form.inc 84 KB
Newer Older
1
<?php
2 3
// $Id$

4 5 6
/**
 * @defgroup form Form generation
 * @{
7
 * Functions to enable the processing and display of HTML forms.
8
 *
9 10 11 12 13 14 15
 * Drupal uses these functions to achieve consistency in its form processing and
 * presentation, while simplifying code and reducing the amount of HTML that
 * must be explicitly generated by modules.
 *
 * The drupal_get_form() function handles retrieving, processing, and
 * displaying a rendered HTML form for modules automatically. For example:
 *
16
 * @code
17
 * // Display the user registration form.
18
 * $output = drupal_get_form('user_register');
19
 * @endcode
20 21
 *
 * Forms can also be built and submitted programmatically without any user input
22
 * using the drupal_execute() function.
23 24
 *
 * For information on the format of the structured arrays used to define forms,
25
 * and more detailed explanations of the Form API workflow, see the
26 27
 * @link http://api.drupal.org/api/file/developer/topics/forms_api_reference.html reference @endlink
 * and the @link http://api.drupal.org/api/file/developer/topics/forms_api.html quickstart guide. @endlink
28 29 30
 */

/**
31 32 33
 * Retrieves a form from a constructor function, or from the cache if
 * the form was built in a previous page-load. The form is then passesed
 * on for processing, after and rendered for display if necessary.
34 35
 *
 * @param $form_id
36 37 38 39
 *   The unique string identifying the desired form. If a function
 *   with that name exists, it is called to build the form array.
 *   Modules that need to generate the same form (or very similar forms)
 *   using different $form_ids can implement hook_forms(), which maps
40
 *   different $form_id values to the proper form constructor function. Examples
41 42
 *   may be found in node_forms(), search_forms(), and user_forms().
 * @param ...
43 44 45 46
 *   Any additional arguments are passed on to the functions called by
 *   drupal_get_form(), including the unique form constructor function.
 *   For example, the node_edit form requires that a node object be passed
 *   in here when it is called.
47 48 49 50
 * @return
 *   The rendered form.
 */
function drupal_get_form($form_id) {
51 52 53 54 55 56 57 58 59 60
  $form_state = array('storage' => NULL, 'submitted' => FALSE);

  $args = func_get_args();

  if (isset($_SESSION['batch_form_state'])) {
    // We've been redirected here after a batch processing : the form has
    // already been processed, so we grab the post-process $form_state value
    // and move on to form display. See _batch_finished() function.
    $form_state = $_SESSION['batch_form_state'];
    unset($_SESSION['batch_form_state']);
61 62
  }
  else {
63 64 65 66 67 68
    // If the incoming $_POST contains a form_build_id, we'll check the
    // cache for a copy of the form in question. If it's there, we don't
    // have to rebuild the form to proceed. In addition, if there is stored
    // form_state data from a previous step, we'll retrieve it so it can
    // be passed on to the form processing code.
    if (isset($_POST['form_id']) && $_POST['form_id'] == $form_id && !empty($_POST['form_build_id'])) {
69
      $form = form_get_cache($_POST['form_build_id'], $form_state);
70 71
    }

72 73 74 75
    // If the previous bit of code didn't result in a populated $form
    // object, we're hitting the form for the first time and we need
    // to build it from scratch.
    if (!isset($form)) {
76
      $form_state['post'] = $_POST;
77 78 79 80 81
      // Use a copy of the function's arguments for manipulation
      $args_temp = $args;
      array_shift($args_temp);
      array_unshift($args_temp, $form_state);
      array_unshift($args_temp, $form_id);
82

83
      $form = call_user_func_array('drupal_retrieve_form', $args_temp);
84
      $form_build_id = 'form-'. md5(mt_rand());
85
      $form['#build_id'] = $form_build_id;
86 87
      drupal_prepare_form($form_id, $form, $form_state);
      if (!empty($form['#cache'])) {
88 89 90
        // By not sending the form state, we avoid storing the storage which
        // won't have been touched yet.
        form_set_cache($form_build_id, $form, NULL);
91
      }
92
      unset($form_state['post']);
93
    }
94
    $form['#post'] = $_POST;
95

96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118
    // Now that we know we have a form, we'll process it (validating,
    // submitting, and handling the results returned by its submission
    // handlers. Submit handlers accumulate data in the form_state by
    // altering the $form_state variable, which is passed into them by
    // reference.
    drupal_process_form($form_id, $form, $form_state);
  }

  // Most simple, single-step forms will be finished by this point --
  // drupal_process_form() usually redirects to another page (or to
  // a 'fresh' copy of the form) once processing is complete. If one
  // of the form's handlers has set $form_state['redirect'] to FALSE,
  // the form will simply be re-rendered with the values still in its
  // fields.
  //
  // If $form_state['storage'] or $form_state['rebuild'] have been
  // set by any submit or validate handlers, however, we know that
  // we're in a complex multi-part process of some sort and the form's
  // workflow is NOT complete. We need to construct a fresh copy of
  // the form, passing in the latest $form_state in addition to any
  // other variables passed into drupal_get_form().

  if (!empty($form_state['rebuild']) || !empty($form_state['storage'])) {
119 120 121
    array_shift($args);
    array_unshift($args, $form_state);
    array_unshift($args, $form_id);
122
    $form = call_user_func_array('drupal_retrieve_form', $args);
123

124
    // We need a new build_id for the new version of the form.
125
    $form_build_id = 'form-'. md5(mt_rand());
126 127 128 129 130 131
    $form['#build_id'] = $form_build_id;
    drupal_prepare_form($form_id, $form, $form_state);

    // Now, we cache the form structure so it can be retrieved later for
    // validation. If $form_state['storage'] is populated, we'll also cache
    // it so that it can be used to resume complex multi-step processes.
132
    form_set_cache($form_build_id, $form, $form_state);
133 134 135 136 137 138 139

    // Clear out all post data, as we don't want the previous step's
    // data to pollute this one and trigger validate/submit handling,
    // then process the form for rendering.
    $_POST = array();
    $form['#post'] = array();
    drupal_process_form($form_id, $form, $form_state);
140 141
  }

142 143 144 145
  // If we haven't redirected to a new location by now, we want to
  // render whatever form array is currently in hand.
  return drupal_render_form($form_id, $form);
}
146

