form.inc 136 KB
Newer Older
1
<?php
2 3
// $Id$

4
/**
5 6 7 8 9 10
 * @defgroup forms Form builder functions
 * @{
 * Functions that build an abstract representation of a HTML form.
 *
 * All modules should declare their form builder functions to be in this
 * group and each builder function should reference its validate and submit
11
 * functions using \@see. Conversely, validate and submit functions should
12
 * reference the form builder function using \@see. For examples, of this see
13
 * system_modules_uninstall() or user_pass(), the latter of which has the
14 15 16 17 18 19 20 21 22 23 24
 * following in its doxygen documentation:
 *
 * \@ingroup forms
 * \@see user_pass_validate().
 * \@see user_pass_submit().
 *
 * @} End of "defgroup forms".
 */

/**
 * @defgroup form_api Form generation
25
 * @{
26
 * Functions to enable the processing and display of HTML forms.
27
 *
28 29 30 31
 * Drupal uses these functions to achieve consistency in its form processing and
 * presentation, while simplifying code and reducing the amount of HTML that
 * must be explicitly generated by modules.
 *
32
 * The drupal_get_form() function handles retrieving and processing an HTML
33
 * form for modules automatically. For example:
34
 *
35
 * @code
36 37
 *   // Display the user registration form.
 *   $output = drupal_get_form('user_register_form');
38
 * @endcode
39 40
 *
 * Forms can also be built and submitted programmatically without any user input
41
 * using the drupal_form_submit() function.
42 43
 *
 * For information on the format of the structured arrays used to define forms,
44
 * and more detailed explanations of the Form API workflow, see the
45 46
 * @link http://api.drupal.org/api/file/developer/topics/forms_api_reference.html reference @endlink
 * and the @link http://api.drupal.org/api/file/developer/topics/forms_api.html quickstart guide. @endlink
47 48 49
 */

/**
50
 * Wrapper for drupal_build_form() for use when $form_state is not needed.
51 52
 *
 * @param $form_id
53 54 55 56 57 58
 *   The unique string identifying the desired form. If a function with that
 *   name exists, it is called to build the form array. Modules that need to
 *   generate the same form (or very similar forms) using different $form_ids
 *   can implement hook_forms(), which maps different $form_id values to the
 *   proper form constructor function. Examples may be found in node_forms(),
 *   search_forms(), and user_forms().
59
 * @param ...
60
 *   Any additional arguments are passed on to the functions called by
61 62 63
 *   drupal_get_form(), including the unique form constructor function. For
 *   example, the node_edit form requires that a node object is passed in here
 *   when it is called.
64
 *
65
 * @return
66
 *   The form array.
67 68
 *
 * @see drupal_build_form()
69 70
 */
function drupal_get_form($form_id) {
71
  $form_state = array();
72 73

  $args = func_get_args();
74 75
  // Remove $form_id from the arguments.
  array_shift($args);
76
  $form_state['build_info']['args'] = $args;
77 78 79 80 81

  return drupal_build_form($form_id, $form_state);
}

/**
82
 * Build and process a form based on a form id.
83 84 85
 *
 * The form may also be retrieved from the cache if the form was built in a
 * previous page-load. The form is then passed on for processing, validation
86
 * and submission if there is proper input.
87 88 89 90 91 92 93 94 95 96
 *
 * @param $form_id
 *   The unique string identifying the desired form. If a function with that
 *   name exists, it is called to build the form array. Modules that need to
 *   generate the same form (or very similar forms) using different $form_ids
 *   can implement hook_forms(), which maps different $form_id values to the
 *   proper form constructor function. Examples may be found in node_forms(),
 *   search_forms(), and user_forms().
 * @param &$form_state
 *   An array which stores information about the form. This is passed as a
97
 *   reference so that the caller can use it to examine what in the form changed
98 99 100
 *   when the form submission process is complete. Furthermore, it may be used
 *   to store information related to the processed data in the form, which will
 *   persist across page requests when the 'cache' or 'rebuild' flag is set.
101 102
 *   The following parameters may be set in $form_state to affect how the form
 *   is rendered:
103 104 105 106 107 108 109
 *   - build_info: A keyed array of build information that is necessary to
 *     rebuild the form from cache when the original context may no longer be
 *     available:
 *     - args: An array of arguments to pass to the form builder.
 *     - file: An optional include file that contains the form and is
 *       automatically loaded by form_get_cache(). Defaults to the current menu
 *       router item's 'file' definition, if existent.
110 111 112 113 114 115 116 117 118 119 120
 *   - rebuild: Normally, after the entire form processing is completed and
 *     submit handlers ran, a form is considered to be done and
 *     drupal_redirect_form() will redirect the user to a new page using a GET
 *     request (so a browser refresh does not re-submit the form). However, if
 *     'rebuild' has been set to TRUE, then a new copy of the form is
 *     immediately built and sent to the browser; instead of a redirect. This is
 *     used for multi-step forms, such as wizards and confirmation forms. Also,
 *     if a form validation handler has set 'rebuild' to TRUE and a validation
 *     error occurred, then the form is rebuilt prior to being returned,
 *     enabling form elements to be altered, as appropriate to the particular
 *     validation error.
121 122 123 124 125 126 127 128
 *   - input: An array of input that corresponds to $_POST or $_GET, depending
 *     on the 'method' chosen (see below).
 *   - method: The HTTP form method to use for finding the input for this form.
 *     May be 'post' or 'get'. Defaults to 'post'. Note that 'get' method
 *     forms do not use form ids so are always considered to be submitted, which
 *     can have unexpected effects. The 'get' method should only be used on
 *     forms that do not change data, as that is exclusively the domain of post.
 *   - no_redirect: If set to TRUE the form will NOT perform a drupal_goto(),
129 130 131 132 133
 *     even if 'redirect' is set.
 *   - cache: If set to TRUE the original, unprocessed form structure will be
 *     cached, which allows to rebuild the entire form from cache.
 *   - no_cache: If set to TRUE the form will NOT be cached, even if 'cache' is
 *     set.
134 135 136 137 138 139 140 141 142
 *   - always_process: If TRUE and the method is GET, a form_id is not
 *     necessary. This should only be used on RESTful GET forms that do NOT
 *     write data, as this could lead to security issues. It is useful so that
 *     searches do not need to have a form_id in their query arguments to
 *     trigger the search.
 *   - must_validate: Ordinarily, a form is only validated once but there are
 *     times when a form is resubmitted internally and should be validated
 *     again. Setting this to TRUE will force that to happen. This is most
 *     likely to occur during AHAH or AJAX operations.
143 144 145 146
 *   - temporary: An array holding temporary data accessible during the current
 *     page request only. It may be used to temporary save any data that doesn't
 *     need to or shouldn't be cached during the whole form workflow, e.g. data
 *     that needs to be accessed during the current form build process only.
147 148 149 150
 *   - wrapper_callback: Modules that wish to pre-populate certain forms with
 *     common elements, such as back/next/save buttons in multi-step form
 *     wizards, may define a form builder function name that returns a form
 *     structure, which is passed on to the actual form builder function.
151 152 153 154
 *     Such implementations may either define the 'wrapper_callback' via
 *     hook_forms() or have to invoke drupal_build_form() (instead of
 *     drupal_get_form()) on their own in a custom menu callback to prepare
 *     $form_state accordingly.
155 156 157
 *   Further $form_state properties controlling the redirection behavior after
 *   form submission may be found in drupal_redirect_form().
 *
158 159
 * @return
 *   The rendered form or NULL, depending upon the $form_state flags that were set.
160 161
 *
 * @see drupal_redirect_form()
162 163 164 165 166 167 168 169 170
 */
function drupal_build_form($form_id, &$form_state) {
  // Ensure some defaults; if already set they will not be overridden.
  $form_state += form_state_defaults();

