<h4>editUsername</h4> <!-- echo out the system feedback (error and success messages) --> <?php $this->renderFeedbackMessages(); ?> <h4>Change your username</h4> <form action="<?php echo Config::get('URL'); ?> user/editUserName_action" method="post"> <!-- btw http://stackoverflow.com/questions/774054/should-i-put-input-tag-inside-label-tag --> <label> New username: <input type="text" name="user_name" required /> </label> <!-- set CSRF token at the end of the form --> <input type="hidden" name="csrf_token" value="<?php echo Csrf::makeToken(); ?> " /> <input type="submit" value="Submit" /> </form>