views:

24

answers:

2

I inherited a project that seems to have a ton of custom modules. A lot of the modules have includes folders with include files that have regular HTML forms. I know that Drupal preaches using FAPI. My question is that in your experience are there any pitfalls with this approach or is this acceptable use?

Thank you

+1  A: 

If you're trying to use the custom HTML forms to submit to Drupal-managed submit handlers, the biggest pitfall you're going to run into is that most Drupal modules verify the form via the use of form IDs and checksums, which you can't hard code.

Your forms are also going to be incredibly fragile: if what you're submitting to changes a form element, your forms will break.

Forms API isn't particularly hard to learn, is easy to maintain, and you get it for free. Unless it's absolutely impossible to use it, you should use it.

Mark Trapp
+1  A: 

My question is that in your experience are there any pitfalls with this approach or is this acceptable use?

There are surely pitfalls. The form API validates the values received from a POST request, and it is able to verify if the received data come from a forged form request.

kiamlaluno

related questions