147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171
/**
 * Fetch a form from cache.
 */
function form_get_cache($form_build_id, &$form_state) {
  if ($cached = cache_get('form_'. $form_build_id, 'cache_form')) {
    $form = $cached->data;
    if ($cached = cache_get('storage_'. $form_build_id, 'cache_form')) {
      $form_state['storage'] = $cached->data;
    }
    return $form;
  }
}

/**
 * Store a form in the cache
 */
function form_set_cache($form_build_id, $form, $form_state) {
  $expire = max(ini_get('session.cookie_lifetime'), 86400);

  cache_set('form_'. $form_build_id, $form, 'cache_form', $expire);
  if (!empty($form_state['storage'])) {
    cache_set('storage_'. $form_build_id, $form_state['storage'], 'cache_form', $expire);
  }
}

172
/**
173
 * Retrieves a form using a form_id, populates it with $form_state['values'],
174 175 176 177 178 179 180 181
 * processes it, and returns any validation errors encountered. This
 * function is the programmatic counterpart to drupal_get_form().
 *
 * @param $form_id
 *   The unique string identifying the desired form. If a function
 *   with that name exists, it is called to build the form array.
 *   Modules that need to generate the same form (or very similar forms)
 *   using different $form_ids can implement hook_forms(), which maps
182
 *   different $form_id values to the proper form constructor function. Examples
183
 *   may be found in node_forms(), search_forms(), and user_forms().
184 185 186 187 188
 * @param $form_state
 *   A keyed array containing the current state of the form. Most
 *   important is the $form_state['values'] collection, a tree of data
 *   used to simulate the incoming $_POST information from a user's
 *   form submission.
189
 * @param ...
190 191 192 193
 *   Any additional arguments are passed on to the functions called by
 *   drupal_execute(), including the unique form constructor function.
 *   For example, the node_edit form requires that a node object be passed
 *   in here when it is called.
194 195 196
 * For example:
 *
 * // register a new user
197 198 199 200
 * $form_state = array();
 * $form_state['values']['name'] = 'robo-user';
 * $form_state['values']['mail'] = 'robouser@example.com';
 * $form_state['values']['pass'] = 'password';
201
 * $form_state['values']['op'] = t('Create new account');
202
 * drupal_execute('user_register', $form_state);
203 204
 *
 * // Create a new node
205
 * $form_state = array();
206
 * $node = array('type' => 'story');
207 208 209
 * $form_state['values']['title'] = 'My node';
 * $form_state['values']['body'] = 'This is the body text!';
 * $form_state['values']['name'] = 'robo-user';
210
 * $form_state['values']['op'] = t('Save');
211
 * drupal_execute('story_node_form', $form_state, $node);
212
 */
213
function drupal_execute($form_id, &$form_state) {
214
  $args = func_get_args();
215 216 217 218
  $form = call_user_func_array('drupal_retrieve_form', $args);
  $form['#post'] = $form_state['values'];
  drupal_prepare_form($form_id, $form, $form_state);
  drupal_process_form($form_id, $form, $form_state);
219 220
}

221 222 223 224 225 226 227 228
/**
 * Retrieves the structured array that defines a given form.
 *
 * @param $form_id
 *   The unique string identifying the desired form. If a function
 *   with that name exists, it is called to build the form array.
 *   Modules that need to generate the same form (or very similar forms)
 *   using different $form_ids can implement hook_forms(), which maps
229
 *   different $form_id values to the proper form constructor function.
230 231
 * @param $form_state
 *   A keyed array containing the current state of the form.
232
 * @param ...
233 234 235 236 237 238
 *   Any additional arguments needed by the unique form constructor
 *   function. Generally, these are any arguments passed into the
 *   drupal_get_form() or drupal_execute() functions after the first
 *   argument. If a module implements hook_forms(), it can examine
 *   these additional arguments and conditionally return different
 *   builder functions as well.
239
 */
240
function drupal_retrieve_form($form_id, &$form_state) {
241 242
  static $forms;

243
  // We save two copies of the incoming arguments: one for modules to use
244 245 246
  // when mapping form ids to constructor functions, and another to pass to
  // the constructor function itself. We shift out the first argument -- the
  // $form_id itself -- from the list to pass into the constructor function,
247
  // since it's already known.
248
  $args = func_get_args();
249
  $saved_args = $args;
250
  array_shift($args);
251 252 253
  if (isset($form_state)) {
    array_shift($args);
  }
254 255 256

  // We first check to see if there's a function named after the $form_id.
  // If there is, we simply pass the arguments on to it to get the form.
257
  if (!function_exists($form_id)) {
258
    // In cases where many form_ids need to share a central constructor function,
259
    // such as the node editing form, modules can implement hook_forms(). It
260
    // maps one or more form_ids to the correct constructor functions.
261 262 263 264 265 266 267 268 269
    //
    // We cache the results of that hook to save time, but that only works
    // for modules that know all their form_ids in advance. (A module that
    // adds a small 'rate this comment' form to each comment in a list
    // would need a unique form_id for each one, for example.)
    //
    // So, we call the hook if $forms isn't yet populated, OR if it doesn't
    // yet have an entry for the requested form_id.
    if (!isset($forms) || !isset($forms[$form_id])) {
270
      $forms = module_invoke_all('forms', $form_id, $args);
271 272 273 274 275 276 277 278 279
    }
    $form_definition = $forms[$form_id];
    if (isset($form_definition['callback arguments'])) {
      $args = array_merge($form_definition['callback arguments'], $args);
    }
    if (isset($form_definition['callback'])) {
      $callback = $form_definition['callback'];
    }
  }
280 281 282

  array_unshift($args, $form_state);

283 284
  // If $callback was returned by a hook_forms() implementation, call it.
  // Otherwise, call the function named after the form id.
285 286 287 288 289 290
  $form = call_user_func_array(isset($callback) ? $callback : $form_id, $args);

  // We store the original function arguments, rather than the final $arg
  // value, so that form_alter functions can see what was originally
  // passed to drupal_retrieve_form(). This allows the contents of #parameters
  // to be saved and passed in at a later date to recreate the form.
291
  $form['#parameters'] = $saved_args;
292
  return $form;
293 294 295 296 297 298 299 300
}

