<?php
/**
* CodeIgniter
*
* An open source application development framework for PHP
*
* This content is released under the MIT License (MIT)
*
* Copyright (c) 2014 - 2018, British Columbia Institute of Technology
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*
* @package CodeIgniter
* @author EllisLab Dev Team
* @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
* @copyright Copyright (c) 2014 - 2018, British Columbia Institute of Technology (http://bcit.ca/)
* @license http://opensource.org/licenses/MIT MIT License
* @link https://codeigniter.com
* @since Version 1.0.0
* @filesource
*/
defined('BASEPATH') OR exit('No direct script access allowed');
/**
* CodeIgniter Form Helpers
*
* @package CodeIgniter
* @subpackage Helpers
* @category Helpers
* @author EllisLab Dev Team
* @link https://codeigniter.com/user_guide/helpers/form_helper.html
*/
// ------------------------------------------------------------------------
if (!function_exists('form_open')) {
/**
* Form Declaration
*
* Creates the opening portion of the form.
*
* @param string the URI segments of the form destination
* @param array a key/value pair of attributes
* @param array a key/value pair hidden data
* @return string
*/
function form_open($action = '', $attributes = array(), $hidden = array())
{
$CI =& get_instance();
// If no action is provided then set to the current url
if (!$action) {
$action = $CI->config->site_url($CI->uri->uri_string());
} // If an action is not a full URL then turn it into one
elseif (strpos($action, '://') === FALSE) {
$action = $CI->config->site_url($action);
}
$attributes = _attributes_to_string($attributes);
if (stripos($attributes, 'method=') === FALSE) {
$attributes .= ' method="post"';
}
if (stripos($attributes, 'accept-charset=') === FALSE) {
$attributes .= ' accept-charset="' . strtolower(config_item('charset')) . '"';
}
$form = '<form action="' . $action . '"' . $attributes . ">\n";
if (is_array($hidden)) {
foreach ($hidden as $name => $value) {
$form .= '<input type="hidden" name="' . $name . '" value="' . html_escape($value) . '" />' . "\n";
}
}
// Add CSRF field if enabled, but leave it out for GET requests and requests to external websites
if ($CI->config->item('csrf_protection') === TRUE && strpos($action, $CI->config->base_url()) !== FALSE && !stripos($form, 'method="get"')) {
// Prepend/append random-length "white noise" around the CSRF
// token input, as a form of protection against BREACH attacks
if (FALSE !== ($noise = $CI->security->get_random_bytes(1))) {
list(, $noise) = unpack('c', $noise);
} else {
$noise = mt_rand(-128, 127);
}
// Prepend if $noise has a negative value, append if positive, do nothing for zero
$prepend = $append = '';
if ($noise < 0) {
$prepend = str_repeat(" ", abs($noise));
} elseif ($noise > 0) {
$append = str_repeat(" ", $noise);
}
$form .= sprintf(
'%s<input type="hidden" name="%s" value="%s" />%s%s',
$prepend,
$CI->security->get_csrf_token_name(),
$CI->security->get_csrf_hash(),
$append,
"\n"
);
}
return $form;
}
}
// ------------------------------------------------------------------------
if (!function_exists('form_open_multipart')) {
/**
* Form Declaration - Multipart type
*
* Creates the opening portion of the form, but with "multipart/form-data".
*
* @param string the URI segments of the form destination
* @param array a key/value pair of attributes
* @param array a key/value pair hidden data
* @return string
*/
function form_open_multipart($action = '', $attributes = array(), $hidden = array())
{
if (is_string($attributes)) {
$attributes .= ' enctype="multipart/form-data"';
} else {
$attributes['enctype'] = 'multipart/form-data';
}
return form_open($action, $attributes, $hidden);
}
}
// ------------------------------------------------------------------------
if (!function_exists('form_hidden')) {
/**
* Hidden Input Field
*
* Generates hidden fields. You can pass a simple key/value string or
* an associative array with multiple values.
