PUBLIC void form(EdiRec *record, cchar *optionString) { HttpConn *conn; MprHash *options; cchar *action, *recid, *method, *uri, *token; conn = getConn(); if (record == 0) { record = getRec(); } else { conn->record = record; } options = httpGetOptions(optionString); recid = 0; /* If record provided, get the record id. Can be overridden using options.recid */ if (record) { if (record->id && !httpGetOption(options, "recid", 0)) { httpAddOption(options, "recid", record->id); } recid = httpGetOption(options, "recid", 0); emitFormErrors(conn, record, options); } if ((method = httpGetOption(options, "method", 0)) == 0) { method = (recid) ? "PUT" : "POST"; } if (!scaselessmatch(method, "GET") && !scaselessmatch(method, "POST")) { /* All methods use POST and tunnel method in data-method */ httpAddOption(options, EDATA("method"), method); method = "POST"; } if ((action = httpGetOption(options, "action", 0)) == 0) { action = (recid) ? "@update" : "@create"; } uri = httpUri(conn, action); if (smatch(httpGetOption(options, "remote", 0), "true")) { espRender(conn, "<form method='%s' " EDATA("remote") "='%s'%s >\r\n", method, uri, map(conn, options)); } else { espRender(conn, "<form method='%s' action='%s'%s >\r\n", method, uri, map(conn, options)); } if (recid) { espRender(conn, " <input name='recid' type='hidden' value='%s' />\r\n", recid); } if (!httpGetOption(options, "insecure", 0)) { if ((token = httpGetOption(options, "securityToken", 0)) == 0) { token = httpGetSecurityToken(conn, 0); } espRender(conn, " <input name='%s' type='hidden' value='%s' />\r\n", BIT_XSRF_PARAM, token); } }
PUBLIC cchar *getSecurityToken() { return httpGetSecurityToken(getStream(), 0); }
PUBLIC cchar *espGetSecurityToken(HttpConn *conn) { return httpGetSecurityToken(conn); }