The form is the based method to communicate with the users, and to get information. The created form is compatible with the Bootstrap library
$form = new Domframework\Form ();
$values = array ();
$errors = array ();
$values = $form->getOldValues ($values);
$errors = $form->getOldErrors ($errors);
$fields = array ();
// Define the fields to display
$field = new Domframework\Formfield ("requesterMail", _("Requester mail"));
$field->type = "hidden";
$fields[] = $field;
$field = new Domframework\Formfield ("visitedName", _("Your name"));
$field->values = "default value";
$field->mandatory = true;
$field->maxlength = 128;
$fields[] = $field;
$form->fields ($fields);
echo $form->printHTML ("post", $values, $errors);$route = new Domframework\Route ();
$form = new Domframework\Form ();
$values = $form->values ();
// Here check the values
$errors = array ();
$form->saveValuesErrors ($values, $errors);
if (count ($errors)) $route->redirect ("/request");
$requestObj->create ($values);
$form->saveValuesErrorsReset ();
$route->redirect ("/request");The Form class blocks the user when it try to submit multiple times the form page. This is a working bug in Edge and Chrome.
The second point of security is a CSRF token automatically added to the page. If the token received by the POST is invalid, the request is rejected.
Namespace Domframework
/** This class permit to create easily some forms to HTML (or text mode in future). Each field can be checked in AJAX or HTML.
/** CSRF protection By default, the CSRF protection is active if a SESSION is active too. It can be disabled if needed. An Exception is raised if the form is send back without the token
/** Name of the CSRF hidden field in HTML page
/** Allow to debug the PHP
/** The Bootstrap width of the column of fields
/** Define a class for form object
/** The Bootstrap width of the column of titles
/**
Create a form
@param string|null $formName The form name
/**
Add a field to the form. For the details of a field, see the description
in fields method
@param object $field The field to add
/**
Check the token from the user
@param string $tokenFromUser The value form the user's token
/** Convert Date received in one format to another. If the provided string is not corresponding to the format, don't change anything. Format used http://php.net/manual/en/datetime.createfromformat.php@param string $inputDateThe date to modify@param string $inputFormatThe input format of the date@param string $outputFormatThe output format of the date@returnstring
/**
Set the csrf enable
@param integer $val The csrf check
/**
Set the csrf token name
@param integer $val The csrf token name
/**
Set the debug level
@param integer $val The debug value
/**
Save the array of fields into the structure.
Available :
- name : name of the field in the HTML page
- label : label written to the describe the field
- [titles] : text written in radio/checkboxes
- [defaults] : default values. Must be array for checkbox/select, and
string for others
- [type] : text, password, hidden, checkbox, select, radio, submit,
textarea
text by default
- [help] : The Help message (written below the field). Overwrited in
case of error
- [multiple] : Multiple selection are possible (if the type supports it)
- [group] : define a fieldset and define the title with groupe name
Warning : all the elements of the same group must be
consecutive !
- [readonly] : put a read-only flag on the field (the user see it but
can't interract on it. The value will be sent to next
page
- [mandatory] : boolean to add a red star at end of label
- [hidden] : hide the field (add a style='display:hidden' to the field)
- [maxlength] : the maximum length of the content of the field in chars
- [rows] : Number of rows
- [cols] : Number of columns
- [placeholder] : The text to be displayed in the placeholder
@param array $fields The fields to be displayed
/**
Set the fieldwidth
@param integer $val The fieldwidth
/**
Set the formClass
@param integer $val The formClass
/**
Set the Form Templating to use.
Can be : Bootstrap3, Bootstrap4 (later Bulma)
@param string $formTemplate The template to use
/** Get the stored errors if there is one. If there is no sorted errors, return the errors provided as parameter@param array $errorsThe values returned if there is no stored values@returnarray The errors to use
/** Get the stored values if there is one. If there is no stored values, return the values provided as parameter@param array $valuesThe values returned if there is no stored values@returnarray The values to use
/** Return the token generated in form
/** Set logging class an method@param callable $loggingCallableThe callable function. This method will receive two params : the LOG level (LOG_ERROR...) and the message@param string|null $loggingBasemsgThe basemsg added at the beginning of the log
/**
Set the method
@param string $val The method to use
/** Return the fields in HTML code. If $values is provided, use it in place of default values. In case of select boxes, $values are the selected elements $method is the method written in method field of <form>@param string|null $methodThe method to use to transmit the form (POST, GET)@param array|null $valuesThe default values of the fields@param array|null $errorsThe fields to put in error with the associated message
/** If there is at least one error reported in $errors, save the old values and the errors in the session, and redirect to the provided url. If there is no error, do nothing@param array $valuesThe values of the fields filled by the user@param array $errorsThe errors detected by a verify@param object $routethe route object@param string|null $urlThe URL to redirect. If not provided, use the $route->requestURL () method to found the calling page Example : $form = new \Domframework\form (); $form->logging (array ('\apps\general\controllers\logging', 'log'), $authHTML["email"]); $values = $form->values (); $errors = $spaceObj->verify ($values); $form->redirectIfError ($values, $errors, $route, "/admin/space/"); $spaceuuid = $spaceObj->spaceCreateConceal ($values["spacename"]); $route->redirect ("/admin/space/");
/** Save the values and errors to be displayed in the next page if the session is available Need the session to work@param array $valuesThe values of the fields filled by the user@param array|null $errorsThe errors detected by a verify
/** Reset the saved values to provide a clean form next page Need the session to work
/**
Set the titlewidth
@param integer $val The titlewidth
/** Return the values provided by the user. Test the CSRF before continue NEVER read the values from $_POST in your codes or CSRF will not be checked
/** Check if the parameters are correct with the defined fields Need the session !@param array $valuesThe values to check@param array|null $fieldsThe fields definition (or use the session stored one if the value is null)@returnarray containing the errors