  if (!isset($form_state['input'])) {
    $form_state['input'] = $form_state['method'] == 'get' ? $_GET : $_POST;
  }

171 172 173 174 175 176
  if (isset($_SESSION['batch_form_state'])) {
    // We've been redirected here after a batch processing : the form has
    // already been processed, so we grab the post-process $form_state value
    // and move on to form display. See _batch_finished() function.
    $form_state = $_SESSION['batch_form_state'];
    unset($_SESSION['batch_form_state']);
177 178
  }
  else {
179
    // If the incoming input contains a form_build_id, we'll check the
180 181 182 183
    // cache for a copy of the form in question. If it's there, we don't
    // have to rebuild the form to proceed. In addition, if there is stored
    // form_state data from a previous step, we'll retrieve it so it can
    // be passed on to the form processing code.
184
    if (isset($form_state['input']['form_id']) && $form_state['input']['form_id'] == $form_id && !empty($form_state['input']['form_build_id'])) {
185 186
      $form_build_id = $form_state['input']['form_build_id'];
      $form = form_get_cache($form_build_id, $form_state);
187 188
    }

189 190 191 192
    // If the previous bit of code didn't result in a populated $form
    // object, we're hitting the form for the first time and we need
    // to build it from scratch.
    if (!isset($form)) {
193 194
      // Record the filepath of the include file containing the original form,
      // so the form builder callbacks can be loaded when the form is being
195 196 197
      // rebuilt from cache on a different path (such as 'system/ajax'). See
      // form_get_cache(). 
      // $menu_get_item() is not available at installation time.
198
      if (!isset($form_state['build_info']['file']) && !defined('MAINTENANCE_MODE')) {
199 200
        $item = menu_get_item();
        if (!empty($item['file'])) {
201
          $form_state['build_info']['file'] = $item['file'];
202 203 204
        }
      }

205 206 207 208
      $form = drupal_retrieve_form($form_id, $form_state);
      $form_build_id = 'form-' . md5(uniqid(mt_rand(), TRUE));
      $form['#build_id'] = $form_build_id;

209 210 211 212 213
      // Fix the form method, if it is 'get' in $form_state, but not in $form.
      if ($form_state['method'] == 'get' && !isset($form['#method'])) {
        $form['#method'] = 'get';
      }

214
      drupal_prepare_form($form_id, $form, $form_state);
215 216
      // Store a copy of the unprocessed form to cache in case
      // $form_state['cache'] is set.
217
      $original_form = $form;
218
    }
219

220 221 222 223 224 225 226 227 228 229 230 231 232 233 234
    // Now that we know we have a form, we'll process it (validating,
    // submitting, and handling the results returned by its submission
    // handlers. Submit handlers accumulate data in the form_state by
    // altering the $form_state variable, which is passed into them by
    // reference.
    drupal_process_form($form_id, $form, $form_state);
  }

  // Most simple, single-step forms will be finished by this point --
  // drupal_process_form() usually redirects to another page (or to
  // a 'fresh' copy of the form) once processing is complete. If one
  // of the form's handlers has set $form_state['redirect'] to FALSE,
  // the form will simply be re-rendered with the values still in its
  // fields.
  //
235
  // If $form_state['rebuild'] has been set and input has been processed, we
236 237 238
  // know that we're in a multi-part process of some sort and the form's
  // workflow is not complete. We need to construct a fresh copy of the form,
  // passing in the latest $form_state in addition to any other variables passed
239
  // into drupal_get_form().
240
  if ($form_state['rebuild'] && $form_state['process_input'] && !form_get_errors()) {
241
    $form = drupal_rebuild_form($form_id, $form_state);
242
  }
243 244 245 246 247 248 249 250 251 252 253 254 255 256
  // After processing the form, the form builder or a #process callback may
  // have set $form_state['cache'] to indicate that the original form and the
  // $form_state shall be cached. But the form may only be cached if the
  // special 'no_cache' property is not set to TRUE and we are not rebuilding.
  elseif (isset($form_build_id) && $form_state['cache'] && empty($form_state['no_cache'])) {
    // Cache the original, unprocessed form upon initial build of the form.
    if (isset($original_form)) {
      form_set_cache($form_build_id, $original_form, $form_state);
    }
    // After processing a cached form, only update the cached form state.
    else {
      form_set_cache($form_build_id, NULL, $form_state);
    }
  }
257

258 259
  // Don't override #theme if someone already set it.
  if (!isset($form['#theme'])) {
260
    drupal_theme_initialize();
261 262 263 264 265
    $registry = theme_get_registry();
    if (isset($registry[$form_id])) {
      $form['#theme'] = $form_id;
    }
  }
266

267
  return $form;
268
}
269

270 271 272 273 274
/**
 * Retrieve default values for the $form_state array.
 */
function form_state_defaults() {
  return array(
275 276
    'rebuild' => FALSE,
    'redirect' => NULL,
277 278
    'build_info' => array('args' => array()),
    'temporary' => array(),
279 280
    'submitted' => FALSE,
    'programmed' => FALSE,
281 282
    'cache'=> FALSE,
    'method' => 'post',
283
    'groups' => array(),
284
    'buttons' => array(),
285 286 287
  );
}

