How to interrupt/redirect Search submit to auth/validate (via Captcha) *BEFORE* actual submit to search engine & display of results?
I've D6 installed. I'm unwiring my hand-rolled site, and recasting in Drupal. I'd like to replicate the following logic, but in the most appropriate, technically valid, "Drupal Way". (I make that qualification as I'm well aware there are many 'roads' to any given Drupal 'mountain' ...) I expose a themed custom Search bar ($search_box) in my theme's top header/menu bar. If I enter text into the field, click Submit, the search result's displayed @ .../search/apachesolr_search/test I'd like to inject a validation check 'onsubmit', so that if USER has not, during this session (anonymous or authenticated) successfully answered a reCaptcha challenge, then BEFORE submitting/returning the search result, redirect the USER to a standalone Captcha-challenge form, and, IF the challenge/response is successful, finish the Search submit and return the Search result in the $content region, as usual. IF the challenge/response FAILS >#n times, return the user to the home page. I'd like not reinvent the wheel, and use the existing capabilities of Drupal core, the Captcha module, etc to the greatest extent possible. To this end, I, installed Capthca module installed Webform module created a Webform node assigned the Captcha module to display @ the Webform node's form_id cp'd overrides of search-theme-form.tpl.php webform-form-[nid].tpl.php to my local theme. One approach to do what I want, I suppose, is in search-theme-form.tpl.php, redirect form submission via 'onsubmit= ...' to a "my_captcha_script.php", passing the referrer form_id (here, 'search'), all the various $search $vars, etc -- conditionally validate the Captcha submit, and then, per conditions above, push the passed $vars back to a submit form, but with a real 'search' submit target. That does not seem Drupal-esque to me. I'm guessing that the current best approach is to 'somehow' grab & use FormAPI ... Finding a method recommendation, and docs to go with it, has beeen a challenge -- so far. What's recommended here? Thanks, Ben
On Sat, May 15, 2010 at 7:00 PM, Ben DJ <bendj095124367913213465@gmail.com> wrote:
That does not seem Drupal-esque to me. I'm guessing that the current best approach is to 'somehow' grab & use FormAPI ... Finding a method recommendation, and docs to go with it, has beeen a challenge -- so far.
One approach that seems to me to hold some promise, or at least pieces of it, is described here "Redirecting Users After Submitting a Form in Drupal 5 and 6" http://drupal.org/node/134000#comment-1556764 wherein, ... In Drupal 6, one method is: Create a custom module custom.module and place this code in it: function custom_form_alter(&$form, $form_state, $form_id) { switch ($form_id) { case 'contact_mail_page': $form['#redirect'] = 'thank-you-page'; break; } } ... Looking in ./modules/search/search.module, i see, ... /** * Process a block search form submission. */ function search_box_form_submit($form, &$form_state) { ... $form_id = $form['form_id']['#value']; $form_state['redirect'] = 'search/node/'. trim($form_state['values'][$form_id]); } ... which refers to the 'redirect'. Right approach with the right pieces? If so, unclear -- atm -- how they fit together. Ben
Hi Ben I think captcha can be configured to run on any form, add mollom to the mix and you get some advanced intelligence as to when you want the captcha to be shown. That said you should have a look at hook_form_alter http://api.lullabot.com/hook_form_alter You want to target when the form_id argument equals 'search_box_form' You can add your handlers (submit/validation) to the form processing using $form['#submit'] and $form['#validate'], the $form arg is passed by reference. Both of these are arrays, you should test that they exist first eg if (is_array($form['#submit']) { array_unshift($form['#submit'], 'name_of_your_handler'); } else { $form['#submit'] = array('name_of_your_handler'); } If you use array_unshift, your handlers will run first. You can then do form_state['redirect'] = 'your path' if needs be. You can also add the captcha elements directly to the form if no session var has been set Ie in hook_form_alter, check the form_id is the search form, if it is and there is no session var (tracking they've satisfied the captcha) then you can add the captcha elements directly to the $form var (and your submit/validate handlers). In your validate handler, test the captcha was satisfied and then in your submit handler, set the session variable so the next time the form is built, your form_alter hook doesn't add the captcha again. Hope this makes sense. Lee On Sat, 15 May 2010 19:42:54 -0700, Ben DJ <bendj095124367913213465@gmail.com> wrote:
On Sat, May 15, 2010 at 7:00 PM, Ben DJ <bendj095124367913213465@gmail.com> wrote:
That does not seem Drupal-esque to me. I'm guessing that the current best approach is to 'somehow' grab & use FormAPI ... Finding a method recommendation, and docs to go with it, has beeen a challenge -- so far.
One approach that seems to me to hold some promise, or at least pieces of it, is described here
"Redirecting Users After Submitting a Form in Drupal 5 and 6" http://drupal.org/node/134000#comment-1556764
wherein,
... In Drupal 6, one method is:
Create a custom module custom.module and place this code in it: function custom_form_alter(&$form, $form_state, $form_id) { switch ($form_id) { case 'contact_mail_page': $form['#redirect'] = 'thank-you-page'; break; } } ...
