Back to the module list

Create HTML Forms

The form is the based method to communicate with the users, and to get information. The created form is compatible with the Bootstrap library

Create a HTML form

$form = new Domframework\Form ();
$values = array ();
$errors = array ();
$values = $form->getOldValues ($values);
$errors = $form->getOldErrors ($errors);

$fields = array ();

// Define the fields to display
$field = new Domframework\Formfield ("requesterMail", _("Requester mail"));
$field->type = "hidden";
$fields[] = $field;

$field = new Domframework\Formfield ("visitedName", _("Your name"));
$field->values = "default value";
$field->mandatory = true;
$field->maxlength = 128;
$fields[] = $field;

$form->fields ($fields);
echo $form->printHTML ("post", $values, $errors);

Get the values

$route = new Domframework\Route ();
$form = new Domframework\Form ();
$values = $form->values ();
// Here check the values
$errors = array ();
$form->saveValuesErrors ($values, $errors);
if (count ($errors)) $route->redirect ("/request");
$requestObj->create ($values);
$form->saveValuesErrorsReset ();
$route->redirect ("/request");


The Form class blocks the user when it try to submit multiple times the form page. This is a working bug in Edge and Chrome.

The second point of security is a CSRF token automatically added to the page. If the token received by the POST is invalid, the request is rejected.

The class definition

Class Domframework\Form

Namespace Domframework


 This class permit to create easily some forms to HTML (or text mode in
 Each field can be checked in AJAX or HTML.


public $csrf=true;
 CSRF protection
 By default, the CSRF protection is active if a SESSION is active too.
 It can be disabled if needed. An Exception is raised if the form is send
 back without the token
public $csrfField="CSRF_TOKEN";
 Name of the CSRF hidden field in HTML page
public $debug=0;
 Allow to debug the PHP
public $fieldwidth=10;
 The Bootstrap width of the column of fields
public $formClass="form-horizontal";
 Define a class for form object
public $titlewidth=2;
 The Bootstrap width of the column of titles


public function __construct ( $formName="form")
 Create a form
 @param string|null $formName The form name

public function addfield ( $field)
 Add a field to the form. For the details of a field, see the description
 in fields method
 @param object $field The field to add

public function checkToken ( $tokenFromUser)
 Check the token from the user
 @param string $tokenFromUser The value form the user's token

public function convertDate ( $inputDate, $inputFormat, $outputFormat)
 Convert Date received in one format to another.
 If the provided string is not corresponding to the format, don't change
 Format used
 @param string $inputDate The date to modify
 @param string $inputFormat The input format of the date
 @param string $outputFormat The output format of the date
 @return string

public function csrf ( $val)
 Set the csrf enable
 @param integer $val The csrf check

public function csrfField ( $val)
 Set the csrf token name
 @param integer $val The csrf token name

public function debug ( $val)
 Set the debug level
 @param integer $val The debug value

public function fields ( $fields)
 Save the array of fields into the structure.
 Available :
 - name        : name of the field in the HTML page
 - label       : label written to the describe the field
 - [titles]    : text written in radio/checkboxes
 - [defaults]  : default values. Must be array for checkbox/select, and
                 string for others
 - [type]      : text, password, hidden, checkbox, select, radio, submit,
                 text by default
 - [help]      : The Help message (written below the field). Overwrited in
                 case of error
 - [multiple]  : Multiple selection are possible (if the type supports it)
 - [group]     : define a fieldset and define the title with groupe name
                 Warning : all the elements of the same group must be
                 consecutive !
 - [readonly]  : put a read-only flag on the field (the user see it but
                 can't interract on it. The value will be sent to next
 - [mandatory] : boolean to add a red star at end of label
 - [hidden]    : hide the field (add a style='display:hidden' to the field)
 - [maxlength] : the maximum length of the content of the field in chars
 - [rows]      : Number of rows
 - [cols]      : Number of columns
 - [placeholder] : The text to be displayed in the placeholder

 @param array $fields The fields to be displayed

public function fieldwidth ( $val)
 Set the fieldwidth
 @param integer $val The fieldwidth

public function formClass ( $val)
 Set the formClass
 @param integer $val The formClass

public function formTemplate ( $formTemplate)
 Set the Form Templating to use.
 Can be : Bootstrap3, Bootstrap4 (later Bulma)
 @param string $formTemplate The template to use

public function getOldErrors ( $errors)
 Get the stored errors if there is one. If there is no sorted errors,
 return the errors provided as parameter
 @param array $errors The values returned if there is no stored values
 @return array The errors to use

public function getOldValues ( $values)
 Get the stored values if there is one. If there is no stored values,
 return the values provided as parameter
 @param array $values The values returned if there is no stored values
 @return array The values to use

public function getToken ()
 Return the token generated in form

public function logging ( $loggingCallable, $loggingBasemsg="")
 Set logging class an method
 @param callable $loggingCallable The callable function. This method will
 receive two params : the LOG level (LOG_ERROR...) and the message
 @param string|null $loggingBasemsg The basemsg added at the beginning of
 the log

public function method ( $val)
 Set the method
 @param string $val The method to use

public function printHTML ( $method="post", $values=null, $errors=array ())
 Return the fields in HTML code. If $values is provided, use it in place
 of default values. In case of select boxes, $values are the selected
 $method is the method written in method field of <form>
 @param string|null $method The method to use to transmit the form (POST,
 @param array|null $values The default values of the fields
 @param array|null $errors The fields to put in error with the associated

public function redirectIfError ( $values, $errors, $route, $url="")
 If there is at least one error reported in $errors, save the old values
 and the errors in the session, and redirect to the provided url.
 If there is no error, do nothing
 @param array $values The values of the fields filled by the user
 @param array $errors The errors detected by a verify
 @param object $route the route object
 @param string|null $url The URL to redirect. If not provided, use the
 $route->requestURL () method to found the calling page

 Example :
 $form = new \Domframework\form ();
 $form->logging (array ('\apps\general\controllers\logging', 'log'),
 $values = $form->values ();
 $errors = $spaceObj->verify ($values);
 $form->redirectIfError ($values, $errors, $route, "/admin/space/");
 $spaceuuid = $spaceObj->spaceCreateConceal ($values["spacename"]);
 $route->redirect ("/admin/space/");

public function saveValuesErrors ( $values, $errors=array ())
 Save the values and errors to be displayed in the next page if the session
 is available
 Need the session to work
 @param array $values The values of the fields filled by the user
 @param array|null $errors The errors detected by a verify

public function saveValuesErrorsReset ()
 Reset the saved values to provide a clean form next page
 Need the session to work

public function titlewidth ( $val)
 Set the titlewidth
 @param integer $val The titlewidth

public function values ()
 Return the values provided by the user. Test the CSRF before continue
 NEVER read the values from $_POST in your codes or CSRF will not be

public function verify ( $values, $fields=array ())
 Check if the parameters are correct with the defined fields
 Need the session !
 @param array $values The values to check
 @param array|null $fields The fields definition (or use the session
 stored one if the value is null)
 @return array containing the errors