Legacy forms in Smartsite iXperion 1.2
To reduce the amount of work required to get legacy forms working in Smartsite iXperion, the publication update script introduces the se:legacyform macro in smartsite.config. This is basically a wrapper around the embeduri macro, which embeds the form directly. Some other changes are needed in the site for this to work:
- In order to be rendered directly the Form contenttype needs the Restricted field and
- The Form contenttype must be rendered through a specific render template that passes the necessary query parameters to the renderform cms macro:
HTML | Copy Code |
---|---|
<html> <head> <title><se property="title" removetags="true" /></title> <style type="text/css"> [deferproperty("_css")] </style> [deferproperty("_headers")] <script type="text/javascript" language="javascript"> <!-- [deferproperty("_jsglobals")] function doOnload() { [deferproperty("_jsonload")] } // --> </script> <link rel="stylesheet" type="text/css" href="{html.location('CSS_FORMS')}" media="screen" /> </head> <body onload="doOnload()"> <se type="script" error="{sys.throwexception(ApplicationError,'Error resolving the passed formdata. CMS Engine error: {error}')}"> Dim slData Dim itemData Set slData = CreateObject("SixTools.Smartlist") With Context If Context.Request.QueryString.Exists("fd") Then Set slData = GetList(SplitEx(Context.Request.QueryString("fd", ""), ";")) For Each itemData In slData page.Macro.Buffers.Add itemData.Value, itemData.Name Next End If End With 'page.macro.result.add page.macro.buffers.toStringEx(2,"<br />") </se> <se type="com" object="sixMacros.Tidy" encoding="Auto" dropfonttags="true" returntype="XHTML"> <se type="com" object="sixForms.PageForm" formid="{page:nr:={query:id}}" error="{sys.throwexception(ApplicationError,'Error rendering the form through the CMS Engine. CMS Engine error: {error}')}"> <parameters> <action>{query:a:=}</action> <forcesubmit>{query:fs}</forcesubmit> <showformonloaderror>{query:sfle}</showformonloaderror> <showformonsaveerror>{query:sfse}</showformonsaveerror> <allowanonymousaccess>{query:aaa}</allowanonymousaccess> <loadrecord>{query:lr:=}</loadrecord> <recordnotfound>{query:lre:=}</recordnotfound> <readonly>{query:ro}</readonly> <cancel>{query:c:=}</cancel> <showformafterpost>{query:sfap}</showformafterpost> <checkpostedformid>{query:cpfi}</checkpostedformid> <startworkflow>{query:sw:=}</startworkflow> <workflowparams>{query:wp:=}</workflowparams> <tableheight>{query:th:=}</tableheight> <tablewidth>{query:tw:=}</tablewidth> <globalcaptionclass>{query:gcc:=captionclass}</globalcaptionclass> <globalcaptionparenttag>{query:gcpt:=th}</globalcaptionparenttag> <formclass>{query:fc:=formclass}</formclass> <noautostyles>{query:na:=yes}</noautostyles> </parameters> </se> </se> </body> </html> |
Optional security
The embeduri macro within legacyform contains the parameters:
Copy Code | |
---|---|
username="formadmin" password="n1md@mr0f" |
This can be used to restrict access to the raw forms (as rendered on the MGR channel). Simply create a special group containing this user, maybe change the password, and grant this usergroup CMS Browse access to the form's parent folder.
The empty site does not use this extra layer of security and does not contain the user formadmin. Since the restricted flag is not set for the forms, no security check is done and forms render anyway.