288
/**
289
 * Retrieves a form, caches it and processes it again.
290
 *
291 292
 * If your AJAX callback simulates the pressing of a button, then your AJAX
 * callback will need to do the same as what drupal_get_form() would do when the
293
 * button is pressed: get the form from the cache, run drupal_process_form over
294
 * it and then if it needs rebuild, run drupal_rebuild_form() over it. Then send
295
 * back a part of the returned form.
296 297 298
 * $form_state['triggering_element']['#array_parents'] will help you to find
 * which part.
 * @see ajax_form_callback() for an example.
299 300 301 302 303 304 305 306 307
 *
 * @param $form_id
 *   The unique string identifying the desired form. If a function
 *   with that name exists, it is called to build the form array.
 *   Modules that need to generate the same form (or very similar forms)
 *   using different $form_ids can implement hook_forms(), which maps
 *   different $form_id values to the proper form constructor function. Examples
 *   may be found in node_forms(), search_forms(), and user_forms().
 * @param $form_state
308
 *   A keyed array containing the current state of the form.
309 310 311 312 313 314 315
 * @param $form_build_id
 *   If the AHAH callback calling this function only alters part of the form,
 *   then pass in the existing form_build_id so we can re-cache with the same
 *   csid.
 * @return
 *   The newly built form.
 */
316
function drupal_rebuild_form($form_id, &$form_state, $form_build_id = NULL) {
317 318 319 320 321 322 323
  // AJAX and other contexts may call drupal_rebuild_form() even when
  // $form_state['rebuild'] isn't set, but _form_builder_handle_input_element()
  // needs to distinguish a rebuild from an initial build in order to process
  // user input correctly. Form constructors and form processing functions may
  // also need to handle a rebuild differently than an initial build.
  $form_state['rebuild'] = TRUE;

324
  $form = drupal_retrieve_form($form_id, $form_state);
325 326 327

  if (!isset($form_build_id)) {
    // We need a new build_id for the new version of the form.
328
    $form_build_id = 'form-' . md5(mt_rand());
329 330 331 332
  }
  $form['#build_id'] = $form_build_id;
  drupal_prepare_form($form_id, $form, $form_state);

333
  if (empty($form_state['no_cache'])) {
334 335
    // We cache the form structure and the form state so it can be retrieved
    // later for validation.
336 337
    form_set_cache($form_build_id, $form, $form_state);
  }
338

339 340
  // Clear out all group associations as these might be different when
  // re-rendering the form.
341 342
  $form_state['groups'] = array();

343 344 345
  // Do not call drupal_process_form(), since it would prevent the rebuilt form
  // to submit.
  $form = form_builder($form_id, $form, $form_state);
346 347 348
  return $form;
}

349 350 351 352
/**
 * Fetch a form from cache.
 */
function form_get_cache($form_build_id, &$form_state) {
353
  if ($cached = cache_get('form_' . $form_build_id, 'cache_form')) {
354
    $form = $cached->data;
355

356 357
    global $user;
    if ((isset($form['#cache_token']) && drupal_valid_token($form['#cache_token'])) || (!isset($form['#cache_token']) && !$user->uid)) {
358 359
      if ($cached = cache_get('form_state_' . $form_build_id, 'cache_form')) {
        // Re-populate $form_state for subsequent rebuilds.
360
        $form_state = $cached->data + $form_state;
361 362

        // If the original form is contained in an include file, load the file.
363
        // See drupal_build_form().
364 365 366
        if (!empty($form_state['build_info']['file']) && file_exists($form_state['build_info']['file'])) {
          require_once DRUPAL_ROOT . '/' . $form_state['build_info']['file'];
        }
367 368
      }
      return $form;
369 370 371 372 373
    }
  }
}

/**
374
 * Store a form in the cache.
375 376
 */
function form_set_cache($form_build_id, $form, $form_state) {
377 378
  // 6 hours cache life time for forms should be plenty.
  $expire = 21600;
379 380 381 382 383 384 385

  // Cache form structure.
  if (isset($form)) {
    if ($GLOBALS['user']->uid) {
      $form['#cache_token'] = drupal_get_token();
    }
    cache_set('form_' . $form_build_id, $form, 'cache_form', REQUEST_TIME + $expire);
386
  }
387 388

  // Cache form state.
389
  if ($data = array_diff_key($form_state, array_flip(form_state_keys_no_cache()))) {
390
    cache_set('form_state_' . $form_build_id, $data, 'cache_form', REQUEST_TIME + $expire);
391 392 393
  }
}

394 395 396 397 398 399 400 401 402 403 404 405 406 407
/**
 * Returns an array of $form_state keys that shouldn't be cached.
 */
function form_state_keys_no_cache() {
  return array(
    // Public properties defined by form constructors and form handlers.
    'always_process',
    'must_validate',
    'rebuild',
    'redirect',
    'no_redirect',
    'temporary',
    // Internal properties defined by form processing.
    'buttons',
408
    'triggering_element',
409 410 411 412 413 414 415 416 417 418 419 420
    'clicked_button',
    'complete form',
    'groups',
    'input',
    'method',
    'submit_handlers',
    'submitted',
    'validate_handlers',
    'values',
  );
}

421
/**
422 423 424 425 426 427 428 429
 * Retrieves, populates, and processes a form.
 *
 * This function allows you to supply values for form elements and submit a
 * form for processing. Compare to drupal_get_form(), which also builds and
 * processes a form, but does not allow you to supply values.
 *
 * There is no return value, but you can check to see if there are errors
 * by calling form_get_errors().
430 431 432 433 434 435
 *
 * @param $form_id
 *   The unique string identifying the desired form. If a function
 *   with that name exists, it is called to build the form array.
 *   Modules that need to generate the same form (or very similar forms)
 *   using different $form_ids can implement hook_forms(), which maps
436
 *   different $form_id values to the proper form constructor function. Examples
437
 *   may be found in node_forms(), search_forms(), and user_forms().
438
 * @param $form_state
439 440 441 442 443 444 445
 *   A keyed array containing the current state of the form. Most important is
 *   the $form_state['values'] collection, a tree of data used to simulate the
 *   incoming $_POST information from a user's form submission. If a key is not
 *   filled in $form_state['values'], then the default value of the respective
 *   element is used. To submit an unchecked checkbox or other control that
 *   browsers submit by not having a $_POST entry, include the key, but set the
 *   value to NULL.
446
 * @param ...
447
 *   Any additional arguments are passed on to the functions called by
448
 *   drupal_form_submit(), including the unique form constructor function.
449 450
 *   For example, the node_edit form requires that a node object be passed
 *   in here when it is called.
451
 * For example:
452
 * @code
453
 * // register a new user
454 455 456
 * $form_state = array();
 * $form_state['values']['name'] = 'robo-user';
 * $form_state['values']['mail'] = 'robouser@example.com';
457 458
 * $form_state['values']['pass']['pass1'] = 'password';
 * $form_state['values']['pass']['pass2'] = 'password';
459
 * $form_state['values']['op'] = t('Create new account');
460
 * drupal_form_submit('user_register_form', $form_state);
461
 * // Create a new node
462
 * $form_state = array();
463
 * module_load_include('inc', 'node', 'node.pages');
464
 * $node = array('type' => 'story');
465 466 467
 * $form_state['values']['title'] = 'My node';
 * $form_state['values']['body'] = 'This is the body text!';
 * $form_state['values']['name'] = 'robo-user';
468
 * $form_state['values']['op'] = t('Save');
469
 * drupal_form_submit('story_node_form', $form_state, (object)$node);
470
 * @endcode
471
 */
472
function drupal_form_submit($form_id, &$form_state) {
473
  if (!isset($form_state['build_info']['args'])) {
474 475 476
    $args = func_get_args();
    array_shift($args);
    array_shift($args);
477
    $form_state['build_info']['args'] = $args;
478
  }
479 480
  // Merge in default values.
  $form_state += form_state_defaults();
Dries's avatar
Dries committed
481