/**
 * This function is the heart of form API. The form gets built, validated and in
 * appropriate cases, submitted.
 *
 * @param $form_id
 *   The unique string identifying the current form.
301 302
 * @param $form
 *   An associative array containing the structure of the form.
303 304
 * @param $form_state
 *   A keyed array containing the current state of the form. This
Dries's avatar
Dries committed
305
 *   includes the current persistent storage data for the form, and
306 307 308
 *   any data passed along by earlier steps when displaying a
 *   multi-step form. Additional information, like the sanitized $_POST
 *   data, is also accumulated here.
309
 */
310 311 312 313
function drupal_process_form($form_id, &$form, &$form_state) {
  $form_state['values'] = array();

  $form = form_builder($form_id, $form, $form_state);
314 315 316
  // Only process the form if it is programmed or the form_id coming
  // from the POST data is set and matches the current form_id.
  if ((!empty($form['#programmed'])) || (!empty($form['#post']) && (isset($form['#post']['form_id']) && ($form['#post']['form_id'] == $form_id)))) {
317 318
    drupal_validate_form($form_id, $form, $form_state);

319 320 321 322 323 324 325
    // form_clean_id() maintains a cache of element IDs it has seen,
    // so it can prevent duplicates. We want to be sure we reset that
    // cache when a form is processed, so scenerios that result in
    // the form being built behind the scenes and again for the
    // browser don't increment all the element IDs needlessly.
    form_clean_id(NULL, TRUE);

326 327 328 329 330 331 332
    if ((!empty($form_state['submitted'])) && !form_get_errors() && empty($form_state['rebuild'])) {
      $form_state['redirect'] = NULL;
      form_execute_handlers('submit', $form, $form_state);

      // We'll clear out the cached copies of the form and its stored data
      // here, as we've finished with them. The in-memory copies are still
      // here, though.
333
      if (variable_get('cache', CACHE_DISABLED) == CACHE_DISABLED && !empty($form_state['values']['form_build_id'])) {
334 335 336 337 338
        cache_clear_all('form_'. $form_state['values']['form_build_id'], 'cache_form');
        cache_clear_all('storage_'. $form_state['values']['form_build_id'], 'cache_form');
      }

      // If batches were set in the submit handlers, we process them now,
339 340 341 342
      // possibly ending execution. We make sure we do not react to the batch
      // that is already being processed (if a batch operation performs a
      // drupal_execute).
      if ($batch =& batch_get() && !isset($batch['current_set'])) {
343 344 345 346
        // The batch uses its own copies of $form and $form_state for
        // late execution of submit handers and post-batch redirection.
        $batch['form'] = $form;
        $batch['form_state'] = $form_state;
347 348
        $batch['progressive'] = !$form['#programmed'];
        batch_process();
349 350 351 352
        // Execution continues only for programmatic forms.
        // For 'regular' forms, we get redirected to the batch processing
        // page. Form redirection will be handled in _batch_finished(),
        // after the batch is processed.
353
      }
354 355 356 357 358 359 360 361 362 363

      // If no submit handlers have populated the $form_state['storage']
      // bundle, and the $form_state['rebuild'] flag has not been set,
      // we're finished and should redirect to a new destination page
      // if one has been set (and a fresh, unpopulated copy of the form
      // if one hasn't). If the form was called by drupal_execute(),
      // however, we'll skip this and let the calling function examine
      // the resulting $form_state bundle itself.
      if (!$form['#programmed'] && empty($form_state['rebuild']) && empty($form_state['storage'])) {
         drupal_redirect_form($form, $form_state['redirect']);
364
      }
365 366 367 368 369 370 371 372 373 374 375 376 377 378
    }
  }
}

/**
 * Prepares a structured form array by adding required elements,
 * executing any hook_form_alter functions, and optionally inserting
 * a validation token to prevent tampering.
 *
 * @param $form_id
 *   A unique string identifying the form for validation, submission,
 *   theming, and hook_form_alter functions.
 * @param $form
 *   An associative array containing the structure of the form.
379 380 381
 * @param $form_state
 *   A keyed array containing the current state of the form. Passed
 *   in here so that hook_form_alter() calls can use it, as well.
382
 */
383
function drupal_prepare_form($form_id, &$form, &$form_state) {
384 385
  global $user;

386
  $form['#type'] = 'form';
387
  $form['#programmed'] = isset($form['#post']);
388

389 390 391 392 393 394 395 396 397
  if (isset($form['#build_id'])) {
    $form['form_build_id'] = array(
      '#type' => 'hidden',
      '#value' => $form['#build_id'],
      '#id' => $form['#build_id'],
      '#name' => 'form_build_id',
    );
  }

398 399 400 401
  // Add a token, based on either #token or form_id, to any form displayed to
  // authenticated users. This ensures that any submitted form was actually
  // requested previously by the user and protects against cross site request
  // forgeries.
402
  if (isset($form['#token'])) {
403
    if ($form['#token'] === FALSE || $user->uid == 0 || $form['#programmed']) {
404
      unset($form['#token']);
405
    }
406
    else {
407
      $form['form_token'] = array('#type' => 'token', '#default_value' => drupal_get_token($form['#token']));
408
    }
409
  }
410
  else if (isset($user->uid) && $user->uid && !$form['#programmed']) {
411 412
    $form['#token'] = $form_id;
    $form['form_token'] = array(
413
      '#id' => form_clean_id('edit-'. $form_id .'-form-token'),
414 415 416 417 418
      '#type' => 'token',
      '#default_value' => drupal_get_token($form['#token']),
    );
  }

419
  if (isset($form_id)) {
420 421 422 423 424
    $form['form_id'] = array(
      '#type' => 'hidden',
      '#value' => $form_id,
      '#id' => form_clean_id("edit-$form_id"),
    );
425
  }
426
  if (!isset($form['#id'])) {
427
    $form['#id'] = form_clean_id($form_id);
428
  }
429

430
  $form += _element_info('form');
431

Dries's avatar
Dries committed
432 433
  if (!isset($form['#validate'])) {
    if (function_exists($form_id .'_validate')) {
434
      $form['#validate'] = array($form_id .'_validate');
Dries's avatar
Dries committed
435 436 437
    }
  }

438 439
  if (!isset($form['#submit'])) {
    if (function_exists($form_id .'_submit')) {
440
      // We set submit here so that it can be altered.
441
      $form['#submit'] = array($form_id .'_submit');
Dries's avatar
Dries committed
442 443 444
    }
  }

