aboutsummaryrefslogtreecommitdiff
path: root/views/default/input/button.php
blob: 0ad19a43243f1153ef63ddd607c336f366a0b9ec (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
<?php
/**
 * Create a input button
 * Use this view or submit view for forms rather than creating a 
 * submit/reset button tag in the wild as it provides extra security 
 * which help prevent CSRF attacks.
 *
 * @package Elgg
 * @subpackage Core
 * @author Curverider Ltd
 * @link http://elgg.org/
 *
 * @uses $vars['value'] The current value, if any
 * @uses $vars['js'] Any Javascript to enter into the input tag
 * @uses $vars['internalname'] The name of the input field
 * @uses $vars['type'] Submit or reset, defaults to submit.
 * @uses $vars['src'] Src of an image
 *
 */

global $CONFIG;

if (isset($vars['class'])) {
	$class = $vars['class'];
} else {
	$class = "submit_button";
}

// defaults to submit button
if (isset($vars['type'])) {
	$type = strtolower($vars['type']);
} else {
	$type = 'submit';
}

switch ($type) {
	case 'button' :
		$type='button';
		break;
	case 'reset' :
		$type='reset';
		break;
	case 'submit':
	default:
		$type = 'submit';
}

$value = htmlentities($vars['value'], ENT_QUOTES, 'UTF-8');
if (isset($vars['internalname'])) {
	$name = $vars['internalname'];
}
if (isset($vars['src'])) {
	$src = "src=\"{$vars['src']}\"";
}
// blank src if trying to access an offsite image.
if (strpos($src,$CONFIG->wwwroot)===false) {
	$src = "";
}
?>
<input name="<?php echo $vars['internalname']; ?>" <?php if (isset($vars['internalid'])) echo "id=\"{$vars['internalid']}\""; ?> type="<?php echo $type; ?>" class="<?php echo $class; ?>" <?php echo $vars['js']; ?> value="<?php echo $value; ?>" <?php echo $src; ?> />