The <form/> tag
The form tag renders a form in HTML, adding five additional hidden
input fields—the fb_sig_profile,
fb_sig_user, fb_sig_session_key,
fb_sig_time, and fb_sig
parameters—that give more information about the user submitting the form
to the processing script. The fb_sig parameter is
essentially just a hash (see http://en.wikipedia.org/wiki/Hash_algorithm)
of all the other fb_sig_ values preceding it.
It is important to note that the fb_sig_user
and fb_sig_session_key parameters are added only if
the user using your app has successfully authenticated and logged into
Facebook.
FBML-Specific Attributes
requirelogin=[true|false] default: true
If true, the user will be prompted to
log in (if they have not already done so), and then they will be asked
if they want to submit data to your app. The login redirects the user
to the posted form, with the fb_sig_user and
fb_sig_session values attached
to that form.
The following optional attributes can be applied to any form element within the form:
clicktoenable=[element id]When added to any element within a form, this enables the element specified by
element idwhen the current element is clicked. Multiple element IDs can be submitted if they are separated by commas.clicktodisable=[element id]When added to any element within a form, this disables the element specified by
element idwhen the current element is clicked. Multiple element IDs can be submitted if they are separated by commas.clickthrough=[true|false] default: falseWhen added to any element within a form in which Dynamic FBML (such as the previous attributes, or Mock AJAX or Visibility attributes) is being used, and if it is set to
true, this attribute allows the original form element functionality to occur. One example use is for checkboxes. Whenclicktoenable,clicktodisable, or any of the Visibility attributes are used on a checkbox element, by default the checkbox will not get checked. Settingclickthrough=truefixes this issue.
Example FBML
The following example demonstrates the form tag, where
clicktodisable and clickthrough
are used together (refer to http://wiki.developers.facebook.com/index.php/DynamicFBML/Forms):
<form>
<input type="text" id="firstname" name="firstname" />
<input id="sendbutton" type="submit" value="Submit"
clicktodisable="firstname" clicktohide="sendbutton"
clickthrough="true" />
</form>Rendered HTML for Single Instance of Tag
The following is the rendered HTML for the example just shown (refer to http://wiki.developers.facebook.com/index.php/UsageNotes/Forms):
<form>
<input type="hidden" name="fb_sig_profile" value="1160"/>
<input type="hidden" name="fb_sig_user" value="1160"/>
<input type="hidden" name="fb_sig_session_key"
value="b12d7f73fc47536b32e89e-1160"/>
<input type="hidden" name="fb_sig_time" value="1176705186"/>
<input type="hidden" name="fb_sig"
value="773af1263c2b7bade7958e6b58d3152f"/>
...
</form>Additional information
Any
<input/>element added by the user cannot have a name that starts withfb. Names that start withfbare reserved by Facebook.If you are uploading a file through a form, the form must not be posted to an apps.facebook.com domain. Instead, your form should be submitted to your own servers’ domain, and your servers should redirect the user back to the apps.facebook.com domain after saving the file.
See the section on Mock AJAX in Chapter 3 to learn how you can dynamically load submitted form results into an additional
<div/>tag on the page using AJAX.Any form element that is disabled does not get submitted to the form.
When used together, the
clickthroughandclicktodisabletags don’t allow a form to submit in Apple’s Safari 3 browser. This bug has been submitted to Safari.