function FormBuilder::valueCallableIsSafe

Same name in other branches
  1. 9 core/lib/Drupal/Core/Form/FormBuilder.php \Drupal\Core\Form\FormBuilder::valueCallableIsSafe()
  2. 10 core/lib/Drupal/Core/Form/FormBuilder.php \Drupal\Core\Form\FormBuilder::valueCallableIsSafe()
  3. 11.x core/lib/Drupal/Core/Form/FormBuilder.php \Drupal\Core\Form\FormBuilder::valueCallableIsSafe()

Helper function to normalize the different callable formats.

Parameters

callable $value_callable: The callable to be checked.

Return value

bool TRUE if the callable is safe even if the CSRF token is invalid, FALSE otherwise.

1 call to FormBuilder::valueCallableIsSafe()
FormBuilder::handleInputElement in core/lib/Drupal/Core/Form/FormBuilder.php
Adds the #name and #value properties of an input element before rendering.

File

core/lib/Drupal/Core/Form/FormBuilder.php, line 1158

Class

FormBuilder
Provides form building and processing.

Namespace

Drupal\Core\Form

Code

protected function valueCallableIsSafe(callable $value_callable) {
    if (is_callable($value_callable, FALSE, $callable_name)) {
        // The third parameter of is_callable() is set to a string form, but we
        // still have to normalize further by stripping a leading '\'.
        return in_array(ltrim($callable_name, '\\'), $this->safeCoreValueCallables);
    }
    return FALSE;
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.