Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Adding function to generate csrf hidden field #2099

Closed
wants to merge 1 commit into from

1 participant

@pporlan

Adding a function to (form_csrf) to generate CSRF hidden field, usefull when not using conventional form_open / form_open_multipart functions.

@pporlan pporlan closed this
@pporlan pporlan deleted the branch
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Dec 26, 2012
  1. @pporlan
This page is out of date. Refresh to see the latest.
Showing with 29 additions and 1 deletion.
  1. +29 −1 system/helpers/form_helper.php
View
30 system/helpers/form_helper.php
@@ -168,6 +168,34 @@ function form_hidden($name, $value = '', $recursing = FALSE)
// ------------------------------------------------------------------------
+if ( ! function_exists('form_csrf'))
+{
+ /**
+ * CSRF field
+ *
+ * Generates a hidden field with the CSRF data
+ *
+ * @return string
+ */
+ function form_csrf()
+ {
+ $CI =& get_instance();
+
+ $csrf_field = "";
+
+ // Check if CSRF is enabled
+ if ($CI->config->item('csrf_protection') === TRUE)
+ {
+ $csrf_data = array($CI->security->get_csrf_token_name()] => $CI->security->get_csrf_hash());
+ $csrf_field = '<div style="display:none;">'.form_hidden($csrf_data).'</div>';
+ }
+
+ return $csrf_field;
+ }
+}
+
+// ------------------------------------------------------------------------
+
if ( ! function_exists('form_input'))
{
/**
@@ -1008,4 +1036,4 @@ function &_get_validation_object()
}
/* End of file form_helper.php */
-/* Location: ./system/helpers/form_helper.php */
+/* Location: ./system/helpers/form_helper.php */
Something went wrong with that request. Please try again.