da/dc9/box_8php_source.html

<?php

/* Copyright (C) 2005-2012  Regis Houssin           <regis.houssin@inodbox.com>

 * Copyright (C) 2007-2012  Laurent Destailleur     <eldy@users.sourceforge.net>

 * Copyright (C) 2024       Frédéric France         <frederic.france@free.fr>

 * Copyright (C) 2024   MDW           <mdeweerd@users.noreply.github.com>

 *

 * This program is free software; you can redistribute it and/or modify

 * it under the terms of the GNU General Public License as published by

 * the Free Software Foundation; either version 3 of the License, or

 * (at your option) any later version.

 *

 * This program is distributed in the hope that it will be useful,

 * but WITHOUT ANY WARRANTY; without even the implied warranty of

 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

 * GNU General Public License for more details.

 *

 * You should have received a copy of the GNU General Public License

 * along with this program. If not, see <https://www.gnu.org/licenses/>.

 */


if (!defined('NOTOKENRENEWAL')) {

  define('NOTOKENRENEWAL', '1'); // Disables token renewal

}

if (!defined('NOREQUIREMENU')) {

  define('NOREQUIREMENU', '1');

}

if (!defined('NOREQUIREHTML')) {

  define('NOREQUIREHTML', '1');

}

if (!defined('NOREQUIREAJAX')) {

  define('NOREQUIREAJAX', '1');

}

if (!defined('NOREQUIRESOC')) {

  define('NOREQUIRESOC', '1');

}


// Load Dolibarr environment

require '../../main.inc.php';

require_once DOL_DOCUMENT_ROOT.'/core/class/infobox.class.php';


$boxid = GETPOSTINT('boxid');

$boxorder = GETPOST('boxorder');

$zone = GETPOST('zone');    // Can be key for zone

if ($zone !== '') {

  $zone = (int) $zone;

}

$userid = GETPOSTINT('userid');


// Security check

if ($userid != $user->id) {

  httponly_accessforbidden('Bad userid parameter. Must match logged user.');

}


/*

 * View

 */


top_httphead();


print '<!-- Ajax page called with url '.dol_escape_htmltag($_SERVER["PHP_SELF"]).'?'.dol_escape_htmltag($_SERVER["QUERY_STRING"]).' -->'."\n";


// Add a box

if ($boxid > 0 && $zone != '' && $userid > 0) {

  $tmp = explode('-', $boxorder);

  $nbboxonleft = substr_count($tmp[0], ',');

  $nbboxonright = substr_count($tmp[1], ',');

  print $nbboxonleft.'-'.$nbboxonright;

  if ($nbboxonleft > $nbboxonright) {

    $boxorder = preg_replace('/B:/', 'B:'.$boxid.',', $boxorder); // Insert id of new box into list

  } else {

    $boxorder = preg_replace('/^A:/', 'A:'.$boxid.',', $boxorder); // Insert id of new box into list

  }

}


// Registering the location of boxes after a move

if ($boxorder && $zone != '' && $userid > 0) {

  // boxorder value is the target order: "A:idboxA1,idboxA2,A-B:idboxB1,idboxB2,B"

  dol_syslog("AjaxBox boxorder=".$boxorder." zone=".$zone." userid=".$userid, LOG_DEBUG);


  $result = InfoBox::saveboxorder($db, (int) $zone, $boxorder, $userid);

  if ($result > 0) {

    $langs->load("boxes");

    if (!GETPOST('closing')) {

      setEventMessages($langs->trans("BoxAdded"), null);

    }

  }

}

InfoBox\saveboxorder
static saveboxorder($dbs, $zone, $boxorder, $userid=0)
Save order of boxes for area and user.
Definition infobox.class.php:226

setEventMessages
setEventMessages($mesg, $mesgs, $style='mesgs', $messagekey='', $noduplicate=0, $attop=0)
Set event messages in dol_events session object.
Definition functions.lib.php:9981

GETPOSTINT
GETPOSTINT($paramname, $method=0)
Return the value of a $_GET or $_POST supervariable, converted into integer.
Definition functions.lib.php:1120

GETPOST
GETPOST($paramname, $check='alphanohtml', $method=0, $filter=null, $options=null, $noreplace=0)
Return value of a param into GET or POST supervariable.
Definition functions.lib.php:792

dol_syslog
dol_syslog($message, $level=LOG_INFO, $ident=0, $suffixinfilename='', $restricttologhandler='', $logcontext=null)
Write log message into outputs.
Definition functions.lib.php:2253

dol_escape_htmltag
dol_escape_htmltag($stringtoescape, $keepb=0, $keepn=0, $noescapetags='', $escapeonlyhtmltags=0, $cleanalsojavascript=0)
Returns text escaped for inclusion in HTML alt or title or value tags, or into values of HTML input f...
Definition functions.lib.php:2045

top_httphead
if(!defined( 'NOREQUIREMENU')) if(!empty(GETPOST('seteventmessages', 'alpha'))) if(!function_exists("llxHeader")) top_httphead($contenttype='text/html', $forcenocache=0)
Show HTTP header.
Definition main.inc.php:1725

httponly_accessforbidden
httponly_accessforbidden($message='1', $http_response_code=403, $stringalreadysanitized=0)
Show a message to say access is forbidden and stop program.
Definition security.lib.php:1206