form.inc 54.7 KB
Newer Older
1
<?php
2 3
// $Id$

4 5 6
/**
 * @defgroup form Form generation
 * @{
7
 * Functions to enable the processing and display of HTML forms.
8
 *
9 10 11 12 13 14 15
 * Drupal uses these functions to achieve consistency in its form processing and
 * presentation, while simplifying code and reducing the amount of HTML that
 * must be explicitly generated by modules.
 *
 * The drupal_get_form() function handles retrieving, processing, and
 * displaying a rendered HTML form for modules automatically. For example:
 *
16
 * // Display the user registration form.
17 18 19
 * $output = drupal_get_form('user_register');
 *
 * Forms can also be built and submitted programmatically without any user input
20
 * using the drupal_execute() function.
21 22 23 24
 *
 *
 * For information on the format of the structured arrays used to define forms,
 * and more detailed explanations of the Form API workflow, see the reference at
25
 * http://api.drupal.org/api/HEAD/file/developer/topics/forms_api_reference.html
26
 * and the quickstart guide at
27
 * http://api.drupal.org/api/HEAD/file/developer/topics/forms_api.html
28 29 30
 */

/**
31 32
 * Retrieves a form from a builder function, passes it on for
 * processing, and renders the form or redirects to its destination
33
 * as appropriate. In multi-step form scenarios, it handles properly
34 35
 * processing the values using the previous step's form definition,
 * then rendering the requested step for display.
36 37
 *
 * @param $form_id
38 39 40 41 42 43 44 45 46 47 48 49
 *   The unique string identifying the desired form. If a function
 *   with that name exists, it is called to build the form array.
 *   Modules that need to generate the same form (or very similar forms)
 *   using different $form_ids can implement hook_forms(), which maps
 *   different $form_id values to the proper form building function. Examples
 *   may be found in node_forms(), search_forms(), and user_forms().
 * @param ...
 *   Any additional arguments needed by the form building function.
 * @return
 *   The rendered form.
 */
function drupal_get_form($form_id) {
50
  // In multi-step form scenarios, the incoming $_POST values are not
51 52 53 54 55
  // necessarily intended for the current form. We need to build
  // a copy of the previously built form for validation and processing,
  // then go on to the one that was requested if everything works.

  $form_build_id = md5(mt_rand());
56
  if (isset($_POST['form_build_id']) && isset($_SESSION['form'][$_POST['form_build_id']]['args']) && $_POST['form_id'] == $form_id) {
57 58 59
    // There's a previously stored multi-step form. We should handle
    // IT first.
    $stored = TRUE;
60
    $args = $_SESSION['form'][$_POST['form_build_id']]['args'];
61
    $form = call_user_func_array('drupal_retrieve_form', $args);
62
    $form['#build_id'] = $_POST['form_build_id'];
63 64 65 66 67 68 69 70
  }
  else {
    // We're coming in fresh; build things as they would be. If the
    // form's #multistep flag is set, store the build parameters so
    // the same form can be reconstituted for validation.
    $args = func_get_args();
    $form = call_user_func_array('drupal_retrieve_form', $args);
    if (isset($form['#multistep']) && $form['#multistep']) {
71 72 73
      // Clean up old multistep form session data.
      _drupal_clean_form_sessions();
      $_SESSION['form'][$form_build_id] = array('timestamp' => time(), 'args' => $args);
74 75 76 77 78 79 80 81 82 83 84 85 86 87 88
      $form['#build_id'] = $form_build_id;
    }
    $stored = FALSE;
  }

  // Process the form, submit it, and store any errors if necessary.
  drupal_process_form($args[0], $form);

  if ($stored && !form_get_errors()) {
    // If it's a stored form and there were no errors, we processed the
    // stored form successfully. Now we need to build the form that was
    // actually requested. We always pass in the current $_POST values
    // to the builder function, as values from one stage of a multistep
    // form can determine how subsequent steps are displayed.
    $args = func_get_args();
89
    $args[] = $_POST;
90 91 92
    $form = call_user_func_array('drupal_retrieve_form', $args);
    unset($_SESSION['form'][$_POST['form_build_id']]);
    if (isset($form['#multistep']) && $form['#multistep']) {
93
      $_SESSION['form'][$form_build_id] = array('timestamp' => time(), 'args' => $args);
94 95
      $form['#build_id'] = $form_build_id;
    }
96
    drupal_prepare_form($args[0], $form);
97 98 99
  }

  return drupal_render_form($args[0], $form);
100 101
}

102

103 104 105 106 107 108 109 110 111 112 113 114 115 116 117
/**
 * Remove form information that's at least a day old from the
 * $_SESSION['form'] array.
 */
function _drupal_clean_form_sessions() {
  if (isset($_SESSION['form'])) {
    foreach ($_SESSION['form'] as $build_id => $data) {
      if ($data['timestamp'] < (time() - 84600)) {
        unset($_SESSION['form'][$build_id]);
      }
    }
  }
}


118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136
/**
 * Retrieves a form using a form_id, populates it with $form_values,
 * processes it, and returns any validation errors encountered. This
 * function is the programmatic counterpart to drupal_get_form().
 *
 * @param $form_id
 *   The unique string identifying the desired form. If a function
 *   with that name exists, it is called to build the form array.
 *   Modules that need to generate the same form (or very similar forms)
 *   using different $form_ids can implement hook_forms(), which maps
 *   different $form_id values to the proper form building function. Examples
 *   may be found in node_forms(), search_forms(), and user_forms().
 * @param $form_values
 *   An array of values mirroring the values returned by a given form
 *   when it is submitted by a user.
 * @param ...
 *   Any additional arguments needed by the form building function.
 * @return
 *   Any form validation errors encountered.
137 138 139 140 141 142 143 144 145 146 147 148 149 150 151
 *
 * For example:
 *
 * // register a new user
 * $values['name'] = 'robo-user';
 * $values['mail'] = 'robouser@example.com';
 * $values['pass'] = 'password';
 * drupal_execute('user_register', $values);
 *
 * // Create a new node
 * $node = array('type' => 'story');
 * $values['title'] = 'My node';
 * $values['body'] = 'This is the body text!';
 * $values['name'] = 'robo-user';
 * drupal_execute('story_node_form', $values, $node);
152 153 154 155 156 157 158 159 160 161 162 163 164 165 166
 */
function drupal_execute($form_id, $form_values) {
  $args = func_get_args();

