MENU
Edit
In Place Editing Advanced Editing

FormValidator::validateForm

public FormValidator::validateForm($form_id, &$form, FormStateInterface &$form_state)

Validates user-submitted form data in the $form_state.

Parameters

$form_id: A unique string identifying the form for validation, submission, theming, and hook_form_alter functions.

$form: An associative array containing the structure of the form, which is passed by reference. Form validation handlers are able to alter the form structure (like #process and #after_build callbacks during form building) in case of a validation error. If a validation handler alters the form structure, it is responsible for validating the values of changed form elements in $form_state->getValues() to prevent form submit handlers from receiving unvalidated values.

$form_state: The current state of the form. The current user-submitted data is stored in $form_state->getValues(), though form validation functions are passed an explicit copy of the values for the sake of simplicity. Validation handlers can also use $form_state to pass information on to submit handlers. For example: $form_state->set('data_for_submission', $data); This technique is useful when validation requires file parsing, web service requests, or other expensive requests that should not be repeated in the submission step.

Overrides FormValidatorInterface::validateForm

File

core/lib/Drupal/Core/Form/FormValidator.php, line 90

Class

FormValidator
Provides validation of form submissions.

Namespace

Drupal\Core\Form

Code

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
public function validateForm($form_id, &$form, FormStateInterface &$form_state) {
  // If this form is flagged to always validate, ensure that previous runs of
  // validation are ignored.
  if ($form_state->isValidationEnforced()) {
    $form_state->setValidationComplete(FALSE);
  }
 
  // If this form has completed validation, do not validate again.
  if ($form_state->isValidationComplete()) {
    return;
  }
 
  // If the session token was set by self::prepareForm(), ensure that it
  // matches the current user's session. This is duplicate to code in
  // FormBuilder::doBuildForm() but left to protect any custom form handling
  // code.
  if (isset($form['#token'])) {
    if (!$this->csrfToken->validate($form_state->getValue('form_token'), $form['#token']) || $form_state->hasInvalidToken()) {
      $this->setInvalidTokenError($form_state);
 
      // Stop here and don't run any further validation handlers, because they
      // could invoke non-safe operations which opens the door for CSRF
      // vulnerabilities.
      $this->finalizeValidation($form, $form_state, $form_id);
      return;
    }
  }
 
  // Recursively validate each form element.
  $this->doValidateForm($form, $form_state, $form_id);
  $this->finalizeValidation($form, $form_state, $form_id);
  $this->handleErrorsWithLimitedValidation($form, $form_state, $form_id);
}
doc_Drupal
doc_Drupal
2025-01-10 15:47:30
Comments
Leave a Comment

Please login to continue.