4 * HTML form generation and submission handling.
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License along
17 * with this program; if not, write to the Free Software Foundation, Inc.,
18 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
19 * http://www.gnu.org/copyleft/gpl.html
25 * Object handling generic submission, CSRF protection, layout and
26 * other logic for UI forms. in a reusable manner.
28 * In order to generate the form, the HTMLForm object takes an array
29 * structure detailing the form fields available. Each element of the
30 * array is a basic property-list, including the type of field, the
31 * label it is to be given in the form, callbacks for validation and
32 * 'filtering', and other pertinent information.
34 * Field types are implemented as subclasses of the generic HTMLFormField
35 * object, and typically implement at least getInputHTML, which generates
36 * the HTML for the input field to be placed in the table.
38 * You can find extensive documentation on the www.mediawiki.org wiki:
39 * - https://www.mediawiki.org/wiki/HTMLForm
40 * - https://www.mediawiki.org/wiki/HTMLForm/tutorial
42 * The constructor input is an associative array of $fieldname => $info,
43 * where $info is an Associative Array with any of the following:
45 * 'class' -- the subclass of HTMLFormField that will be used
46 * to create the object. *NOT* the CSS class!
47 * 'type' -- roughly translates into the <select> type attribute.
48 * if 'class' is not specified, this is used as a map
49 * through HTMLForm::$typeMappings to get the class name.
50 * 'default' -- default value when the form is displayed
51 * 'id' -- HTML id attribute
52 * 'cssclass' -- CSS class
53 * 'csshelpclass' -- CSS class used to style help text
54 * 'dir' -- Direction of the element.
55 * 'options' -- associative array mapping labels to values.
56 * Some field types support multi-level arrays.
57 * 'options-messages' -- associative array mapping message keys to values.
58 * Some field types support multi-level arrays.
59 * 'options-message' -- message key or object to be parsed to extract the list of
60 * options (like 'ipbreason-dropdown').
61 * 'label-message' -- message key or object for a message to use as the label.
62 * can be an array of msg key and then parameters to
64 * 'label' -- alternatively, a raw text message. Overridden by
66 * 'help' -- message text for a message to use as a help text.
67 * 'help-message' -- message key or object for a message to use as a help text.
68 * can be an array of msg key and then parameters to
70 * Overwrites 'help-messages' and 'help'.
71 * 'help-messages' -- array of message keys/objects. As above, each item can
72 * be an array of msg key and then parameters.
74 * 'notice' -- message text for a message to use as a notice in the field.
75 * Currently used by OOUI form fields only.
76 * 'notice-messages' -- array of message keys/objects to use for notice.
78 * 'notice-message' -- message key or object to use as a notice.
79 * 'required' -- passed through to the object, indicating that it
80 * is a required field.
81 * 'size' -- the length of text fields
82 * 'filter-callback' -- a function name to give you the chance to
83 * massage the inputted value before it's processed.
84 * @see HTMLFormField::filter()
85 * 'validation-callback' -- a function name to give you the chance
86 * to impose extra validation on the field input.
87 * @see HTMLFormField::validate()
88 * 'name' -- By default, the 'name' attribute of the input field
89 * is "wp{$fieldname}". If you want a different name
90 * (eg one without the "wp" prefix), specify it here and
91 * it will be used without modification.
92 * 'hide-if' -- expression given as an array stating when the field
93 * should be hidden. The first array value has to be the
94 * expression's logic operator. Supported expressions:
96 * [ 'NOT', array $expression ]
97 * To hide a field if a given expression is not true.
99 * [ '===', string $fieldName, string $value ]
100 * To hide a field if another field identified by
101 * $field has the value $value.
103 * [ '!==', string $fieldName, string $value ]
104 * Same as [ 'NOT', [ '===', $fieldName, $value ]
105 * 'OR', 'AND', 'NOR', 'NAND'
106 * [ 'XXX', array $expression1, ..., array $expressionN ]
107 * To hide a field if one or more (OR), all (AND),
108 * neither (NOR) or not all (NAND) given expressions
109 * are evaluated as true.
110 * The expressions will be given to a JavaScript frontend
111 * module which will continually update the field's
114 * Since 1.20, you can chain mutators to ease the form generation:
117 * $form = new HTMLForm( $someFields );
118 * $form->setMethod( 'get' )
119 * ->setWrapperLegendMsg( 'message-key' )
121 * ->displayForm( '' );
123 * Note that you will have prepareForm and displayForm at the end. Other
124 * methods call done after that would simply not be part of the form :(
126 * @todo Document 'section' / 'subsection' stuff
128 class HTMLForm
extends ContextSource
{
129 // A mapping of 'type' inputs onto standard HTMLFormField subclasses
130 public static $typeMappings = [
131 'api' => 'HTMLApiField',
132 'text' => 'HTMLTextField',
133 'textwithbutton' => 'HTMLTextFieldWithButton',
134 'textarea' => 'HTMLTextAreaField',
135 'select' => 'HTMLSelectField',
136 'combobox' => 'HTMLComboboxField',
137 'radio' => 'HTMLRadioField',
138 'multiselect' => 'HTMLMultiSelectField',
139 'limitselect' => 'HTMLSelectLimitField',
140 'check' => 'HTMLCheckField',
141 'toggle' => 'HTMLCheckField',
142 'int' => 'HTMLIntField',
143 'float' => 'HTMLFloatField',
144 'info' => 'HTMLInfoField',
145 'selectorother' => 'HTMLSelectOrOtherField',
146 'selectandother' => 'HTMLSelectAndOtherField',
147 'namespaceselect' => 'HTMLSelectNamespace',
148 'namespaceselectwithbutton' => 'HTMLSelectNamespaceWithButton',
149 'tagfilter' => 'HTMLTagFilter',
150 'submit' => 'HTMLSubmitField',
151 'hidden' => 'HTMLHiddenField',
152 'edittools' => 'HTMLEditTools',
153 'checkmatrix' => 'HTMLCheckMatrix',
154 'cloner' => 'HTMLFormFieldCloner',
155 'autocompleteselect' => 'HTMLAutoCompleteSelectField',
156 'date' => 'HTMLDateTimeField',
157 'time' => 'HTMLDateTimeField',
158 'datetime' => 'HTMLDateTimeField',
159 // HTMLTextField will output the correct type="" attribute automagically.