  $form_id = array_shift($args);
  $form_values = array_shift($args);
  array_unshift($args, $form_id);

  if (isset($form_values)) {
    $form = call_user_func_array('drupal_retrieve_form', $args);
    $form['#post'] = $form_values;
    return drupal_process_form($form_id, $form);
  }
}

167 168 169 170 171 172 173 174 175 176 177 178 179 180 181
/**
 * Retrieves the structured array that defines a given form.
 *
 * @param $form_id
 *   The unique string identifying the desired form. If a function
 *   with that name exists, it is called to build the form array.
 *   Modules that need to generate the same form (or very similar forms)
 *   using different $form_ids can implement hook_forms(), which maps
 *   different $form_id values to the proper form building function.
 * @param ...
 *   Any additional arguments needed by the form building function.
 */
function drupal_retrieve_form($form_id) {
  static $forms;

182 183 184 185 186
  // We save two copies of the incoming arguments: one for modules to use
  // when mapping form ids to builder functions, and another to pass to
  // the builder function itself. We shift out the first argument -- the
  // $form_id itself -- from the list to pass into the builder function,
  // since it's already known.
187
  $args = func_get_args();
188
  $saved_args = $args;
189
  array_shift($args);
190 191 192

  // We first check to see if there's a function named after the $form_id.
  // If there is, we simply pass the arguments on to it to get the form.
193
  if (!function_exists($form_id)) {
194 195 196 197 198 199 200 201 202 203 204 205 206
    // In cases where many form_ids need to share a central builder function,
    // such as the node editing form, modules can implement hook_forms(). It
    // maps one or more form_ids to the correct builder functions.
    //
    // We cache the results of that hook to save time, but that only works
    // for modules that know all their form_ids in advance. (A module that
    // adds a small 'rate this comment' form to each comment in a list
    // would need a unique form_id for each one, for example.)
    //
    // So, we call the hook if $forms isn't yet populated, OR if it doesn't
    // yet have an entry for the requested form_id.
    if (!isset($forms) || !isset($forms[$form_id])) {
      $forms = module_invoke_all('forms', $saved_args);
207 208 209 210 211 212 213 214 215
    }
    $form_definition = $forms[$form_id];
    if (isset($form_definition['callback arguments'])) {
      $args = array_merge($form_definition['callback arguments'], $args);
    }
    if (isset($form_definition['callback'])) {
      $callback = $form_definition['callback'];
    }
  }
216 217
  // If $callback was returned by a hook_forms() implementation, call it.
  // Otherwise, call the function named after the form id.
218 219 220 221 222 223
  $form = call_user_func_array(isset($callback) ? $callback : $form_id, $args);

  // We store the original function arguments, rather than the final $arg
  // value, so that form_alter functions can see what was originally
  // passed to drupal_retrieve_form(). This allows the contents of #parameters
  // to be saved and passed in at a later date to recreate the form.
224
  $form['#parameters'] = $saved_args;
225
  return $form;
226 227 228 229 230 231 232 233
}

/**
 * This function is the heart of form API. The form gets built, validated and in
 * appropriate cases, submitted.
 *
 * @param $form_id
 *   The unique string identifying the current form.
234 235
 * @param $form
 *   An associative array containing the structure of the form.
236 237
 * @return
 *   The path to redirect the user to upon completion.
238
 */
239
function drupal_process_form($form_id, &$form) {
240
  global $form_values, $form_submitted, $user, $form_button_counter;
241
  static $saved_globals = array();
242
  // In some scenarios, this function can be called recursively. Pushing any pre-existing
243 244
  // $form_values and form submission data lets us start fresh without clobbering work done
  // in earlier recursive calls.
245 246
  array_push($saved_globals, array($form_values, $form_submitted, $form_button_counter));

247
  $form_values = array();
Dries's avatar
Dries committed
248
  $form_submitted = FALSE;
249
  $form_button_counter = array(0, 0);
250

251
  drupal_prepare_form($form_id, $form);
252
  if (($form['#programmed']) || (!empty($_POST) && (($_POST['form_id'] == $form_id) || ($_POST['form_id'] == $form['#base'])))) {
253
    drupal_validate_form($form_id, $form);
254 255 256
    // IE does not send a button value when there is only one submit button (and no non-submit buttons)
    // and you submit by pressing enter.
    // In that case we accept a submission without button values.
257 258
    if ((($form['#programmed']) || $form_submitted || (!$form_button_counter[0] && $form_button_counter[1])) && !form_get_errors()) {
      $redirect = drupal_submit_form($form_id, $form);
259 260 261
      if (!$form['#programmed']) {
        drupal_redirect_form($form, $redirect);
      }
262 263 264
    }
  }

265 266
  // We've finished calling functions that alter the global values, so we can
  // restore the ones that were there before this function was called.
267
  list($form_values, $form_submitted, $form_button_counter) = array_pop($saved_globals);
268 269 270
  if (isset($redirect)) {
    return $redirect;
  }
271 272 273 274 275 276 277 278 279 280 281 282 283
}

