aboutsummaryrefslogtreecommitdiff
path: root/views/default/input/form.php
blob: 364e13f86f4087b69394fceac9ed39a07ef18257 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
<?php
/**
 * Create a form for data submission.
 * Use this view for forms rather than creating a form tag in the wild as it provides
 * extra security which help prevent CSRF attacks.
 *
 * @package Elgg
 * @subpackage Core
 * @author Curverider Ltd
 * @link http://elgg.org/
 *
 * @uses $vars['body'] The body of the form (made up of other input/xxx views and html
 * @uses $vars['disable_security'] Force the securitytokens not to be added to this form (@todo what's the point??)
 *
 */
$defaults = array(
	'body' => '',
	'method' => 'POST',
);

$vars = array_merge($defaults, $vars);

$body = $vars['body'];
unset($vars['body']);

if ($vars['disable_security'] != TRUE) {
	$body .= elgg_view('input/securitytoken');
}
unset($vars['disable_security']);

$attributes = html5_get_html_attributes($vars);

echo "<form $attributes>$body</form>";