aboutsummaryrefslogtreecommitdiff
path: root/views/failsafe/input/hidden.php
diff options
context:
space:
mode:
Diffstat (limited to 'views/failsafe/input/hidden.php')
-rw-r--r--views/failsafe/input/hidden.php20
1 files changed, 20 insertions, 0 deletions
diff --git a/views/failsafe/input/hidden.php b/views/failsafe/input/hidden.php
new file mode 100644
index 000000000..4ff9f31da
--- /dev/null
+++ b/views/failsafe/input/hidden.php
@@ -0,0 +1,20 @@
+<?php
+ /**
+ * Create a hidden data field
+ * Use this view for forms rather than creating a hidden tag in the wild as it provides
+ * extra security which help prevent CSRF attacks.
+ *
+ * @package Elgg
+ * @subpackage Core
+ * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2
+ * @author Curverider Ltd
+ * @copyright Curverider Ltd 2008
+ * @link http://elgg.org/
+ *
+ * @uses $vars['value'] The current value, if any
+ * @uses $vars['js'] Any Javascript to enter into the input tag
+ * @uses $vars['internalname'] The name of the input field
+ *
+ */
+?>
+<input type="hidden" <?php echo $vars['js']; ?> name="<?php echo $vars['internalname']; ?>" value="<?php echo htmlentities($vars['value'], null, 'UTF-8'); ?>" /> \ No newline at end of file
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-24 01:27:47 +0000