PHPackages naucon/form - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Utility & Helpers](/categories/utility) 4. / 5. naucon/form ActiveLibrary[Utility & Helpers](/categories/utility) naucon/form =========== The Package provides a form component for php to process and validate html forms. A form helper is also included to render your form in html markup (php oder smarty templates). 5.0.0(1y ago)513.0k—5.6%71MITPHPPHP ^8.1 Since May 25Pushed 1y ago1 watchersCompare [ Source](https://github.com/naucon/Form)[ Packagist](https://packagist.org/packages/naucon/form)[ Docs](https://github.com/naucon/Form)[ RSS](/packages/naucon-form/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (10)Dependencies (19)Versions (22)Used By (1) naucon Form Package =================== [](#naucon-form-package) About ----- [](#about) The Package provides a form component for php to process and validate html forms. A form helper is also included to render your form in html markup (php oder smarty templates). One of the most common tasks in a web developing are forms. This package helps you to process and validate forms in an easy way to maintain and secure. The package can be integrated into any php web application (min. php5.5+). ### Features [](#features) - Binding form data to an entity by getter and setter - validate form data by validation rule defined in the entity - secure forms with synchronizer token to prevent XSRF/CSRF vulnerabilities - support form collections - translate form labels and form violations - form helper to render html markup - rendering html forms with output filtering to prevent XSS vulnerabilities - smarty plugins for form helper ### Compatibility [](#compatibility) - PHP 7.1 - 7.4 Installation ------------ [](#installation) install the latest version via composer ``` composer require naucon/form ``` Examples -------- [](#examples) Start the build-in webserver to see the examples in action: ``` cd examples php -S 127.0.0.1:3000 ``` open url in browser ``` http://127.0.0.1:3000/index.html ``` Get Started ----------- [](#get-started) #### 1. Entity [](#1-entity) First we need an entity. The entity can be a plain php class with getter and setter. The attributes of the class have to be accessible through getters and setters or by being public. The submitted form data will be mapped to an instance of this entity. ``` ``` #### 3. XSRF/CSRF Protection [](#3-xsrfcsrf-protection) When `bind()` is submitted the data will only be processed if a synchronizer token (also called secure token or xsrf/csrf token) was submitted and is valid. This token prevents XSRF/CSRF attacks by setting a random token to the session when a form is presented. In the form the token is added to a hidden field. When the form data are submitted the token is part of the payload and will be compared to the previously stored token in the session. The binding will only be processed if these two token are identical. ```