Search
New Podcast
NEWSLETTER
Testimonial
- 1 of 8
- ››
Everywhere
Check out DrupalEasy around the web:
Who are we?
DrupalEasy is the collective expertise of Ryan Price and Michael Anello, who joined forces to provide training and consulting services worldwide. Read all about them and what they can do.
What is Drupal?
Drupal is a free, super-powerful content management system for sites that require information posting and collection, including blogs, forums, videos, photos, and databases of information. We think it is the best platform available. Here's why...
Why Drupal?
More and more savvy organizations are going with Drupal for content management, and its no mystery why. It’s free, flexible, and easy to maintain for small or large volume sites. Learn more...
Module Development: Disabled vs. Readonly Form Fields
One of the attributes that you can set for any form element using Drupal's FormAPI is "#disabled". This effectively disables the form element - in most browsers, the user actually sees the element "greyed out" and is unable to set focus on the element.
When a form element is disabled, there is the sometimes unintended consequence of the data from that field not being sent back to the server when the form is submitted. For forms that were initially blank (like new node forms, for example), this usually isn't a problem. But for "edit" forms, this can be a dealbreaker - this problem sometimes shows it's ugly head when a developer tries to use the "#disabled" attribute to add an additional layer of security to the form - forcing the user to click an "edit" link that users jQuery to un-disabled the form field.
A better solution to utilize when you want this extra layer of "are you sure"-type security is to utilize the "readonly" HTML attribute. Like "disabled", "readonly" makes the field uneditable, but unlike "disabled", the values are passed back to the server when the form is submitted. Unfortunately, there is no Drupal-equivalent, so to implement it, you'll need to do something like this:
$form['my_textfield']= array(
'#type' => 'textfield',
'#title' => t('my textfield'),
'#size' => 20,
'#attributes' => array('readonly' => 'readonly'),
);
Trackback URL for this post:
More Quicktips
3 comments
Thanks for this tip, exactly
Thanks for this tip, exactly what I needed. I set both the value and default value as well as setting it to readonly.
correct solution
at least for Drupal6, i thnik the correct way to do this is to set both the #value and the #default_value and then set #disabled = true.
#value will get posted and the default value will show in textfield but be greyed out.
but hackable
the problem with simply setting to readonly is that anyone with a tool like firebug can still edit the "read only" field.
a more secure way to do this is to set the #type to 'value' in which case it is still posted but is not editable - problem with this one is that it isn't visible either.
sadly, the most complete solution is a bit cludgy - take the value and make it a markup or other field which is by definition not editable just to show the value; and also include the original field set to type value.
not exactly sure why #disabled couldn't just do the right thing??