Token Value

[ethanlazarus]

I am upgrading my files from phpmaker 2018 to 2024. This has been quite the project! In 2018, if I wanted to submit a custom form, I had to use the token_val. Do I need to submit a token for custom forms in 2024? The tokenval field no longer works. Thanks!

Example custom form:

 $currenturl = $_SERVER["REQUEST_URI"];
		 $tokenname = TOKEN_NAME;
		 GLOBAL $class_schedule_list;
		 $tokenval = $class_schedule_list->Token;
	        $showcalbutton = '
		 <form action="'.$_SERVER['PHP_SELF'].'" method="post">
		<input type="hidden" name="SubmitCheck" value="sent">
		<input type="hidden" name="showcal" value = 1>
		<input type="hidden" name="'.$tokenname.'" value="'.$tokenval.'">
		<button type="submit" class="btn btn-sm btn-primary">
		<span class="glyphicon glyphicon-calendar" aria-hidden="true"></span> Show Calendar</button>	
	   </form>';
		 $hidecalbutton = '
		  <form action="'.$_SERVER['PHP_SELF'].'" method="post">
		<input type="hidden" name="SubmitCheck" value="sent">
		<input type="hidden" name="showcal" value = 0>
		<input type="hidden" name="'.$tokenname.'" value="'.$tokenval.'">
		<button type="submit" class="btn btn-sm btn-primary">
		<span class="glyphicon glyphicon-remove-circle" aria-hidden="true"></span> Hide Calendar</button>	
	   </form>';

[mobhar]

For v2024, you may refer to this documentation.

[ethanlazarus]

Thank you - I see the new code, but how do I define $TokenNameKey and $TokenValueKey? I previously defined with $tokenname = TOKEN_NAME; - what do I use in 2024? Thanks so much!

[mobhar]

It is already defined in src/config.php file, so you don't have to define it by yourself.

As long as you have already enabled Check token for form post option under Tools -> Advanced Settings of your PHPMaker project, then you just need to add that code from the documentation link above to your Custom Form.

[ethanlazarus]

This has been working for most of my pages, but one page in list view, I have ledgers and add a button to each one that can lock or unlock the ledger - so I add a button to each line in row-rendered. It works perfectly for the first line, but the following lines don't work. If I disable token for form post, I can get it to work. Do I need to specify a different token or value for each button on the list page?

This is the snippet from listoptions rendered event...

    $g .= '<p><font = "blue"><i class = "fa fa-lock" aria-hidden="true"></i> Locked</font></p>';
		  } //  if ledger locked
		  else {
	  		 	   $g .= '
   <form action="LedgerList" method="post">
	<input type="hidden" name="SubmitCheck3" value="mark_not_completed">
	<input type="hidden" name="approveid" value = "'.$id.'">
	<input type="hidden" name="'.$TokenNameKey.'" value="'.$TokenName.'">
    <input type="hidden" name="'.$TokenValueKey.'" value="'.$TokenValue.'">

	<button type="submit" class="btn btn-sm btn-success">
	<i class="fa fa-unlock" aria-hidden="true"></i> '.$bn.'</button>	
   </form>';
				} // else if locked
   
	  } // if completed
	 else
	   {
	   
	   $bn = "Incomplete";
	   		 	   $g .= '
   <form action="LedgerList" method="post">
	<input type="hidden" name="SubmitCheck3" value="mark_completed">
	<input type="hidden" name="approveid" value = "'.$id.'">
	<input type="hidden" name="'.$TokenNameKey.'" value="'.$TokenName.'">
    <input type="hidden" name="'.$TokenValueKey.'" value="'.$TokenValue.'">

	<button type="submit" class="btn btn-sm btn-danger">
	<i class="fa fa-unlock" aria-hidden="true"></i> '.$bn.'</button>	
   </form>';
	 	}
	 $this->ListOptions->Items['Status']->Body = $g;

[arbei]

The List page is a form, do not put form inside a form, your code results in duplicate form elements in the main form. You better use custom action to do what you need, read Page_Load -> Example 3. (v2024)