*
* @param mixed $name Field name
* @param string $value Field value
* @param bool $recursing
* @return string
*/
function form_hidden($name, $value = '', $recursing = FALSE)
{
static $form;
if ($recursing === FALSE) {
$form = "\n";
}
if (is_array($name)) {
foreach ($name as $key => $val) {
form_hidden($key, $val, TRUE);
}
return $form;
}
if (!is_array($value)) {
$form .= '<input type="hidden" name="' . $name . '" value="' . html_escape($value) . "\" />\n";
} else {
foreach ($value as $k => $v) {
$k = is_int($k) ? '' : $k;
form_hidden($name . '[' . $k . ']', $v, TRUE);
}
}
return $form;
}
}
// ------------------------------------------------------------------------
if (!function_exists('form_input')) {
/**
* Text Input Field
*
* @param mixed
* @param string
* @param mixed
* @return string
*/
function form_input($data = '', $value = '', $extra = '')
{
$defaults = array(
'type' => 'text',
'name' => is_array($data) ? '' : $data,
'value' => $value
);
return '<input ' . _parse_form_attributes($data, $defaults) . _attributes_to_string($extra) . " />\n";
}
}
// ------------------------------------------------------------------------
if (!function_exists('form_password')) {
/**
* Password Field
*
* Identical to the input function but adds the "password" type
*
* @param mixed
* @param string
* @param mixed
* @return string
*/
function form_password($data = '', $value = '', $extra = '')
{
is_array($data) OR $data = array('name' => $data);
$data['type'] = 'password';
return form_input($data, $value, $extra);
}
}
// ------------------------------------------------------------------------
if (!function_exists('form_upload')) {
/**
* Upload Field
*
* Identical to the input function but adds the "file" type
*
* @param mixed
* @param string
* @param mixed
* @return string
*/
function form_upload($data = '', $value = '', $extra = '')
{
$defaults = array('type' => 'file', 'name' => '');
is_array($data) OR $data = array('name' => $data);
$data['type'] = 'file';
return '<input ' . _parse_form_attributes($data, $defaults) . _attributes_to_string($extra) . " />\n";
}
}
// ------------------------------------------------------------------------
if (!function_exists('form_textarea')) {
/**
* Textarea field
*
* @param mixed $data
* @param string $value
* @param mixed $extra
* @return string
*/
function form_textarea($data = '', $value = '', $extra = '')
{
$defaults = array(
'name' => is_array($data) ? '' : $data,
'cols' => '40',
'rows' => '10'
);
if (!is_array($data) OR !isset($data['value'])) {
$val = $value;
} else {
$val = $data['value'];
unset($data['value']); // textareas don't use the value attribute
}
return '<textarea ' . _parse_form_attributes($data, $defaults) . _attributes_to_string($extra) . '>'
. html_escape($val)
. "</textarea>\n";
}
}
// ------------------------------------------------------------------------
if (!function_exists('form_multiselect')) {
/**
* Multi-select menu
*
* @param string
* @param array
* @param mixed
* @param mixed
* @return string
*/
function form_multiselect($name = '', $options = array(), $selected = array(), $extra = '')
{
$extra = _attributes_to_string($extra);
if (stripos($extra, 'multiple') === FALSE) {
$extra .= ' multiple="multiple"';
}
return form_dropdown($name, $options, $selected, $extra);
}
}
// --------------------------------------------------------------------
if (!function_exists('form_dropdown')) {
/**
* Drop-down Menu
*
* @param mixed $data
* @param mixed $options
* @param mixed $selected
* @param mixed $extra
* @return string
*/
function form_dropdown($data = '', $options = array(), $selected = array(), $extra = '')
{
$defaults = array();
if (is_array($data)) {
if (isset($data['selected'])) {
$selected = $data['selected'];
unset($data['selected']); // select tags don't have a selected attribute
}
if (isset($data['options'])) {
$options = $data['options'];
unset($data['options']); // select tags don't use an options attribute
}
} else {
$defaults = array('name' => $data);
}
is_array($selected) OR $selected = array($selected);
is_array($options) OR $options = array($options);
// If no selected state was submitted we will attempt to set it automatically
if (empty($selected)) {
if (is_array($data)) {
if (isset($data['name'], $_POST[$data['name']])) {
$selected = array($_POST[$data['name']]);
}
} elseif (isset($_POST[$data])) {
$selected = array($_POST[$data]);
}
}
$extra = _attributes_to_string($extra);
$multiple = (count($selected) > 1 && stripos($extra, 'multiple') === FALSE) ? ' multiple="multiple"' : '';
$form = '<select ' . rtrim(_parse_form_attributes($data, $defaults)) . $extra . $multiple . ">\n";
foreach ($options as $key => $val) {
$key = (string)$key;
if (is_array($val)) {
if (empty($val)) {
continue;
}
$form .= '<optgroup label="' . $key . "\">\n";
foreach ($val as $optgroup_key => $optgroup_val) {
$sel = in_array($optgroup_key, $selected) ? ' selected="selected"' : '';
