$form = '<form action="' .
$action . '"' .
$attributes . ">\n";
// Add CSRF field if enabled, but leave it out for GET requests and requests to external websites
$before = Services::
filters()->
getFilters()['before'
];
if ((in_array('csrf',
$before, true
) ||
array_key_exists('csrf',
$before)) &&
strpos($action,
base_url()) !== false && !
stripos($form, 'method="get"'
)) { $form .=
csrf_field($csrfId ?? null
);
} foreach ($hidden as $name =>
$value) { $form .=
form_hidden($name,
$value);
} return $form;
}}if (!
function_exists('form_open_multipart'
)) { /**
* Form Declaration - Multipart type
*
* Creates the opening portion of the form, but with "multipart/form-data".
*
* @param string $action The URI segments of the form destination
* @param array|string $attributes A key/value pair of attributes, or the same as a string
* @param array $hidden A key/value pair hidden data
*/