The form page does not necessarily have to contain ColdFusion code; it can be just a plain old HTML page with an .htm extension. The important bit about the form page is that it sends information to the correct action page. You specify the name of the action page with the ACTION attribute of the HTML <FORM> tag. Let's take a look at an example. Listing 5.1 Simple HTML Form, DemoForm1.htm <HTML> <HEAD> <TITLE>Demo Form</TITLE> </HEAD> <BODY> <H2>Please Give Us Some Feedback.</H2> <!--- identify the action page in the form tag ---> <FORM ACTION="DemoAction1.cfm" METHOD="Post"> Your Name: <INPUT TYPE="Text" NAME="Name" SIZE="30" ><BR> Your Email: <INPUT TYPE="Text" NAME="Email" SIZE="30"><BR> Your Comments:<BR> <TEXTAREA COLS="40" ROWS="5" NAME="Comments"> Hey dude, righteous form. </TEXTAREA><BR> <INPUT TYPE="Submit" VALUE="Send Form"> </FORM> </BODY> </HTML> The code in Listing 5.1 creates the simple HTML form shown in Figure 5.1. Three form fields are defined on this form, and when we submit this form, it will pass three name/value pairs to the action page. Figure 5.1. A simple HTML form. Name=Barry+Moore Email=Barry@LearnColdFusionMX.com Comments=Hey+dude,+righteous+form The <FORM> tag in this example has two attributes: ACTION and METHOD. The ACTION attribute identifies the ColdFusion action page to which the form will pass its information, in this case DemoAction1.cfm. The METHOD attribute identifies the technique that the form will use to pass the information to the action page. The METHOD attribute has two possible values: Get and Post. If we use the Get method to pass form information, all the information will be passed to the action page via URL variables. The following code shows an example of form fields passed with the Get method: [View full width] http://localhost/Examples/Step05/DemoAction1. cfm?Name=Barry+Moore&Email=Barry@LearnColdFusionMX.com.com&Comments=Hey+dude, +righteous+form This method has several drawbacks. First, most browsers only allow a limited number of characters to be used in a URL, and if you are passing large amounts of information, some of that information might be lost due to truncation of the URL. Second, sensitive information is easily visible. For example, you would not want to send password or credit card details via the URL because anyone could see them or, worse yet, bookmark them using the browser's add-to-favorites command. In addition, not all browsers automatically pass variables that contain spaces (see the sidebar "No Space Allowed" in Step 2, "Using Variables"); by using this method, you might lose information or cause errors. The Post method sends the form information invisibly (behind the scenes) as part of the HTTP request and is not visible to the user. It is almost always best to send form information using the Post method. |