Legacy forms in Smartsite iXperion 1.2

Release 1.2 - ...

To reduce the amount of work required to get legacy forms working in Smartsite iXperion, the publication update script introduces the se:legacyform macro in smartsite.config. This is basically a wrapper around the embeduri macro, which embeds the form directly. Some other changes are needed in the site for this to work:

  • In order to be rendered directly the Form contenttype needs the Restricted field and
  • The Form contenttype must be rendered through a specific render template that passes the necessary query parameters to the renderform cms macro:

HTML CopyCode image Copy Code
<html>
 <head>
  <title><se property="title" removetags="true" /></title>
  <style type="text/css">
   [deferproperty("_css")]
  </style>
  [deferproperty("_headers")]
  <script type="text/javascript" language="javascript">
   <!--
   [deferproperty("_jsglobals")]
   function doOnload()
   {
   [deferproperty("_jsonload")]
   }
   // -->
  </script>
  <link rel="stylesheet" type="text/css" href="{html.location('CSS_FORMS')}" media="screen" />
 </head>
 <body onload="doOnload()">
  <se type="script" error="{sys.throwexception(ApplicationError,'Error resolving the passed formdata. CMS Engine error: {error}')}">
      Dim slData
   Dim itemData
      Set slData = CreateObject("SixTools.Smartlist")
      With Context
       If Context.Request.QueryString.Exists("fd") Then
     Set slData = GetList(SplitEx(Context.Request.QueryString("fd", ""), ";"))
     For Each itemData In slData
               page.Macro.Buffers.Add itemData.Value, itemData.Name
           Next
       End If
   End With
   'page.macro.result.add page.macro.buffers.toStringEx(2,"<br />")
  </se>
  <se type="com" object="sixMacros.Tidy" encoding="Auto" dropfonttags="true" returntype="XHTML">
   <se type="com" object="sixForms.PageForm" formid="{page:nr:={query:id}}" error="{sys.throwexception(ApplicationError,'Error rendering the form through the CMS Engine. CMS Engine error: {error}')}">
    <parameters>
     <action>{query:a:=}</action>
     <forcesubmit>{query:fs}</forcesubmit>
     <showformonloaderror>{query:sfle}</showformonloaderror>
     <showformonsaveerror>{query:sfse}</showformonsaveerror>
     <allowanonymousaccess>{query:aaa}</allowanonymousaccess>
     <loadrecord>{query:lr:=}</loadrecord>
     <recordnotfound>{query:lre:=}</recordnotfound>
     <readonly>{query:ro}</readonly>
     <cancel>{query:c:=}</cancel>
     <showformafterpost>{query:sfap}</showformafterpost>
     <checkpostedformid>{query:cpfi}</checkpostedformid>
     <startworkflow>{query:sw:=}</startworkflow>
     <workflowparams>{query:wp:=}</workflowparams>
     <tableheight>{query:th:=}</tableheight>
     <tablewidth>{query:tw:=}</tablewidth>
     <globalcaptionclass>{query:gcc:=captionclass}</globalcaptionclass>
     <globalcaptionparenttag>{query:gcpt:=th}</globalcaptionparenttag>
     <formclass>{query:fc:=formclass}</formclass>
     <noautostyles>{query:na:=yes}</noautostyles>
    </parameters>
   </se>
  </se>
 </body>
</html>

Optional security

The embeduri macro within legacyform contains the parameters:

  CopyCode image Copy Code
 username="formadmin"
 password="n1md@mr0f"

This can be used to restrict access to the raw forms (as rendered on the MGR channel). Simply create a special group containing this user, maybe change the password, and grant this usergroup CMS Browse access to the form's parent folder.

The empty site does not use this extra layer of security and does not contain the user formadmin. Since the restricted flag is not set for the forms, no security check is done and forms render anyway.