$form .= '<option value="' . html_escape($optgroup_key) . '"' . $sel . '>'
. (string)$optgroup_val . "</option>\n";
}
$form .= "</optgroup>\n";
} else {
$form .= '<option value="' . html_escape($key) . '"'
. (in_array($key, $selected) ? ' selected="selected"' : '') . '>'
. (string)$val . "</option>\n";
}
}
return $form . "</select>\n";
}
}
// ------------------------------------------------------------------------
if (!function_exists('form_checkbox')) {
/**
* Checkbox Field
*
* @param mixed
* @param string
* @param bool
* @param mixed
* @return string
*/
function form_checkbox($data = '', $value = '', $checked = FALSE, $extra = '')
{
$defaults = array('type' => 'checkbox', 'name' => (!is_array($data) ? $data : ''), 'value' => $value);
if (is_array($data) && array_key_exists('checked', $data)) {
$checked = $data['checked'];
if ($checked == FALSE) {
unset($data['checked']);
} else {
$data['checked'] = 'checked';
}
}
if ($checked == TRUE) {
$defaults['checked'] = 'checked';
} else {
unset($defaults['checked']);
}
return '<input ' . _parse_form_attributes($data, $defaults) . _attributes_to_string($extra) . " />\n";
}
}
// ------------------------------------------------------------------------
if (!function_exists('form_radio')) {
/**
* Radio Button
*
* @param mixed
* @param string
* @param bool
* @param mixed
* @return string
*/
function form_radio($data = '', $value = '', $checked = FALSE, $extra = '')
{
is_array($data) OR $data = array('name' => $data);
$data['type'] = 'radio';
return form_checkbox($data, $value, $checked, $extra);
}
}
// ------------------------------------------------------------------------
if (!function_exists('form_submit')) {
/**
* Submit Button
*
* @param mixed
* @param string
* @param mixed
* @return string
*/
function form_submit($data = '', $value = '', $extra = '')
{
$defaults = array(
'type' => 'submit',
'name' => is_array($data) ? '' : $data,
'value' => $value
);
return '<input ' . _parse_form_attributes($data, $defaults) . _attributes_to_string($extra) . " />\n";
}
}
// ------------------------------------------------------------------------
if (!function_exists('form_reset')) {
/**
* Reset Button
*
* @param mixed
* @param string
* @param mixed
* @return string
*/
function form_reset($data = '', $value = '', $extra = '')
{
$defaults = array(
'type' => 'reset',
'name' => is_array($data) ? '' : $data,
'value' => $value
);
return '<input ' . _parse_form_attributes($data, $defaults) . _attributes_to_string($extra) . " />\n";
}
}
// ------------------------------------------------------------------------
if (!function_exists('form_button')) {
/**
* Form Button
*
* @param mixed
* @param string
* @param mixed
* @return string
*/
function form_button($data = '', $content = '', $extra = '')
{
$defaults = array(
'name' => is_array($data) ? '' : $data,
'type' => 'button'
);
if (is_array($data) && isset($data['content'])) {
$content = $data['content'];
unset($data['content']); // content is not an attribute
}
return '<button ' . _parse_form_attributes($data, $defaults) . _attributes_to_string($extra) . '>'
. $content
. "</button>\n";
}
}
// ------------------------------------------------------------------------
if (!function_exists('form_label')) {
/**
* Form Label Tag
*
* @param string The text to appear onscreen
* @param string The id the label applies to
* @param mixed Additional attributes
* @return string
*/
function form_label($label_text = '', $id = '', $attributes = array())
{
$label = '<label';
if ($id !== '') {
$label .= ' for="' . $id . '"';
}
$label .= _attributes_to_string($attributes);
return $label . '>' . $label_text . '</label>';
}
}
// ------------------------------------------------------------------------
if (!function_exists('form_fieldset')) {
/**
* Fieldset Tag
*
* Used to produce <fieldset><legend>text</legend>. To close fieldset
* use form_fieldset_close()
*
* @param string The legend text
* @param array Additional attributes
* @return string
*/
function form_fieldset($legend_text = '', $attributes = array())
{
$fieldset = '<fieldset' . _attributes_to_string($attributes) . ">\n";
if ($legend_text !== '') {
return $fieldset . '<legend>' . $legend_text . "</legend>\n";
}
return $fieldset;
}
}
// ------------------------------------------------------------------------
if (!function_exists('form_fieldset_close')) {
/**
* Fieldset Close Tag
*
* @param string
* @return string
*/
function form_fieldset_close($extra = '')
{
return '</fieldset>' . $extra;
}
}
// ------------------------------------------------------------------------
if (!function_exists('form_close')) {
/**
* Form Close Tag
*
* @param string
* @return string
*/
function form_close($extra = '')
{
return '</form>' . $extra;
}
}
// ------------------------------------------------------------------------
if (!function_exists('form_prep')) {
/**
* Form Prep
*
* Formats text so that it can be safely placed in a form field in the event it has HTML tags.
