Abstract
Drupal 4.7 and later feature an application programming interface (API) for generating, validating, and processing HTML forms. The form API abstracts forms into a nested array of properties and values. The array is then rendered by the form-rendering engine at the appropriate time while a page is being generated. There are several implications of this approach:
-
• Rather than output HTML, we create an array and let the engine generate the HTML.
-
• Since we are dealing with a representation of the form as structured data, we can add, delete, reorder, and change forms. This is especially handy when you want to modify a form created by a different module in a clean and unobtrusive way.
-
• Any form element can be mapped to any theme function.
-
• Additional form validation or processing can be added to any form.
-
• Operations with forms are protected against form injection attacks, where a user modifies a form and then tries to submit it.
-
• The learning curve for using forms is a little steeper!
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Rights and permissions
Copyright information
© 2007 John K. VanDyk and Matt Westgate
About this chapter
Cite this chapter
(2007). The Form API. In: Pro Drupal Development. Apress. https://doi.org/10.1007/978-1-4302-0190-8_10
Download citation
DOI: https://doi.org/10.1007/978-1-4302-0190-8_10
Publisher Name: Apress
Print ISBN: 978-1-59059-755-2
Online ISBN: 978-1-4302-0190-8
eBook Packages: Professional and Applied ComputingProfessional and Applied Computing (R0)Apress Access Books