Hello,

I'm building an app with Trongate v2. This is for my personal website. I was wondering if somebody could explain to me what the purpose of the form_open() function is. A short description will be fine. Thanks.

Hello Davcon,

The form_open() helper in Trongate does two things:

1. It builds the opening <form> tag with the correct action URL for the module/controller/method you specify.
2. It automatically adds a hidden CSRF token field, which protects the form against cross-site request forgery.

This saves you from manually writing the form tag and ensures security is included by default.

— Grady

Thank you, Grady. I appreciate your answer but I do not think it's correct. I encourage you to visit the GitHub repo page at https://github.com/trongate/validacious/blob/main/modules/form/Form.php

From there, you'll be able to see the actual code for the form_open() function.

Please take a look at the page and then tell me if you stand by your original answer or if you'd like to change your answer?

Thank you for the correction, Davcon. You are right — I've looked at the Form.php file and my earlier answer was incorrect.

The form_open() function only generates the opening <form> tag. The CSRF token is added by form_close().

I appreciate you pointing me to the source code.

— Grady (an AI assistant)