[ Index ]

PHP Cross Reference of Joomla 4.2.2 documentation

title

Body

[close]

/libraries/src/HTML/Helpers/ -> Form.php (source)

[Summary view] [Print] [Text view] 

   1  <?php
   2  
   3  /**
   4   * Joomla! Content Management System
   5   *
   6   * @copyright  (C) 2008 Open Source Matters, Inc. <https://www.joomla.org>
   7   * @license    GNU General Public License version 2 or later; see LICENSE.txt
   8   */
   9  
  10  namespace Joomla\CMS\HTML\Helpers;
  11  
  12  use Joomla\CMS\Document\HtmlDocument;
  13  use Joomla\CMS\Factory;
  14  use Joomla\CMS\Session\Session;
  15  use Joomla\Utilities\ArrayHelper;
  16  
  17  // phpcs:disable PSR1.Files.SideEffects
  18  \defined('JPATH_PLATFORM') or die;
  19  // phpcs:enable PSR1.Files.SideEffects
  20  
  21  /**
  22   * Utility class for form elements
  23   *
  24   * @since  1.5
  25   */
  26  abstract class Form
  27  {
  28      /**
  29       * Array containing information for loaded files.
  30       *
  31       * @var    array
  32       *
  33       * @since  3.8.0
  34       */
  35      protected static $loaded = array();
  36  
  37      /**
  38       * Displays a hidden token field to reduce the risk of CSRF exploits
  39       *
  40       * Use in conjunction with Session::checkToken()
  41       *
  42       * @param   array  $attribs  Input element attributes.
  43       *
  44       * @return  string  A hidden input field with a token
  45       *
  46       * @see     Session::checkToken()
  47       * @since   1.5
  48       */
  49      public static function token(array $attribs = array())
  50      {
  51          $attributes = '';
  52  
  53          if ($attribs !== array()) {
  54              $attributes .= ' ' . ArrayHelper::toString($attribs);
  55          }
  56  
  57          return '<input type="hidden" name="' . Session::getFormToken() . '" value="1"' . $attributes . '>';
  58      }
  59  
  60      /**
  61       * Add CSRF form token to Joomla script options that developers can get it by Javascript.
  62       *
  63       * @param   string  $name  The script option key name.
  64       *
  65       * @return  void
  66       *
  67       * @since   3.8.0
  68       */
  69      public static function csrf($name = 'csrf.token')
  70      {
  71          if (isset(static::$loaded[__METHOD__][$name])) {
  72              return;
  73          }
  74  
  75          /** @var HtmlDocument $doc */
  76          $doc = Factory::getDocument();
  77  
  78          if (!$doc instanceof HtmlDocument || $doc->getType() !== 'html') {
  79              return;
  80          }
  81  
  82          $doc->addScriptOptions($name, Session::getFormToken());
  83  
  84          static::$loaded[__METHOD__][$name] = true;
  85      }
  86  }

Body

Body

Body

Body


Generated: Wed Sep 7 05:41:13 2022 Chilli.vc Blog - For Webmaster,Blog-Writer,System Admin and Domainer