482 483 484
  $form = drupal_retrieve_form($form_id, $form_state);
  $form_state['input'] = $form_state['values'];
  $form_state['programmed'] = TRUE;
485 486
  // Programmed forms are always submitted.
  $form_state['submitted'] = TRUE;
487

488 489 490 491
  // Reset form validation.
  $form_state['must_validate'] = TRUE;
  form_clear_error();

492 493
  drupal_prepare_form($form_id, $form, $form_state);
  drupal_process_form($form_id, $form, $form_state);
494 495
}

496 497 498 499 500 501 502 503
/**
 * Retrieves the structured array that defines a given form.
 *
 * @param $form_id
 *   The unique string identifying the desired form. If a function
 *   with that name exists, it is called to build the form array.
 *   Modules that need to generate the same form (or very similar forms)
 *   using different $form_ids can implement hook_forms(), which maps
504
 *   different $form_id values to the proper form constructor function.
505
 * @param $form_state
506 507 508
 *   A keyed array containing the current state of the form, including the
 *   additional arguments to drupal_get_form() or drupal_form_submit() in the
 *   'args' component of the array.
509
 */
510
function drupal_retrieve_form($form_id, &$form_state) {
511
  $forms = &drupal_static(__FUNCTION__);
512

513
  // We save two copies of the incoming arguments: one for modules to use
514
  // when mapping form ids to constructor functions, and another to pass to
515
  // the constructor function itself.
516
  $args = $form_state['build_info']['args'];
517 518 519

  // We first check to see if there's a function named after the $form_id.
  // If there is, we simply pass the arguments on to it to get the form.
520
  if (!function_exists($form_id)) {
521
    // In cases where many form_ids need to share a central constructor function,
522
    // such as the node editing form, modules can implement hook_forms(). It
523
    // maps one or more form_ids to the correct constructor functions.
524 525 526 527 528 529 530 531 532
    //
    // We cache the results of that hook to save time, but that only works
    // for modules that know all their form_ids in advance. (A module that
    // adds a small 'rate this comment' form to each comment in a list
    // would need a unique form_id for each one, for example.)
    //
    // So, we call the hook if $forms isn't yet populated, OR if it doesn't
    // yet have an entry for the requested form_id.
    if (!isset($forms) || !isset($forms[$form_id])) {
533
      $forms = module_invoke_all('forms', $form_id, $args);
534 535 536 537 538 539 540 541
    }
    $form_definition = $forms[$form_id];
    if (isset($form_definition['callback arguments'])) {
      $args = array_merge($form_definition['callback arguments'], $args);
    }
    if (isset($form_definition['callback'])) {
      $callback = $form_definition['callback'];
    }
542 543 544 545 546
    // In case $form_state['wrapper_callback'] is not defined already, we also
    // allow hook_forms() to define one.
    if (!isset($form_state['wrapper_callback']) && isset($form_definition['wrapper_callback'])) {
      $form_state['wrapper_callback'] = $form_definition['wrapper_callback'];
    }
547
  }
548

549 550 551 552 553 554
  $form = array();
  // We need to pass $form_state by reference in order for forms to modify it,
  // since call_user_func_array() requires that referenced variables are passed
  // explicitly.
  $args = array_merge(array($form, &$form_state), $args);

555 556 557 558 559
  // When the passed $form_state (not using drupal_get_form()) defines a
  // 'wrapper_callback', then it requests to invoke a separate (wrapping) form
  // builder function to pre-populate the $form array with form elements, which
  // the actual form builder function ($callback) expects. This allows for
  // pre-populating a form with common elements for certain forms, such as
560
  // back/next/save buttons in multi-step form wizards. See drupal_build_form().
561
  if (isset($form_state['wrapper_callback']) && function_exists($form_state['wrapper_callback'])) {
562 563 564
    $form = call_user_func_array($form_state['wrapper_callback'], $args);
    // Put the prepopulated $form into $args.
    $args[0] = $form;
565
  }
566

567 568
  // If $callback was returned by a hook_forms() implementation, call it.
  // Otherwise, call the function named after the form id.
569
  $form = call_user_func_array(isset($callback) ? $callback : $form_id, $args);
570
  $form['#form_id'] = $form_id;
571

572
  return $form;
573 574 575
}

/**
576 577
 * Processes a form submission.
 *
578 579 580 581 582
 * This function is the heart of form API. The form gets built, validated and in
 * appropriate cases, submitted.
 *
 * @param $form_id
 *   The unique string identifying the current form.
583 584
 * @param $form
 *   An associative array containing the structure of the form.
585 586
 * @param $form_state
 *   A keyed array containing the current state of the form. This
Dries's avatar
Dries committed
587
 *   includes the current persistent storage data for the form, and
588 589 590
 *   any data passed along by earlier steps when displaying a
 *   multi-step form. Additional information, like the sanitized $_POST
 *   data, is also accumulated here.
591
 */
592 593 594
function drupal_process_form($form_id, &$form, &$form_state) {
  $form_state['values'] = array();

595 596 597 598 599 600 601 602 603 604 605 606 607
  // With $_GET, these forms are always submitted if requested.
  if ($form_state['method'] == 'get' && !empty($form_state['always_process'])) {
    if (!isset($form_state['input']['form_build_id'])) {
      $form_state['input']['form_build_id'] = $form['#build_id'];
    }
    if (!isset($form_state['input']['form_id'])) {
      $form_state['input']['form_id'] = $form_id;
    }
    if (!isset($form_state['input']['form_token']) && isset($form['#token'])) {
      $form_state['input']['form_token'] = drupal_get_token($form['#token']);
    }
  }

608
  // Build the form.
609
  $form = form_builder($form_id, $form, $form_state);
610 611 612

  // Only process the input if we have a correct form submission.
  if ($form_state['process_input']) {
613 614
    drupal_validate_form($form_id, $form, $form_state);