445
  drupal_alter('form_'. $form_id, $form, $form_state);
446
  drupal_alter('form', $form, $form_state, $form_id);
447 448
}

449 450

/**
451
 * Validates user-submitted form data from the $form_state using
452 453 454 455 456 457 458
 * the validate functions defined in a structured form array.
 *
 * @param $form_id
 *   A unique string identifying the form for validation, submission,
 *   theming, and hook_form_alter functions.
 * @param $form
 *   An associative array containing the structure of the form.
459 460 461 462 463 464 465 466 467 468
 * @param $form_state
 *   A keyed array containing the current state of the form. The current
 *   user-submitted data is stored in $form_state['values'], though
 *   form validation functions are passed an explicit copy of the
 *   values for the sake of simplicity. Validation handlers can also
 *   $form_state to pass information on to submit handlers. For example:
 *     $form_state['data_for_submision'] = $data;
 *   This technique is useful when validation requires file parsing,
 *   web service requests, or other expensive requests that should
 *   not be repeated in the submission step.
469
 */
470
function drupal_validate_form($form_id, $form, &$form_state) {
471 472 473 474 475
  static $validated_forms = array();

  if (isset($validated_forms[$form_id])) {
    return;
  }
476

477
  // If the session token was set by drupal_prepare_form(), ensure that it
478
  // matches the current user's session.
479
  if (isset($form['#token'])) {
480
    if (!drupal_valid_token($form_state['values']['form_token'], $form['#token'])) {
481
      // Setting this error will cause the form to fail validation.
482
      form_set_error('form_token', t('Validation error, please try again. If this error persists, please contact the site administrator.'));
483 484 485
    }
  }

486
  _form_validate($form, $form_state, $form_id);
487
  $validated_forms[$form_id] = TRUE;
488 489
}

490 491 492 493 494 495 496 497 498 499 500 501
/**
 * Renders a structured form array into themed HTML.
 *
 * @param $form_id
 *   A unique string identifying the form for validation, submission,
 *   theming, and hook_form_alter functions.
 * @param $form
 *   An associative array containing the structure of the form.
 * @return
 *   A string containing the path of the page to display when processing
 *   is complete.
 */
502
function drupal_render_form($form_id, &$form) {
503 504
  // Don't override #theme if someone already set it.
  if (!isset($form['#theme'])) {
505 506 507
    init_theme();
    $registry = theme_get_registry();
    if (isset($registry[$form_id])) {
508 509 510 511
      $form['#theme'] = $form_id;
    }
  }

512
  $output = drupal_render($form);
513 514 515 516 517 518 519 520 521
  return $output;
}

/**
 * Redirect the user to a URL after a form has been processed.
 *
 * @param $form
 *   An associative array containing the structure of the form.
 * @param $redirect
522
 *   An optional value containing the destination path to redirect
523 524 525
 *   to if none is specified by the form.
 */
function drupal_redirect_form($form, $redirect = NULL) {
526
  $goto = NULL;
527 528 529
  if (isset($redirect)) {
    $goto = $redirect;
  }
530
  if ($goto !== FALSE && isset($form['#redirect'])) {
531 532
    $goto = $form['#redirect'];
  }
533 534 535 536 537 538 539 540 541 542 543
  if (!isset($goto) || ($goto !== FALSE)) {
    if (isset($goto)) {
      if (is_array($goto)) {
        call_user_func_array('drupal_goto', $goto);
      }
      else {
        drupal_goto($goto);
      }
    }
    drupal_goto($_GET['q']);
  }
544 545
}

546 547 548 549 550 551 552
/**
 * Performs validation on form elements. First ensures required fields are
 * completed, #maxlength is not exceeded, and selected options were in the
 * list of options given to the user. Then calls user-defined validators.
 *
 * @param $elements
 *   An associative array containing the structure of the form.
553 554 555 556 557 558 559 560 561 562
 * @param $form_state
 *   A keyed array containing the current state of the form. The current
 *   user-submitted data is stored in $form_state['values'], though
 *   form validation functions are passed an explicit copy of the
 *   values for the sake of simplicity. Validation handlers can also
 *   $form_state to pass information on to submit handlers. For example:
 *     $form_state['data_for_submision'] = $data;
 *   This technique is useful when validation requires file parsing,
 *   web service requests, or other expensive requests that should
 *   not be repeated in the submission step.
563 564 565 566
 * @param $form_id
 *   A unique string identifying the form for validation, submission,
 *   theming, and hook_form_alter functions.
 */
567
function _form_validate($elements, &$form_state, $form_id = NULL) {
568 569
  // Also used in the installer, pre-database setup.
  $t = get_t();
570

571 572 573
  // Recurse through all children.
  foreach (element_children($elements) as $key) {
    if (isset($elements[$key]) && $elements[$key]) {
574
      _form_validate($elements[$key], $form_state);
575 576
    }
  }
577
  /* Validate the current input */
578
  if (!isset($elements['#validated']) || !$elements['#validated']) {
579
    if (isset($elements['#needs_validation'])) {
580 581 582 583
      // An empty textfield returns '' so we use empty(). An empty checkbox
      // and a textfield could return '0' and empty('0') returns TRUE so we
      // need a special check for the '0' string.
      if ($elements['#required'] && empty($elements['#value']) && $elements['#value'] !== '0') {
584
        form_error($elements, $t('!name field is required.', array('!name' => $elements['#title'])));
585
      }
586

587 588
      // Verify that the value is not longer than #maxlength.
      if (isset($elements['#maxlength']) && drupal_strlen($elements['#value']) > $elements['#maxlength']) {
589
        form_error($elements, $t('!name cannot be longer than %max characters but is currently %length characters long.', array('!name' => empty($elements['#title']) ? $elements['#parents'][0] : $elements['#title'], '%max' => $elements['#maxlength'], '%length' => drupal_strlen($elements['#value']))));
590 591
      }