160 // There are about four zillion other HTML5 input types, like range, but
161 // we don't use those at the moment, so no point in adding all of them.
162 'email' => 'HTMLTextField',
163 'password' => 'HTMLTextField',
164 'url' => 'HTMLTextField',
165 'title' => 'HTMLTitleTextField',
166 'user' => 'HTMLUserTextField',
171 protected $mMessagePrefix;
173 /** @var HTMLFormField[] */
174 protected $mFlatFields;
176 protected $mFieldTree;
177 protected $mShowReset = false;
178 protected $mShowSubmit = true;
179 protected $mSubmitFlags = [ 'primary', 'progressive' ];
180 protected $mShowCancel = false;
181 protected $mCancelTarget;
183 protected $mSubmitCallback;
184 protected $mValidationErrorMessage;
186 protected $mPre = '';
187 protected $mHeader = '';
188 protected $mFooter = '';
189 protected $mSectionHeaders = [];
190 protected $mSectionFooters = [];
191 protected $mPost = '';
194 protected $mTableId = '';
196 protected $mSubmitID;
197 protected $mSubmitName;
198 protected $mSubmitText;
199 protected $mSubmitTooltip;
201 protected $mFormIdentifier;
203 protected $mMethod = 'post';
204 protected $mWasSubmitted = false;
207 * Form action URL. false means we will use the URL to set Title
211 protected $mAction = false;
214 * Form attribute autocomplete. false does not set the attribute
218 protected $mAutocomplete = false;
220 protected $mUseMultipart = false;
221 protected $mHiddenFields = [];
222 protected $mButtons = [];
224 protected $mWrapperLegend = false;
227 * Salt for the edit token.
230 protected $mTokenSalt = '';
233 * If true, sections that contain both fields and subsections will
234 * render their subsections before their fields.
236 * Subclasses may set this to false to render subsections after fields
239 protected $mSubSectionBeforeFields = true;
242 * Format in which to display form. For viable options,
243 * @see $availableDisplayFormats
246 protected $displayFormat = 'table';
249 * Available formats in which to display the form
252 protected $availableDisplayFormats = [
260 * Available formats in which to display the form
263 protected $availableSubclassDisplayFormats = [
269 * Construct a HTMLForm object for given display type. May return a HTMLForm subclass.
271 * @param string $displayFormat
272 * @param mixed $arguments... Additional arguments to pass to the constructor.
275 public static function factory( $displayFormat/*, $arguments...*/ ) {
276 $arguments = func_get_args();
277 array_shift( $arguments );
279 switch ( $displayFormat ) {
281 return ObjectFactory
::constructClassInstance( VFormHTMLForm
::class, $arguments );
283 return ObjectFactory
::constructClassInstance( OOUIHTMLForm
::class, $arguments );
285 /** @var HTMLForm $form */
286 $form = ObjectFactory
::constructClassInstance( HTMLForm
::class, $arguments );
287 $form->setDisplayFormat( $displayFormat );
293 * Build a new HTMLForm from an array of field attributes
295 * @param array $descriptor Array of Field constructs, as described above
296 * @param IContextSource $context Available since 1.18, will become compulsory in 1.18.
297 * Obviates the need to call $form->setTitle()
298 * @param string $messagePrefix A prefix to go in front of default messages
300 public function __construct( $descriptor, /*IContextSource*/ $context = null,
303 if ( $context instanceof IContextSource
) {
304 $this->setContext( $context );
305 $this->mTitle
= false; // We don't need them to set a title
306 $this->mMessagePrefix
= $messagePrefix;
307 } elseif ( $context === null && $messagePrefix !== '' ) {
308 $this->mMessagePrefix
= $messagePrefix;
309 } elseif ( is_string( $context ) && $messagePrefix === '' ) {
311 // it's actually $messagePrefix
312 $this->mMessagePrefix
= $context;
315 // Evil hack for mobile :(
317 !$this->getConfig()->get( 'HTMLFormAllowTableFormat' )
318 && $this->displayFormat
=== 'table'
320 $this->displayFormat
= 'div';
323 // Expand out into a tree.
324 $loadedDescriptor = [];
325 $this->mFlatFields
= [];
327 foreach ( $descriptor as $fieldname => $info ) {
328 $section = isset( $info['section'] )
332 if ( isset( $info['type'] ) && $info['type'] === 'file' ) {
333 $this->mUseMultipart
= true;
336 $field = static::loadInputFromParameters( $fieldname, $info, $this );
338 $setSection =& $loadedDescriptor;
340 $sectionParts = explode( '/', $section );
342 while ( count( $sectionParts ) ) {
343 $newName = array_shift( $sectionParts );
345 if ( !isset( $setSection[$newName] ) ) {
346 $setSection[$newName] = [];
349 $setSection =& $setSection[$newName];
353 $setSection[$fieldname] = $field;
354 $this->mFlatFields
[$fieldname] = $field;
357 $this->mFieldTree
= $loadedDescriptor;
361 * @param string $fieldname
364 public function hasField( $fieldname ) {
365 return isset( $this->mFlatFields
[$fieldname] );
369 * @param string $fieldname
370 * @return HTMLFormField
371 * @throws DomainException on invalid field name
373 public function getField( $fieldname ) {
374 if ( !$this->hasField( $fieldname ) ) {
375 throw new DomainException( __METHOD__
. ': no field named ' . $fieldname );
377 return $this->mFlatFields
[$fieldname];
381 * Set format in which to display the form
383 * @param string $format The name of the format to use, must be one of
384 * $this->availableDisplayFormats
386 * @throws MWException
388 * @return HTMLForm $this for chaining calls (since 1.20)
390 public function setDisplayFormat( $format ) {
392 in_array( $format, $this->availableSubclassDisplayFormats
, true ) ||
393 in_array( $this->displayFormat
, $this->availableSubclassDisplayFormats
, true )
395 throw new MWException( 'Cannot change display format after creation, ' .
396 'use HTMLForm::factory() instead' );
399 if ( !in_array( $format, $this->availableDisplayFormats
, true ) ) {
400 throw new MWException( 'Display format must be one of ' .