/**
 * Prepares a structured form array by adding required elements,
 * executing any hook_form_alter functions, and optionally inserting
 * a validation token to prevent tampering.
 *
 * @param $form_id
 *   A unique string identifying the form for validation, submission,
 *   theming, and hook_form_alter functions.
 * @param $form
 *   An associative array containing the structure of the form.
 */
284
function drupal_prepare_form($form_id, &$form) {
285 286
  global $user;

287
  $form['#type'] = 'form';
288 289 290
  if (!isset($form['#skip_duplicate_check'])) {
    $form['#skip_duplicate_check'] = FALSE;
  }
291 292 293 294 295 296 297 298 299

  if (!isset($form['#post'])) {
    $form['#post'] = $_POST;
    $form['#programmed'] = FALSE;
  }
  else {
    $form['#programmed'] = TRUE;
  }

300
  // In multi-step form scenarios, this id is used to identify
301 302 303 304 305 306 307 308 309 310
  // a unique instance of a particular form for retrieval.
  if (isset($form['#build_id'])) {
    $form['form_build_id'] = array(
      '#type' => 'hidden',
      '#value' => $form['#build_id'],
      '#id' => $form['#build_id'],
      '#name' => 'form_build_id',
    );
  }

311 312 313
  // If $base is set, it is used in place of $form_id when constructing validation,
  // submission, and theming functions. Useful for mapping many similar or duplicate
  // forms with different $form_ids to the same processing functions.
314
  $base = isset($form['#base']) ? $form['#base'] : '';
315

316 317 318 319
  // Add a token, based on either #token or form_id, to any form displayed to
  // authenticated users. This ensures that any submitted form was actually
  // requested previously by the user and protects against cross site request
  // forgeries.
320
  if (isset($form['#token'])) {
321
    if ($form['#token'] === FALSE || $user->uid == 0 || $form['#programmed']) {
322
      unset($form['#token']);
323
    }
324
    else {
325
      $form['form_token'] = array('#type' => 'token', '#default_value' => drupal_get_token($form['#token']));
326
    }
327
  }
328 329 330
  else if ($user->uid && !$form['#programmed']) {
    $form['#token'] = $form_id;
    $form['form_token'] = array(
331
      '#id' => form_clean_id('edit-'. $form_id .'-form-token'),
332 333 334 335 336
      '#type' => 'token',
      '#default_value' => drupal_get_token($form['#token']),
    );
  }

337

338
  if (isset($form_id)) {
339
    $form['form_id'] = array('#type' => 'hidden', '#value' => $form_id, '#id' => form_clean_id("edit-$form_id"));
340
  }
341
  if (!isset($form['#id'])) {
342
    $form['#id'] = form_clean_id($form_id);
343
  }
344

345
  $form += _element_info('form');
346

Dries's avatar
Dries committed
347 348
  if (!isset($form['#validate'])) {
    if (function_exists($form_id .'_validate')) {
349
      $form['#validate'] = array($form_id .'_validate' => array());
Dries's avatar
Dries committed
350
    }
351 352
    elseif (function_exists($base .'_validate')) {
      $form['#validate'] = array($base .'_validate' => array());
Dries's avatar
Dries committed
353 354 355
    }
  }

356 357
  if (!isset($form['#submit'])) {
    if (function_exists($form_id .'_submit')) {
358
      // We set submit here so that it can be altered.
359
      $form['#submit'] = array($form_id .'_submit' => array());
Dries's avatar
Dries committed
360
    }
361 362
    elseif (function_exists($base .'_submit')) {
      $form['#submit'] = array($base .'_submit' => array());
Dries's avatar
Dries committed
363 364 365
    }
  }

366 367
  foreach (module_implements('form_alter') as $module) {
    $function = $module .'_form_alter';
368
    $function($form_id, $form);
369 370
  }

371
  $form = form_builder($form_id, $form);
372 373
}

374 375 376 377 378 379 380 381 382 383 384 385

/**
 * Validates user-submitted form data from a global variable using
 * the validate functions defined in a structured form array.
 *
 * @param $form_id
 *   A unique string identifying the form for validation, submission,
 *   theming, and hook_form_alter functions.
 * @param $form
 *   An associative array containing the structure of the form.
 *
 */
386
function drupal_validate_form($form_id, $form) {
387
  global $form_values;
388 389 390 391 392
  static $validated_forms = array();

  if (isset($validated_forms[$form_id])) {
    return;
  }
393

394
  // If the session token was set by drupal_prepare_form(), ensure that it
395
  // matches the current user's session.
396
  if (isset($form['#token'])) {
397
    if (!drupal_valid_token($form_values['form_token'], $form['#token'])) {
398
      // Setting this error will cause the form to fail validation.
399
      form_set_error('form_token', t('Validation error, please try again. If this error persists, please contact the site administrator.'));
400 401 402
    }
  }

403 404 405 406 407
  if (!$form['#programmed'] && !$form['#skip_duplicate_check'] && isset($_SESSION['last_submitted']['hash']) && $_SESSION['last_submitted']['hash'] == md5(serialize($form['form_id']['#post']))) {
    // This is a repeat submission.
    drupal_redirect_form(NULL, $_SESSION['last_submitted']['destination']);
  }

408
  _form_validate($form, $form_id);
409
  $validated_forms[$form_id] = TRUE;
410 411
}

412 413 414 415 416 417 418 419 420 421 422 423 424 425
/**
 * Processes user-submitted form data from a global variable using
 * the submit functions defined in a structured form array.
 *
 * @param $form_id
 *   A unique string identifying the form for validation, submission,
 *   theming, and hook_form_alter functions.
 * @param $form
 *   An associative array containing the structure of the form.
 * @return
 *   A string containing the path of the page to display when processing
 *   is complete.
 *
 */
426
function drupal_submit_form($form_id, $form) {
427 428
  global $form_values;
  $default_args = array($form_id, &$form_values);
429 430
  $submitted = FALSE;
  $goto = NULL;
431

