protected FormBuilder::valueCallableIsSafe(callable $value_callable)
Helper function to normalize the different callable formats.
callable $value_callable: The callable to be checked.
bool TRUE if the callable is safe even if the CSRF token is invalid, FALSE otherwise.
protected function valueCallableIsSafe(callable $value_callable) {
// The same static class method callable may be formatted in two array and
// two string forms:
// ['\Classname', 'methodname']
// ['Classname', 'methodname']
// '\Classname::methodname'
// 'Classname::methodname'
if (is_callable($value_callable, FALSE, $callable_name)) {
// The third parameter of is_callable() is set to a string form, but we
// still have to normalize further by stripping a leading '\'.
return in_array(ltrim($callable_name, '\\'), $this->safeCoreValueCallables);
}
return FALSE;
}
© 2001–2016 by the original authors
Licensed under the GNU General Public License, version 2 and later.
Drupal is a registered trademark of Dries Buytaert.
https://api.drupal.org/api/drupal/core!lib!Drupal!Core!Form!FormBuilder.php/function/FormBuilder::valueCallableIsSafe/8.1.x