/** * Generates an opening HTML form tag * * Examples: * ~~~ * // Form will submit back to the current page using POST * echo Form::open(); * * // Form will submit to 'search' using GET * echo Form::open('search', array('method' => 'get')); * * // When "file" inputs are present, you must include the "enctype" * echo Form::open(NULL, array('enctype' => 'multipart/form-data')); * ~~~ * * @param mixed $action Form action, defaults to the current request URI, or Request class to use [Optional] * @param array $attrs HTML attributes [Optional] * @return string * * @uses Request::uri * @uses Request::current * @uses Request::query * @uses URL::site * @uses URL::is_remote * @uses URL::explode * @uses HTML::attributes * @uses Assets::css * @uses CSRF::key * @uses CSRF::token */ public static function open($action = NULL, array $attrs = NULL) { if ($action instanceof Request) { // Use the current URI $action = $action->uri(); } if ($action === '') { // Allow empty form actions (submits back to the current url). $action = ''; } elseif (!URL::is_remote($action)) { // Make the URI absolute $action = URL::site($action); } // Add the form action to the attributes $attrs['action'] = $action; // Dynamically sets destination url to from action if exists in url if (Kohana::$is_cli === FALSE and $desti = Request::current()->query('destination') and !empty($desti)) { // Properly parse the path and query $url = URL::explode($action); //On seriously malformed URLs, parse_url() may return FALSE. if (isset($url['path']) and is_array($url['query_params'])) { //add destination param $url['query_params']['destination'] = $desti; //set the form action parameter $attrs['action'] = $url['path'] . URL::query($url['query_params']); } } // Only accept the default character set $attrs['accept-charset'] = Kohana::$charset; if (!isset($attrs['method'])) { // Use POST method $attrs['method'] = 'post'; } $out = '<form' . HTML::attributes($attrs) . '>' . PHP_EOL; if (Gleez::$installed) { // Assign the global form css file Assets::css('form', 'media/css/form.css', array('weight' => 2)); $action = md5($action . CSRF::key()); $out .= self::hidden('_token', CSRF::token(FALSE, $action)) . PHP_EOL; $out .= self::hidden('_action', $action) . PHP_EOL; } return $out; }