592
      if (isset($elements['#options']) && isset($elements['#value'])) {
593 594 595 596 597 598 599 600 601 602
        if ($elements['#type'] == 'select') {
          $options = form_options_flatten($elements['#options']);
        }
        else {
          $options = $elements['#options'];
        }
        if (is_array($elements['#value'])) {
          $value = $elements['#type'] == 'checkboxes' ? array_keys(array_filter($elements['#value'])) : $elements['#value'];
          foreach ($value as $v) {
            if (!isset($options[$v])) {
603
              form_error($elements, $t('An illegal choice has been detected. Please contact the site administrator.'));
604
              watchdog('form', 'Illegal choice %choice in !name element.', array('%choice' => $v, '!name' => empty($elements['#title']) ? $elements['#parents'][0] : $elements['#title']), WATCHDOG_ERROR);
605
            }
606 607
          }
        }
608
        elseif (!isset($options[$elements['#value']])) {
609
          form_error($elements, $t('An illegal choice has been detected. Please contact the site administrator.'));
610
          watchdog('form', 'Illegal choice %choice in %name element.', array('%choice' => $elements['#value'], '%name' => empty($elements['#title']) ? $elements['#parents'][0] : $elements['#title']), WATCHDOG_ERROR);
611
        }
612 613 614
      }
    }

615 616 617 618 619 620 621 622
    // Call user-defined form level validators.
    if (isset($form_id)) {
      form_execute_handlers('validate', $elements, $form_state);
    }
    // Call any element-specific validators. These must act on the element
    // #value data.
    elseif (isset($elements['#element_validate'])) {
      foreach ($elements['#element_validate'] as $function) {
623
        if (function_exists($function))  {
624
          $function($elements, $form_state);
625 626 627
        }
      }
    }
628
    $elements['#validated'] = TRUE;
629 630 631
  }
}

632 633 634 635 636 637 638 639 640 641 642 643 644 645 646 647 648 649 650 651 652 653 654 655 656 657 658 659 660 661 662 663 664
/**
 * A helper function used to execute custom validation and submission
 * handlers for a given form. Button-specific handlers are checked
 * first. If none exist, the function falls back to form-level handlers.
 *
 * @param $type
 *   The type of handler to execute. 'validate' or 'submit' are the
 *   defaults used by Form API.
 * @param $form
 *   An associative array containing the structure of the form.
 * @param $form_state
 *   A keyed array containing the current state of the form. If the user
 *   submitted the form by clicking a button with custom handler functions
 *   defined, those handlers will be stored here.
 */
function form_execute_handlers($type, &$form, &$form_state) {
  $return = FALSE;
  if (isset($form_state[$type .'_handlers'])) {
    $handlers = $form_state[$type .'_handlers'];
  }
  elseif (isset($form['#'. $type])) {
    $handlers = $form['#'. $type];
  }
  else {
    $handlers = array();
  }

  foreach ($handlers as $function) {
    if (function_exists($function))  {
      if ($type == 'submit' && ($batch =& batch_get())) {
        // Some previous _submit handler has set a batch. We store the call
        // in a special 'control' batch set, for execution at the correct
        // time during the batch processing workflow.
665
        $batch['sets'][] = array('form_submit' => $function);
666 667
      }
      else {
668
        $function($form, $form_state);
669 670 671 672 673 674 675
      }
      $return = TRUE;
    }
  }
  return $return;
}

676 677 678 679 680
/**
 * File an error against a form element. If the name of the element is
 * edit[foo][bar] then you may pass either foo or foo][bar as $name
 * foo will set an error for all its children.
 */
681
function form_set_error($name = NULL, $message = '') {
682 683 684
  static $form = array();
  if (isset($name) && !isset($form[$name])) {
    $form[$name] = $message;
685 686 687
    if ($message) {
      drupal_set_message($message, 'error');
    }
688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 703 704 705 706 707 708 709 710 711 712 713 714 715 716
  }
  return $form;
}

/**
 * Return an associative array of all errors.
 */
function form_get_errors() {
  $form = form_set_error();
  if (!empty($form)) {
    return $form;
  }
}

/**
 * Return the error message filed against the form with the specified name.
 */
function form_get_error($element) {
  $form = form_set_error();
  $key = $element['#parents'][0];
  if (isset($form[$key])) {
    return $form[$key];
  }
  $key = implode('][', $element['#parents']);
  if (isset($form[$key])) {
    return $form[$key];
  }
}

717 718 719
/**
 * Flag an element as having an error.
 */
720
function form_error(&$element, $message = '') {
721
  form_set_error(implode('][', $element['#parents']), $message);
722 723 724
}

/**
725 726 727
 * Walk through the structured form array, adding any required
 * properties to each element and mapping the incoming $_POST
 * data to the proper elements.
728 729
 *
 * @param $form_id
730 731
 *   A unique string identifying the form for validation, submission,
 *   theming, and hook_form_alter functions.
732 733
 * @param $form
 *   An associative array containing the structure of the form.
734 735 736 737 738
 * @param $form_state
 *   A keyed array containing the current state of the form. In this
 *   context, it is used to accumulate information about which button
 *   was clicked when the form was submitted, as well as the sanitized
 *   $_POST data.
739
 */
740
function form_builder($form_id, $form, &$form_state) {
741 742
  static $complete_form;

743 744 745
  // Initialize as unprocessed.
  $form['#processed'] = FALSE;

746
  /* Use element defaults */
747
  if ((!empty($form['#type'])) && ($info = _element_info($form['#type']))) {
748
    // Overlay $info onto $form, retaining preexisting keys in $form.
749 750 751
    $form += $info;
  }

752 753 754 755 756
  if (isset($form['#type']) && $form['#type'] == 'form') {
    $complete_form = $form;
    if (!empty($form['#programmed'])) {
      $form_state['submitted'] = TRUE;
    }
757 758
  }

759
  if (isset($form['#input']) && $form['#input']) {
760
    _form_builder_handle_input_element($form_id, $form, $form_state, $complete_form);
761
  }
762
  $form['#defaults_loaded'] = TRUE;
763

764 765 766
  // We start off assuming all form elements are in the correct order.
  $form['#sorted'] = TRUE;

767
  // Recurse through all child elements.
768
  $count = 0;
769
  foreach (element_children($form) as $key) {
770 771
    $form[$key]['#post'] = $form['#post'];
    $form[$key]['#programmed'] = $form['#programmed'];
772
    // Don't squash an existing tree value.
773 774 775
    if (!isset($form[$key]['#tree'])) {
      $form[$key]['#tree'] = $form['#tree'];
    }
776

777
    // Deny access to child elements if parent is denied.
778 779 780 781
    if (isset($form['#access']) && !$form['#access']) {
      $form[$key]['#access'] = FALSE;
    }

