Opened 9 years ago

Closed 8 years ago

Last modified 7 years ago

#3427 closed (wontfix)

newforms: add readonly support to widgets

Reported by: anonymous Owned by: adrian
Component: Forms Version: master
Severity: Keywords:
Cc: Triage Stage: Design decision needed
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: UI/UX:

Description

readonly= is an integral part of some Intranet applications and is currently lacking from newforms. The documentation should probably state that, of course, if you really want something to be readonly, you cannot put it in a form at all, but for the rest of us, readonly is an easy solution.

The only problems are that select fields don't have a readonly= property. I've seen them rendered as <input type="text" /> instead, or you can use <select disabled=disabled" /> and automatically append an <input type="hidden" /> with the real readonly value (<select /> fields cannot have readonly as a UI restriction, e.g., UAs don't allow it).

disabled= may also be useful.

Change History (6)

comment:1 Changed 9 years ago by Michael Radziej <mir@…>

  • Needs documentation unset
  • Needs tests unset
  • Patch needs improvement unset
  • Triage Stage changed from Unreviewed to Design decision needed

comment:2 Changed 8 years ago by adrian

  • Resolution set to wontfix
  • Status changed from new to closed

I'm marking this as wontfix because the issue with <select> fields is too hairy to be worth it, and you can achieve the same thing by simply displaying the current value of a form's field in your template.

comment:3 Changed 8 years ago by iwan@…

  • Resolution wontfix deleted
  • Status changed from closed to reopened

Is it really so hairy?

Why not just use the disabled and NOT do the hidden input thing. Disabled in IMHO is a better way to specify read-only stuff on a form, since it means that the input won't be submitted as part of the form. People who expect it to always be submitted as part of the form need the hidden input because of this, but its better to write server-side code such that it knows NOT to expect a value for such a disabled field.

Because... of the following scenario:

  1. user GETs your page with a form in it, containing inputs marked readonly
  1. user saves the html locally
  1. user edits the form, removing the readonly attributes
  1. user submits the edited form, and since your server-side code does not check that the values should not change, the user bypasses the fact that you made them read-only

-i

comment:4 Changed 8 years ago by adrian

  • Resolution set to wontfix
  • Status changed from reopened to closed

Hi iwan,

Please don't reopen tickets that have been marked as "wontfix."

comment:5 Changed 8 years ago by ubernostrum

(and in reply to the comment...)

It is indeed better to do this server-side; if you have a field which should not be submitted back, the form should not include that field at all. Instead, as Adrian suggested, the value should just be displayed normally and not as a form field of any sort.

comment:6 Changed 7 years ago by guettli

Related: #3990: readonly fields for admin

Note: See TracTickets for help on using tickets.
Back to Top