explain form_for in the rendering guide

mojolicious · Mar 15, 2015 · a3885b5 · s1037989 · Mar 15, 2015 · kraih
1 parent 1179af4
commit a3885b5
Show file tree

Hide file tree

Showing 3 changed files with 47 additions and 6 deletions.
diff --git a/lib/Mojolicious/Guides/Rendering.pod b/lib/Mojolicious/Guides/Rendering.pod
@@ -829,6 +829,50 @@ template with named blocks that child templates can override.
 
 This chain could go on and on to allow a very high level of template reuse.
 
+=head2 Forms
+
+To build HTML forms more efficiently you can use tag helpers like
+L<Mojolicious::Plugin::TagHelpers/"form_for">, which can automatically select a
+request method for you if a route name is provided. And since most browsers do
+not allow request methods like C<PUT> or C<DELETE> for forms, they are spoofed
+with a C<_method> query parameter.
+
+  use Mojolicious::Lite;
+
+  get '/' => 'form';
+
+  put '/title' => sub {
+    my $c = shift;
+
+    my $url   = $c->param('url');
+    my $title = $c->ua->get($url)->res->dom->at('title')->text;
+
+    # Prevent double submit with redirect
+    $c->flash(title => qq{The title of "$url" is "$title".});
+    $c->redirect_to('form');
+  };
+
+  app->start;
+  __DATA__
+
+  @@ form.html.ep
+  <!DOCTYPE html>
+  <html>
+    <body>
+      % if (my $title = flash 'title') {
+        <p><%= $title %></p>
+      % }
+      %= form_for title => begin
+        %= text_field 'url', value => 'http://mojolicio.us'
+        %= submit_button 'Get title'
+      % end
+    </body>
+  </html>
+
+The methods L<Mojolicious::Controller/"flash"> and
+L<Mojolicious::Controller/"redirect_to"> are often used together to prevent
+double form submission.
+
 =head2 Form validation
 
 You can use L<Mojolicious::Controller/"validation"> to validate C<GET> and
@@ -958,10 +1002,6 @@ L<Mojolicious::Validator::Validation/"error">.
     </body>
   </html>
 
-The methods L<Mojolicious::Controller/"flash"> and
-L<Mojolicious::Controller/"redirect_to"> are often used together to prevent
-double form submission.
-
 =head2 Cross-site request forgery
 
 CSRF is a very common attack on web applications that trick your logged in

diff --git a/lib/Mojolicious/Guides/Tutorial.pod b/lib/Mojolicious/Guides/Tutorial.pod
@@ -743,7 +743,8 @@ really secure.
 All files uploaded via C<multipart/form-data> request are automatically
 available as L<Mojo::Upload> objects. And you don't have to worry about memory
 usage, because all files above 250KB will be automatically streamed into a
-temporary file.
+temporary file. To build HTML forms more efficiently, you can also use tag
+helpers like L<Mojolicious::Plugin::TagHelpers/"form_for">.
 
   use Mojolicious::Lite;
 

diff --git a/lib/Mojolicious/Plugin/TagHelpers.pm b/lib/Mojolicious/Plugin/TagHelpers.pm
@@ -363,7 +363,7 @@ Generate C<input> tag of type C<file>.
 
 Generate portable C<form> tag with L<Mojolicious::Controller/"url_for">. For
 routes that do not allow C<GET>, a C<method> attribute with the value C<POST>
-will be automatically added. And for methods other than C<GET> or C<POST>, an
+will be automatically added. And for methods other than C<GET> or C<POST>, a
 C<_method> query parameter will be added as well.
 
   <form action="/path/to/login">