782
    // Don't squash existing parents value.
783
    if (!isset($form[$key]['#parents'])) {
784 785
      // Check to see if a tree of child elements is present. If so,
      // continue down the tree if required.
786
      $form[$key]['#parents'] = $form[$key]['#tree'] && $form['#tree'] ? array_merge($form['#parents'], array($key)) : array($key);
787 788
    }

789
    // Assign a decimal placeholder weight to preserve original array order.
790 791 792
    if (!isset($form[$key]['#weight'])) {
      $form[$key]['#weight'] = $count/1000;
    }
793
    else {
794 795
      // If one of the child elements has a weight then we will need to sort
      // later.
796 797
      unset($form['#sorted']);
    }
798
    $form[$key] = form_builder($form_id, $form[$key], $form_state);
799 800 801
    $count++;
  }

802 803
  // The #after_build flag allows any piece of a form to be altered
  // after normal input parsing has been completed.
804 805
  if (isset($form['#after_build']) && !isset($form['#after_build_done'])) {
    foreach ($form['#after_build'] as $function) {
806
      $form = $function($form, $form_state);
807 808 809 810 811
      $form['#after_build_done'] = TRUE;
    }
  }

  // Now that we've processed everything, we can go back to handle the funky
Dries's avatar
Dries committed
812
  // Internet Explorer button-click scenario.
813 814
  _form_builder_ie_cleanup($form, $form_state);

815 816 817
  // After handling the special IE case, we no longer need the buttons collection.
  unset($form_state['buttons']);

818 819 820 821 822 823 824 825
  return $form;
}

/**
 * Populate the #value and #name properties of input elements so they
 * can be processed and rendered. Also, execute any #process handlers
 * attached to a specific element.
 */
826
function _form_builder_handle_input_element($form_id, &$form, &$form_state, $complete_form) {
827 828 829 830 831 832 833 834 835 836 837 838 839 840 841 842 843 844
  if (!isset($form['#name'])) {
    $name = array_shift($form['#parents']);
    $form['#name'] = $name;
    if ($form['#type'] == 'file') {
      // To make it easier to handle $_FILES in file.inc, we place all
      // file fields in the 'files' array. Also, we do not support
      // nested file names.
      $form['#name'] = 'files['. $form['#name'] .']';
    }
    elseif (count($form['#parents'])) {
      $form['#name'] .= '['. implode('][', $form['#parents']) .']';
    }
    array_unshift($form['#parents'], $name);
  }
  if (!isset($form['#id'])) {
    $form['#id'] = form_clean_id('edit-'. implode('-', $form['#parents']));
  }

845
  unset($edit);
846 847 848 849 850
  if (!empty($form['#disabled'])) {
    $form['#attributes']['disabled'] = 'disabled';
  }

  if (!isset($form['#value']) && !array_key_exists('#value', $form)) {
851
    $function = !empty($form['#value_callback']) ? $form['#value_callback'] : 'form_type_'. $form['#type'] .'_value';
852 853 854 855 856 857
    if (($form['#programmed']) || ((!isset($form['#access']) || $form['#access']) && isset($form['#post']) && (isset($form['#post']['form_id']) && $form['#post']['form_id'] == $form_id))) {
      $edit = $form['#post'];
      foreach ($form['#parents'] as $parent) {
        $edit = isset($edit[$parent]) ? $edit[$parent] : NULL;
      }
      if (!$form['#programmed'] || isset($edit)) {
858 859 860
        // Call #type_value to set the form value;
        if (function_exists($function)) {
          $form['#value'] = $function($form, $edit);
861
        }
862 863
        if (!isset($form['#value']) && isset($edit)) {
          $form['#value'] = $edit;
864 865
        }
      }
866 867 868 869
      // Mark all posted values for validation.
      if (isset($form['#value']) || (isset($form['#required']) && $form['#required'])) {
        $form['#needs_validation'] = TRUE;
      }
870
    }
871
    // Load defaults.
872
    if (!isset($form['#value'])) {
873
      // Call #type_value without a second argument to request default_value handling.
874
      if (function_exists($function)) {
875
        $form['#value'] = $function($form);
876
      }
877
      // Final catch. If we haven't set a value yet, use the explicit default value.
878
      if (!isset($form['#value'])) {
879
        $form['#value'] = isset($form['#default_value']) ? $form['#default_value'] : '';
880 881
      }
    }
882
  }
883

884 885 886 887 888 889 890 891 892 893
  // Determine which button (if any) was clicked to submit the form.
  // We compare the incoming values with the buttons defined in the form,
  // and flag the one that matches. We have to do some funky tricks to
  // deal with Internet Explorer's handling of single-button forms, though.
  if (!empty($form['#post']) && isset($form['#executes_submit_callback'])) {
    // First, accumulate a collection of buttons, divided into two bins:
    // those that execute full submit callbacks and those that only validate.
    $button_type = $form['#executes_submit_callback'] ? 'submit' : 'button';
    $form_state['buttons'][$button_type][] = $form;

894
    if (_form_button_was_clicked($form)) {
895 896 897 898 899 900
      $form_state['submitted'] = $form_state['submitted'] || $form['#executes_submit_callback'];

      // In most cases, we want to use form_set_value() to manipulate
      // the global variables. In this special case, we want to make sure that
      // the value of this element is listed in $form_variables under 'op'.
      $form_state['values'][$form['#name']] = $form['#value'];
901
      $form_state['clicked_button'] = $form;
902 903 904 905 906 907 908 909 910 911 912 913 914 915

      if (isset($form['#validate'])) {
        $form_state['validate_handlers'] = $form['#validate'];
      }
      if (isset($form['#submit'])) {
        $form_state['submit_handlers'] = $form['#submit'];
      }
    }
  }
  // Allow for elements to expand to multiple elements, e.g., radios,
  // checkboxes and files.
  if (isset($form['#process']) && !$form['#processed']) {
    foreach ($form['#process'] as $process) {
      if (function_exists($process)) {
916
        $args = array_merge(array($form), array(isset($edit) ? $edit : NULL), array($form_state), array($complete_form));
917 918 919 920 921 922 923 924
        $form = call_user_func_array($process, $args);
      }
    }
    $form['#processed'] = TRUE;
  }
  form_set_value($form, $form['#value'], $form_state);
}

