/// <summary>Writes an opening <form> tag to the response. The form uses the POST method, and the request is processed by the action method for the view.</summary>
/// <returns>An opening <form> tag. </returns>
/// <param name="htmlHelper">The HTML helper instance that this method extends.</param>
public static MvcForm BeginFormWithXsrf(this HtmlHelper htmlHelper)
{
var mvcForm = htmlHelper.BeginForm();
htmlHelper.ViewContext.Writer.Write(htmlHelper.AntiForgeryToken().ToHtmlString());
return(mvcForm);
}
/// <summary>Writes an opening <form> tag to the response, and sets the action tag to the specified controller, action, and route values from the route value dictionary. The form uses the specified HTTP method, and includes the HTML attributes from the dictionary. If method is not GET, then anti-forgery token will be generated.</summary>
/// <returns>An opening <form> tag.</returns>
/// <param name="htmlHelper">The HTML helper instance that this method extends.</param>
/// <param name="actionName">The name of the action method.</param>
/// <param name="controllerName">The name of the controller.</param>
/// <param name="routeValues">An object that contains the parameters for a route.</param>
/// <param name="method">The HTTP method for processing the form, either GET or POST.</param>
/// <param name="htmlAttributes">An object that contains the HTML attributes to set for the element.</param>
public static MvcForm BeginFormGeneral(this HtmlHelper htmlHelper, string actionName, string controllerName, RouteValueDictionary routeValues, FormMethod method, IDictionary <string, object> htmlAttributes)
{
var routes = GetRoutes(actionName, controllerName, routeValues);
var mvcForm = htmlHelper.BeginForm(Convert.ToString(routes["action"]), Convert.ToString(routes["controller"]), routes, method, htmlAttributes);
if (method != FormMethod.Get)
{
htmlHelper.ViewContext.Writer.Write(htmlHelper.AntiForgeryToken().ToHtmlString());
}
return(mvcForm);
}
public static MvcForm BeginSecureForm(this HtmlHelper htmlHelper,
string actionName, string controllerName)
{
TagBuilder tagBuilder = new TagBuilder("form");
tagBuilder.MergeAttribute("action",
UrlHelper.GenerateUrl(null, actionName, controllerName, new RouteValueDictionary(),
htmlHelper.RouteCollection, htmlHelper.ViewContext.RequestContext, true));
tagBuilder.MergeAttribute("method", "POST", true);
htmlHelper.ViewContext.Writer.Write(tagBuilder.ToString(TagRenderMode.StartTag));
htmlHelper.ViewContext.Writer.Write(htmlHelper.AntiForgeryToken().ToHtmlString());
var theForm = new MvcForm(htmlHelper.ViewContext);
return(theForm);
}
