ru> wrote:
>   
>> Hi!
>>
>> As far as I know ADF had some limitation regarding client-side
>> validation with subforms. Suppose we have following block in a page:
>> <tr:form>
>>     <tr:inputText required="true" />
>>     <tr:subform>
>>         <tr:inputText />
>>         <tr:commandButton />
>>     </tr:subform>
>> </tr:form>
>>
>> In that case if we will try to submit that page via commandButton with
>> outer input field empty - validation error will occur on client, while
>> with client-side validation disabled this request will be absolutely
>> valid (i.e. no server-side validation exceptions will be thrown).
>>     
>
> In fact, that's false.  Server-side validation will fire for
> the inputText, as components outside subforms always
> execute.
>
> There should be no cases whatsoever where client-side
> validation is stricter than server-side.  Any such cases
> are major bugs, as they open security holes
> in any application that relies on the client-side validation.
>
> -- Adam
>   
Seems I misunderstood tr:subform description.
As written in [1]: "The CoreSubform represents an independently
submittable region of a page. The contents of a subform will only be
validated (or otherwise processed) if a component inside of the subform
is responsible for submitting the page." Maybe it worth to mention
there, that subform's parent form will also be validated and processed?
However thanks for clearing that for me, Adam!

[1] - http://myfaces.apache.org/trinidad/trinidad-api/tagdoc/tr_subform.html
>> Yesterday i faced that problem with trinidad. Maybe there is some quick
>> workaround? I really don't want to take "immediate/binding/submitted
>> value" way. Not to mention that that method leads to skipping subform
>> validation :)
>>
>> I took a quick look into trinidad's client-side validation
>> implementation and found interesting block of code in the
>> _multiValidation() function related to skipping all subform's fields
>> validators if user submitted outer form. Maybe it will be easier for me
>> (if at all possible) to modify that filtering process to skip outer form
>> validators if subform is submitted?
>>
>> Thank you in advance!
>>
>> P.S. I understand that AJAX-enabled server-side validation is actually
>> fast and consumes very little of traffic, but my boss stands for "if we
>> can do it on client-side - we'll do it on client". So I have choice of
>> either "fixing" said problem in trinidad itself or writing all
>> client-side validation from scratch.
>>
>>

Re: [Trinidad] Looking for client-side partial page validation

Posted by Adam Winer <aw...@gmail.com>.

On 8/28/07, Vadim Dmitriev <dm...@mail.ru> wrote:
> Hi!
>
> As far as I know ADF had some limitation regarding client-side
> validation with subforms. Suppose we have following block in a page:
> <tr:form>
>     <tr:inputText required="true" />
>     <tr:subform>
>         <tr:inputText />
>         <tr:commandButton />
>     </tr:subform>
> </tr:form>
>
> In that case if we will try to submit that page via commandButton with
> outer input field empty - validation error will occur on client, while
> with client-side validation disabled this request will be absolutely
> valid (i.e. no server-side validation exceptions will be thrown).

In fact, that's false.  Server-side validation will fire for
the inputText, as components outside subforms always
execute.

There should be no cases whatsoever where client-side
validation is stricter than server-side.  Any such cases
are major bugs, as they open security holes
in any application that relies on the client-side validation.

-- Adam


> Yesterday i faced that problem with trinidad. Maybe there is some quick
> workaround? I really don't want to take "immediate/binding/submitted
> value" way. Not to mention that that method leads to skipping subform
> validation :)
>
> I took a quick look into trinidad's client-side validation
> implementation and found interesting block of code in the
> _multiValidation() function related to skipping all subform's fields
> validators if user submitted outer form. Maybe it will be easier for me
> (if at all possible) to modify that filtering process to skip outer form
> validators if subform is submitted?
>
> Thank you in advance!
>
> P.S. I understand that AJAX-enabled server-side validation is actually
> fast and consumes very little of traffic, but my boss stands for "if we
> can do it on client-side - we'll do it on client". So I have choice of
> either "fixing" said problem in trinidad itself or writing all
> client-side validation from scratch.
>