432
  if (isset($form['#submit'])) {
433 434
    foreach ($form['#submit'] as $function => $args) {
      if (function_exists($function)) {
435
        $args = array_merge($default_args, (array) $args);
436 437
        // Since we can only redirect to one page, only the last redirect
        // will work.
438
        $redirect = call_user_func_array($function, $args);
439
        $submitted = TRUE;
440 441 442
        if (isset($redirect)) {
          $goto = $redirect;
        }
Dries's avatar
Dries committed
443 444
      }
    }
445
  }
446 447 448 449 450 451 452
  // Successful submit. Hash this form's POST and store the hash in the
  // session. We'll use this hash later whenever this user submits another
  // form to make sure no identical forms get submitted twice.
  if ($submitted && !$form['#skip_duplicate_check']) {
    $_SESSION['last_submitted'] = array('destination' => $goto, 'hash' => md5(serialize($form['form_id']['#post'])));
  }

453 454 455
  if (isset($goto)) {
    return $goto;
  }
456 457
}

458 459 460 461 462 463 464 465 466 467 468 469 470
/**
 * Renders a structured form array into themed HTML.
 *
 * @param $form_id
 *   A unique string identifying the form for validation, submission,
 *   theming, and hook_form_alter functions.
 * @param $form
 *   An associative array containing the structure of the form.
 * @return
 *   A string containing the path of the page to display when processing
 *   is complete.
 *
 */
471
function drupal_render_form($form_id, &$form) {
472
  // Don't override #theme if someone already set it.
473
  $base = isset($form['#base']) ? $form['#base'] : '';
474

475 476 477 478
  if (!isset($form['#theme'])) {
    if (theme_get_function($form_id)) {
      $form['#theme'] = $form_id;
    }
479 480
    elseif (theme_get_function($base)) {
      $form['#theme'] = $base;
481 482 483 484 485 486 487 488 489 490 491
    }
  }

  if (isset($form['#pre_render'])) {
    foreach ($form['#pre_render'] as $function) {
      if (function_exists($function)) {
        $function($form_id, $form);
      }
    }
  }

492
  $output = drupal_render($form);
493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512
  return $output;
}

/**
 * Redirect the user to a URL after a form has been processed.
 *
 * @param $form
 *   An associative array containing the structure of the form.
 * @param $redirect
 *   An optional string containing the destination path to redirect
 *   to if none is specified by the form.
 *
 */
function drupal_redirect_form($form, $redirect = NULL) {
  if (isset($redirect)) {
    $goto = $redirect;
  }
  if (isset($form['#redirect'])) {
    $goto = $form['#redirect'];
  }
513 514 515 516 517 518 519 520
  if (!isset($goto) || ($goto !== FALSE)) {
    if (isset($goto)) {
      if (is_array($goto)) {
        call_user_func_array('drupal_goto', $goto);
      }
      else {
        drupal_goto($goto);
      }
521
    }
522
    drupal_goto($_GET['q']);
523 524 525
  }
}

526 527 528 529 530 531 532 533 534 535 536
/**
 * Performs validation on form elements. First ensures required fields are
 * completed, #maxlength is not exceeded, and selected options were in the
 * list of options given to the user. Then calls user-defined validators.
 *
 * @param $elements
 *   An associative array containing the structure of the form.
 * @param $form_id
 *   A unique string identifying the form for validation, submission,
 *   theming, and hook_form_alter functions.
 */
537
function _form_validate($elements, $form_id = NULL) {
538 539 540 541 542 543
  // Recurse through all children.
  foreach (element_children($elements) as $key) {
    if (isset($elements[$key]) && $elements[$key]) {
      _form_validate($elements[$key]);
    }
  }
544
  /* Validate the current input */
545
  if (!isset($elements['#validated']) || !$elements['#validated']) {
546
    if (isset($elements['#needs_validation'])) {
547 548 549 550
      // An empty textfield returns '' so we use empty(). An empty checkbox
      // and a textfield could return '0' and empty('0') returns TRUE so we
      // need a special check for the '0' string.
      if ($elements['#required'] && empty($elements['#value']) && $elements['#value'] !== '0') {
551
        form_error($elements, t('!name field is required.', array('!name' => $elements['#title'])));
552
      }
553

554 555 556 557 558
      // Verify that the value is not longer than #maxlength.
      if (isset($elements['#maxlength']) && drupal_strlen($elements['#value']) > $elements['#maxlength']) {
        form_error($elements, t('!name cannot be longer than %max characters but is currently %length characters long.', array('!name' => empty($elements['#title']) ? $elements['#parents'][0] : $elements['#title'], '%max' => $elements['#maxlength'], '%length' => drupal_strlen($elements['#value']))));
      }