401 print_r( $this->availableDisplayFormats
, true ) );
404 // Evil hack for mobile :(
405 if ( !$this->getConfig()->get( 'HTMLFormAllowTableFormat' ) && $format === 'table' ) {
409 $this->displayFormat
= $format;
415 * Getter for displayFormat
419 public function getDisplayFormat() {
420 return $this->displayFormat
;
424 * Test if displayFormat is 'vform'
426 * @deprecated since 1.25
429 public function isVForm() {
430 wfDeprecated( __METHOD__
, '1.25' );
435 * Get the HTMLFormField subclass for this descriptor.
437 * The descriptor can be passed either 'class' which is the name of
438 * a HTMLFormField subclass, or a shorter 'type' which is an alias.
439 * This makes sure the 'class' is always set, and also is returned by
440 * this function for ease.
444 * @param string $fieldname Name of the field
445 * @param array $descriptor Input Descriptor, as described above
447 * @throws MWException
448 * @return string Name of a HTMLFormField subclass
450 public static function getClassFromDescriptor( $fieldname, &$descriptor ) {
451 if ( isset( $descriptor['class'] ) ) {
452 $class = $descriptor['class'];
453 } elseif ( isset( $descriptor['type'] ) ) {
454 $class = static::$typeMappings[$descriptor['type']];
455 $descriptor['class'] = $class;
461 throw new MWException( "Descriptor with no class for $fieldname: "
462 . print_r( $descriptor, true ) );
469 * Initialise a new Object for the field
471 * @param string $fieldname Name of the field
472 * @param array $descriptor Input Descriptor, as described above
473 * @param HTMLForm|null $parent Parent instance of HTMLForm
475 * @throws MWException
476 * @return HTMLFormField Instance of a subclass of HTMLFormField
478 public static function loadInputFromParameters( $fieldname, $descriptor,
479 HTMLForm
$parent = null
481 $class = static::getClassFromDescriptor( $fieldname, $descriptor );
483 $descriptor['fieldname'] = $fieldname;
485 $descriptor['parent'] = $parent;
488 # @todo This will throw a fatal error whenever someone try to use
489 # 'class' to feed a CSS class instead of 'cssclass'. Would be
490 # great to avoid the fatal error and show a nice error.
491 return new $class( $descriptor );
495 * Prepare form for submission.
497 * @attention When doing method chaining, that should be the very last
498 * method call before displayForm().
500 * @throws MWException
501 * @return HTMLForm $this for chaining calls (since 1.20)
503 public function prepareForm() {
504 # Check if we have the info we need
505 if ( !$this->mTitle
instanceof Title
&& $this->mTitle
!== false ) {
506 throw new MWException( 'You must call setTitle() on an HTMLForm' );
509 # Load data from the request.
511 $this->mFormIdentifier
=== null ||
512 $this->getRequest()->getVal( 'wpFormIdentifier' ) === $this->mFormIdentifier
516 $this->mFieldData
= [];
523 * Try submitting, with edit token check first
524 * @return Status|bool
526 public function tryAuthorizedSubmit() {
530 if ( $this->mFormIdentifier
=== null ) {
533 $identOkay = $this->getRequest()->getVal( 'wpFormIdentifier' ) === $this->mFormIdentifier
;
537 if ( $this->getMethod() !== 'post' ) {
538 $tokenOkay = true; // no session check needed
539 } elseif ( $this->getRequest()->wasPosted() ) {
540 $editToken = $this->getRequest()->getVal( 'wpEditToken' );
541 if ( $this->getUser()->isLoggedIn() ||
$editToken !== null ) {
542 // Session tokens for logged-out users have no security value.
543 // However, if the user gave one, check it in order to give a nice
544 // "session expired" error instead of "permission denied" or such.
545 $tokenOkay = $this->getUser()->matchEditToken( $editToken, $this->mTokenSalt
);
551 if ( $tokenOkay && $identOkay ) {
552 $this->mWasSubmitted
= true;
553 $result = $this->trySubmit();
560 * The here's-one-I-made-earlier option: do the submission if
561 * posted, or display the form with or without funky validation
563 * @return bool|Status Whether submission was successful.
565 public function show() {
566 $this->prepareForm();
568 $result = $this->tryAuthorizedSubmit();
569 if ( $result === true ||
( $result instanceof Status
&& $result->isGood() ) ) {
573 $this->displayForm( $result );
579 * Same as self::show with the difference, that the form will be
580 * added to the output, no matter, if the validation was good or not.
581 * @return bool|Status Whether submission was successful.
583 public function showAlways() {
584 $this->prepareForm();
586 $result = $this->tryAuthorizedSubmit();
588 $this->displayForm( $result );
594 * Validate all the fields, and call the submission callback
595 * function if everything is kosher.
596 * @throws MWException
597 * @return bool|string|array|Status
598 * - Bool true or a good Status object indicates success,
599 * - Bool false indicates no submission was attempted,
600 * - Anything else indicates failure. The value may be a fatal Status
601 * object, an HTML string, or an array of arrays (message keys and
602 * params) or strings (message keys)
604 public function trySubmit() {
607 $hoistedErrors[] = isset( $this->mValidationErrorMessage
)
608 ?
$this->mValidationErrorMessage
609 : [ 'htmlform-invalid-input' ];
611 $this->mWasSubmitted
= true;
613 # Check for cancelled submission
614 foreach ( $this->mFlatFields
as $fieldname => $field ) {
615 if ( !array_key_exists( $fieldname, $this->mFieldData
) ) {
618 if ( $field->cancelSubmit( $this->mFieldData
[$fieldname], $this->mFieldData
) ) {
619 $this->mWasSubmitted
= false;
624 # Check for validation
625 foreach ( $this->mFlatFields
as $fieldname => $field ) {
626 if ( !array_key_exists( $fieldname, $this->mFieldData
) ) {
629 if ( $field->isHidden( $this->mFieldData
) ) {
632 $res = $field->validate( $this->mFieldData
[$fieldname], $this->mFieldData
);
633 if ( $res !== true ) {
635 if ( $res !== false && !$field->canDisplayErrors() ) {
636 $hoistedErrors[] = [ 'rawmessage', $res ];
642 if ( count( $hoistedErrors ) === 1 ) {
643 $hoistedErrors = $hoistedErrors[0];
645 return $hoistedErrors;
648 $callback = $this->mSubmitCallback
;
649 if ( !is_callable( $callback ) ) {
650 throw new MWException( 'HTMLForm: no submit callback provided. Use ' .