*
* @deprecated 3.0.0 An alias for html_escape()
* @param string|string[] $str Value to escape
* @return string|string[] Escaped values
*/
function form_prep($str)
{
return html_escape($str, TRUE);
}
}
// ------------------------------------------------------------------------
if (!function_exists('set_value')) {
/**
* Form Value
*
* Grabs a value from the POST array for the specified field so you can
* re-populate an input field or textarea. If Form Validation
* is active it retrieves the info from the validation class
*
* @param string $field Field name
* @param string $default Default value
* @param bool $html_escape Whether to escape HTML special characters or not
* @return string
*/
function set_value($field, $default = '', $html_escape = TRUE)
{
$CI =& get_instance();
$value = (isset($CI->form_validation) && is_object($CI->form_validation) && $CI->form_validation->has_rule($field))
? $CI->form_validation->set_value($field, $default)
: $CI->input->post($field, FALSE);
isset($value) OR $value = $default;
return ($html_escape) ? html_escape($value) : $value;
}
}
// ------------------------------------------------------------------------
if (!function_exists('set_select')) {
/**
* Set Select
*
* Let's you set the selected value of a <select> menu via data in the POST array.
* If Form Validation is active it retrieves the info from the validation class
*
* @param string
* @param string
* @param bool
* @return string
*/
function set_select($field, $value = '', $default = FALSE)
{
$CI =& get_instance();
if (isset($CI->form_validation) && is_object($CI->form_validation) && $CI->form_validation->has_rule($field)) {
return $CI->form_validation->set_select($field, $value, $default);
} elseif (($input = $CI->input->post($field, FALSE)) === NULL) {
return ($default === TRUE) ? ' selected="selected"' : '';
}
$value = (string)$value;
if (is_array($input)) {
// Note: in_array('', array(0)) returns TRUE, do not use it
foreach ($input as &$v) {
if ($value === $v) {
return ' selected="selected"';
}
}
return '';
}
return ($input === $value) ? ' selected="selected"' : '';
}
}
// ------------------------------------------------------------------------
if (!function_exists('set_checkbox')) {
/**
* Set Checkbox
*
* Let's you set the selected value of a checkbox via the value in the POST array.
* If Form Validation is active it retrieves the info from the validation class
*
* @param string
* @param string
* @param bool
* @return string
*/
function set_checkbox($field, $value = '', $default = FALSE)
{
$CI =& get_instance();
if (isset($CI->form_validation) && is_object($CI->form_validation) && $CI->form_validation->has_rule($field)) {
return $CI->form_validation->set_checkbox($field, $value, $default);
}
// Form inputs are always strings ...
$value = (string)$value;
$input = $CI->input->post($field, FALSE);
if (is_array($input)) {
// Note: in_array('', array(0)) returns TRUE, do not use it
foreach ($input as &$v) {
if ($value === $v) {
return ' checked="checked"';
}
}
return '';
}
// Unchecked checkbox and radio inputs are not even submitted by browsers ...
if ($CI->input->method() === 'post') {
return ($input === $value) ? ' checked="checked"' : '';
}
return ($default === TRUE) ? ' checked="checked"' : '';
}
}
// ------------------------------------------------------------------------
if (!function_exists('set_radio')) {
/**
* Set Radio
*
* Let's you set the selected value of a radio field via info in the POST array.
