form_hidden()
function form_hidden(string $name, string|int|float|null $value = null, array $attributes = []): string
Description
Generates a hidden input field for storing data that should not be visible to users but is submitted with the form.
Parameters
| Parameter | Type | Description |
|---|---|---|
| $name | string | The name attribute for the input element. |
| $value | string|int|float|null | (optional) The value to be submitted with the form. |
| $attributes | array | (optional) HTML attributes for the input element. Defaults to an empty array ([]). |
Return Value
| Type | Description |
|---|---|
| string | An HTML hidden input element. |
Example #1: Basic Hidden Field
PHP
echo form_hidden('update_id', 123);
// Output:
// <input type="hidden" name="update_id" value="123">Example #2: Hidden Field for User ID
PHP
$user_id = $_SESSION['user_id'] ?? 0;
echo form_hidden('user_id', $user_id);
// Output (when user_id = 42):
// <input type="hidden" name="user_id" value="42">Example #3: Multiple Hidden Fields
PHP
// Common pattern for edit forms
echo form_hidden('update_id', $update_id);
echo form_hidden('original_title', $original_title);
echo form_hidden('csrf_token', $_SESSION['csrf_token']);Security: Hidden fields are visible in page source. Never store sensitive data like passwords.
Notes
- Hidden fields are not displayed to users but are included in form submissions.
- Common uses: CSRF tokens, record IDs, tracking data, preserving state between requests.
- Values can be strings, integers, or floats - all are converted to strings in HTML.
- Access submitted values with
post('field_name', true). - For sensitive data, use session variables instead of hidden fields.