Looking in ./modules/search/search.module, i see,
... /** * Process a block search form submission. */ function search_box_form_submit($form, &$form_state) { ... $form_id = $form['form_id']['#value']; $form_state['redirect'] = 'search/node/'. trim($form_state['values'][$form_id]); } ...
which refers to the 'redirect'.
Right approach with the right pieces? If so, unclear -- atm -- how they fit together.
Ben
Hi Lee, Thanks for the reply! On Sun, May 16, 2010 at 1:36 AM, Lee Rowlands <leerowlands@rowlands-bcs.com> wrote:
That said you should have a look at hook_form_alter ... (snip) ... Hope this makes sense.
It's helped me make some progress, tho I'm not sure I've managed to implement your suggestion (correctly) ... So far: I've created a webform (form_id == 'webform_client_form_8', pathalias == test/mycaptcha). I've added form_id == 'webform_client_form_8' as a target for the Captcha module. I've created a custom.module: ----------------------------------------------------- function custom_form_alter(&$form, $form_state, $form_id) { switch ($form_id) { case 'search_theme_form': if(isset($_SESSION['captcha_success_form_ids'])) { $form['#redirect'] = 'search'; } else { $form['#redirect'] = 'test/mycaptcha'; } break; case 'webform_client_form_8': // ... break; } } ----------------------------------------------------- This now works as follows ... @ enter text into my search bar, and Submit, then (1) if there's been NO prior, valid captcha auth, & hence no SESSION var set, then I redirect to my standalone, captcha-containing webform. (2) if there HAS been valid auth, simply redirect to the search as usual. and, the search result page is properly displayed. both good. the remaining issue is, if I'm in case (1), above, and have redirected to the captcha-containing webform, AND sucessfully submitted the captcha, NOW i want to "continue on" to the search submit, with the originally submitted search parameters. since the 'successful' captcha SESSION var will have been set, there's no concern of looping backto the standalone captcha page ... but how should I be storing/passing the originally submitted search params BACK to the 'new' search? afaict, looking in /src/www/mysite/modules/search/ there's no mention/reference of a _SESSION var there, so I'm guessing either i have to (a) manually store/pass the search params in my own SESSION var, *or* they're already stored in a Drupal core var. reading our post again, i'm not at all sure if i _should_ have used, array_unshift($form['#submit'], 'name_of_your_handler'); tbh, i'm not clear abt it's intent, or proper use -- yet. Thanks! Ben
the remaining issue is, if I'm in case (1), above, and have redirected to the captcha-containing webform, AND sucessfully submitted the captcha, NOW i want to "continue on" to the search submit, with the originally submitted search parameters.
Have a look at drupal_execute http://api.lullabot.com/drupal_execute not sure if this is what you are trying to do though but pretty sure that if you call this with your submitted values in $form_state['values'] (arg2) and $form_state['rebuild'] = TRUE (arg2) it will do the processing and redirect as per usual (it won't redirect without the rebuild member - have a look at http://api.lullabot.com/drupal_process_form )
Just to further what Lee has said, look into what the module does out of the box, but I suspect that you're going to need to manage your form states on your own. Effectively what you're doing is a multistep form and I found the two documents helpful: 10. Multistep form - http://drupal.org/node/717750 Display a confirmation message before processing a form - http://drupal.org/node/470834 Basically I think the switch you'll need is to create yourself a session variable (e.g. $_SESSION['captcha_attempts']) and chose to load various other forms based on that. HTH. Anthony. On 6:59 AM, Lee Rowlands wrote:
Hi Ben I think captcha can be configured to run on any form, add mollom to the mix and you get some advanced intelligence as to when you want the captcha to be shown.
That said you should have a look at hook_form_alter http://api.lullabot.com/hook_form_alter You want to target when the form_id argument equals 'search_box_form' You can add your handlers (submit/validation) to the form processing using
$form['#submit'] and $form['#validate'], the $form arg is passed by reference. Both of these are arrays, you should test that they exist first eg if (is_array($form['#submit']) { array_unshift($form['#submit'], 'name_of_your_handler'); } else { $form['#submit'] = array('name_of_your_handler'); } If you use array_unshift, your handlers will run first. You can then do form_state['redirect'] = 'your path' if needs be. You can also add the captcha elements directly to the form if no session var has been set Ie in hook_form_alter, check the form_id is the search form, if it is and there is no session var (tracking they've satisfied the captcha) then you can add the captcha elements directly to the $form var (and your submit/validate handlers). In your validate handler, test the captcha was satisfied and then in your submit handler, set the session variable so the next time the form is built, your form_alter hook doesn't add the captcha again. Hope this makes sense. Lee
On Sun, May 16, 2010 at 3:38 PM, Lee Rowlands <leerowlands@rowlands-bcs.com> wrote:
...
On Sun, May 16, 2010 at 5:38 PM, Anth <malkouna@yahoo.com.au> wrote:
... Effectively what you're doing is a multistep form ...
Great! Both helpful references, and once I got to "Part 10" and realized that these 'things' are called "Multistep forms" in drupal-speak, Google returns a treasure trove of further ideas & references. Fwiw, among the best so far, http://jeff.viapositiva.net/drupal/dynamic-forms Thanks for the initial walkthrough -- now to make this work! Ben
participants (3)
-
Anth -
Ben DJ -
Lee Rowlands