/**
 * Form Declaration
 *
 * Creates the opening portion of the form.
 *
 * Modified to accomodate HTTPS actions
 *
 * @param  string  the URI segments of the form destination
 * @param  array   a key/value pair of attributes
 * @param  array   a key/value pair hidden data
 */
function form_open($action = '', $attributes = '', $hidden = array())
{
    $CI =& get_instance();
    if ($attributes == '') {
        $attributes = 'method="post"';
    }
    // If an action is not a full URL then turn it into one
    if ($action && strpos($action, '://') === FALSE) {
        $action = if_secure_site_url($action);
    }
    // If no action is provided then set to the current url
    $action or $action = if_secure_site_url($CI->uri->uri_string());
    $form = '<form action="' . $action . '"';
    $form .= _attributes_to_string($attributes, TRUE);
    $form .= '>';
    // Add CSRF field if enabled, but leave it out for GET requests and requests to external websites
    if ($CI->config->item('csrf_protection') === TRUE and !(strpos($action, if_secure_base_url()) === FALSE or strpos($form, 'method="get"'))) {
        $hidden[$CI->security->get_csrf_token_name()] = $CI->security->get_csrf_hash();
    }
    // Add MY CSRF token if MY CSRF library is loaded
    if ($CI->load->is_loaded('tokens') and !(strpos($action, if_secure_base_url()) === FALSE or strpos($form, 'method="get"'))) {
        $hidden[$CI->tokens->name] = $CI->tokens->token();
    }
    if (is_array($hidden) and count($hidden) > 0) {
        $form .= sprintf("<div style=\"display:none\">%s</div>", form_hidden($hidden));
    }
    return $form;
}
Ejemplo n.º 2
0
 function form_open($action = '', $attributes = array(), $hidden = array())
 {
     $CI =& get_instance();
     // If no action is provided then set to the current url
     if (!$action) {
         $action = current_url($action);
     } elseif (strpos($action, '://') === FALSE) {
         $action = if_secure_site_url($action);
     }
     $attributes = _attributes_to_string($attributes);
     if (stripos($attributes, 'method=') === FALSE) {
         $attributes .= ' method="post"';
     }
     if (stripos($attributes, 'accept-charset=') === FALSE) {
         $attributes .= ' accept-charset="' . strtolower(config_item('charset')) . '"';
     }
     $form = '<form action="' . $action . '"' . $attributes . ">\n";
     // Add CSRF field if enabled, but leave it out for GET requests and requests to external websites
     if ($CI->config->item('csrf_protection') === TRUE && strpos($action, if_secure_base_url()) !== FALSE && !stripos($form, 'method="get"')) {
         $hidden[$CI->security->get_csrf_token_name()] = $CI->security->get_csrf_hash();
     }
     // Add MY CSRF token if MY CSRF library is loaded
     if ($CI->load->is_loaded('tokens') && strpos($action, if_secure_base_url()) !== FALSE && !stripos($form, 'method="get"')) {
         $hidden[$CI->tokens->name] = $CI->tokens->token();
     }
     if (is_array($hidden)) {
         foreach ($hidden as $name => $value) {
             $form .= '<input type="hidden" name="' . $name . '" value="' . html_escape($value) . '" style="display:none;" />' . "\n";
         }
     }
     return $form;
 }
        } else {
            // Default option if not POST request
            $vehicle_colors[] = '-- Select Type --';
        }
    }
}
echo form_dropdown('color', $vehicle_colors, set_value('color'), 'id="color" class="form_select"');
?>

			</div>
			<input type="hidden" id="ci_csrf_token_name" value="<?php 
echo config_item('csrf_token_name');
?>
" />
			<input type="hidden" id="ajax_url" value="<?php 
echo if_secure_site_url('auto_populate/process_request/example');
?>
" />
		</fieldset>
		<div class="form-row">
			<div id="submit_box">

				<?php 
// SUBMIT BUTTON ***********************
$input_data = array('name' => 'submit', 'id' => 'submit_button', 'value' => 'Submit');
echo form_submit($input_data);
?>

			</div>
		</div>
	</div>