/**
* Form Declaration
*
* Creates the opening portion of the form.
*
* Modified to accomodate HTTPS actions
*
* @param string the URI segments of the form destination
* @param array a key/value pair of attributes
* @param array a key/value pair hidden data
*/
function form_open($action = '', $attributes = '', $hidden = array())
{
$CI =& get_instance();
if ($attributes == '') {
$attributes = 'method="post"';
}
// If an action is not a full URL then turn it into one
if ($action && strpos($action, '://') === FALSE) {
$action = if_secure_site_url($action);
}
// If no action is provided then set to the current url
$action or $action = if_secure_site_url($CI->uri->uri_string());
$form = '<form action="' . $action . '"';
$form .= _attributes_to_string($attributes, TRUE);
$form .= '>';
// Add CSRF field if enabled, but leave it out for GET requests and requests to external websites
if ($CI->config->item('csrf_protection') === TRUE and !(strpos($action, if_secure_base_url()) === FALSE or strpos($form, 'method="get"'))) {
$hidden[$CI->security->get_csrf_token_name()] = $CI->security->get_csrf_hash();
}
// Add MY CSRF token if MY CSRF library is loaded
if ($CI->load->is_loaded('tokens') and !(strpos($action, if_secure_base_url()) === FALSE or strpos($form, 'method="get"'))) {
$hidden[$CI->tokens->name] = $CI->tokens->token();
}
if (is_array($hidden) and count($hidden) > 0) {
$form .= sprintf("<div style=\"display:none\">%s</div>", form_hidden($hidden));
}
return $form;
}
function form_open($action = '', $attributes = array(), $hidden = array())
{
$CI =& get_instance();
// If no action is provided then set to the current url
if (!$action) {
$action = current_url($action);
} elseif (strpos($action, '://') === FALSE) {
$action = if_secure_site_url($action);
}
$attributes = _attributes_to_string($attributes);
if (stripos($attributes, 'method=') === FALSE) {
$attributes .= ' method="post"';
}
if (stripos($attributes, 'accept-charset=') === FALSE) {
$attributes .= ' accept-charset="' . strtolower(config_item('charset')) . '"';
}
$form = '<form action="' . $action . '"' . $attributes . ">\n";
// Add CSRF field if enabled, but leave it out for GET requests and requests to external websites
if ($CI->config->item('csrf_protection') === TRUE && strpos($action, if_secure_base_url()) !== FALSE && !stripos($form, 'method="get"')) {
$hidden[$CI->security->get_csrf_token_name()] = $CI->security->get_csrf_hash();
}
// Add MY CSRF token if MY CSRF library is loaded
if ($CI->load->is_loaded('tokens') && strpos($action, if_secure_base_url()) !== FALSE && !stripos($form, 'method="get"')) {
$hidden[$CI->tokens->name] = $CI->tokens->token();
}
if (is_array($hidden)) {
foreach ($hidden as $name => $value) {
$form .= '<input type="hidden" name="' . $name . '" value="' . html_escape($value) . '" style="display:none;" />' . "\n";
}
}
return $form;
}
} else {
// Default option if not POST request
$vehicle_colors[] = '-- Select Type --';
}
}
}
echo form_dropdown('color', $vehicle_colors, set_value('color'), 'id="color" class="form_select"');
?>
</div>
<input type="hidden" id="ci_csrf_token_name" value="<?php
echo config_item('csrf_token_name');
?>
" />
<input type="hidden" id="ajax_url" value="<?php
echo if_secure_site_url('auto_populate/process_request/example');
?>
" />
</fieldset>
<div class="form-row">
<div id="submit_box">
<?php
// SUBMIT BUTTON ***********************
$input_data = array('name' => 'submit', 'id' => 'submit_button', 'value' => 'Submit');
echo form_submit($input_data);
?>
</div>
</div>
</div>