615
    // drupal_html_id() maintains a cache of element IDs it has seen,
616
    // so it can prevent duplicates. We want to be sure we reset that
617
    // cache when a form is processed, so scenarios that result in
618 619
    // the form being built behind the scenes and again for the
    // browser don't increment all the element IDs needlessly.
620
    drupal_static_reset('drupal_html_id');
621

622 623
    if ($form_state['submitted'] && !form_get_errors() && !$form_state['rebuild']) {
      // Execute form submit handlers.
624 625 626 627 628
      form_execute_handlers('submit', $form, $form_state);

      // We'll clear out the cached copies of the form and its stored data
      // here, as we've finished with them. The in-memory copies are still
      // here, though.
629
      if (variable_get('cache', CACHE_DISABLED) == CACHE_DISABLED && !empty($form_state['values']['form_build_id'])) {
630 631
        cache_clear_all('form_' . $form_state['values']['form_build_id'], 'cache_form');
        cache_clear_all('storage_' . $form_state['values']['form_build_id'], 'cache_form');
632 633 634
      }

      // If batches were set in the submit handlers, we process them now,
635 636
      // possibly ending execution. We make sure we do not react to the batch
      // that is already being processed (if a batch operation performs a
637
      // drupal_form_submit).
638
      if ($batch =& batch_get() && !isset($batch['current_set'])) {
639 640 641 642 643 644 645 646 647 648 649 650 651 652
        // Store $form_state information in the batch definition.
        // We need the full $form_state when either:
        // - Some submit handlers were saved to be called during batch
        //   processing. See form_execute_handlers().
        // - The form is multistep.
        // In other cases, we only need the information expected by
        // drupal_redirect_form().
        if ($batch['has_form_submits'] || !empty($form_state['rebuild']) || !empty($form_state['storage'])) {
          $batch['form_state'] = $form_state;
        }
        else {
          $batch['form_state'] = array_intersect_key($form_state, array_flip(array('programmed', 'rebuild', 'storage', 'no_redirect', 'redirect')));
        }

653
        $batch['progressive'] = !$form_state['programmed'];
654
        batch_process();
655

656 657 658 659
        // Execution continues only for programmatic forms.
        // For 'regular' forms, we get redirected to the batch processing
        // page. Form redirection will be handled in _batch_finished(),
        // after the batch is processed.
660
      }
661

662 663 664
      // Set a flag to indicate the the form has been processed and executed.
      $form_state['executed'] = TRUE;

665 666
      // Redirect the form based on values in $form_state.
      drupal_redirect_form($form_state);
667 668 669 670 671 672 673 674 675 676 677 678 679 680
    }
  }
}

/**
 * Prepares a structured form array by adding required elements,
 * executing any hook_form_alter functions, and optionally inserting
 * a validation token to prevent tampering.
 *
 * @param $form_id
 *   A unique string identifying the form for validation, submission,
 *   theming, and hook_form_alter functions.
 * @param $form
 *   An associative array containing the structure of the form.
681 682 683
 * @param $form_state
 *   A keyed array containing the current state of the form. Passed
 *   in here so that hook_form_alter() calls can use it, as well.
684
 */
685
function drupal_prepare_form($form_id, &$form, &$form_state) {
686 687
  global $user;

688
  $form['#type'] = 'form';
689
  $form_state['programmed'] = isset($form_state['programmed']) ? $form_state['programmed'] : FALSE;
690

691 692 693 694 695 696 697 698 699
  if (isset($form['#build_id'])) {
    $form['form_build_id'] = array(
      '#type' => 'hidden',
      '#value' => $form['#build_id'],
      '#id' => $form['#build_id'],
      '#name' => 'form_build_id',
    );
  }

700 701 702 703
  // Add a token, based on either #token or form_id, to any form displayed to
  // authenticated users. This ensures that any submitted form was actually
  // requested previously by the user and protects against cross site request
  // forgeries.
704 705 706 707 708 709 710 711
  // This does not apply to programmatically submitted forms. Furthermore, since
  // tokens are session-bound and forms displayed to anonymous users are very
  // likely cached, we cannot assign a token for them.
  // During installation, there is no $user yet.
  if (!empty($user->uid) && !$form_state['programmed']) {
    // Form constructors may explicitly set #token to FALSE when cross site
    // request forgery is irrelevant to the form, such as search forms.
    if (isset($form['#token']) && $form['#token'] === FALSE) {
712
      unset($form['#token']);
713
    }
714
    // Otherwise, generate a public token based on the form id.
715
    else {
716 717 718 719 720 721
      $form['#token'] = $form_id;
      $form['form_token'] = array(
        '#id' => drupal_html_id('edit-' . $form_id . '-form-token'),
        '#type' => 'token',
        '#default_value' => drupal_get_token($form['#token']),
      );
722
    }
723
  }
724

725
  if (isset($form_id)) {
726 727 728
    $form['form_id'] = array(
      '#type' => 'hidden',
      '#value' => $form_id,
729
      '#id' => drupal_html_id("edit-$form_id"),
730
    );
731
  }
732
  if (!isset($form['#id'])) {
733
    $form['#id'] = drupal_html_id($form_id);
734
  }
735

736
  $form += element_info('form');
737
  $form += array('#tree' => FALSE, '#parents' => array());
738

Dries's avatar
Dries committed
739
  if (!isset($form['#validate'])) {
740
    if (function_exists($form_id . '_validate')) {
741
      $form['#validate'] = array($form_id . '_validate');
Dries's avatar
Dries committed
742 743 744
    }
  }

745
  if (!isset($form['#submit'])) {
746
    if (function_exists($form_id . '_submit')) {
747
      // We set submit here so that it can be altered.
748
      $form['#submit'] = array($form_id . '_submit');
Dries's avatar
Dries committed
749 750 751
    }
  }

752 753 754 755 756
  // Invoke hook_form_FORM_ID_alter() implementations.
  drupal_alter('form_' . $form_id, $form, $form_state);

  // Invoke hook_form_alter() implementations.
  drupal_alter('form', $form, $form_state, $form_id);
757 758
}

