Skip to content


This document contains a list of Formr's public properties.


The form's action. Formr will automatically insert the current script's filename into the <form> tag unless you set this property to something else. Typically used with fastform().

Set the form's action to login.php

$form->action = 'login.php';
Produces the following HTML
<form action="login.php" method="post" accept-charset="utf-8">


Formr's default character set is UTF-8, however, you can easily change this to something else, such as Latin-1.

Set the form's charset to Latin-1

$form->charset = 'Latin-1';


An array containing all of the CSS classes used in Formr, which you can easily set when instantiating a new form. You can also create your own wrappers and save them in your own wrapper class.

Change the default text error class

$form->controls['text-error'] = 'my-error-class';


Works in conjunction with the post() method and tells Formr to suppress the default validation messages and only show your own custom message.

The following example will only display the error message: "Please enter your email" upon validation error of the email field.

Only show custom error messages

$form->custom_validation_messages = true;
$form->post('email', 'Email|Please enter your email', 'valid_email');


Allows you to choose how you want to format your dates when using the before and after validation rules. Default is 'M d, Y',


$form->format_rule_dates = 'Y-m-d';


Adds a hidden "honeypot" field to the form, which is useful in preventing bots from hijacking the form by killing the script if the field was filled.


$form->honeypot = 'your_email_address_here';
Produces the following HTML
<input type="text" name="your_email_address_here" value="" style="display:none">


Formr will clean any text passed through the validate(), fastpost(), post() and get() methods using a combination of strip_tags() and FILTER_SANITIZE_SPECIAL_CHARS.

However, if you want to go deeper, you can easily use HTML Purifier. Just set the full path to your HTML Purifier script and Formr will do the rest.

Set the path to HTML Purifier

$form->html_purifier = '/home/mysite/htdocs/lib/HTMLPurifier.standalone.php';


Sets the ID of the form. You most likely will not need this as you can set the ID when creating the form, but it's here if you do.

Set the form's ID

$form->id = 'MyForm';


Use this property to pass a formatted info message through the messages() method.

Adding an info message

$form->info_message = 'This is an information message';
Produces the following HTML
<div class="alert-info" role="alert">
    This is an information message

You can also pass a heading to your message by adding a pipe character between the message and heading.

Adding an info message with a heading

$form->info_message = 'This is an information message|Did You Know?';
Produces the following HTML
<div class="alert-info" role="alert">
    <h4>Did You Know?</h4>
    This is an information message


Boolean. Default is FALSE. Turns off textual error messages and, if you use the following CSS, inserts a small PNG (not included) to the right of the form field.

Add an image to the right of the form field

$form->inline_errors = true;
CSS class and example code to show the "warning" PNG
.inline-error {
    float: left;
    width: 24px;
    height: 24px;
    background: url('../img/invalid.png') no-repeat 4px 4px;


Sets the CSS class name if you're using inline error reporting. Default class is named inline-error.

inline_errors_class example

$form->inline_errors_class = 'my-inline-error-class';

Boolean. This property inserts an anchor link in the error message that then links to its corresponding form field in the form, handy if you have very long forms and there's a lot of scrolling. Note: the form field's name and ID attributes must be the same for this to work.

Enable linking to errors

$form->link_errors = true;


The form's method. Formr will automatically insert <form method="post"> into the <form> tag unless you set this property to something else. Typically used with fastform().

Set the form's method to GET

$form->method = 'GET';
Produces the following HTML
<form action="/index.php" method="GET" accept-charset="utf-8">


Boolean. Setting this to TRUE will remove all formatting and minify your output.


$form->minify = true;


Sets the name of the form. You probably won't need this but it's here if you do.

Setting the form's name to "cheese"

$form->name = 'cheese';
Produces the following HTML
<form action="foo.php" name="cheese" method="post" accept-charset="utf-8">


The default score for Google's reCAPTCHA is 0.5. Use this property to change that value.


Your Google reCAPTCHA secret key, which can be obtained here.


Your Google reCAPTCHA site key, which can be obtained here.


Formr enables you to easily make one field required, all fields required, or all but one field required. The $form->required property is global, which means that you don't have to mark each and every form field, form label and POST validation rule to "required"… instead, you supply the required field names to this property and Formr will handle everything for you automatically!

You can also omit fields from being required, which can be a huge time saver because using omitted fields will automatically make all other fields in the form required!

  1. To make a field required, just add it to the $form->required property.
  2. To make all fields required, instead of adding all field names, just add an asterisk (*).
  3. To omit fields, just wrap the omitted field name in parenthesis ().

Make fname, lname, and email Required

$form->required = 'fname,lname,email';

Make all Form Fields Required

$form->required = '*';

Make All Form Fields Required Except for fname

$form->required = '(fname)';

Require All Form Fields Except lname and country

$form->required = '(lname),(country)';


Inserts a visual representation inside the <label> tag to let the user know the field is required. You can set this to whatever you like during instantiation, or leave it at the default (empty) value.


$form->required = 'username';
$form->required_indicator = '*';
Produces the following HTML
<label for="username">Username*</label> 
<input type="text" name="username" id="username" required> 


Will pass any $_POST values through PHP's FILTER_SANITIZE_SPECIAL_CHARS filter. Disabled by default.


