Social networks would not be what they are without forms. Forms enable people to tweet, comment, write reviews, and communicate with friends. It should come as no surprise, then, to find that Elgg defines some standard views and helper functions for generating forms and input elements.

We urge you to use these views when constructing your forms. Not only does it mean that your plugin can seamlessly take advantage of extra functionality defined by other plugins (such as a rich text editor), but it also helps protect you from certain security vulnerabilities.

1.8

`elgg_view_form`

To output a form that submits to the "example" action, use the elgg_view_form function like so:

echo elgg_view_form('example');

Doing this should generate something like the following markup:

<form action="http://localhost/elgg/action/example">
    <fieldset>
        <input type="hidden" name="__elgg_ts" value="1234567890" />
        <input type="hidden" name="__elgg_token" value="3874acfc283d90e34" />
    </fieldset>
</form>

Well that was easy! Elgg does two things automatically for us when we generate forms this way:

1. It set the action to the appropriate url based on the name of the action we gave it
2. It added some anti-csrf tokens (__elgg_ts and __elgg_token) to help keep our actions secure

But we're not done yet -- the form is useless unless the user has something to fill in and some way to submit the form. Conveniently, Elgg automatically looks for the body of the form in the forms/example view. So all we need to do is put the contents of our form at /mod/example/views/default/forms/example.php:

echo elgg_view('input/text', array('name' => 'example'));
echo elgg_view('input/submit');

Now when we call elgg_view_form('example');, Elgg will produce something like the following source:

<form action="http://localhost/elgg/action/example">
    <fieldset>
        <input type="hidden" name="__elgg_ts" value="1234567890" />
        <input type="hidden" name="__elgg_token" value="3874acfc283d90e34" />
 
        <input type="text" class="elgg-input-text" name="example" />
        <input type="submit" class="elgg-button elgg-button-submit" value="Submit" />
    </fieldset>
</form>

Arguments

$action

The name of the action to submit to, without the leading /action/ handle.

$form_vars

An array of options to pass to the `input/form` view (e.g., setting `enctype` to `multipart/form-data`).

$body_vars

An array of options to pass to the form body view (e.g., `forms/my/example/action`).

Sticky Forms

You can add Sticky forms to protect your users from data loss when actions fail.

1.7

`input/form` view

All input fields are encapsulated inside an input/form view. This view accepts the following parameters in its $vars array:

$vars['body']

The body of the form (made up of other input/xxx views and html

$vars['method']

Form method attribute (defaults to "POST")

$vars['enctype']

Enctype form attribute (defaults to blank). You will need to pass a value of 'multipart/form-data' if you want your form to do a file upload.

$vars['action']

URL of the action being called, e.g. "{$CONFIG->url}action/my/action"

$vars['internalname']

name attribute of the form

$vars['internalid']

id attribute of the form

Example form

$form_body = "<p>This is my form</p>";
$form_body .= elgg_view('input/text', array('internalname' => 'mytextbox', 'value' => 'Initial value'));
$form_body .= elgg_view('input/submit', array('internalname' => 'submit'));
 
echo elgg_view('input/form', array('body' => $form_body, 'action' => "{$CONFIG->url}actions/my/action"));

Input views

Input views provide a safe and extendible way of representing data input fields, they all live in "input/xxxxxx".

Output views

Output views are the companion to input views and govern the display of input fields such as text, longtext, urls etc.

They all live in "output/xxxxxx".