759 760

/**
761
 * Validates user-submitted form data from the $form_state using
762 763 764 765 766 767
 * the validate functions defined in a structured form array.
 *
 * @param $form_id
 *   A unique string identifying the form for validation, submission,
 *   theming, and hook_form_alter functions.
 * @param $form
768 769 770 771 772 773 774
 *   An associative array containing the structure of the form, which is passed
 *   by reference. Form validation handlers are able to alter the form structure
 *   (like #process and #after_build callbacks during form building) in case of
 *   a validation error. If a validation handler alters the form structure, it
 *   is responsible for validating the values of changed form elements in
 *   $form_state['values'] to prevent form submit handlers from receiving
 *   unvalidated values.
775 776 777 778 779 780
 * @param $form_state
 *   A keyed array containing the current state of the form. The current
 *   user-submitted data is stored in $form_state['values'], though
 *   form validation functions are passed an explicit copy of the
 *   values for the sake of simplicity. Validation handlers can also
 *   $form_state to pass information on to submit handlers. For example:
781
 *     $form_state['data_for_submission'] = $data;
782 783 784
 *   This technique is useful when validation requires file parsing,
 *   web service requests, or other expensive requests that should
 *   not be repeated in the submission step.
785
 */
786
function drupal_validate_form($form_id, &$form, &$form_state) {
787
  $validated_forms = &drupal_static(__FUNCTION__, array());
788

789
  if (isset($validated_forms[$form_id]) && empty($form_state['must_validate'])) {
790 791
    return;
  }
792

793
  // If the session token was set by drupal_prepare_form(), ensure that it
794
  // matches the current user's session.
795
  if (isset($form['#token'])) {
796
    if (!drupal_valid_token($form_state['values']['form_token'], $form['#token'])) {
797
      // Setting this error will cause the form to fail validation.
798
      form_set_error('form_token', t('Validation error, please try again. If this error persists, please contact the site administrator.'));
799 800 801
    }
  }

802
  _form_validate($form, $form_state, $form_id);
803
  $validated_forms[$form_id] = TRUE;
804 805
}

806
/**
807 808 809 810 811 812 813 814 815 816 817 818 819 820 821 822 823 824 825 826 827 828 829 830 831 832
 * Redirects the user to a URL after a form has been processed.
 *
 * After a form was executed, the data in $form_state controls whether the form
 * is redirected. By default, we redirect to a new destination page. The path of
 * the destination page can be set in $form_state['redirect']. If that is not
 * set, the user is redirected to the current page to display a fresh,
 * unpopulated copy of the form.
 *
 * There are several triggers that may prevent a redirection though:
 * - If $form_state['redirect'] is FALSE, a form builder function or form
 *   validation/submit handler does not want a user to be redirected, which
 *   means that drupal_goto() is not invoked. For most forms, the redirection
 *   logic will be the same regardless of whether $form_state['redirect'] is
 *   undefined or FALSE. However, in case it was not defined and the current
 *   request contains a 'destination' query string, drupal_goto() will redirect
 *   to that given destination instead. Only setting $form_state['redirect'] to
 *   FALSE will prevent any redirection.
 * - If $form_state['no_redirect'] is TRUE, then the callback that originally
 *   built the form explicitly disallows any redirection, regardless of the
 *   redirection value in $form_state['redirect']. For example, ajax_get_form()
 *   defines $form_state['no_redirect'] when building a form in an AJAX
 *   callback to prevent any redirection. $form_state['no_redirect'] should NOT
 *   be altered by form builder functions or form validation/submit handlers.
 * - If $form_state['programmed'] is TRUE, the form submission was usually
 *   invoked via drupal_form_submit(), so any redirection would break the script
 *   that invoked drupal_form_submit().
833
 * - If $form_state['rebuild'] is TRUE, the form needs to be rebuilt without
834
 *   redirection.
835
 *
836 837 838 839 840
 * @param $form_state
 *   A keyed array containing the current state of the form.
 *
 * @see drupal_process_form()
 * @see drupal_build_form()
841
 */
842 843 844 845
function drupal_redirect_form($form_state) {
  // Skip redirection for form submissions invoked via drupal_form_submit().
  if (!empty($form_state['programmed'])) {
    return;
846
  }
847 848
  // Skip redirection if rebuild is activated.
  if (!empty($form_state['rebuild'])) {
849 850 851 852 853
    return;
  }
  // Skip redirection if it was explicitly disallowed.
  if (!empty($form_state['no_redirect'])) {
    return;
854
  }
855 856 857 858 859
  // Only invoke drupal_goto() if redirect value was not set to FALSE.
  if (!isset($form_state['redirect']) || $form_state['redirect'] !== FALSE) {
    if (isset($form_state['redirect'])) {
      if (is_array($form_state['redirect'])) {
        call_user_func_array('drupal_goto', $form_state['redirect']);
860 861
      }
      else {
862 863 864 865
        // This function can be called from the installer, which guarantees
        // that $redirect will always be a string, so catch that case here
        // and use the appropriate redirect function.
        $function = drupal_installation_attempted() ? 'install_goto' : 'drupal_goto';
866
        $function($form_state['redirect']);
867 868 869 870
      }
    }
    drupal_goto($_GET['q']);
  }
871 872
}

873 874 875 876 877 878 879
/**
 * Performs validation on form elements. First ensures required fields are
 * completed, #maxlength is not exceeded, and selected options were in the
 * list of options given to the user. Then calls user-defined validators.
 *
 * @param $elements
 *   An associative array containing the structure of the form.
880 881 882 883 884 885
 * @param $form_state
 *   A keyed array containing the current state of the form. The current
 *   user-submitted data is stored in $form_state['values'], though
 *   form validation functions are passed an explicit copy of the
 *   values for the sake of simplicity. Validation handlers can also
 *   $form_state to pass information on to submit handlers. For example:
886
 *     $form_state['data_for_submission'] = $data;
887 888 889
 *   This technique is useful when validation requires file parsing,
 *   web service requests, or other expensive requests that should
 *   not be repeated in the submission step.
890 891 892 893
 * @param $form_id
 *   A unique string identifying the form for validation, submission,
 *   theming, and hook_form_alter functions.
 */
894
function _form_validate(&$elements, &$form_state, $form_id = NULL) {
895 896
  // Also used in the installer, pre-database setup.
  $t = get_t();
897

898 899 900
  // Recurse through all children.
  foreach (element_children($elements) as $key) {
    if (isset($elements[$key]) && $elements[$key]) {
901
      _form_validate($elements[$key], $form_state);
902 903
    }
  }
904

905
  // Validate the current input.
906
  if (!isset($elements['#validated']) || !$elements['#validated']) {
907
    // The following errors are always shown.
908
    if (isset($elements['#needs_validation'])) {
909 910
      // Verify that the value is not longer than #maxlength.
      if (isset($elements['#maxlength']) && drupal_strlen($elements['#value']) > $elements['#maxlength']) {
911
        form_error($elements, $t('!name cannot be longer than %max characters but is currently %length characters long.', array('!name' => empty($elements['#title']) ? $elements['#parents'][0] : $elements['#title'], '%max' => $elements['#maxlength'], '%length' => drupal_strlen($elements['#value']))));
912 913
      }

