Building Forms

Contents

Note: All input data displayed in form elements is filtered through the HTML::entities method.

Opening A Form

Opening a form to POST to the current URL:

echo Form::open();

Opening a form using a given URI and request method:

echo Form::open('user/profile', 'PUT');

Opening a Form that POSTS to a HTTPS URL:

echo Form::open_secure('user/profile');

Specifying extra HTML attributes on a form open tag:

echo Form::open('user/profile', 'POST', array('class' => 'awesome'));

Opening a form that accepts file uploads:

echo Form::open_for_files('users/profile');

Opening a form that accepts file uploads and uses HTTPS:

echo Form::open_secure_for_files('users/profile');

Closing a form:

echo Form::close();

CSRF Protection

Laravel provides an easy method of protecting your application from cross-site request forgeries. First, a random token is placed in your user's session. Don't sweat it, this is done automatically. Next, use the token method to generate a hidden form input field containing the random token on your form:

Generating a hidden field containing the session's CSRF token:

echo Form::token();

Attaching the CSRF filter to a route:

Route::post('profile', array('before' => 'csrf', function()
{
    //
}));

Retrieving the CSRF token string:

$token = Session::token();

Note: You must specify a session driver before using the Laravel CSRF protection facilities.

Further Reading:

Labels

Generating a label element:

echo Form::label('email', 'E-Mail Address');

Specifying extra HTML attributes for a label:

echo Form::label('email', 'E-Mail Address', array('class' => 'awesome'));

Turning off HTML escaping of label contents:

echo Form::label('confirm', 'Are you <strong>sure</strong> you want to proceed?', null, false);

You can pass false as the optional fourth argument to disable automatic HTML escaping of the label content.

Note: After creating a label, any form element you create with a name matching the label name will automatically receive an ID matching the label name as well.

Text, Text Area, Password & Hidden Fields

Generate a text input element:

echo Form::text('username');

Specifying a default value for a text input element:

echo Form::text('email', 'example@gmail.com');

Note: The hidden and textarea methods have the same signature as the text method. You just learned three methods for the price of one!

Generating a password input element:

echo Form::password('password');

Checkboxes and Radio Buttons

Generating a checkbox input element:

echo Form::checkbox('name', 'value');

Generating a checkbox that is checked by default:

echo Form::checkbox('name', 'value', true);

Note: The radio method has the same signature as the checkbox method. Two for one!

File Input

Generate a file input element:

echo Form::file('image');

Drop-Down Lists

Generating a drop-down list from an array of items:

echo Form::select('size', array('L' => 'Large', 'S' => 'Small'));

Generating a drop-down list with an item selected by default:

echo Form::select('size', array('L' => 'Large', 'S' => 'Small'), 'S');

Buttons

Generating a submit button element:

echo Form::submit('Click Me!');

Note: Need to create a button element? Try the button method. It has the same signature as submit.

Custom Macros

It's easy to define your own custom Form class helpers called "macros". Here's how it works. First, simply register the macro with a given name and a Closure:

Registering a Form macro:

Form::macro('my_field', function()
{
    return '<input type="awesome">';
});

Now you can call your macro using its name:

Calling a custom Form macro:

echo Form::my_field();