$form->sanitize_html = true;


Add a custom salt when hashing passwords.


$form->salt = '12wSkie93lekLCldkx,39cjwlg0374hflwshrp';


Automatically puts all submitted form values into a $_SESSION array. Handy for multi-page forms or if a user submits a form and then refreshes the page.


$form->session = 'myForm';



// give our session a name
$form->session = 'myForm';

if ($form->submitted()) {
    $fname = $form->post('fname');
    $lname = $form->post('lname');
    $email = $form->post('email');

Produces somerthing like the following
    [myForm] => Array
            [fname] => John
            [lname] => Wick
            [email] =>


You must add session_start() to the top of your script, then pass the $_POST values through the fastpost(), post() or validate() methods or the $_SESSIONdata will not be set.


Boolean. Will automatically populate all form fields with that field's corresponding value in the $_SESSION.


$form->session_values = true;

Use the $_SESSION values for all form fields

$form->session_values = true;

Prevent the automatic use of the $_SESSIONvalue by entering a value in the value parameter.

Preventing the $_SESSION value for a field

$form->input_text('lname', 'Last name', $lname)

Manually adding the $_SESSION value for a field

$form->input_text('lname', 'Last name', $_SESSION[$form->session]['lname'])


Enabling this property will apply the valid Bootstrap or Bulma CSS classes to your fields upon form submission.


$form->show_valid = true;

Produces something like the following...

<div id="_name" class="form-group">
    <label class="control-label" for="name">Name</label>
    <input type="text" name="name" id="name" class="form-control is-valid">


The submit button's value as a string. If you don't set this Formr will automatically insert value="Submit" into the submit button. You'll probably never use this, but it's here if you need it.


$form->submit = 'Submit Me, Jerk!';
Produces the following HTML
<input type="submit" name="submit" value="Submit Me, Jerk!" id="submit">


Identical to $info_message except the enclosing <div> is formatted as a success message.


Identical to $info_message except the enclosing <div> is formatted as a warning message.


Specifies the full path to your upload directory.


$form->upload_dir = '/htdocs/uploads/';


Lets you specify the types of files you will allow for upload to your server. Enter each file extension separated by a comma.

Specifying the Accepted Upload File Types

$form->upload_accepted_types = 'jpg,jpeg,gif,png';
You can also just enter the string images and Formr will automatically allow JPG, GIF, and PNG files.
$form->upload_accepted_types = 'images';


Same as upload_accepted_types but more secure. Instead of checking the file's extension it checks the file's mime type.

Specifying the Accepted Upload MIME Types

$form->upload_accepted_mimes = 'image/jpg,image/jpeg,image/gif,image/png';
You can also just enter the string images and Formr will automatically allow JPG, GIF, and PNG files.
$form->upload_accepted_mimes = 'images';


Maximum allowed size of the uploaded file, measured in bytes. Default is 2MB.


$form->upload_max_filesize = 3145728; // 3145728 bytes = 3MB


Lets you rename the file after its been uploaded.

Rename the file with a 32 character random hash

$form->upload_rename = 'hash';

Will produce something like


Rename the file with a 12 character hash

$form->upload_rename = 'hash[12]';

Will produce something like


Rename the file with a UNIZ timestamp

$form->upload_rename = 'timestamp';

Will produce something like


Prepend a string onto the original filename

$form->upload_rename = 'prepend[my-file-]';

Will produce something like


Rename the file with a string

$form->upload_rename = 'string[myFilename]';

Will produce



Allows you to resize your uploaded images.

  1. The required first parameter contains the max width of the resized image.
  2. The required second parameter contains the max height of the resized image.
  3. The optional third parameter adds a string to the beginning of the file name.
  4. The optional fourth parameter specifies the upload directory if one hasn't been specified in upload_dir.
  5. The optional fifth parameter contains the quality of the resized image. Default is 80%. JPG only.

Resize the uploaded file to 150px x 150px

$form->upload_resize = array('resize' => '150,150');

The $upload_resize property will also accept an array as its value. The array key is the name of the process and can be anything you like, such as: "thumbnail", "avatar", "large_image", etc.

The array values are a simple string, and tell Formr what to do with the image. Each array key/value pair will perform a resize process on the uploaded image, so if you want to resize it 10 times, just add 10 key/value pairs.

Let's resize the uploaded image 3 times, for a total of 4 images; the original upload, and our three resized images.

  1. The first key will create an image with a max width and height of 600 pixels and be saved into the large directory.
  2. The second key will create an image with a max width and height of 100 pixels, will have the filename prepended with tn_, be saved into the thumbnail directory and have a JPG quality of 90%.
  3. The third key will create an image with a max width and height of 64 pixels and be saved put it into the avatars directory.

Resize images with an array

$resize = [
    'large' => '600,600,,/www/formr/uploads/large/',
    'thumbnail' => '100,100,tn_,/www/formr/uploads/thumbnails/,90',
    'avatar' => '64,64,,/www/formr/uploads/avatars/'

$form->upload_resize = $resize;


Set this to FALSE if you're using a third-party upload script to upload your files.


$form->uploads = false;