651 'setSubmitCallback() to set one.' );
654 $data = $this->filterDataForSubmit( $this->mFieldData
);
656 $res = call_user_func( $callback, $data, $this );
657 if ( $res === false ) {
658 $this->mWasSubmitted
= false;
665 * Test whether the form was considered to have been submitted or not, i.e.
666 * whether the last call to tryAuthorizedSubmit or trySubmit returned
669 * This will return false until HTMLForm::tryAuthorizedSubmit or
670 * HTMLForm::trySubmit is called.
675 public function wasSubmitted() {
676 return $this->mWasSubmitted
;
680 * Set a callback to a function to do something with the form
681 * once it's been successfully validated.
683 * @param callable $cb The function will be passed the output from
684 * HTMLForm::filterDataForSubmit and this HTMLForm object, and must
685 * return as documented for HTMLForm::trySubmit
687 * @return HTMLForm $this for chaining calls (since 1.20)
689 public function setSubmitCallback( $cb ) {
690 $this->mSubmitCallback
= $cb;
696 * Set a message to display on a validation error.
698 * @param string|array $msg String or Array of valid inputs to wfMessage()
699 * (so each entry can be either a String or Array)
701 * @return HTMLForm $this for chaining calls (since 1.20)
703 public function setValidationErrorMessage( $msg ) {
704 $this->mValidationErrorMessage
= $msg;
710 * Set the introductory message, overwriting any existing message.
712 * @param string $msg Complete text of message to display
714 * @return HTMLForm $this for chaining calls (since 1.20)
716 public function setIntro( $msg ) {
717 $this->setPreText( $msg );
723 * Set the introductory message HTML, overwriting any existing message.
726 * @param string $msg Complete HTML of message to display
728 * @return HTMLForm $this for chaining calls (since 1.20)
730 public function setPreText( $msg ) {
737 * Add HTML to introductory message.
739 * @param string $msg Complete HTML of message to display
741 * @return HTMLForm $this for chaining calls (since 1.20)
743 public function addPreText( $msg ) {
750 * Add HTML to the header, inside the form.
752 * @param string $msg Additional HTML to display in header
753 * @param string|null $section The section to add the header to
755 * @return HTMLForm $this for chaining calls (since 1.20)
757 public function addHeaderText( $msg, $section = null ) {
758 if ( $section === null ) {
759 $this->mHeader
.= $msg;
761 if ( !isset( $this->mSectionHeaders
[$section] ) ) {
762 $this->mSectionHeaders
[$section] = '';
764 $this->mSectionHeaders
[$section] .= $msg;
771 * Set header text, inside the form.
774 * @param string $msg Complete HTML of header to display
775 * @param string|null $section The section to add the header to
777 * @return HTMLForm $this for chaining calls (since 1.20)
779 public function setHeaderText( $msg, $section = null ) {
780 if ( $section === null ) {
781 $this->mHeader
= $msg;
783 $this->mSectionHeaders
[$section] = $msg;
792 * @param string|null $section The section to get the header text for
794 * @return string HTML
796 public function getHeaderText( $section = null ) {
797 if ( $section === null ) {
798 return $this->mHeader
;
800 return isset( $this->mSectionHeaders
[$section] ) ?
$this->mSectionHeaders
[$section] : '';
805 * Add footer text, inside the form.
807 * @param string $msg Complete text of message to display
808 * @param string|null $section The section to add the footer text to
810 * @return HTMLForm $this for chaining calls (since 1.20)
812 public function addFooterText( $msg, $section = null ) {
813 if ( $section === null ) {
814 $this->mFooter
.= $msg;
816 if ( !isset( $this->mSectionFooters
[$section] ) ) {
817 $this->mSectionFooters
[$section] = '';
819 $this->mSectionFooters
[$section] .= $msg;
826 * Set footer text, inside the form.
829 * @param string $msg Complete text of message to display
830 * @param string|null $section The section to add the footer text to
832 * @return HTMLForm $this for chaining calls (since 1.20)
834 public function setFooterText( $msg, $section = null ) {
835 if ( $section === null ) {
836 $this->mFooter
= $msg;
838 $this->mSectionFooters
[$section] = $msg;
847 * @param string|null $section The section to get the footer text for
851 public function getFooterText( $section = null ) {
852 if ( $section === null ) {
853 return $this->mFooter
;
855 return isset( $this->mSectionFooters
[$section] ) ?
$this->mSectionFooters
[$section] : '';
860 * Add text to the end of the display.
862 * @param string $msg Complete text of message to display
864 * @return HTMLForm $this for chaining calls (since 1.20)
866 public function addPostText( $msg ) {
867 $this->mPost
.= $msg;
873 * Set text at the end of the display.
875 * @param string $msg Complete text of message to display
877 * @return HTMLForm $this for chaining calls (since 1.20)
879 public function setPostText( $msg ) {
886 * Add a hidden field to the output
888 * @param string $name Field name. This will be used exactly as entered
889 * @param string $value Field value
890 * @param array $attribs
892 * @return HTMLForm $this for chaining calls (since 1.20)
894 public function addHiddenField( $name, $value, array $attribs = [] ) {
895 $attribs +
= [ 'name' => $name ];
896 $this->mHiddenFields
[] = [ $value, $attribs ];
902 * Add an array of hidden fields to the output
906 * @param array $fields Associative array of fields to add;
907 * mapping names to their values
909 * @return HTMLForm $this for chaining calls
911 public function addHiddenFields( array $fields ) {
912 foreach ( $fields as $name => $value ) {
913 $this->mHiddenFields
[] = [ $value, [ 'name' => $name ] ];
920 * Add a button to the form
922 * @since 1.27 takes an array as shown. Earlier versions accepted
923 * 'name', 'value', 'id', and 'attribs' as separate parameters in that
925 * @note Custom labels ('label', 'label-message', 'label-raw') are not
926 * supported for IE6 and IE7 due to bugs in those browsers. If detected,
927 * they will be served buttons using 'value' as the button label.
