dolibarr 21.0.0-alpha
ajaxtooltip.php
Go to the documentation of this file.
1<?php
2/* Copyright (C) 2007-2023 Laurent Destailleur <eldy@users.sourceforge.net>
3 * Copyright (C) 2018-2023 Frédéric France <frederic.france@netlogic.fr>
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 3 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with this program. If not, see <https://www.gnu.org/licenses/>.
17 */
18
25if (!defined('NOTOKENRENEWAL')) {
26 define('NOTOKENRENEWAL', 1); // Disables token renewal
27}
28if (!defined('NOREQUIREMENU')) {
29 define('NOREQUIREMENU', '1');
30}
31if (!defined('NOREQUIREHTML')) {
32 define('NOREQUIREHTML', '1');
33}
34if (!defined('NOREQUIREAJAX')) {
35 define('NOREQUIREAJAX', '1');
36}
37if (!defined('NOHEADERNOFOOTER')) {
38 define('NOHEADERNOFOOTER', '1');
39}
40
41include '../../main.inc.php';
42include_once DOL_DOCUMENT_ROOT.'/core/class/html.form.class.php';
43
44
45$id = GETPOST('id', 'aZ09');
46$objecttype = GETPOST('objecttype', 'aZ09arobase'); // 'module' or 'myobject@mymodule', 'mymodule_myobject'
47
48$params = array('fromajaxtooltip' => 1);
49if (GETPOSTISSET('infologin')) {
50 $params['infologin'] = GETPOSTINT('infologin');
51}
52if (GETPOSTISSET('option')) {
53 $params['option'] = GETPOST('option', 'restricthtml');
54}
55
56// Load object according to $element
57$object = fetchObjectByElement($id, $objecttype);
58if (empty($object->element)) {
59 httponly_accessforbidden('Failed to get object with fetchObjectByElement(id='.$id.', objecttype='.$objecttype.')');
60}
61
62$module = $object->module;
63$element = $object->element;
64
65$usesublevelpermission = ($module != $element ? $element : '');
66if ($usesublevelpermission && !$user->hasRight($module, $element)) { // There is no permission on object defined, we will check permission on module directly
67 $usesublevelpermission = '';
68}
69
70//print $object->id.' - '.$object->module.' - '.$object->element.' - '.$object->table_element.' - '.$usesublevelpermission."\n";
71
72// Security check
73restrictedArea($user, $object->module, $object, $object->table_element, $usesublevelpermission);
74
75
76/*
77 * View
78 */
79
80top_httphead();
81
82$html = '';
83
84if (is_object($object)) {
85 if ($object->id > 0 || !empty($object->ref)) {
87 $html = $object->getTooltipContent($params);
88 } elseif ($id > 0) {
89 $html = $langs->trans('Deleted');
90 }
91 unset($object);
92}
93
94print $html;
95
96$db->close();
$object
if( $user->socid > 0) if(! $user->hasRight('accounting', 'chartofaccount')) $object
Definition card.php:58
GETPOSTINT
GETPOSTINT($paramname, $method=0)
Return the value of a $_GET or $_POST supervariable, converted into integer.
Definition functions.lib.php:1075
GETPOST
GETPOST($paramname, $check='alphanohtml', $method=0, $filter=null, $options=null, $noreplace=0)
Return value of a param into GET or POST supervariable.
Definition functions.lib.php:752
fetchObjectByElement
fetchObjectByElement($element_id, $element_type, $element_ref='', $useCache=0, $maxCacheByType=10)
Fetch an object from its id and element_type Inclusion of classes is automatic.
Definition functions.lib.php:12906
top_httphead
if(!defined( 'NOREQUIREMENU')) if(!empty(GETPOST('seteventmessages', 'alpha'))) if(!function_exists("llxHeader")) top_httphead($contenttype='text/html', $forcenocache=0)
Show HTTP header.
Definition main.inc.php:1657
httponly_accessforbidden
httponly_accessforbidden($message='1', $http_response_code=403, $stringalreadysanitized=0)
Show a message to say access is forbidden and stop program.
Definition security.lib.php:1177
restrictedArea
restrictedArea(User $user, $features, $object=0, $tableandshare='', $feature2='', $dbt_keyfield='fk_soc', $dbt_select='rowid', $isdraft=0, $mode=0)
Check permissions of a user to show a page and an object.
Definition security.lib.php:365
Generated on Mon Jul 22 2024 11:15:15 for dolibarr by Doxygen 1.11.0