925 926 927 928 929 930 931 932 933 934 935 936 937 938 939 940 941 942 943 944 945 946 947 948 949 950 951 952 953 954 955 956 957 958 959 960 961 962 963 964 965 966 967 968 969 970 971 972 973 974 975 976 977 978 979 980 981 982
/**
 * Helper function to handle the sometimes-convoluted logic of button
 * click detection.
 *
 * In Internet Explorer, if ONLY one submit button is present, AND the
 * enter key is used to submit the form, no form value is sent for it
 * and we'll never detect a match. That special case is handled by
 * _form_builder_ie_cleanup().
 */
function _form_button_was_clicked($form) {
  // First detect normal 'vanilla' button clicks. Traditionally, all
  // standard buttons on a form share the same name (usually 'op'),
  // and the specific return value is used to determine which was
  // clicked. This ONLY works as long as $form['#name'] puts the
  // value at the top level of the tree of $_POST data.
  if (isset($form['#post'][$form['#name']]) && $form['#post'][$form['#name']] == $form['#value']) {
    return TRUE;
  }
  // When image buttons are clicked, browsers do NOT pass the form element
  // value in $_POST. Instead they pass an integer representing the
  // coordinates of the click on the button image. This means that image
  // buttons MUST have unique $form['#name'] values, but the details of
  // their $_POST data should be ignored.
  elseif (!empty($form['#has_garbage_value']) && isset($form['#value']) && $form['#value'] !== '') {
    return TRUE;
  }
  return FALSE;
}

/**
 * In IE, if only one submit button is present, AND the enter key is
 * used to submit the form, no form value is sent for it and our normal
 * button detection code will never detect a match. We call this
 * function after all other button-detection is complete to check
 * for the proper conditions, and treat the single button on the form
 * as 'clicked' if they are met.
 */
function _form_builder_ie_cleanup($form, &$form_state) {
  // Quick check to make sure we're always looking at the full form
  // and not a sub-element.
  if (!empty($form['#type']) && $form['#type'] == 'form') {
    // If we haven't recognized a submission yet, and there's a single
    // submit button, we know that we've hit the right conditions. Grab
    // the first one and treat it as the clicked button.
    if (empty($form_state['submitted']) && !empty($form_state['buttons']['submit']) && empty($form_state['buttons']['button'])) {
      $button = $form_state['buttons']['submit'][0];

      // Set up all the $form_state information that would have been
      // populated had the button been recognized earlier.
      $form_state['submitted'] = TRUE;
      $form_state['submit_handlers'] = empty($button['#submit']) ? NULL : $button['#submit'];
      $form_state['validate_handlers'] = empty($button['#validate']) ? NULL : $button['#validate'];
      $form_state['values'][$button['#name']] = $button['#value'];
      $form_state['clicked_button'] = $button;
    }
  }
}

983 984 985 986 987 988 989 990 991 992 993 994 995 996 997 998 999 1000 1001 1002 1003 1004 1005 1006 1007 1008 1009 1010 1011 1012 1013 1014 1015 1016 1017 1018 1019 1020 1021 1022 1023 1024 1025 1026 1027
/**
 * Helper function to determine the value for an image button form element.
 *
 * @param $form
 *   The form element whose value is being populated.
 * @param $edit
 *   The incoming POST data to populate the form element. If this is FALSE,
 *   the element's default value should be returned.
 * @return
 *   The data that will appear in the $form_state['values'] collection
 *   for this element. Return nothing to use the default.
 */
function form_type_image_button_value($form, $edit = FALSE) {
  if ($edit !== FALSE) {
    if (!empty($edit)) {
      // If we're dealing with Mozilla or Opera, we're lucky. It will
      // return a proper value, and we can get on with things.
      return $form['#return_value'];
    }
    else {
      // Unfortunately, in IE we never get back a proper value for THIS
      // form element. Instead, we get back two split values: one for the
      // X and one for the Y coordinates on which the user clicked the
      // button. We'll find this element in the #post data, and search
      // in the same spot for its name, with '_x'.
      $post = $form['#post'];
      foreach (split('\[', $form['#name']) as $element_name) {
        // chop off the ] that may exist.
        if (substr($element_name, -1) == ']') {
          $element_name = substr($element_name, 0, -1);
        }

        if (!isset($post[$element_name])) {
          if (isset($post[$element_name .'_x'])) {
            return $form['#return_value'];
          }
          return NULL;
        }
        $post = $array[$element_name];
      }
      return $form['#return_value'];
    }
  }
}

1028 1029 1030 1031
/**
 * Helper function to determine the value for a checkbox form element.
 *
 * @param $form
1032
 *   The form element whose value is being populated.
1033
 * @param $edit
1034 1035
 *   The incoming POST data to populate the form element. If this is FALSE,
 *   the element's default value should be returned.
1036
 * @return
1037 1038
 *   The data that will appear in the $form_state['values'] collection
 *   for this element. Return nothing to use the default.
1039
 */
1040 1041
function form_type_checkbox_value($form, $edit = FALSE) {
  if ($edit !== FALSE) {
1042 1043 1044 1045 1046 1047 1048 1049
    return !empty($edit) ? $form['#return_value'] : 0;
  }
}

/**
 * Helper function to determine the value for a checkboxes form element.
 *
 * @param $form
1050
 *   The form element whose value is being populated.
1051
 * @param $edit
1052 1053
 *   The incoming POST data to populate the form element. If this is FALSE,
 *   the element's default value should be returned.
1054
 * @return
1055 1056
 *   The data that will appear in the $form_state['values'] collection
 *   for this element. Return nothing to use the default.
1057
 */
1058
function form_type_checkboxes_value($form, $edit = FALSE) {
1059
  if ($edit === FALSE) {
1060 1061 1062 1063 1064 1065 1066
    $value = array();
    $form += array('#default_value' => array());
    foreach ($form['#default_value'] as $key) {
      $value[$key] = 1;
    }
    return $value;
  }
1067 1068 1069
  elseif (!isset($edit)) {
    return array();
  }
1070 1071 1072 1073 1074 1075 1076
}

