While working on a method to allow the VSU Communications Unit to add or change the stories in the rotation on the main VSU webpage, I ran into a problem that involved a known Safari issue involving file uploads.
I don’t regularly create forms that allow for an upload of a file, however I don’t like to store binary data in the MySQL database either. Allowing the files to be uploaded makes creating pages that use them a whole lot easier, since I don’t have to “create” the image from the binary data, just pass off a file location and let the browser do the rest.
The symptoms exhibited were that when submitting the form, Safari would hang about 30-40% of the time. No error messages or timeout messages were displayed. Zip, zilch, nada!
Continue reading
Recently I had to build a custom form for VSU’s implementation of R25 by CollegeNet. The form was designed to allow individuals to schedule an event at VSU using our facilities and equipment. The form is a multi-part form that branches off at the third page based on prior answers.
One of the hurdles in the form creation was the necessity of validating the form input on a page before proceeding to the next part of the form. While this fairly routine process can be accomplished by using a self-referencing form and validating the contents of the $_POST superglobal, the number of form elements made it somewhat cumbersome.
Enter the PHP Form Validation Script. While searching for some ways to make the validation more painless to code, I ran across a nifty PHP script at the HTML Form Guide website. It is a object-oriented PHP script that make it much easier to do the validation on html form elements. There are quite a few pre-defined validation descriptors, plus a method that allows for overriding the DoValidate function to create your own custom descriptor.
There is one thing that I would like the script to handle natively:
- use of a “pretty” or “friendly” name in the validation error messages, currently it displays the element name
There is also an undocumented validation descriptor in the script. The pre-defined selone is used for a select/option element. According to the code the default error message is “Please select an option for %s” and it check to ensure that the value for the element is set and that the value is less than or equal to zero. If either of those check fail then the error message is displayed.
So in the process of applying the new SSL cert here at work, I discovered an issue with the reCAPTCHA service.
The problem was that I was getting errors saying that my forms were only partially encrypted. This was due to my use of the reCAPTCHA library, which by default doesn’t use an SSL connection to grab the challenge HTML.
The documentation at the reCaptcha site has a section on this. Specifically it says:
In order to avoid getting browser warnings, if you use reCAPTCHA on an SSL site, you should replace http://api.recaptcha.net with https://api-secure.recaptcha.net.
Ref: http://recaptcha.net/apidocs/captcha/client.html
The example it uses shows how to change the Javascript itself. While this was nice to know it really didn’t help too much in my particular case. To solve this when using the reCAPTCHA PHP library, all you need to do is change the value of a single variable. In the file recaptchalib.php look for the function recaptcha_get_html then change the declaration to read as follows:
function recaptcha_get_html ($pubkey, $error = null, $use_ssl = true)
This will force all calls to be transmitted over an SSL connection, thus eliminating the dialog box in Internet Explorer and the slashed-lock in Firefox.
However since I am not encrypting the entire site by default, yet due to an issue with our website editing/management system, Adobe Contribute, I had to do a bit more than just updating the boolean variable. Since some of my forms are encrypted and some are not, I added the following code to the function referenced above:
if ($_SERVER[‘SERVER_PORT’] == 443) { $use_ssl = true;
}
This needs to be added just above the check for the value of the variable use_ssl in the function recaptcha_get_html. Once you do this you can use the same copy of the recpatchalib.php file for both secure and non-secure forms.