559 560
       // Add legal choice check if element has #options. Can be skipped, but
       // then you must validate your own element.
561 562 563 564 565 566 567 568 569 570 571 572
      if (isset($elements['#options']) && isset($elements['#value']) && !isset($elements['#DANGEROUS_SKIP_CHECK'])) {
        if ($elements['#type'] == 'select') {
          $options = form_options_flatten($elements['#options']);
        }
        else {
          $options = $elements['#options'];
        }
        if (is_array($elements['#value'])) {
          $value = $elements['#type'] == 'checkboxes' ? array_keys(array_filter($elements['#value'])) : $elements['#value'];
          foreach ($value as $v) {
            if (!isset($options[$v])) {
              form_error($elements, t('An illegal choice has been detected. Please contact the site administrator.'));
573
              watchdog('form', t('Illegal choice %choice in !name element.', array('%choice' => $v, '!name' => empty($elements['#title']) ? $elements['#parents'][0] : $elements['#title'])), WATCHDOG_ERROR);
574
            }
575 576
          }
        }
577 578
        elseif (!isset($options[$elements['#value']])) {
          form_error($elements, t('An illegal choice has been detected. Please contact the site administrator.'));
579
          watchdog('form', t('Illegal choice %choice in %name element.', array('%choice' => $elements['#value'], '%name' => empty($elements['#title']) ? $elements['#parents'][0] : $elements['#title'])), WATCHDOG_ERROR);
580
        }
581 582 583
      }
    }

584
    // Call user-defined validators.
Dries's avatar
Dries committed
585
    if (isset($elements['#validate'])) {
586 587
      foreach ($elements['#validate'] as $function => $args) {
        $args = array_merge(array($elements), $args);
588
        // For the full form we hand over a copy of $form_values.
589 590
        if (isset($form_id)) {
          $args = array_merge(array($form_id, $GLOBALS['form_values']), $args);
591
        }
592 593
        if (function_exists($function))  {
          call_user_func_array($function, $args);
594 595 596
        }
      }
    }
597
    $elements['#validated'] = TRUE;
598 599 600
  }
}

601 602 603 604 605
/**
 * File an error against a form element. If the name of the element is
 * edit[foo][bar] then you may pass either foo or foo][bar as $name
 * foo will set an error for all its children.
 */
606
function form_set_error($name = NULL, $message = '') {
607 608 609
  static $form = array();
  if (isset($name) && !isset($form[$name])) {
    $form[$name] = $message;
610 611 612
    if ($message) {
      drupal_set_message($message, 'error');
    }
613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 641
  }
  return $form;
}

/**
 * Return an associative array of all errors.
 */
function form_get_errors() {
  $form = form_set_error();
  if (!empty($form)) {
    return $form;
  }
}

/**
 * Return the error message filed against the form with the specified name.
 */
function form_get_error($element) {
  $form = form_set_error();
  $key = $element['#parents'][0];
  if (isset($form[$key])) {
    return $form[$key];
  }
  $key = implode('][', $element['#parents']);
  if (isset($form[$key])) {
    return $form[$key];
  }
}

642 643 644
/**
 * Flag an element as having an error.
 */
645
function form_error(&$element, $message = '') {
646
  $element['#error'] = TRUE;
647
  form_set_error(implode('][', $element['#parents']), $message);
648 649 650
}

/**
651
 * Adds some required properties to each form element, which are used
652
 * internally in the form API. This function also automatically assigns
653 654 655 656
 * the value property from the $edit array, provided the element doesn't
 * already have an assigned value.
 *
 * @param $form_id
657 658
 *   A unique string identifying the form for validation, submission,
 *   theming, and hook_form_alter functions.
659 660
 * @param $form
 *   An associative array containing the structure of the form.
661
 */
662
function form_builder($form_id, $form) {
663
  global $form_values, $form_submitted, $form_button_counter;
664

665 666 667
  // Initialize as unprocessed.
  $form['#processed'] = FALSE;

668
  /* Use element defaults */
669
  if ((!empty($form['#type'])) && ($info = _element_info($form['#type']))) {
670
    // Overlay $info onto $form, retaining preexisting keys in $form.
671 672 673
    $form += $info;
  }

674
  if (isset($form['#input']) && $form['#input']) {
675
    if (!isset($form['#name'])) {
676 677
      $name = array_shift($form['#parents']);
      $form['#name'] = $name;
678
      if ($form['#type'] == 'file') {
679
        // To make it easier to handle $_FILES in file.inc, we place all
680
        // file fields in the 'files' array. Also, we do not support
681
        // nested file names.
682 683 684
        $form['#name'] = 'files['. $form['#name'] .']';
      }
      elseif (count($form['#parents'])) {
685 686 687
        $form['#name'] .= '['. implode('][', $form['#parents']) .']';
      }
      array_unshift($form['#parents'], $name);
688 689
    }
    if (!isset($form['#id'])) {
690
      $form['#id'] = form_clean_id('edit-'. implode('-', $form['#parents']));
691
    }
692

693 694 695 696
    if (isset($form['#disabled']) && $form['#disabled']) {
      $form['#attributes']['disabled'] = 'disabled';
    }

697
    if (!isset($form['#value']) && !array_key_exists('#value', $form)) {
698
      if (($form['#programmed']) || ((!isset($form['#access']) || $form['#access']) && isset($form['#post']) && (isset($form['#post']['form_id']) && $form['#post']['form_id'] == $form_id))) {
699
        $edit = $form['#post'];
700 701 702
        foreach ($form['#parents'] as $parent) {
          $edit = isset($edit[$parent]) ? $edit[$parent] : NULL;
        }
703 704 705 706 707 708 709 710 711 712 713 714 715 716
        if (!$form['#programmed'] || isset($edit)) {
          switch ($form['#type']) {
            case 'checkbox':
              $form['#value'] = !empty($edit) ? $form['#return_value'] : 0;
              break;

            case 'select':
              if (isset($form['#multiple']) && $form['#multiple']) {
                if (isset($edit) && is_array($edit)) {
                  $form['#value'] = drupal_map_assoc($edit);
                }
                else {
                  $form['#value'] = array();
                }
717
              }
718 719
              elseif (isset($edit)) {
                $form['#value'] = $edit;
720
              }
721 722 723 724
              break;

            case 'textfield':
              if (isset($edit)) {
725 726
                // Equate $edit to the form value to ensure it's marked for
                // validation.
727 728 729 730 731
                $edit = str_replace(array("\r", "\n"), '', $edit);
                $form['#value'] = $edit;
              }
              break;

