diff options
| author | Brett Profitt <brett.profitt@gmail.com> | 2011-06-18 19:56:33 -0400 |
|---|---|---|
| committer | Brett Profitt <brett.profitt@gmail.com> | 2011-06-18 19:56:33 -0400 |
| commit | ec7b94a64aef23b85866ecdac8e8acc712d29bb6 (patch) | |
| tree | a108205c3fa0b694d8ce0ebaafd259480d6b530a /views/installation/input/form.php | |
| parent | c80ba5aa03264dd64c20ed8ae222e87f9371a44d (diff) | |
| parent | 2b68a4d217c35a5587c462620789493cf2804ba2 (diff) | |
| download | elgg-ec7b94a64aef23b85866ecdac8e8acc712d29bb6.tar.gz elgg-ec7b94a64aef23b85866ecdac8e8acc712d29bb6.tar.bz2 | |
Merge branch 'master' of github.com:Elgg/Elgg
Diffstat (limited to 'views/installation/input/form.php')
| -rw-r--r-- | views/installation/input/form.php | 30 |
1 files changed, 7 insertions, 23 deletions
diff --git a/views/installation/input/form.php b/views/installation/input/form.php index b131c9d10..f8730b4f5 100644 --- a/views/installation/input/form.php +++ b/views/installation/input/form.php @@ -1,36 +1,26 @@ <?php /** * Create a form for data submission. - * Use this view for forms rather than creating a form tag in the wild as it provides - * extra security which help prevent CSRF attacks. * - * @package Elgg - * @subpackage Core - * - * @uses $vars['body'] The body of the form (made up of other input/xxx views and html - * @uses $vars['method'] Method (default POST) - * @uses $vars['enctype'] How the form is encoded, default blank + * @uses $vars['body'] The body of the form (made up of other input/xxx views and html * @uses $vars['action'] URL of the action being called - * + * @uses $vars['method'] Method (default POST) + * @uses $vars['id'] Form id + * @uses $vars['name'] Form name */ if (isset($vars['id'])) { - $id = $vars['id']; + $id = "id=\"{$vars['id']}\""; } else { $id = ''; } if (isset($vars['name'])) { - $name = $vars['name']; + $name = "name=\"{$vars['name']}\""; } else { $name = ''; } $body = $vars['body']; $action = $vars['action']; -if (isset($vars['enctype'])) { - $enctype = $vars['enctype']; -} else { - $enctype = ''; -} if (isset($vars['method'])) { $method = $vars['method']; } else { @@ -39,13 +29,7 @@ if (isset($vars['method'])) { $method = strtolower($method); -// Generate a security header -$security_header = ""; -if (!isset($vars['disable_security']) || $vars['disable_security'] != true) { - $security_header = elgg_view('input/securitytoken'); -} ?> -<form <?php if ($id) { ?>id="<?php echo $id; ?>" <?php } ?> <?php if ($name) { ?>name="<?php echo $name; ?>" <?php } ?> action="<?php echo $action; ?>" method="<?php echo $method; ?>" <?php if ($enctype!="") echo "enctype=\"$enctype\""; ?> <?php echo $vars['js']; ?>> -<?php echo $security_header; ?> +<form <?php echo "$id $name"; ?> action="<?php echo $action; ?>" method="<?php echo $method; ?>"> <?php echo $body; ?> </form>
\ No newline at end of file |