914
      if (isset($elements['#options']) && isset($elements['#value'])) {
915 916 917 918 919 920 921 922 923 924
        if ($elements['#type'] == 'select') {
          $options = form_options_flatten($elements['#options']);
        }
        else {
          $options = $elements['#options'];
        }
        if (is_array($elements['#value'])) {
          $value = $elements['#type'] == 'checkboxes' ? array_keys(array_filter($elements['#value'])) : $elements['#value'];
          foreach ($value as $v) {
            if (!isset($options[$v])) {
925
              form_error($elements, $t('An illegal choice has been detected. Please contact the site administrator.'));
926
              watchdog('form', 'Illegal choice %choice in !name element.', array('%choice' => $v, '!name' => empty($elements['#title']) ? $elements['#parents'][0] : $elements['#title']), WATCHDOG_ERROR);
927
            }
928 929
          }
        }
930
        elseif (!isset($options[$elements['#value']])) {
931
          form_error($elements, $t('An illegal choice has been detected. Please contact the site administrator.'));
932
          watchdog('form', 'Illegal choice %choice in %name element.', array('%choice' => $elements['#value'], '%name' => empty($elements['#title']) ? $elements['#parents'][0] : $elements['#title']), WATCHDOG_ERROR);
933
        }
934 935 936
      }
    }

937 938 939 940
    // While this element is being validated, it may be desired that some calls
    // to form_set_error() be suppressed and not result in a form error, so
    // that a button that implements low-risk functionality (such as "Previous"
    // or "Add more") that doesn't require all user input to be valid can still
941
    // have its submit handlers triggered. The triggering element's
942 943
    // #limit_validation_errors property contains the information for which
    // errors are needed, and all other errors are to be suppressed. The
944 945 946 947 948 949
    // #limit_validation_errors property is ignored if submit handlers will run,
    // but the element doesn't have a #submit property, because it's too large a
    // security risk to have any invalid user input when executing form-level
    // submit handlers.
    if (isset($form_state['triggering_element']['#limit_validation_errors']) && ($form_state['triggering_element']['#limit_validation_errors'] !== FALSE) && !($form_state['submitted'] && !isset($form_state['triggering_element']['#submit']))) {
      form_set_error(NULL, '', $form_state['triggering_element']['#limit_validation_errors']);
950
    }
951 952 953 954 955 956 957 958 959 960 961 962 963 964 965
    // If submit handlers won't run (due to the submission having been triggered
    // by an element whose #executes_submit_callback property isn't TRUE), then
    // it's safe to suppress all validation errors, and we do so by default,
    // which is particularly useful during an AJAX submission triggered by a
    // non-button. An element can override this default by setting the
    // #limit_validation_errors property. For button element types,
    // #limit_validation_errors defaults to FALSE (via system_element_info()),
    // so that full validation is their default behavior.
    elseif (isset($form_state['triggering_element']) && !isset($form_state['triggering_element']['#limit_validation_errors']) && !$form_state['submitted']) {
      form_set_error(NULL, '', array());
    }
    // As an extra security measure, explicitly turn off error suppression if
    // one of the above conditions wasn't met. Since this is also done at the
    // end of this function, doing it here is only to handle the rare edge case
    // where a validate handler invokes form processing of another form.
966 967 968
    else {
      drupal_static_reset('form_set_error:limit_validation_errors');
    }
969

970 971 972 973 974 975 976 977 978 979
    // Make sure a value is passed when the field is required.
    // A simple call to empty() will not cut it here as some fields, like
    // checkboxes, can return a valid value of '0'. Instead, check the
    // length if it's a string, and the item count if it's an array.
    // An unchecked checkbox has a #value of numeric 0, different than string
    // '0', which could be a valid value.
    if (isset($elements['#needs_validation']) && $elements['#required'] && (!count($elements['#value']) || (is_string($elements['#value']) && strlen(trim($elements['#value'])) == 0) || $elements['#value'] === 0)) {
      form_error($elements, $t('!name field is required.', array('!name' => $elements['#title'])));
    }

980
    // Call user-defined form level validators.
981 982 983 984 985 986 987
    if (isset($form_id)) {
      form_execute_handlers('validate', $elements, $form_state);
    }
    // Call any element-specific validators. These must act on the element
    // #value data.
    elseif (isset($elements['#element_validate'])) {
      foreach ($elements['#element_validate'] as $function) {
988 989
        $function($elements, $form_state, $form_state['complete form']);
      }
990
    }
991
    $elements['#validated'] = TRUE;
992
  }
993 994 995 996 997

  // Done validating this element, so turn off error suppression.
  // _form_validate() turns it on again when starting on the next element, if
  // it's still appropriate to do so.
  drupal_static_reset('form_set_error:limit_validation_errors');
998 999
}

1000 1001 1002 1003 1004 1005 1006 1007 1008 1009 1010 1011 1012 1013 1014 1015 1016
/**
 * A helper function used to execute custom validation and submission
 * handlers for a given form. Button-specific handlers are checked
 * first. If none exist, the function falls back to form-level handlers.
 *
 * @param $type
 *   The type of handler to execute. 'validate' or 'submit' are the
 *   defaults used by Form API.
 * @param $form
 *   An associative array containing the structure of the form.
 * @param $form_state
 *   A keyed array containing the current state of the form. If the user
 *   submitted the form by clicking a button with custom handler functions
 *   defined, those handlers will be stored here.
 */
function form_execute_handlers($type, &$form, &$form_state) {
  $return = FALSE;
1017
  // If there was a button pressed, use its handlers.
1018 1019
  if (isset($form_state[$type . '_handlers'])) {
    $handlers = $form_state[$type . '_handlers'];
1020
  }
1021
  // Otherwise, check for a form-level handler.
1022 1023
  elseif (isset($form['#' . $type])) {
    $handlers = $form['#' . $type];
1024 1025 1026 1027 1028 1029
  }
  else {
    $handlers = array();
  }

  foreach ($handlers as $function) {
1030 1031 1032 1033 1034 1035 1036
    // Check if a previous _submit handler has set a batch, but make sure we
    // do not react to a batch that is already being processed (for instance
    // if a batch operation performs a drupal_form_submit()).
    if ($type == 'submit' && ($batch =& batch_get()) && !isset($batch['id'])) {
      // Some previous submit handler has set a batch. To ensure correct
      // execution order, store the call in a special 'control' batch set.
      // See _batch_next_set().
1037
      $batch['sets'][] = array('form_submit' => $function);
1038
      $batch['has_form_submits'] = TRUE;
1039 1040 1041
    }
    else {
      $function($form, $form_state);
1042
    }
1043
    $return = TRUE;
1044 1045 1046 1047
  }
  return $return;
}

