Side Channel

Drupal Form API, which first appeared on 4.7 and now on the 3rd revision is always an overlooked features when someone considering Drupal as framework to build web applications. One thing that I really like about Form API is it abstract the logic of form handling, with us the developer only need to implement certain hooks in order to process the form submission. The typical flow of most Form library is something like this:-

// create new form object
$form = new Form('some parameter');

//the logic
if $form->is_valid() {
  do some processing
}

In Drupal Form API, the logic of handling the form is handled by the API it self. For example, to validate the form we just implement the hook function, something like :-

function form_api_test_validate($form, $form_state) {
  //validation code here
}

function form_api_test_submit($form, $form_state) {
  //processing code here
}

Another thing about Drupal API is we never care where to submit the form. In fact, there's no option to specify the form action attribute ! Form is only identified using the form_id and that's all we need to care about. And for those who care about security, Drupal automatically add a token to all forms build through the API to protect it from some kind of cross site request forgery (CSRF) so it save up sometimes on our part to implement that measures. With Drupal 6, Form API comes with another improvent that I really like it a lot. It's now possible to specify a custom validate and submit handler for each submit button in our form. So we can have Save button handled by let say function form_api_test_save() while a Cancel button would be handled by function form_api_test_cancel(). Awesome ! There's a lot more cool features but I guess that enough for some introductory blog post. Expect more writing about Drupal Form API in the upcoming days ;)