config->site_url($CI->uri->uri_string()); } // If an action is not a full URL then turn it into one elseif (strpos($action, '://') === false) { $action = $CI->config->site_url($action); } $attributes = _attributes_to_string($attributes); if (stripos($attributes, 'method=') === false) { $attributes .= ' method="post"'; } if (stripos($attributes, 'accept-charset=') === false) { $attributes .= ' accept-charset="' . strtolower(config_item('charset')) . '"'; } $form = '
\n"; if (is_array($hidden)) { foreach ($hidden as $name => $value) { $form .= '' . "\n"; } } // Add CSRF field if enabled, but leave it out for GET requests and requests to external websites if ($CI->config->item('csrf_protection') === true && strpos($action, $CI->config->base_url()) !== false && ! stripos($form, 'method="get"')) { // Prepend/append random-length "white noise" around the CSRF // token input, as a form of protection against BREACH attacks if (false !== ($noise = $CI->security->get_random_bytes(1))) { list(, $noise) = unpack('c', $noise); } else { $noise = mt_rand(-128, 127); } // Prepend if $noise has a negative value, append if positive, do nothing for zero $prepend = $append = ''; if ($noise < 0) { $prepend = str_repeat(" ", abs($noise)); } elseif ($noise > 0) { $append = str_repeat(" ", $noise); } $form .= sprintf( '%s%s%s', $prepend, $CI->security->get_csrf_token_name(), $CI->security->get_csrf_hash(), $append, "\n" ); } return $form; } } // ------------------------------------------------------------------------ if (! function_exists('form_open_multipart')) { /** * Form Declaration - Multipart type * * Creates the opening portion of the form, but with "multipart/form-data". * * @param string the URI segments of the form destination * @param array a key/value pair of attributes * @param array a key/value pair hidden data * @return string */ function form_open_multipart($action = '', $attributes = array(), $hidden = array()) { if (is_string($attributes)) { $attributes .= ' enctype="multipart/form-data"'; } else { $attributes['enctype'] = 'multipart/form-data'; } return form_open($action, $attributes, $hidden); } } // ------------------------------------------------------------------------ if (! function_exists('form_hidden')) { /** * Hidden Input Field * * Generates hidden fields. You can pass a simple key/value string or * an associative array with multiple values. * * @param mixed $name Field name * @param string $value Field value * @param bool $recursing * @return string */ function form_hidden($name, $value = '', $recursing = false) { static $form; if ($recursing === false) { $form = "\n"; } if (is_array($name)) { foreach ($name as $key => $val) { form_hidden($key, $val, true); } return $form; } if (! is_array($value)) { $form .= '\n"; } else { foreach ($value as $k => $v) { $k = is_int($k) ? '' : $k; form_hidden($name . '[' . $k . ']', $v, true); } } return $form; } } // ------------------------------------------------------------------------ if (! function_exists('form_input')) { /** * Text Input Field * * @param mixed * @param string * @param mixed * @return string */ function form_input($data = '', $value = '', $extra = '') { $defaults = array( 'type' => 'text', 'name' => is_array($data) ? '' : $data, 'value' => $value ); return '\n"; } } // ------------------------------------------------------------------------ if (! function_exists('form_password')) { /** * Password Field * * Identical to the input function but adds the "password" type * * @param mixed * @param string * @param mixed * @return string */ function form_password($data = '', $value = '', $extra = '') { is_array($data) or $data = array('name' => $data); $data['type'] = 'password'; return form_input($data, $value, $extra); } } // ------------------------------------------------------------------------ if (! function_exists('form_upload')) { /** * Upload Field * * Identical to the input function but adds the "file" type * * @param mixed * @param string * @param mixed * @return string */ function form_upload($data = '', $value = '', $extra = '') { $defaults = array('type' => 'file', 'name' => ''); is_array($data) or $data = array('name' => $data); $data['type'] = 'file'; return '\n"; } } // ------------------------------------------------------------------------ if (! function_exists('form_textarea')) { /** * Textarea field * * @param mixed $data * @param string $value * @param mixed $extra * @return string */ function form_textarea($data = '', $value = '', $extra = '') { $defaults = array( 'name' => is_array($data) ? '' : $data, 'cols' => '40', 'rows' => '10' ); if (! is_array($data) or ! isset($data['value'])) { $val = $value; } else { $val = $data['value']; unset($data['value']); // textareas don't use the value attribute } return '\n"; } } // ------------------------------------------------------------------------ if (! function_exists('form_multiselect')) { /** * Multi-select menu * * @param string * @param array * @param mixed * @param mixed * @return string */ function form_multiselect($name = '', $options = array(), $selected = array(), $extra = '') { $extra = _attributes_to_string($extra); if (stripos($extra, 'multiple') === false) { $extra .