928 * @param array $data Data to define the button:
929 * - name: (string) Button name.
930 * - value: (string) Button value.
931 * - label-message: (string, optional) Button label message key to use
932 * instead of 'value'. Overrides 'label' and 'label-raw'.
933 * - label: (string, optional) Button label text to use instead of
934 * 'value'. Overrides 'label-raw'.
935 * - label-raw: (string, optional) Button label HTML to use instead of
937 * - id: (string, optional) DOM id for the button.
938 * - attribs: (array, optional) Additional HTML attributes.
939 * - flags: (string|string[], optional) OOUI flags.
940 * - framed: (boolean=true, optional) OOUI framed attribute.
941 * @return HTMLForm $this for chaining calls (since 1.20)
943 public function addButton( $data ) {
944 if ( !is_array( $data ) ) {
945 $args = func_get_args();
946 if ( count( $args ) < 2 ||
count( $args ) > 4 ) {
947 throw new InvalidArgumentException(
948 'Incorrect number of arguments for deprecated calling style'
954 'id' => isset( $args[2] ) ?
$args[2] : null,
955 'attribs' => isset( $args[3] ) ?
$args[3] : null,
958 if ( !isset( $data['name'] ) ) {
959 throw new InvalidArgumentException( 'A name is required' );
961 if ( !isset( $data['value'] ) ) {
962 throw new InvalidArgumentException( 'A value is required' );
965 $this->mButtons
[] = $data +
[
976 * Set the salt for the edit token.
978 * Only useful when the method is "post".
981 * @param string|array $salt Salt to use
982 * @return HTMLForm $this For chaining calls
984 public function setTokenSalt( $salt ) {
985 $this->mTokenSalt
= $salt;
991 * Display the form (sending to the context's OutputPage object), with an
992 * appropriate error message or stack of messages, and any validation errors, etc.
994 * @attention You should call prepareForm() before calling this function.
995 * Moreover, when doing method chaining this should be the very last method
996 * call just after prepareForm().
998 * @param bool|string|array|Status $submitResult Output from HTMLForm::trySubmit()
1000 * @return void Nothing, should be last call
1002 public function displayForm( $submitResult ) {
1003 $this->getOutput()->addHTML( $this->getHTML( $submitResult ) );
1007 * Returns the raw HTML generated by the form
1009 * @param bool|string|array|Status $submitResult Output from HTMLForm::trySubmit()
1011 * @return string HTML
1013 public function getHTML( $submitResult ) {
1014 # For good measure (it is the default)
1015 $this->getOutput()->preventClickjacking();
1016 $this->getOutput()->addModules( 'mediawiki.htmlform' );
1017 $this->getOutput()->addModuleStyles( 'mediawiki.htmlform.styles' );
1020 . $this->getErrorsOrWarnings( $submitResult, 'error' )
1021 . $this->getErrorsOrWarnings( $submitResult, 'warning' )
1022 . $this->getHeaderText()
1024 . $this->getHiddenFields()
1025 . $this->getButtons()
1026 . $this->getFooterText();
1028 $html = $this->wrapForm( $html );
1030 return '' . $this->mPre
. $html . $this->mPost
;
1034 * Get HTML attributes for the `<form>` tag.
1037 protected function getFormAttributes() {
1038 # Use multipart/form-data
1039 $encType = $this->mUseMultipart
1040 ?
'multipart/form-data'
1041 : 'application/x-www-form-urlencoded';
1044 'action' => $this->getAction(),
1045 'method' => $this->getMethod(),
1046 'enctype' => $encType,
1049 $attribs['id'] = $this->mId
;
1051 if ( $this->mAutocomplete
) {
1052 $attribs['autocomplete'] = $this->mAutocomplete
;
1054 if ( $this->mName
) {
1055 $attribs['name'] = $this->mName
;
1061 * Wrap the form innards in an actual "<form>" element
1063 * @param string $html HTML contents to wrap.
1065 * @return string Wrapped HTML.
1067 public function wrapForm( $html ) {
1068 # Include a <fieldset> wrapper for style, if requested.
1069 if ( $this->mWrapperLegend
!== false ) {
1070 $legend = is_string( $this->mWrapperLegend
) ?
$this->mWrapperLegend
: false;
1071 $html = Xml
::fieldset( $legend, $html );
1074 return Html
::rawElement(
1076 $this->getFormAttributes() +
[ 'class' => 'visualClear' ],
1082 * Get the hidden fields that should go inside the form.
1083 * @return string HTML.
1085 public function getHiddenFields() {
1087 if ( $this->mFormIdentifier
!== null ) {
1088 $html .= Html
::hidden(
1090 $this->mFormIdentifier
1093 if ( $this->getMethod() === 'post' ) {
1094 $html .= Html
::hidden(
1096 $this->getUser()->getEditToken( $this->mTokenSalt
),
1097 [ 'id' => 'wpEditToken' ]
1099 $html .= Html
::hidden( 'title', $this->getTitle()->getPrefixedText() ) . "\n";
1102 $articlePath = $this->getConfig()->get( 'ArticlePath' );
1103 if ( strpos( $articlePath, '?' ) !== false && $this->getMethod() === 'get' ) {
1104 $html .= Html
::hidden( 'title', $this->getTitle()->getPrefixedText() ) . "\n";
1107 foreach ( $this->mHiddenFields
as $data ) {
1108 list( $value, $attribs ) = $data;
1109 $html .= Html
::hidden( $attribs['name'], $value, $attribs ) . "\n";
1116 * Get the submit and (potentially) reset buttons.
1117 * @return string HTML.
