选择语言 :

Core_Form::open

创建一个表单

$add_token 参数为是否创建一个token验证隐藏表单，用于预防 CSRF 攻击

$add_token 功能适用于动态页面，而不能应用于有可能被缓存或HTML静态化的页面

// Form will submit back to the current page using POST
echo Form::open();

// Form will submit to 'search' using GET
echo Form::open('search', array('method' => 'get'));

// When "file" inputs are present, you must include the "enctype"
echo Form::open(null, array('enctype' => 'multipart/form-data'));

string Core_Form::open( [ string $action = null , array $attributes = null , boolean $add_token = bool true ] )

uses: Core::url; HTML::attributes; Text::random; Cache::set; Text::rc4_encrypt; Form::hidden

参数列表

参数类型描述默认值

$action string Form action, defaults to the current request URI null

$attributes array Html attributes null

$add_token boolean 是否添加token验证功能 bool true

参数	类型	描述	默认值
`$action`	`string`	Form action, defaults to the current request URI	null
`$attributes`	`array`	Html attributes	null
`$add_token`	`boolean`	是否添加token验证功能	bool true

返回值

string

File: ./core/classes/form.class.php

public static function open($action = null, array $attributes = null, $add_token = true)
{
    if (null!==$action)
    {
        if (false===strpos($action, '://'))
        {
            // Make the URI absolute
            $action = Core::url($action);
        }

        // Add the form action to the attributes
        $attributes['action'] = (string)$action;
    }

    // Only accept the default character set
    $attributes['accept-charset'] = Core::$charset;

    if (!isset($attributes['method']))
    {
        // Use POST method
        $attributes['method'] = 'post';
    }

    $str_token = '';

    if ($add_token)
    {
        foreach (Form::get_token() as $key => $value)
        {
            $str_token .= Form::hidden('__form_token__['.$key.']', $value);
        }
    }

    return '<form' . HTML::attributes($attributes) . '>' . $str_token;
}