Skip to main content

PHP AJAX forms

All PHP forms that are used for AJAX requests must extend the Antsstyle\DesertedChateau\Handlers\FormHandler abstract class.

Example Usage

<?php

namespace Antsstyle\DesertedChateau\Forms\Profile;

chdir(dirname(__DIR__, 3));

$dir = getcwd();

require $dir . '/vendor/autoload.php';

use Antsstyle\DesertedChateau\Handlers\FormHandler;
use Antsstyle\DesertedChateau\DB\UserDB;
use Antsstyle\DesertedChateau\DB\Artwork\ArtworkAlbumsDB;

class GetProfileSubPage extends FormHandler {
 
    protected $requiresLogin = false;
    protected $isSensitiveRequest = false;
    
    protected $postFields = [
        "userName" => [
            "type" => "string",
        ],
        "pageName" => [
            "type" => "string",
            "accepted_values" => [
                "commission-info", "links", "ocs", "about", "albums", "reblogs", "likes",
            ],
        ],
    ];

    public function processRequest() {
        // POST variables have been validated: continue with request
    }



}
// This must always be at the bottom of the form: note it runs validateRequest, NOT processRequest
(new GetProfileSubPage)->validateRequest();

The important class fields and methods that can be overriden by subclasses are covered below.

$requiresLogin

Determines whether this form should refuse any request by a user who isn't logged in.

// Default is true: can be overridden by subclass
protected $requiresLogin = true;

$isSensitiveRequest

Determines whether this form should refuse any request where CSRF validation fails (used for state-changing requests, always requires a logged in user).

// Default is true: can be overridden by subclass
protected $isSensitiveRequest = true;

$requiresModeratorAccess

Determines whether this form should refuse any request by a user who isn't logged in as a moderator.

// Default is false: can be overridden by subclass
protected $requiresModeratorAccess = false;

$requiresAdministratorAccess

Determines whether this form should refuse any request by a user who isn't logged in as an administrator.

// Default is false: can be overridden by subclass
protected $requiresAdministratorAccess = false;

$postFields

Determines which POST fields are required by the form, and what types those variables should be.

Assuming the validation succeeds, the variables will then be available via the $filteredPostFields['postVariableName'] array of the instance.

// Default value in FormHandler
protected $postFields = [];

// Syntax

protected $postFields = [
	"<name of POST variable>" => [
        // Variable value type (required)
        // boolean_char only allows 'Y' or 'N', email requires a valid email per FILTER_VALIDATE_EMAIL
		"type" => "<string|email|int|boolean_char|array>",
        // Range of values to accept, all others will be rejected (optional)
		"accepted_values" => [
			"<value1>", "<value2>", "<value3>",
		],
        // Min length for string or array types (optional)
        "min_length" => 1,
        // Max length for string or array types (optional)
        "max_length" => 10,
        // Min value for int types (optional)
        "min_value" => 0,
        // Max value for int types (optional)
        "max_value" => 1000,
        // Whether case sensitivity should be applied for strings with an accepted_values array present (optional, default true)
        "case_sensitive" => false,
        // Whether this POST field must be included in a request (optional, default is false)
        "optional" => true|false,
        
	],
];

// Example values
protected $postFields = [
	"userName" => [
		"type" => "string",
	],
	"pageName" => [
		"type" => "string",
		"accepted_values" => [
			"commission-info", "links", "ocs", "about", "albums", "reblogs", "likes",
		],
	],
];

Back to top