732 733 734 735
            case 'token':
              $form['#value'] = (string)$edit;
              break;

736 737 738 739 740
            default:
              if (isset($edit)) {
                $form['#value'] = $edit;
              }
          }
741
          // Mark all posted values for validation.
742 743 744
          if ((isset($form['#value']) && $form['#value'] === $edit) || (isset($form['#required']) && $form['#required'])) {
            $form['#needs_validation'] = TRUE;
          }
745 746 747
        }
      }
      if (!isset($form['#value'])) {
748 749 750 751 752
        $function = $form['#type'] . '_value';
        if (function_exists($function)) {
          $function($form);
        }
        else {
753
          $form['#value'] = isset($form['#default_value']) ? $form['#default_value'] : '';
754
        }
755
      }
756
    }
757
    if (isset($form['#executes_submit_callback'])) {
758
      // Count submit and non-submit buttons.
759
      $form_button_counter[$form['#executes_submit_callback']]++;
760
      // See if a submit button was pressed.
761
      if (isset($form['#post'][$form['#name']]) && $form['#post'][$form['#name']] == $form['#value']) {
762
        $form_submitted = $form_submitted || $form['#executes_submit_callback'];
763

764 765 766
        // In most cases, we want to use form_set_value() to manipulate the
        // global variables. In this special case, we want to make sure that
        // the value of this element is listed in $form_variables under 'op'.
767
        $form_values[$form['#name']] = $form['#value'];
768 769 770 771
      }
    }
  }

772 773
  // Allow for elements to expand to multiple elements, e.g., radios,
  // checkboxes and files.
774
  if (isset($form['#process']) && !$form['#processed']) {
775 776
    foreach ($form['#process'] as $process => $args) {
      if (function_exists($process)) {
777
        $args = array_merge(array($form), array(isset($edit) ? $edit : NULL), $args);
778
        $form = call_user_func_array($process, $args);
779 780
      }
    }
781
    $form['#processed'] = TRUE;
782 783
  }

784 785 786
  // Set the $form_values key that gets passed to validate and submit.
  // We call this after #process gets called so that #process has a
  // chance to update #value if desired.
787
  if (isset($form['#input']) && $form['#input']) {
788
    form_set_value($form, $form['#value']);
789 790
  }

791 792 793
  // We start off assuming all form elements are in the correct order.
  $form['#sorted'] = TRUE;

794
  // Recurse through all child elements.
795
  $count = 0;
796
  foreach (element_children($form) as $key) {
797 798
    $form[$key]['#post'] = $form['#post'];
    $form[$key]['#programmed'] = $form['#programmed'];
799
    // Don't squash an existing tree value.
800 801 802
    if (!isset($form[$key]['#tree'])) {
      $form[$key]['#tree'] = $form['#tree'];
    }
803

804
    // Deny access to child elements if parent is denied.
805 806 807 808
    if (isset($form['#access']) && !$form['#access']) {
      $form[$key]['#access'] = FALSE;
    }

809
    // Don't squash existing parents value.
810
    if (!isset($form[$key]['#parents'])) {
811 812
      // Check to see if a tree of child elements is present. If so,
      // continue down the tree if required.
813
      $form[$key]['#parents'] = $form[$key]['#tree'] && $form['#tree'] ? array_merge($form['#parents'], array($key)) : array($key);
814 815
    }

816
    // Assign a decimal placeholder weight to preserve original array order.
817 818 819
    if (!isset($form[$key]['#weight'])) {
      $form[$key]['#weight'] = $count/1000;
    }
820
    else {
821 822
      // If one of the child elements has a weight then we will need to sort
      // later.
823 824
      unset($form['#sorted']);
    }
825
    $form[$key] = form_builder($form_id, $form[$key]);
826 827 828
    $count++;
  }

829 830 831 832 833 834
  if (isset($form['#after_build']) && !isset($form['#after_build_done'])) {
    foreach ($form['#after_build'] as $function) {
      if (function_exists($function)) {
        $form = $function($form, $form_values);
      }
    }
835
    $form['#after_build_done'] = TRUE;
836
  }
837 838

  return $form;
839 840
}

841
/**
Dries's avatar
Dries committed
842
 * Use this function to make changes to form values in the form validate
843 844 845 846
 * phase, so they will be available in the submit phase in $form_values.
 *
 * Specifically, if $form['#parents'] is array('foo', 'bar')
 * and $value is 'baz' then this function will make
Dries's avatar
Dries committed
847
 * $form_values['foo']['bar'] to be 'baz'.
848 849 850 851 852 853 854 855 856 857 858 859 860 861
 *
 * @param $form
 *   The form item. Keys used: #parents, #value
 * @param $value
 *   The value for the form item.
 */
function form_set_value($form, $value) {
  global $form_values;
  _form_set_value($form_values, $form, $form['#parents'], $value);
}

/**
 * Helper function for form_set_value().
 *
862 863
 * We iterate over $parents and create nested arrays for them
 * in $form_values if needed. Then we insert the value into
864 865 866 867 868 869 870 871 872 873 874 875 876 877 878 879
 * the right array.
 */
function _form_set_value(&$form_values, $form, $parents, $value) {
  $parent = array_shift($parents);
  if (empty($parents)) {
    $form_values[$parent] = $value;
  }
  else {
    if (!isset($form_values[$parent])) {
      $form_values[$parent] = array();
    }
    _form_set_value($form_values[$parent], $form, $parents, $value);
  }
  return $form;
}

880 881 882
/**
 * Retrieve the default properties for the defined element type.
 */
883
function _element_info($type, $refresh = NULL) {
884
  static $cache;
885

