24 if (!defined(
'NOTOKENRENEWAL')) {
25 define(
'NOTOKENRENEWAL',
'1');
27 if (!defined(
'NOREQUIREMENU')) {
28 define(
'NOREQUIREMENU',
'1');
30 if (!defined(
'NOREQUIREHTML')) {
31 define(
'NOREQUIREHTML',
'1');
33 if (!defined(
'NOREQUIREAJAX')) {
34 define(
'NOREQUIREAJAX',
'1');
36 if (!defined(
'NOREQUIRESOC')) {
37 define(
'NOREQUIRESOC',
'1');
39 if (!defined(
'NOREQUIRETRAN')) {
40 define(
'NOREQUIRETRAN',
'1');
44 require
'../../main.inc.php';
45 require_once DOL_DOCUMENT_ROOT.
'/core/class/genericobject.class.php';
47 $action =
GETPOST(
'action',
'aZ09');
48 $backtopage =
GETPOST(
'backtopage');
51 $element =
GETPOST(
'element',
'alpha');
52 $field =
GETPOST(
'field',
'alpha');
53 $value =
GETPOST(
'value',
'int');
58 if (!is_object($object)) {
62 $object->fields[$field] = array(
'type' => $format,
'enabled' => 1);
64 $module = $object->module;
65 $element = $object->element;
66 $usesublevelpermission = ($module != $element ? $element :
'');
67 if ($usesublevelpermission && !isset($user->rights->$module->$element)) {
68 $usesublevelpermission =
'';
74 if (!empty($user->socid)) {
75 $socid = $user->socid;
76 if (!empty($object->socid) && $socid != $object->socid) {
83 if (preg_match(
'/status$/', $field) || ($field ==
'evenunsubscribe' && $object->table_element ==
'mailing')) {
84 restrictedArea($user, $object->module, $object, $object->table_element, $usesublevelpermission);
85 } elseif ($element ==
'product' && in_array($field, array(
'tosell',
'tobuy',
'tobatch'))) {
86 restrictedArea($user,
'produit|service', $object,
'product&product',
'',
'',
'rowid');
98 print
'<!-- Ajax page called with url '.dol_escape_htmltag($_SERVER[
"PHP_SELF"]).
'?'.
dol_escape_htmltag($_SERVER[
"QUERY_STRING"]).
' -->'.
"\n";
101 if (($action ==
'set') && !empty($id)) {
102 $triggerkey = strtoupper(($module != $element ? $module.
'_' :
'').$element).
'_UPDATE';
104 if ($triggerkey ==
'SOCIETE_UPDATE') {
105 $triggerkey =
'COMPANY_MODIFY';
107 if ($triggerkey ==
'PRODUCT_UPDATE') {
108 $triggerkey =
'PRODUCT_MODIFY';
111 $result = $object->setValueFrom($field, $value, $object->table_element, $id, $format,
'', $user, $triggerkey);
114 print $object->error;
115 http_response_code(500);
120 header(
'Location: '.$backtopage);
GETPOST($paramname, $check='alphanohtml', $method=0, $filter=null, $options=null, $noreplace=0)
Return value of a param into GET or POST supervariable.
fetchObjectByElement($element_id, $element_type, $element_ref='')
Fetch an object from its id and element_type Inclusion of classes is automatic.
dol_escape_htmltag($stringtoescape, $keepb=0, $keepn=0, $noescapetags='', $escapeonlyhtmltags=0, $cleanalsojavascript=0)
Returns text escaped for inclusion in HTML alt or title or value tags, or into values of HTML input f...
if(!defined('NOREQUIREMENU')) if(!empty(GETPOST('seteventmessages', 'alpha'))) if(!function_exists("llxHeader")) top_httphead($contenttype='text/html', $forcenocache=0)
Show HTTP header.
restrictedArea(User $user, $features, $object=0, $tableandshare='', $feature2='', $dbt_keyfield='fk_soc', $dbt_select='rowid', $isdraft=0, $mode=0)
Check permissions of a user to show a page and an object.
httponly_accessforbidden($message=1, $http_response_code=403, $stringalreadysanitized=0)
Show a message to say access is forbidden and stop program.