1119 public function getButtons() {
1121 $useMediaWikiUIEverywhere = $this->getConfig()->get( 'UseMediaWikiUIEverywhere' );
1123 if ( $this->mShowSubmit
) {
1126 if ( isset( $this->mSubmitID
) ) {
1127 $attribs['id'] = $this->mSubmitID
;
1130 if ( isset( $this->mSubmitName
) ) {
1131 $attribs['name'] = $this->mSubmitName
;
1134 if ( isset( $this->mSubmitTooltip
) ) {
1135 $attribs +
= Linker
::tooltipAndAccesskeyAttribs( $this->mSubmitTooltip
);
1138 $attribs['class'] = [ 'mw-htmlform-submit' ];
1140 if ( $useMediaWikiUIEverywhere ) {
1141 foreach ( $this->mSubmitFlags
as $flag ) {
1142 $attribs['class'][] = 'mw-ui-' . $flag;
1144 $attribs['class'][] = 'mw-ui-button';
1147 $buttons .= Xml
::submitButton( $this->getSubmitText(), $attribs ) . "\n";
1150 if ( $this->mShowReset
) {
1151 $buttons .= Html
::element(
1155 'value' => $this->msg( 'htmlform-reset' )->text(),
1156 'class' => $useMediaWikiUIEverywhere ?
'mw-ui-button' : null,
1161 if ( $this->mShowCancel
) {
1162 $target = $this->mCancelTarget ?
: Title
::newMainPage();
1163 if ( $target instanceof Title
) {
1164 $target = $target->getLocalURL();
1166 $buttons .= Html
::element(
1169 'class' => $useMediaWikiUIEverywhere ?
'mw-ui-button' : null,
1172 $this->msg( 'cancel' )->text()
1176 // IE<8 has bugs with <button>, so we'll need to avoid them.
1177 $isBadIE = preg_match( '/MSIE [1-7]\./i', $this->getRequest()->getHeader( 'User-Agent' ) );
1179 foreach ( $this->mButtons
as $button ) {
1182 'name' => $button['name'],
1183 'value' => $button['value']
1186 if ( isset( $button['label-message'] ) ) {
1187 $label = $this->getMessage( $button['label-message'] )->parse();
1188 } elseif ( isset( $button['label'] ) ) {
1189 $label = htmlspecialchars( $button['label'] );
1190 } elseif ( isset( $button['label-raw'] ) ) {
1191 $label = $button['label-raw'];
1193 $label = htmlspecialchars( $button['value'] );
1196 if ( $button['attribs'] ) {
1197 $attrs +
= $button['attribs'];
1200 if ( isset( $button['id'] ) ) {
1201 $attrs['id'] = $button['id'];
1204 if ( $useMediaWikiUIEverywhere ) {
1205 $attrs['class'] = isset( $attrs['class'] ) ?
(array)$attrs['class'] : [];
1206 $attrs['class'][] = 'mw-ui-button';
1210 $buttons .= Html
::element( 'input', $attrs ) . "\n";
1212 $buttons .= Html
::rawElement( 'button', $attrs, $label ) . "\n";
1220 return Html
::rawElement( 'span',
1221 [ 'class' => 'mw-htmlform-submit-buttons' ], "\n$buttons" ) . "\n";
1225 * Get the whole body of the form.
1228 public function getBody() {
1229 return $this->displaySection( $this->mFieldTree
, $this->mTableId
);
1233 * Format and display an error message stack.
1235 * @param string|array|Status $errors
1237 * @deprecated since 1.28, use getErrorsOrWarnings() instead
1241 public function getErrors( $errors ) {
1242 wfDeprecated( __METHOD__
);
1243 return $this->getErrorsOrWarnings( $errors, 'error' );
1247 * Returns a formatted list of errors or warnings from the given elements.
1249 * @param string|array|Status $elements The set of errors/warnings to process.
1250 * @param string $elementsType Should warnings or errors be returned. This is meant
1251 * for Status objects, all other valid types are always considered as errors.
1254 public function getErrorsOrWarnings( $elements, $elementsType ) {
1255 if ( !in_array( $elementsType, [ 'error', 'warning' ], true ) ) {
1256 throw new DomainException( $elementsType . ' is not a valid type.' );
1258 $elementstr = false;
1259 if ( $elements instanceof Status
) {
1260 list( $errorStatus, $warningStatus ) = $elements->splitByErrorType();
1261 $status = $elementsType === 'error' ?
$errorStatus : $warningStatus;
1262 if ( $status->isGood() ) {
1265 $elementstr = $this->getOutput()->parse(
1266 $status->getWikiText()
1269 } elseif ( is_array( $elements ) && $elementsType === 'error' ) {
1270 $elementstr = $this->formatErrors( $elements );
1271 } elseif ( $elementsType === 'error' ) {
1272 $elementstr = $elements;
1276 ? Html
::rawElement( 'div', [ 'class' => $elementsType ], $elementstr )
1281 * Format a stack of error messages into a single HTML string
1283 * @param array $errors Array of message keys/values
1285 * @return string HTML, a "<ul>" list of errors
1287 public function formatErrors( $errors ) {
1290 foreach ( $errors as $error ) {
1291 $errorstr .= Html
::rawElement(
1294 $this->getMessage( $error )->parse()
1298 $errorstr = Html
::rawElement( 'ul', [], $errorstr );
1304 * Set the text for the submit button
1306 * @param string $t Plaintext
1308 * @return HTMLForm $this for chaining calls (since 1.20)
1310 public function setSubmitText( $t ) {
1311 $this->mSubmitText
= $t;
1317 * Identify that the submit button in the form has a destructive action
1320 * @return HTMLForm $this for chaining calls (since 1.28)
1322 public function setSubmitDestructive() {
1323 $this->mSubmitFlags
= [ 'destructive', 'primary' ];
1329 * Identify that the submit button in the form has a progressive action
1332 * @return HTMLForm $this for chaining calls (since 1.28)
1334 public function setSubmitProgressive() {
1335 $this->mSubmitFlags
= [ 'progressive', 'primary' ];
1341 * Set the text for the submit button to a message
1344 * @param string|Message $msg Message key or Message object
1346 * @return HTMLForm $this for chaining calls (since 1.20)
1348 public function setSubmitTextMsg( $msg ) {
1349 if ( !$msg instanceof Message
) {
1350 $msg = $this->msg( $msg );
1352 $this->setSubmitText( $msg->text() );
1358 * Get the text for the submit button, either customised or a default.
1361 public function getSubmitText() {
1362 return $this->mSubmitText ?
