[drupal-devel] [bug] Drupal forms do not validate as xhtml 1.0
stefan nagtegaal
drupal-devel at drupal.org
Sat Apr 2 09:39:35 UTC 2005
Issue status update for http://drupal.org/node/10637
Project: Drupal
Version: cvs
Component: user system
Category: bug reports
Priority: normal
Assigned to: Anonymous
Reported by: tangent
Updated by: stefan nagtegaal
Status: won't fix
>From 4.6 this _is_ done inside the settings.php...
stefan nagtegaal
Previous comments:
------------------------------------------------------------------------
September 8, 2004 - 01:18 : tangent
Attachment: http://drupal.org/files/issues/form_sample.html (623 bytes)
When the user is not logged in, Drupal adds a hidden input named
PHPSESSID to forms. This input is misplaced according to xhtml 1.0
specs. It is currently placed immediately inside the form tag but
according to the spec it must be placed in a block level tag (e.g.,
"p", "h1", "h2", "h3", "h4", "h5", "h6", "div", "pre", "address",
"fieldset", "ins", "del").
I recommend placing this hidden input either inside it's own div
element or inside the container div which contains the rest of the
form.
I would fix this in my theme if I could track down where this variable
is added but I haven't been able to so far.
I have attached an html sample with valid and invalid markup. You can
run it through the W3C validator at http://validator.w3.org/.
------------------------------------------------------------------------
September 11, 2004 - 16:54 : tangent
This problem persists in the latest cvs code.
------------------------------------------------------------------------
September 11, 2004 - 17:02 : Steven
This has nothing to do with Drupal. It is a PHP feature, so the bug
should be reported with PHP.
Turn off session.use_trans_sid in php.ini or through .htaccess to get
rid of the PHPSESSID in URLs.
------------------------------------------------------------------------
November 9, 2004 - 02:29 : lvadillo
I've been trying to validate an xtemplate I'm going to put on line
(XHTML 1.0 strict), to my surprise there were quite a few validating
errors.
1) The ones due to to PHPSESSID went away when adding in .htaccess
"php_flag session.use_trans_sid off", as recommended in other threads
here. I still don't really know what I'm taking away with this command,
anyway, I would say that even with it "on" it should be
W3C compliant. I've looked at the coding (I have no idea about php) and
found some type="hidden"
inputs that are not within a block as the spec calls for some "
------------------------------------------------------------------------
November 9, 2004 - 02:32 : lvadillo
CONTINUES...
2) Besides the PHPSESSID, I found that there were also others not
inside the normal "" block (in the login screen), these were "function
form_hidden()" and "function form_button()" in COMMON.INC. I then put a
with no height and bottom to validate them and be non-intrusive to
layout.
3) The "print" option of the book was also non conforming, I edited
"function book_print()" and "function book_print_recurse()" in
BOOK.MODULE, to show the coded as XHTML 1.0 as the rest (the dirty way
I would say) and cleaned a couple of validating errors.
------------------------------------------------------------------------
November 9, 2004 - 09:10 : xand
Are there any side effects to setting
"php_flag session.use_trans_sid off"
in .htaccess? Otherwise, why is it not done with the default Drupal
.htaccess file?
More information about the drupal-devel
mailing list