/**
 * Helper function to determine the value for a password_confirm form
 * element.
 *
 * @param $form
1077
 *   The form element whose value is being populated.
1078
 * @param $edit
1079 1080
 *   The incoming POST data to populate the form element. If this is FALSE,
 *   the element's default value should be returned.
1081
 * @return
1082 1083
 *   The data that will appear in the $form_state['values'] collection
 *   for this element. Return nothing to use the default.
1084
 */
1085 1086
function form_type_password_confirm_value($form, $edit = FALSE) {
  if ($edit === FALSE) {
1087 1088 1089 1090 1091 1092 1093 1094 1095
    $form += array('#default_value' => array());
    return $form['#default_value'] + array('pass1' => '', 'pass2' => '');
  }
}

/**
 * Helper function to determine the value for a select form element.
 *
 * @param $form
1096
 *   The form element whose value is being populated.
1097
 * @param $edit
1098 1099
 *   The incoming POST data to populate the form element. If this is FALSE,
 *   the element's default value should be returned.
1100
 * @return
1101 1102
 *   The data that will appear in the $form_state['values'] collection
 *   for this element. Return nothing to use the default.
1103
 */
1104 1105
function form_type_select_value($form, $edit = FALSE) {
  if ($edit !== FALSE) {
1106 1107 1108 1109 1110 1111 1112 1113 1114 1115 1116 1117 1118
    if (isset($form['#multiple']) && $form['#multiple']) {
      return (is_array($edit)) ? drupal_map_assoc($edit) : array();
    }
    else {
      return $edit;
    }
  }
}

/**
 * Helper function to determine the value for a textfield form element.
 *
 * @param $form
1119
 *   The form element whose value is being populated.
1120
 * @param $edit
1121 1122
 *   The incoming POST data to populate the form element. If this is FALSE,
 *   the element's default value should be returned.
1123
 * @return
1124 1125
 *   The data that will appear in the $form_state['values'] collection
 *   for this element. Return nothing to use the default.
1126
 */
1127 1128
function form_type_textfield_value($form, $edit = FALSE) {
  if ($edit !== FALSE) {
1129 1130 1131 1132 1133 1134 1135 1136 1137 1138
    // Equate $edit to the form value to ensure it's marked for
    // validation.
    return str_replace(array("\r", "\n"), '', $edit);
  }
}

/**
 * Helper function to determine the value for form's token value.
 *
 * @param $form
1139
 *   The form element whose value is being populated.
1140
 * @param $edit
1141 1142
 *   The incoming POST data to populate the form element. If this is FALSE,
 *   the element's default value should be returned.
1143
 * @return
1144 1145
 *   The data that will appear in the $form_state['values'] collection
 *   for this element. Return nothing to use the default.
1146
 */
1147 1148
function form_type_token_value($form, $edit = FALSE) {
  if ($edit !== FALSE) {
1149 1150 1151 1152
    return (string)$edit;
  }
}

1153
/**
Dries's avatar
Dries committed
1154
 * Use this function to make changes to form values in the form validate
1155
 * phase, so they will be available in the submit phase in $form_state.
1156 1157 1158
 *
 * Specifically, if $form['#parents'] is array('foo', 'bar')
 * and $value is 'baz' then this function will make
1159
 * $form_state['values']['foo']['bar'] to be 'baz'.
1160 1161 1162 1163 1164 1165
 *
 * @param $form
 *   The form item. Keys used: #parents, #value
 * @param $value
 *   The value for the form item.
 */
1166 1167
function form_set_value($form, $value, &$form_state) {
  _form_set_value($form_state['values'], $form, $form['#parents'], $value);
1168 1169 1170 1171 1172
}

/**
 * Helper function for form_set_value().
 *
1173
 * We iterate over $parents and create nested arrays for them
1174
 * in $form_state['values'] if needed. Then we insert the value into
1175 1176 1177 1178 1179 1180 1181 1182 1183 1184 1185 1186 1187 1188 1189
 * the right array.
 */
function _form_set_value(&$form_values, $form, $parents, $value) {
  $parent = array_shift($parents);
  if (empty($parents)) {
    $form_values[$parent] = $value;
  }
  else {
    if (!isset($form_values[$parent])) {
      $form_values[$parent] = array();
    }
    _form_set_value($form_values[$parent], $form, $parents, $value);
  }
}

1190 1191 1192
/**
 * Retrieve the default properties for the defined element type.
 */
1193
function _element_info($type, $refresh = NULL) {
1194
  static $cache;
1195

1196
  $basic_defaults = array(
1197 1198 1199
    '#description' => NULL,
    '#attributes' => array(),
    '#required' => FALSE,
1200
    '#tree' => FALSE,
1201
    '#parents' => array()
1202
  );
1203
  if (!isset($cache) || $refresh) {
1204 1205 1206
    $cache = array();
    foreach (module_implements('elements') as $module) {
      $elements = module_invoke($module, 'elements');
1207
      if (isset($elements) && is_array($elements)) {
1208
        $cache = array_merge_recursive($cache, $elements);
1209 1210 1211 1212
      }
    }
    if (sizeof($cache)) {
      foreach ($cache as $element_type => $info) {
1213
        $cache[$element_type] = array_merge_recursive($basic_defaults, $info);
1214 1215 1216 1217 1218 1219 1220
      }
    }
  }

  return $cache[$type];
}

1221 1222 1223 1224 1225 1226 1227 1228
function form_options_flatten($array, $reset = TRUE) {
  static $return;

  if ($reset) {
    $return = array();
  }

  foreach ($array as $key => $value) {
1229 1230 1231 1232
    if (is_object($value)) {
      form_options_flatten($value->option, FALSE);
    }
    else if (is_array($value)) {
1233 1234 1235 1236 1237 1238 1239 1240 1241 1242
      form_options_flatten($value, FALSE);
    }
    else {
      $return[$key] = 1;
    }
  }

  return $return;
}

1243 1244 1245 1246 1247
/**
 * Format a dropdown menu or scrolling selection box.
 *
 * @param $element
 *   An associative array containing the properties of the element.
1248
 *   Properties used: title, value, options, description, extra, multiple, required
1249 1250 1251 1252 1253 1254 1255 1256 1257
 * @return
 *   A themed HTML string representing the form element.
 *
 * It is possible to group options together; to do this, change the format of
 * $options to an associative array in which the keys are group labels, and the
 * values are associative arrays in the normal $options format.
 */
function theme_select($element) {
  $select = '';
1258
  $size = $element['#size'] ? ' size="'. $element['#size'] .'"' : '';
1259
  _form_set_class($element, array('form-select'));
1260
  $multiple = $element['#multiple'];