886
  $basic_defaults = array(
887 888 889
    '#description' => NULL,
    '#attributes' => array(),
    '#required' => FALSE,
890
    '#tree' => FALSE,
891
    '#parents' => array()
892
  );
893
  if (!isset($cache) || $refresh) {
894 895 896
    $cache = array();
    foreach (module_implements('elements') as $module) {
      $elements = module_invoke($module, 'elements');
897
      if (isset($elements) && is_array($elements)) {
898
        $cache = array_merge_recursive($cache, $elements);
899 900 901 902
      }
    }
    if (sizeof($cache)) {
      foreach ($cache as $element_type => $info) {
903
        $cache[$element_type] = array_merge_recursive($basic_defaults, $info);
904 905 906 907 908 909 910
      }
    }
  }

  return $cache[$type];
}

911 912 913 914 915 916 917 918
function form_options_flatten($array, $reset = TRUE) {
  static $return;

  if ($reset) {
    $return = array();
  }

  foreach ($array as $key => $value) {
919 920 921 922
    if (is_object($value)) {
      form_options_flatten($value->option, FALSE);
    }
    else if (is_array($value)) {
923 924 925 926 927 928 929 930 931 932
      form_options_flatten($value, FALSE);
    }
    else {
      $return[$key] = 1;
    }
  }

  return $return;
}

933 934 935 936 937
/**
 * Format a dropdown menu or scrolling selection box.
 *
 * @param $element
 *   An associative array containing the properties of the element.
938
 *   Properties used: title, value, options, description, extra, multiple, required
939 940 941 942 943 944 945 946 947
 * @return
 *   A themed HTML string representing the form element.
 *
 * It is possible to group options together; to do this, change the format of
 * $options to an associative array in which the keys are group labels, and the
 * values are associative arrays in the normal $options format.
 */
function theme_select($element) {
  $select = '';
948
  $size = $element['#size'] ? ' size="' . $element['#size'] . '"' : '';
949
  _form_set_class($element, array('form-select'));
950
  $multiple = $element['#multiple'];
951
  return theme('form_element', $element, '<select name="'. $element['#name'] .''. ($multiple ? '[]' : '') .'"'. ($multiple ? ' multiple="multiple" ' : '') . drupal_attributes($element['#attributes']) .' id="'. $element['#id'] .'" '. $size .'>'. form_select_options($element) .'</select>');
952 953 954 955 956 957
}

function form_select_options($element, $choices = NULL) {
  if (!isset($choices)) {
    $choices = $element['#options'];
  }
958
  // array_key_exists() accommodates the rare event where $element['#value'] is NULL.
959 960 961
  // isset() fails in this situation.
  $value_valid = isset($element['#value']) || array_key_exists('#value', $element);
  $value_is_array = is_array($element['#value']);
962 963
  $options = '';
  foreach ($choices as $key => $choice) {
964
    if (is_array($choice)) {
965 966 967
      $options .= '<optgroup label="'. $key .'">';
      $options .= form_select_options($element, $choice);
      $options .= '</optgroup>';
968
    }
969 970 971
    elseif (is_object($choice)) {
      $options .= form_select_options($element, $choice->option);
    }
972
    else {
973
      $key = (string)$key;
974
      if ($value_valid && ((string)$element['#value'] === $key || ($value_is_array && in_array($key, $element['#value'])))) {
975 976 977 978 979
        $selected = ' selected="selected"';
      }
      else {
        $selected = '';
      }
980
      $options .= '<option value="'. $key .'"'. $selected .'>'. check_plain($choice) .'</option>';
981 982
    }
  }
983
  return $options;
984 985
}

986
/**
987 988 989 990
 * Traverses a select element's #option array looking for any values
 * that hold the given key. Returns an array of indexes that match.
 *
 * This function is useful if you need to modify the options that are
991
 * already in a form element; for example, to remove choices which are
992 993 994 995 996 997 998 999 1000 1001 1002 1003 1004 1005 1006 1007 1008
 * not valid because of additional filters imposed by another module.
 * One example might be altering the choices in a taxonomy selector.
 * To correctly handle the case of a multiple hierarchy taxonomy,
 * #options arrays can now hold an array of objects, instead of a
 * direct mapping of keys to labels, so that multiple choices in the
 * selector can have the same key (and label). This makes it difficult
 * to manipulate directly, which is why this helper function exists.
 *
 * This function does not support optgroups (when the elements of the
 * #options array are themselves arrays), and will return FALSE if
 * arrays are found. The caller must either flatten/restore or
 * manually do their manipulations in this case, since returning the
 * index is not sufficient, and supporting this would make the
 * "helper" too complicated and cumbersome to be of any help.
 *
 * As usual with functions that can return array() or FALSE, do not
 * forget to use === and !== if needed.
1009 1010
 *
 * @param $element
1011
 *   The select element to search.
1012 1013 1014
 * @param $key
 *   The key to look for.
 * @return
1015 1016
 *   An array of indexes that match the given $key. Array will be
 *   empty if no elements were found. FALSE if optgroups were found.
1017
 */
1018 1019 1020 1021 1022 1023 1024 1025 1026 1027 1028 1029 1030
function form_get_options($element, $key) {
  $keys = array();
  foreach ($element['#options'] as $index => $choice) {
    if (is_array($choice)) {
      return FALSE;
    }
    else if (is_object($choice)) {
      if (isset($choice->option[$key])) {
        $keys[] = $index;
      }
    }
    else if ($index == $key) {
      $keys[] = $index;
1031 1032
    }
  }
1033
  return $keys;
1034 1035
}

