Back to the module list

Create HTML Forms

The form is the based method to communicate with the users, and to get information. The created form is compatible with the Bootstrap library

Create a HTML form

$form = new \form ();
$values = array ();
$errors = array ();
$values = $form->getOldValues ($values);
$errors = $form->getOldErrors ($errors);

$fields = array ();

// Define the fields to display
$field = new \formfield ("requesterMail", _("Requester mail"));
$field->type = "hidden";
$fields[] = $field;

$field = new \formfield ("visitedName", _("Your name"));
$field->values = "default value";
$field->mandatory = true;
$field->maxlength = 128;
$fields[] = $field;

$form->fields ($fields);
echo $form->printHTML ("post", $values, $errors);

Get the values

$route = new route ();
$form = new \form ();
$values = $form->values ();
// Here check the values
$errors = array ();
$form->saveValuesErrors ($values, $errors);
if (count ($errors)) $route->redirect ("/request");
$requestObj->create ($values);
$form->saveValuesErrorsReset ();
$route->redirect ("/request");


The Form class blocks the user when it try to submit multiple times the form page. This is a working bug in Edge and Chrome.

The second point of security is a CSRF token automatically added to the page. If the token received by the POST is invalid, the request is rejected.

The class definition

Class \form

Namespace \


 This class permit to create easily some forms to HTML (or text mode in
 Each field can be checked in AJAX or HTML.


public $csrf=true;
 CSRF protection
 By default, the CSRF protection is active if a SESSION is active too.
 It can be disabled if needed. An Exception is raised if the form is send
 back without the token
public $csrfField="CSRF_TOKEN";
 Name of the CSRF hidden field in HTML page
public $debug=0;
 Allow to debug the PHP
public $fieldwidth=10;
 The Bootstrap width of the column of fields
public $formClass="form-horizontal";
 Define a class for form object
public $titlewidth=2;
 The Bootstrap width of the column of titles


public function __construct ($formName="form")
 Create a form
 @param string|null $formName The form name

public function addfield ($field)
 Add a field to the form. For the details of a field, see the description
 in fields method
 @param object $field The field to add

public function checkToken ($tokenFromUser)
 Check the token from the user
 @param string $tokenFromUser The value form the user's token

public function convertDate ($inputDate, $inputFormat, $outputFormat)
 Convert Date received in one format to another.
 If the provided string is not corresponding to the format, don't change
 Format used
 @param string $inputDate The date to modify
 @param string $inputFormat The input format of the date
 @param string $outputFormat The output format of the date
 @return string

public function fields ($fields)
 Save the array of fields into the structure.
 Available :
 - name        : name of the field in the HTML page
 - label       : label written to the describe the field
 - [titles]    : text written in radio/checkboxes
 - [defaults]  : default values. Must be array for checkbox/select, and
                 string for others
 - [type]      : text, password, hidden, checkbox, select, radio, submit,
                 text by default
 - [help]      : The Help message (written below the field). Overwrited in
                 case of error
 - [multiple]  : Multiple selection are possible (if the type supports it)
 - [group]     : define a fieldset and define the title with groupe name
                 Warning : all the elements of the same group must be
                 consecutive !
 - [readonly]  : put a read-only flag on the field (the user see it but
                 can't interract on it. The value will be sent to next
 - [mandatory] : boolean to add a red star at end of label
 - [hidden]    : hide the field (add a style='display:hidden' to the field)
 - [maxlength] : the maximum length of the content of the field in chars
 - [rows]      : Number of rows
 - [cols]      : Number of columns
 - [placeholder] : The text to be displayed in the placeholder

 @param array $fields The fields to be displayed

public function getOldErrors ($errors)
 Get the stored errors if there is one. If there is no sorted errors,
 return the errors provided as parameter
 @param array $errors The values returned if there is no stored values
 @return array The errors to use

public function getOldValues ($values)
 Get the stored values if there is one. If there is no stored values,
 return the values provided as parameter
 @param array $values The values returned if there is no stored values
 @return array The values to use

public function getToken ()
 Return the token generated in form

public function printHTML ($method="post", $values=null, $errors=array ())
 Return the fields in HTML code. If $values is provided, use it in place
 of default values. In case of select boxes, $values are the selected
 $method is the method written in method field of <form>
 @param string|null $method The method to use to transmit the form (POST,
 @param array|null $values The default values of the fields
 @param array|null $errors The fields to put in error with the associated

public function saveValuesErrors ($values, $errors=array ())
 Save the values and errors to be displayed in the next page if the session
 is available
 Need the session to work
 @param array $values The values of the fields filled by the user
 @param array|null $errors The errors detected by a verify

public function saveValuesErrorsReset ()
 Reset the saved values to provide a clean form next page
 Need the session to work

public function values ()
 Return the values provided by the user. Test the CSRF before continue
 NEVER read the values from $_POST in your codes or CSRF will not be

public function verify ($values, $fields=array ())
 Check if the parameters are correct with the defined fields
 Need the session !
 @param array $values The values to check
 @param array|null $fields The fields definition (or use the session
 stored one if the value is null)
 @return array containing the errors

Class \formfield

Namespace \


 The definition of a formfield


public $cols;
 Number of columns
public $defaults;
 The defaults values of the field
public $error;
 The statut of error of the field
public $fieldwidth=10;
 The Bootstrap width of the column of fields
public $formName;
 The form name
public $group;
 The name of group for the fields
public $help;
 Allow a help message to be displayed below the field. In case of error,
 it is overrided by the error message
public $label;
 The label of the field
public $mandatory;
 The field is mandatory
public $multiple;
 The multiplicity of selection of the field (available in select only)
public $name;
 The name of the field
public $readonly;
 The read-only feature of the field
public $rows;
 Number of rows
public $titles;
 The titles of the field
public $titlewidth=2;
 The Bootstrap width of the column of titles
public $type="text";
 The type of the field (text, password, checkbox, select)


public function __construct ($name, $label)
 When adding a field, the name and the label are the minimum mandatory
 @param string $name Name of the field
 @param string $label Label of the field

public function display ()
 Display really the form

public function fieldcheckbox ()
 Return the checkbox defined

public function fieldhidden ()
 Return the hidden field defined

public function fieldpassword ()
 Return the password field defined

public function fieldradio ()
 Return the radio field defined

public function fieldselect ()
 Return the checkbox defined

public function fieldsubmit ()
 Return the submit defined

public function fieldtext ()
 Return the text defined

public function fieldtextarea ()
 Return the textarea defined