: $this->msg( 'htmlform-submit' )->text();
1366 * @param string $name Submit button name
1368 * @return HTMLForm $this for chaining calls (since 1.20)
1370 public function setSubmitName( $name ) {
1371 $this->mSubmitName
= $name;
1377 * @param string $name Tooltip for the submit button
1379 * @return HTMLForm $this for chaining calls (since 1.20)
1381 public function setSubmitTooltip( $name ) {
1382 $this->mSubmitTooltip
= $name;
1388 * Set the id for the submit button.
1392 * @todo FIXME: Integrity of $t is *not* validated
1393 * @return HTMLForm $this for chaining calls (since 1.20)
1395 public function setSubmitID( $t ) {
1396 $this->mSubmitID
= $t;
1402 * Set an internal identifier for this form. It will be submitted as a hidden form field, allowing
1403 * HTMLForm to determine whether the form was submitted (or merely viewed). Setting this serves
1406 * - If you use two or more forms on one page, it allows HTMLForm to identify which of the forms
1407 * was submitted, and not attempt to validate the other ones.
1408 * - If you use checkbox or multiselect fields inside a form using the GET method, it allows
1409 * HTMLForm to distinguish between the initial page view and a form submission with all
1410 * checkboxes or select options unchecked.
1413 * @param string $ident
1416 public function setFormIdentifier( $ident ) {
1417 $this->mFormIdentifier
= $ident;
1423 * Stop a default submit button being shown for this form. This implies that an
1424 * alternate submit method must be provided manually.
1428 * @param bool $suppressSubmit Set to false to re-enable the button again
1430 * @return HTMLForm $this for chaining calls
1432 public function suppressDefaultSubmit( $suppressSubmit = true ) {
1433 $this->mShowSubmit
= !$suppressSubmit;
1439 * Show a cancel button (or prevent it). The button is not shown by default.
1441 * @return HTMLForm $this for chaining calls
1444 public function showCancel( $show = true ) {
1445 $this->mShowCancel
= $show;
1450 * Sets the target where the user is redirected to after clicking cancel.
1451 * @param Title|string $target Target as a Title object or an URL
1452 * @return HTMLForm $this for chaining calls
1455 public function setCancelTarget( $target ) {
1456 $this->mCancelTarget
= $target;
1461 * Set the id of the \<table\> or outermost \<div\> element.
1465 * @param string $id New value of the id attribute, or "" to remove
1467 * @return HTMLForm $this for chaining calls
1469 public function setTableId( $id ) {
1470 $this->mTableId
= $id;
1476 * @param string $id DOM id for the form
1478 * @return HTMLForm $this for chaining calls (since 1.20)
1480 public function setId( $id ) {
1487 * @param string $name 'name' attribute for the form
1488 * @return HTMLForm $this for chaining calls
1490 public function setName( $name ) {
1491 $this->mName
= $name;
1497 * Prompt the whole form to be wrapped in a "<fieldset>", with
1498 * this text as its "<legend>" element.
1500 * @param string|bool $legend If false, no wrapper or legend will be displayed.
1501 * If true, a wrapper will be displayed, but no legend.
1502 * If a string, a wrapper will be displayed with that string as a legend.
1503 * The string will be escaped before being output (this doesn't support HTML).
1505 * @return HTMLForm $this for chaining calls (since 1.20)
1507 public function setWrapperLegend( $legend ) {
1508 $this->mWrapperLegend
= $legend;
1514 * Prompt the whole form to be wrapped in a "<fieldset>", with
1515 * this message as its "<legend>" element.
1518 * @param string|Message $msg Message key or Message object
1520 * @return HTMLForm $this for chaining calls (since 1.20)
1522 public function setWrapperLegendMsg( $msg ) {
1523 if ( !$msg instanceof Message
) {
1524 $msg = $this->msg( $msg );
1526 $this->setWrapperLegend( $msg->text() );
1532 * Set the prefix for various default messages
1533 * @todo Currently only used for the "<fieldset>" legend on forms
1534 * with multiple sections; should be used elsewhere?
1538 * @return HTMLForm $this for chaining calls (since 1.20)
1540 public function setMessagePrefix( $p ) {
1541 $this->mMessagePrefix
= $p;
1547 * Set the title for form submission
1549 * @param Title $t Title of page the form is on/should be posted to
1551 * @return HTMLForm $this for chaining calls (since 1.20)
1553 public function setTitle( $t ) {
1563 public function getTitle() {
1564 return $this->mTitle
=== false
1565 ?
$this->getContext()->getTitle()
1570 * Set the method used to submit the form
1572 * @param string $method
1574 * @return HTMLForm $this for chaining calls (since 1.20)
1576 public function setMethod( $method = 'post' ) {
1577 $this->mMethod
= strtolower( $method );
1583 * @return string Always lowercase
1585 public function getMethod() {
1586 return $this->mMethod
;
1590 * Wraps the given $section into an user-visible fieldset.
1592 * @param string $legend Legend text for the fieldset
1593 * @param string $section The section content in plain Html
1594 * @param array $attributes Additional attributes for the fieldset
1595 * @return string The fieldset's Html
1597 protected function wrapFieldSetSection( $legend, $section, $attributes ) {
1598 return Xml
::fieldset( $legend, $section, $attributes ) . "\n";
1604 * @param array[]|HTMLFormField[] $fields Array of fields (either arrays or
1606 * @param string $sectionName ID attribute of the "<table>" tag for this
1607 * section, ignored if empty.
1608 * @param string $fieldsetIDPrefix ID prefix for the "<fieldset>" tag of
1609 * each subsection, ignored if empty.
1610 * @param bool &$hasUserVisibleFields Whether the section had user-visible fields.
1611 * @throws LogicException When called on uninitialized field data, e.g. When
1612 * HTMLForm::displayForm was called without calling HTMLForm::prepareForm
1617 public function displaySection( $fields,
1619 $fieldsetIDPrefix = '',
1620 &$hasUserVisibleFields = false
1622 if ( $this->mFieldData
=== null ) {
1623 throw new LogicException( 'HTMLForm::displaySection() called on uninitialized field data. '
1624 . 'You probably called displayForm() without calling prepareForm() first.' );
1627 $displayFormat = $this->getDisplayFormat();
1630 $subsectionHtml = '';
1633 // Conveniently, PHP method names are case-insensitive.
1634 // For grep: this can call getDiv, getRaw, getInline, getVForm, getOOUI
1635 $getFieldHtmlMethod = $displayFormat === 'table' ?
