Skip to content
This repository has been archived by the owner on Oct 6, 2021. It is now read-only.

Generic Form Building #126

Open
paragonie-scott opened this issue Jul 27, 2016 · 2 comments
Open

Generic Form Building #126

paragonie-scott opened this issue Jul 27, 2016 · 2 comments
Labels
feature request feedback sought
Milestone
Future Scopes / N...

Comments

@paragonie-scott
Copy link
Member

paragonie-scott commented Jul 27, 2016
edited
Loading

I'd like the reduce the code footprint (and therefore liability) by creating a generic form framework in a future version of Airship.

Ideally, we would turn templates like this one into something like:

$form = (new Form())
    ->addLabel('Cabin', $cabin)
    ->addLabel('Page Name', $dir . '/' . $url)
    ->addGroup(
        (new FormGroup())
            ->addElement(new CheckBox('cache', 'Cache this page?', $pageInfo['cache']))
            ->addElement(new CheckBox('raw', 'View raw? (Don't run through HTMLPurifier - Doesn't affect preview  - Increases risk of XSS)', $pageInfo['raw']))
    )
    ->addElement(new RichTextFormat())
    ->addElement(new RichTextEditor('page_body', $latest['body']))
    ->addGroup(
        (new FieldsetGroup())
            ->addElement(/* ... */)
            /* ... */
    )
    ->addGroup(
        new SubmitButton(),
        (new LinkButton('/return/path'))
            ->setClass('pure_button_tertiary')
    );

And then on the template:

{{ render_form(object_passed_from_php) }}

This will afford us several advantages:

  1. We can reduce the boilerplate by making input filters and CSRF protection baked-in to each form.
  2. If we have to change how a form element is displayed, we only have to make the change in one place.
  3. It should become much easier for users to add/extend forms to their Cabins and Gadgets
  4. Less redundant code means less to audit, and likely a significantly reduced attack surface

I'm not quite ready to commit to having this ready for version 2.0.0, but it's an idea I'd like to think about. The actual implementation details (how to handle conditional form requirements) and edge cases (file uploading, element-bound JavaScript) need to be hammered out.
@geggleto
Copy link

I kinda wanted the same thing... so I started here.

https://github.com/geggleto/form-builder

@paragonie-scott
Copy link
Member Author

There are a ton of benefits (especially for making the new motif configuration system easier to develop for), but I'll need to do research and design a system that makes this as simple as possible.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
feature request feedback sought
Projects
None yet
Milestone
Future Scopes / Nice-to-Haves
Development

No branches or pull requests
2 participants
@geggleto @paragonie-scott