Closes #209

git-svn-id: https://code.elgg.org/elgg/trunk@1726 36083f99-b078-4883-b0ff-0f9b5a30f544
author: marcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544> 2008-08-06 09:52:49 +0000
committer: marcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544> 2008-08-06 09:52:49 +0000
commit: 49ed87415e94f155b52825b1670846e2fd5c48bb (patch)
tree: 482e1006707b22aa768491124982de879063042b
parent: efb6174544ef9349205dd3a4b43c6a220a428224 (diff)
download: elgg-49ed87415e94f155b52825b1670846e2fd5c48bb.tar.gz
elgg-49ed87415e94f155b52825b1670846e2fd5c48bb.tar.bz2
1 files changed, 20 insertions, 0 deletions
diff --git a/views/default/input/hidden.php b/views/default/input/hidden.php
new file mode 100644
index 000000000..a434b1d03
--- /dev/null
+++ b/views/default/input/hidden.php
@@ -0,0 +1,20 @@
+<?php
+	/**
+	 * Create a hidden data field
+	 * Use this view for forms rather than creating a hidden tag in the wild as it provides
+	 * extra security which help prevent CSRF attacks.
+	 * 
+	 * @package Elgg
+	 * @subpackage Core
+	 * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2
+	 * @author Marcus Povey
+	 * @copyright Curverider Ltd 2008
+	 * @link http://elgg.org/
+	 * 
+	 * @uses $vars['value'] The current value, if any
+	 * @uses $vars['js'] Any Javascript to enter into the input tag
+	 * @uses $vars['internalname'] The name of the input field
+	 * 
+	 */
+?>
+<input type="hidden" <?php echo $vars['js']; ?> name="<?php echo $vars['internalname']; ?>" value="<?php echo htmlentities($vars['value']); ?>" /> 
+\ No newline at end of file
author	marcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544>	2008-08-06 09:52:49 +0000
committer	marcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544>	2008-08-06 09:52:49 +0000
commit	49ed87415e94f155b52825b1670846e2fd5c48bb (patch)
tree	482e1006707b22aa768491124982de879063042b
parent	efb6174544ef9349205dd3a4b43c6a220a428224 (diff)
download	elgg-49ed87415e94f155b52825b1670846e2fd5c48bb.tar.gz elgg-49ed87415e94f155b52825b1670846e2fd5c48bb.tar.bz2