1048
/**
1049
 * Files an error against a form element.
1050 1051 1052 1053 1054 1055 1056 1057
 *
 * @param $name
 *   The name of the form element. If the #parents property of your form
 *   element is array('foo', 'bar', 'baz') then you may set an error on 'foo'
 *   or 'foo][bar][baz'. Setting an error on 'foo' sets an error for every
 *   element where the #parents array starts with 'foo'.
 * @param $message
 *   The error message to present to the user.
1058 1059 1060 1061 1062 1063 1064 1065 1066 1067 1068 1069 1070 1071 1072 1073 1074 1075 1076 1077 1078 1079 1080 1081 1082 1083 1084 1085 1086 1087 1088 1089 1090 1091 1092 1093 1094 1095 1096 1097 1098 1099 1100 1101 1102 1103 1104 1105 1106
 * @param $limit_validation_errors
 *   Internal use only. The #limit_validation_errors property of the clicked
 *   button if it exists. Multistep forms not wanting to validate the whole form
 *   can set the #limit_validation_errors property on buttons to avoid
 *   validation errors of some elements preventing the button's submit handlers
 *   from running. For example, pressing the "Previous" button should not fire
 *   validation errors just because the current step has invalid values. AJAX is
 *   another typical example.
 *   If this property is set on the clicked button, the button must also define
 *   its #submit property and those handlers will be executed even if there is
 *   invalid input, so extreme care should be taken with respect to what is
 *   performed by them. This is typically not a problem with buttons like
 *   "Previous" or "Add more" that do not invoke persistent storage of the
 *   submitted form values.
 *   Do not use the #limit_validation_errors property on buttons that trigger
 *   saving of form values to the database.
 *   The #limit_validation_errors property is a list of "sections" within
 *   $form_state['values'] that must contain valid values. Each "section" is an
 *   array with the ordered set of keys needed to reach that part of
 *   $form_state['values'] (i.e., the #parents property of the element).
 *   For example:
 *   @code
 *     $form['actions']['previous']['#limit_validation_errors'] = array(
 *       array('step1'),
 *       array('foo', 'bar'),
 *     );
 *   @endcode
 *   This will require $form_state['values']['step1'] and everything within it
 *   (for example, $form_state['values']['step1']['choice']) to be valid, so
 *   calls to form_set_error('step1', $message) or
 *   form_set_error('step1][choice', $message) will prevent the submit handlers
 *   from running, and result in the error message being displayed to the user.
 *   However, calls to form_set_error('step2', $message) and
 *   form_set_error('step2][groupX][choiceY', $message) will be suppressed,
 *   resulting in the message not being displayed to the user, and the submit
 *   handlers will run despite $form_state['values']['step2'] and
 *   $form_state['values']['step2']['groupX']['choiceY'] containing invalid
 *   values. Errors for an invalid $form_state['values']['foo'] will be
 *   suppressed, but errors for invalid values for
 *   $form_state['values']['foo']['bar'] and everything within it will be
 *   recorded. If the button doesn't need any user input to be valid, then the
 *   #limit_validation_errors can be set to an empty array, in which case, all
 *   calls to form_set_error() will be suppressed.
 *   Partial form validation is implemented by suppressing errors rather than by
 *   skipping the input processing and validation steps entirely, because some
 *   forms have button-level submit handlers that call Drupal API functions that
 *   assume that certain data exists within $form_state['values'], and while not
 *   doing anything with that data that requires it to be valid, PHP errors
 *   would be triggered if the input processing and validation steps were fully
1107
 *   skipped. See http://drupal.org/node/370537.
1108
 *
1109
 * @return
1110
 *   Return value is for internal use only. To get a list of errors, use
1111
 *   form_get_errors() or form_get_error().
1112
 */
1113
function form_set_error($name = NULL, $message = '', $limit_validation_errors = NULL) {
1114
  $form = &drupal_static(__FUNCTION__, array());
1115 1116 1117 1118 1119
  $sections = &drupal_static(__FUNCTION__ . ':limit_validation_errors');
  if (isset($limit_validation_errors)) {
    $sections = $limit_validation_errors;
  }

1120
  if (isset($name) && !isset($form[$name])) {
1121 1122 1123 1124 1125 1126 1127 1128 1129 1130 1131 1132 1133 1134 1135 1136 1137 1138 1139 1140 1141 1142 1143 1144 1145 1146 1147
    $record = TRUE;
    if (isset($sections)) {
      // #limit_validation_errors is an array of "sections" within which user
      // input must be valid. If the element is within one of these sections,
      // the error must be recorded. Otherwise, it can be suppressed.
      // #limit_validation_errors can be an empty array, in which case all
      // errors are suppressed. For example, a "Previous" button might want its
      // submit action to be triggered even if none of the submitted values are
      // valid.
      $record = FALSE;
      foreach ($sections as $section) {
        // Exploding by '][' reconstructs the element's #parents. If the
        // reconstructed #parents begin with the same keys as the specified
        // section, then the element's values are within the part of
        // $form_state['values'] that the clicked button requires to be valid,
        // so errors for this element must be recorded.
        if (array_slice(explode('][', $name), 0, count($section)) === $section) {
          $record = TRUE;
          break;
        }
      }
    }
    if ($record) {
      $form[$name] = $message;
      if ($message) {
        drupal_set_message($message, 'error');
      }
1148
    }
1149
  }
1150

1151 1152 1153
  return $form;
}

1154 1155 1156 1157 1158 1159 1160
/**
 * Clear all errors against all form elements made by form_set_error().
 */
function form_clear_error() {
  drupal_static_reset('form_set_error');
}

1161 1162 1163 1164 1165 1166 1167 1168 1169 1170 1171 1172 1173 1174 1175 1176 1177 1178 1179 1180 1181 1182 1183 1184 1185
/**
 * Return an associative array of all errors.
 */
function form_get_errors() {
  $form = form_set_error();
  if (!empty($form)) {
    return $form;
  }
}

/**
 * Return the error message filed against the form with the specified name.
 */
function form_get_error($element) {
  $form = form_set_error();
  $key = $element['#parents'][0];
  if (isset($form[$key])) {
    return $form[$key];
  }
  $key = implode('][', $element['#parents']);
  if (isset($form[$key])) {
    return $form[$key];
  }
}

1186 1187 1188
/**
 * Flag an element as having an error.
 */
1189
function form_error(&$element, $message = '') {
1190
  form_set_error(implode('][', $element['#parents']), $message);
1191 1192 1193
}

/**
1194
 * Walk through the structured form array, adding any required
1195
 * properties to each element and mapping the incoming input
1196 1197
 * data to the proper elements. Also, execute any #process handlers
 * attached to a specific element.
1198 1199
 *
 * @param $form_id
1200 1201
 *   A unique string identifying the form for validation, submission,
 *   theming, and hook_form_alter functions.