Form handling done the NixPHP way — minimal, secure, and intuitive.
This plugin provides form memory helpers and CSRF protection for your NixPHP application. It integrates seamlessly and requires no configuration.
🧩 Part of the official NixPHP plugin collection. Install it when you need to handle form input and secure POST requests — nothing more.
- ✅ Form input memory: preserve user data between requests
- ✅ CSRF protection: validated automatically before controller calls
- ✅ Works out of the box, no configuration needed
- ✅ Clean view helpers for error display
- ✅ Registers its listener via plugin bootstrap
composer require nixphp/formThat’s it. The plugin will be autoloaded and ready to use.
Use the memory() helper in your views to repopulate form fields:
<input type="text" name="email" value="<?= memory('email') ?>">It automatically remembers the previous input after validation or redirects.
You can also check for general errors using:
<?php if (formError('email')): ?>
<p class="error"><?= formError('email') ?></p>
<?php endif; ?>CSRF validation is triggered automatically for POST, PUT, and DELETE requests
(unless the request contains an Authorization header).
To protect your forms, include a CSRF token:
<form method="post">
<input type="hidden" name="_csrf" value="<?= guard()->csrf()->generate() ?>">
<!-- other fields -->
</form>This will be validated before any controller logic is executed.
If the token is missing or invalid, a 400 error is returned.
- The plugin registers a listener to the
controller.callingevent to validate CSRF tokens. - It also extends the
guard()service to include acsrf()method. - View helpers like
formError()andmemory()are automatically available.
nixphp/framework>= 1.0nixphp/session(required for CSRF and memory state)
MIT License.