'getTableRow' : ( 'get' . $displayFormat );
1637 foreach ( $fields as $key => $value ) {
1638 if ( $value instanceof HTMLFormField
) {
1639 $v = array_key_exists( $key, $this->mFieldData
)
1640 ?
$this->mFieldData
[$key]
1641 : $value->getDefault();
1643 $retval = $value->$getFieldHtmlMethod( $v );
1645 // check, if the form field should be added to
1647 if ( $value->hasVisibleOutput() ) {
1650 $labelValue = trim( $value->getLabel() );
1651 if ( $labelValue !== ' ' && $labelValue !== '' ) {
1655 $hasUserVisibleFields = true;
1657 } elseif ( is_array( $value ) ) {
1658 $subsectionHasVisibleFields = false;
1660 $this->displaySection( $value,
1662 "$fieldsetIDPrefix$key-",
1663 $subsectionHasVisibleFields );
1666 if ( $subsectionHasVisibleFields === true ) {
1667 // Display the section with various niceties.
1668 $hasUserVisibleFields = true;
1670 $legend = $this->getLegend( $key );
1672 $section = $this->getHeaderText( $key ) .
1674 $this->getFooterText( $key );
1677 if ( $fieldsetIDPrefix ) {
1678 $attributes['id'] = Sanitizer
::escapeId( "$fieldsetIDPrefix$key" );
1680 $subsectionHtml .= $this->wrapFieldSetSection( $legend, $section, $attributes );
1682 // Just return the inputs, nothing fancy.
1683 $subsectionHtml .= $section;
1688 $html = $this->formatSection( $html, $sectionName, $hasLabel );
1690 if ( $subsectionHtml ) {
1691 if ( $this->mSubSectionBeforeFields
) {
1692 return $subsectionHtml . "\n" . $html;
1694 return $html . "\n" . $subsectionHtml;
1702 * Put a form section together from the individual fields' HTML, merging it and wrapping.
1703 * @param array $fieldsHtml
1704 * @param string $sectionName
1705 * @param bool $anyFieldHasLabel
1706 * @return string HTML
1708 protected function formatSection( array $fieldsHtml, $sectionName, $anyFieldHasLabel ) {
1709 $displayFormat = $this->getDisplayFormat();
1710 $html = implode( '', $fieldsHtml );
1712 if ( $displayFormat === 'raw' ) {
1718 if ( !$anyFieldHasLabel ) { // Avoid strange spacing when no labels exist
1719 $classes[] = 'mw-htmlform-nolabel';
1723 'class' => implode( ' ', $classes ),
1726 if ( $sectionName ) {
1727 $attribs['id'] = Sanitizer
::escapeId( $sectionName );
1730 if ( $displayFormat === 'table' ) {
1731 return Html
::rawElement( 'table',
1733 Html
::rawElement( 'tbody', [], "\n$html\n" ) ) . "\n";
1734 } elseif ( $displayFormat === 'inline' ) {
1735 return Html
::rawElement( 'span', $attribs, "\n$html\n" );
1737 return Html
::rawElement( 'div', $attribs, "\n$html\n" );
1742 * Construct the form fields from the Descriptor array
1744 public function loadData() {
1747 foreach ( $this->mFlatFields
as $fieldname => $field ) {
1748 $request = $this->getRequest();
1749 if ( $field->skipLoadData( $request ) ) {
1751 } elseif ( !empty( $field->mParams
['disabled'] ) ) {
1752 $fieldData[$fieldname] = $field->getDefault();
1754 $fieldData[$fieldname] = $field->loadDataFromRequest( $request );
1759 foreach ( $fieldData as $name => &$value ) {
1760 $field = $this->mFlatFields
[$name];
1761 $value = $field->filter( $value, $this->mFlatFields
);
1764 $this->mFieldData
= $fieldData;
1768 * Stop a reset button being shown for this form
1770 * @param bool $suppressReset Set to false to re-enable the button again
1772 * @return HTMLForm $this for chaining calls (since 1.20)
1774 public function suppressReset( $suppressReset = true ) {
1775 $this->mShowReset
= !$suppressReset;
1781 * Overload this if you want to apply special filtration routines
1782 * to the form as a whole, after it's submitted but before it's
1785 * @param array $data
1789 public function filterDataForSubmit( $data ) {
1794 * Get a string to go in the "<legend>" of a section fieldset.
1795 * Override this if you want something more complicated.
1797 * @param string $key
1801 public function getLegend( $key ) {
1802 return $this->msg( "{$this->mMessagePrefix}-$key" )->text();
1806 * Set the value for the action attribute of the form.
1807 * When set to false (which is the default state), the set title is used.
1811 * @param string|bool $action
1813 * @return HTMLForm $this for chaining calls (since 1.20)
1815 public function setAction( $action ) {
1816 $this->mAction
= $action;
1822 * Get the value for the action attribute of the form.
1828 public function getAction() {
1829 // If an action is alredy provided, return it
1830 if ( $this->mAction
!== false ) {
1831 return $this->mAction
;
1834 $articlePath = $this->getConfig()->get( 'ArticlePath' );
1835 // Check whether we are in GET mode and the ArticlePath contains a "?"
1836 // meaning that getLocalURL() would return something like "index.php?title=...".
1837 // As browser remove the query string before submitting GET forms,
1838 // it means that the title would be lost. In such case use wfScript() instead
1839 // and put title in an hidden field (see getHiddenFields()).
1840 if ( strpos( $articlePath, '?' ) !== false && $this->getMethod() === 'get' ) {
1844 return $this->getTitle()->getLocalURL();
1848 * Set the value for the autocomplete attribute of the form.
1849 * When set to false (which is the default state), the attribute get not set.
1853 * @param string|bool $autocomplete
1855 * @return HTMLForm $this for chaining calls
1857 public function setAutocomplete( $autocomplete ) {
1858 $this->mAutocomplete
= $autocomplete;
1864 * Turns a *-message parameter (which could be a MessageSpecifier, or a message name, or a
1865 * name + parameters array) into a Message.
1866 * @param mixed $value
1869 protected function getMessage( $value ) {
1870 return Message
::newFromSpecifier( $value )->setContext( $this );