1036 1037 1038 1039 1040
/**
 * Format a group of form items.
 *
 * @param $element
 *   An associative array containing the properties of the element.
1041
 *   Properties used: attributes, title, value, description, children, collapsible, collapsed
1042 1043 1044 1045
 * @return
 *   A themed HTML string representing the form item group.
 */
function theme_fieldset($element) {
1046
  if ($element['#collapsible']) {
1047 1048
    drupal_add_js('misc/collapse.js');

1049 1050 1051 1052
    if (!isset($element['#attributes']['class'])) {
      $element['#attributes']['class'] = '';
    }

1053 1054 1055
    $element['#attributes']['class'] .= ' collapsible';
    if ($element['#collapsed']) {
     $element['#attributes']['class'] .= ' collapsed';
1056 1057 1058
    }
  }

1059
  return '<fieldset' . drupal_attributes($element['#attributes']) .'>' . ($element['#title'] ? '<legend>'. $element['#title'] .'</legend>' : '') . (isset($element['#description']) && $element['#description'] ? '<div class="description">'. $element['#description'] .'</div>' : '') . (!empty($element['#children']) ? $element['#children'] : '') . $element['#value'] . "</fieldset>\n";
1060 1061 1062 1063 1064 1065 1066
}

/**
 * Format a radio button.
 *
 * @param $element
 *   An associative array containing the properties of the element.
1067
 *   Properties used: required, return_value, value, attributes, title, description
1068 1069 1070 1071
 * @return
 *   A themed HTML string representing the form item group.
 */
function theme_radio($element) {
1072
  _form_set_class($element, array('form-radio'));
1073
  $output = '<input type="radio" ';
1074 1075 1076 1077 1078 1079
  $output .= 'name="' . $element['#name'] .'" ';
  $output .= 'value="'. $element['#return_value'] .'" ';
  $output .= ($element['#value'] == $element['#return_value']) ? ' checked="checked" ' : ' ';
  $output .= drupal_attributes($element['#attributes']) .' />';
  if (!is_null($element['#title'])) {
    $output = '<label class="option">'. $output .' '. $element['#title'] .'</label>';
1080
  }
1081 1082 1083

  unset($element['#title']);
  return theme('form_element', $element, $output);
1084 1085 1086 1087 1088 1089 1090
}

/**
 * Format a set of radio buttons.
 *
 * @param $element
 *   An associative array containing the properties of the element.
1091
 *   Properties used: title, value, options, description, required and attributes.
1092 1093 1094 1095
 * @return
 *   A themed HTML string representing the radio button set.
 */
function theme_radios($element) {
1096 1097 1098 1099
  $class = 'form-radios';
  if (isset($element['#attributes']['class'])) {
    $class .= ' '. $element['#attributes']['class'];
  }
1100
  $element['#children'] = '<div class="'. $class .'">'. (!empty($element['#children']) ? $element['#children'] : '') .'</div>';
1101
  if ($element['#title'] || $element['#description']) {
1102 1103
    unset($element['#id']);
    return theme('form_element', $element, $element['#children']);
1104 1105
  }
  else {
1106
    return $element['#children'];
1107 1108 1109
  }
}

1110 1111 1112 1113 1114 1115 1116 1117 1118 1119
/**
 * Format a password_confirm item.
 *
 * @param $element
 *   An associative array containing the properties of the element.
 *   Properties used: title, value, id, required, error.
 * @return
 *   A themed HTML string representing the form item.
 */
function theme_password_confirm($element) {
Dries's avatar
Dries committed
1120
  return theme('form_element', $element, $element['#children']);
1121 1122
}

1123 1124 1125 1126
/*
 * Expand a password_confirm field into two text boxes.
 */
function expand_password_confirm($element) {
Dries's avatar
Dries committed
1127 1128 1129 1130 1131 1132 1133 1134 1135 1136
  $element['pass1'] =  array(
    '#type' => 'password',
    '#title' => t('Password'),
    '#value' => $element['#value']['pass1'],
  );
  $element['pass2'] =  array(
    '#type' => 'password',
    '#title' => t('Confirm password'),
    '#value' => $element['#value']['pass2'],
  );
1137 1138 1139
  $element['#validate'] = array('password_confirm_validate' => array());
  $element['#tree'] = TRUE;

1140 1141 1142 1143
  if (isset($element['#size'])) {
    $element['pass1']['#size'] = $element['pass2']['#size'] = $element['#size'];
  }

1144 1145 1146
  return $element;
}

1147
/**
1148
 * Validate password_confirm element.
1149
 */
1150
function password_confirm_validate($form) {
1151 1152
  $pass1 = trim($form['pass1']['#value']);
  if (!empty($pass1)) {
1153
    $pass2 = trim($form['pass2']['#value']);
1154
    if ($pass1 != $pass2) {
1155
      form_error($form, t('The specified passwords do not match.'));
1156
    }
1157
  }
1158
  elseif ($form['#required'] && !empty($form['#post'])) {
1159
    form_error($form, t('Password field is required.'));
1160
  }
1161

1162 1163 1164 1165 1166 1167
  // Password field must be converted from a two-element array into a single
  // string regardless of validation results.
  form_set_value($form['pass1'], NULL);
  form_set_value($form['pass2'], NULL);
  form_set_value($form, $pass1);

1168 1169 1170
  return $form;
}

1171
/**
1172
 * Format a date selection element.
1173 1174 1175
 *
 * @param $element
 *   An associative array containing the properties of the element.
1176
 *   Properties used: title, value, options, description, required and attributes.
1177
 * @return
1178
 *   A themed HTML string representing the date selection boxes.
1179 1180
 */
function theme_date($element) {
1181
  return theme('form_element', $element, '<div class="container-inline">'. $element['#children'] .'</div>');
1182 1183