= ' multiple="multiple"'; } return form_dropdown($name, $options, $selected, $extra); } } // -------------------------------------------------------------------- if (! function_exists('form_dropdown')) { /** * Drop-down Menu * * @param mixed $data * @param mixed $options * @param mixed $selected * @param mixed $extra * @return string */ function form_dropdown($data = '', $options = array(), $selected = array(), $extra = '') { $defaults = array(); if (is_array($data)) { if (isset($data['selected'])) { $selected = $data['selected']; unset($data['selected']); // select tags don't have a selected attribute } if (isset($data['options'])) { $options = $data['options']; unset($data['options']); // select tags don't use an options attribute } } else { $defaults = array('name' => $data); } is_array($selected) or $selected = array($selected); is_array($options) or $options = array($options); // If no selected state was submitted we will attempt to set it automatically if (empty($selected)) { if (is_array($data)) { if (isset($data['name'], $_POST[$data['name']])) { $selected = array($_POST[$data['name']]); } } elseif (isset($_POST[$data])) { $selected = array($_POST[$data]); } } $extra = _attributes_to_string($extra); $multiple = (count($selected) > 1 && stripos($extra, 'multiple') === false) ? ' multiple="multiple"' : ''; $form = '\n"; } } // ------------------------------------------------------------------------ if (! function_exists('form_checkbox')) { /** * Checkbox Field * * @param mixed * @param string * @param bool * @param mixed * @return string */ function form_checkbox($data = '', $value = '', $checked = false, $extra = '') { $defaults = array('type' => 'checkbox', 'name' => (! is_array($data) ? $data : ''), 'value' => $value); if (is_array($data) && array_key_exists('checked', $data)) { $checked = $data['checked']; if ($checked == false) { unset($data['checked']); } else { $data['checked'] = 'checked'; } } if ($checked == true) { $defaults['checked'] = 'checked'; } else { unset($defaults['checked']); } return '\n"; } } // ------------------------------------------------------------------------ if (! function_exists('form_radio')) { /** * Radio Button * * @param mixed * @param string * @param bool * @param mixed * @return string */ function form_radio($data = '', $value = '', $checked = false, $extra = '') { is_array($data) or $data = array('name' => $data); $data['type'] = 'radio'; return form_checkbox($data, $value, $checked, $extra); } } // ------------------------------------------------------------------------ if (! function_exists('form_submit')) { /** * Submit Button * * @param mixed * @param string * @param mixed * @return string */ function form_submit($data = '', $value = '', $extra = '') { $defaults = array( 'type' => 'submit', 'name' => is_array($data) ? '' : $data, 'value' => $value ); return '\n"; } } // ------------------------------------------------------------------------ if (! function_exists('form_reset')) { /** * Reset Button * * @param mixed * @param string * @param mixed * @return string */ function form_reset($data = '', $value = '', $extra = '') { $defaults = array( 'type' => 'reset', 'name' => is_array($data) ? '' : $data, 'value' => $value ); return '\n"; } } // ------------------------------------------------------------------------ if (! function_exists('form_button')) { /** * Form Button * * @param mixed * @param string * @param mixed * @return string */ function form_button($data = '', $content = '', $extra = '') { $defaults = array( 'name' => is_array($data) ? '' : $data, 'type' => 'button' ); if (is_array($data) && isset($data['content'])) { $content = $data['content']; unset($data['content']); // content is not an attribute } return '\n"; } } // ------------------------------------------------------------------------ if (! function_exists('form_label')) { /** * Form Label Tag * * @param string The text to appear onscreen * @param string The id the label applies to * @param mixed Additional attributes * @return string */ function form_label($label_text = '', $id = '', $attributes = array()) { $label = '' . $label_text . ''; } } // ------------------------------------------------------------------------ if (! function_exists('form_fieldset')) { /** * Fieldset Tag * * Used to produce
text. To close fieldset * use form_fieldset_close() * * @param string The legend text * @param array Additional attributes * @return string */ function form_fieldset($legend_text = '', $attributes = array()) { $fieldset = '\n"; if ($legend_text !== '') { return $fieldset . '' . $legend_text . "\n"; } return $fieldset; } } // ------------------------------------------------------------------------ if (! function_exists('form_fieldset_close')) { /** * Fieldset Close Tag * * @param string * @return string */ function form_fieldset_close($extra = '') { return '
' . $extra; } } // ------------------------------------------------------------------------ if (! function_exists('form_close')) { /** * Form Close Tag * * @param string * @return string */ function form_close($extra = '') { return '' . $extra; } } // ------------------------------------------------------------------------ if (! function_exists('form_prep')) { /** * Form Prep * * Formats text so that it can be safely placed in a form field in the event it has HTML tags. * * @deprecated 3.0.0 An alias for html_escape() * @param string|string[] $str Value to escape * @return string|string[] Escaped values */ function form_prep($str) { return html_escape($str, true); } } // ------------------------------------------------------------------------ if (! function_exists('set_value')) { /** * Form Value * * Grabs a value from the POST array for the specified field so you can * re-populate an input field or textarea. If Form Validation * is active it retrieves the info from the validation class * * @param string $field Field name * @param string $default Default value * @param bool $html_escape Whether to escape HTML special characters or not * @return string */ function set_value($field, $default = '', $html_escape = true) { $CI = & get_instance(); $value = (isset($CI->form_validation) && is_object($CI->form_validation) && $CI->form_validation->has_rule($field)) ? $CI->form_validation->set_value($field, $default) : $CI->input->post($field, false); isset($value) or $value = $default; return ($html_escape) ? html_escape($value) : $value; } } // ------------------------------------------------------------------------ if (! function_exists('set_select')) { /** * Set Select * * Let's you set the selected value of a