* If Form Validation is active it retrieves the info from the validation class
*
* @param string $field
* @param string $value
* @param bool $default
* @return string
*/
function set_radio($field, $value = '', $default = FALSE)
{
$CI =& get_instance();
if (isset($CI->form_validation) && is_object($CI->form_validation) && $CI->form_validation->has_rule($field)) {
return $CI->form_validation->set_radio($field, $value, $default);
}
// Form inputs are always strings ...
$value = (string)$value;
$input = $CI->input->post($field, FALSE);
if (is_array($input)) {
// Note: in_array('', array(0)) returns TRUE, do not use it
foreach ($input as &$v) {
if ($value === $v) {
return ' checked="checked"';
}
}
return '';
}
// Unchecked checkbox and radio inputs are not even submitted by browsers ...
if ($CI->input->method() === 'post') {
return ($input === $value) ? ' checked="checked"' : '';
}
return ($default === TRUE) ? ' checked="checked"' : '';
}
}
// ------------------------------------------------------------------------
if (!function_exists('form_error')) {
/**
* Form Error
*
* Returns the error for a specific form field. This is a helper for the
* form validation class.
*
* @param string
* @param string
* @param string
* @return string
*/
function form_error($field = '', $prefix = '', $suffix = '')
{
if (FALSE === ($OBJ =& _get_validation_object())) {
return '';
}
return $OBJ->error($field, $prefix, $suffix);
}
}
// ------------------------------------------------------------------------
if (!function_exists('validation_errors')) {
/**
* Validation Error String
*
* Returns all the errors associated with a form submission. This is a helper
* function for the form validation class.
*
* @param string
* @param string
* @return string
*/
function validation_errors($prefix = '', $suffix = '')
{
if (FALSE === ($OBJ =& _get_validation_object())) {
return '';
}
return $OBJ->error_string($prefix, $suffix);
}
}
// ------------------------------------------------------------------------
if (!function_exists('_parse_form_attributes')) {
/**
* Parse the form attributes
*
* Helper function used by some of the form helpers
*
* @param array $attributes List of attributes
* @param array $default Default values
* @return string
*/
function _parse_form_attributes($attributes, $default)
{
if (is_array($attributes)) {
foreach ($default as $key => $val) {
if (isset($attributes[$key])) {
$default[$key] = $attributes[$key];
unset($attributes[$key]);
}
}
if (count($attributes) > 0) {
$default = array_merge($default, $attributes);
}
}
$att = '';
foreach ($default as $key => $val) {
if ($key === 'value') {
$val = html_escape($val);
} elseif ($key === 'name' && !strlen($default['name'])) {
continue;
}
$att .= $key . '="' . $val . '" ';
}
return $att;
}
}
// ------------------------------------------------------------------------
if (!function_exists('_attributes_to_string')) {
/**
* Attributes To String
*
* Helper function used by some of the form helpers
*
* @param mixed
* @return string
*/
function _attributes_to_string($attributes)
{
if (empty($attributes)) {
return '';
}
if (is_object($attributes)) {
$attributes = (array)$attributes;
}
if (is_array($attributes)) {
$atts = '';
foreach ($attributes as $key => $val) {
$atts .= ' ' . $key . '="' . $val . '"';
}
return $atts;
}
if (is_string($attributes)) {
return ' ' . $attributes;
}
return FALSE;
}
}
// ------------------------------------------------------------------------
if (!function_exists('_get_validation_object')) {
/**
* Validation Object
*
* Determines what the form validation class was instantiated as, fetches
* the object and returns it.
*
* @return mixed
*/
function &_get_validation_object()
{
$CI =& get_instance();
// We set this as a variable since we're returning by reference.
$return = FALSE;
if (FALSE !== ($object = $CI->load->is_loaded('Form_validation'))) {
if (!isset($CI->$object) OR !is_object($CI->$object)) {
return $return;
}
return $CI->$object;
}
return $return;
}
}
|
Download
