IceHawk

Forms usage

This section covers the features of the Forms component.


Using the Token class for CSRF protection

<?php declare(strict_types=1);

namespace MyVendor\MyProject;

use IceHawk\Forms\Security\Token;

# Create a new token (without expiry)
$token = new Token();

echo $token->toString(); # or echo $token;

# Create a new token (with expiry in 50 seconds)
$token = (new Token())->expiresIn( 50 );

# Create a token from string (i.e. when sent through a post form)
$token = Token::fromString( '...' );

# Compare tokens
$token   = new Token();
$other   = new Token();
$another = Token::fromString($token->toString());

$token->equals($other);   # false
$other->equals($token);   # false

$token->equals($another); # true
$other->equals($another); # false
# ...

# Check token expiry
$token = (new Token())->expiresIn( 2 );

$token->isExpired(); # false

sleep(3);

$token->isExpired(); # true

Using the Feedback class for form messages

<?php declare(strict_types=1);

namespace MyVendor\MyProject;

use IceHawk\Forms\Feedback;

# Create a new feedback with default severity (Feedback::ERROR)
$feedback = new Feedback( 'message' );

# Create a new feedback with explicit severity
# Available severities: Feedback::ERROR (default), Feedback::WARNING, Feedback::NOTICE, Feedback::SUCCESS, Feedback::NONE 
$feedback = new Feedback( 'message', Feedback::WARNING );

# Retrieve feedback message
$message = $feedback->getMessage();

# Retrieve feedback severity
$severity = $feedback->getSeverity();

Using the Form class

The Form is an aggregating object to be stored in session for securely exchanging form data and feedback between read and write side of a web application.

<?php declare(strict_types=1);

namespace MyVendor\MyProject;

use IceHawk\Forms\Form;
use IceHawk\Forms\FormId;
use IceHawk\Forms\Feedback;
use IceHawk\Forms\Security\Token;

# Create a new instance identified by a form ID
$form = new Form( new FormId( 'myForm' ) );

# Check if form has already data set
if ( $form->wasDataSet() )
{
    # Set up some default data (single)
    $form->set( 'username', 'johndoe' );

    # Set up some default data (multiple)
    $form->setData(
        [
            'firstname' => 'John',
            'lastname'  => 'Doe',
        ]
    );
}

# Retrieve the initially set CSRF token
$token = $form->getToken();

# Renew the CSRF token (Default Token class is used, see above)
$form->renewToken();

# Renew the CSRF token with expiry in 10 minutes
$form->renewToken( (new Token())->expiresIn( 600 ) );

# Renew the CSRF token with own token implementation
# Token implementation must follow the \IceHawk\Forms\Interfaces\IdentifiesFormRequestSource interface
$form->renewToken( new MyToken() );

# Check if CSRF token is valid (boolean)
# Checks token string and expiry
$token = Token::fromString( $_POST['token'] );
$form->isTokenValid( $token );

# Check if CSRF token is valid (throws exceptions)
# Checks token string and expiry
# Throws \IceHawk\Forms\Excpetion\TokenMismatch, if token string does not match
# Throws \IceHawk\Forms\Excpetion\TokenHasExpired, if token has expired
$token = Token::fromString( $_POST['token'] );
$form->guardTokenIsValid( $token );

# Check if token is expired
$form->hasTokenExpired();

# Check if a key isset
$form->isset( 'username' );

# Retrieve single value
# Returns NULL, if the key was not set
$username = $form->get( 'username' );

# Retrieve all values incl. keys (assoc. array)
$formData = $form->getData();

# Unset a value
$form->unset( 'username' );

# Add single feedback (using default \IceHawk\Forms\Feedback class)
# Feedback can but must not be bound to data keys
# Feedback::ERROR is the default severity
$form->addFeedback( 'username', new Feedback( 'Username is invalid', Feedback::ERROR );

# Add multiple feedbacks (using default \IceHawk\Forms\Feedback class)
$form->addFeedbacks(
    [
        'general'  => new Feedback( 'Some errors occurred.', Feedback::WARNING ),
        'username' => new Feedback( 'Username is invalid.', Feedback::ERROR ),
    ]
);

# Add feedback with own feedback implementation
# Feedback implementation must follow the \IceHawk\Forms\Interfaces\ProvidesFeedback interface
$form->addFeedback( 'firstname', new MyFeedback( 'Firstname is invalid.' ) );

# Check for feedbacks
$form->hasFeedbacks(); # true

# Check for single feedback
if ( $form->hasFeedback( 'username' ) )
{
    # Retrieve single feedback
    $usernameFeedback = $form->getFeedback( 'username' );
}

# Retrieve all feedbacks
$feedbacks = $form->getFeedbacks();

# Retrive feedbacks filtered by keys
$filteredFeedbacks = $form->getFeedbacks(
    function( ProvidesFeedback $feedback, string $key )
    {
        return ($key == 'general');  
    }
);

# Retrive feedbacks filtered by severity
$filteredFeedbacks = $form->getFeedbacks(
    function( ProvidesFeedback $feedback )
    {
        return ($feedback->getSeverity() == Feedback::ERROR);
    }
);

# Retrieve an empty feedback for a key that was not set
# Returns new Feedback( '', Feedback::NONE );
$emptyFeedback = $form->getFeedback( 'email' );

# Reset all feedbacks
$form->resetFeedbacks();

# Reset the form to initial state and renew CSRF token
$form->reset();