dolibarr 24.0.0-beta
updateextrafield.php
Go to the documentation of this file.
1<?php
2/* Copyright (C) 2022 Laurent Destailleur <eldy@users.sourceforge.net>
3 * Copyright (C) 2024-2025 Frédéric France <frederic.france@free.fr>
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 3 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with this program. If not, see <https://www.gnu.org/licenses/>.
17 */
18
25if (!defined('NOTOKENRENEWAL')) {
26 define('NOTOKENRENEWAL', 1); // Disables token renewal
27}
28if (!defined('NOREQUIREMENU')) {
29 define('NOREQUIREMENU', '1');
30}
31if (!defined('NOREQUIREHTML')) {
32 define('NOREQUIREHTML', '1');
33}
34if (!defined('NOREQUIREAJAX')) {
35 define('NOREQUIREAJAX', '1');
36}
37if (!defined('NOREQUIRESOC')) {
38 define('NOREQUIRESOC', '1');
39}
40
41// Load Dolibarr environment
42include '../../main.inc.php';
52$objectType = GETPOST('objectType', 'aZ09'); // modulepart
53$objectId = GETPOST('objectId', 'aZ09');
54$field = GETPOST('field', 'aZ09');
55$value = GETPOST('value', 'alpha');
56
57$module = getElementProperties($objectType)['module'];
58$element_ref = '';
59if (is_numeric($objectId)) {
60 $objectId = (int) $objectId;
61} else {
62 $element_ref = $objectId;
63 $objectId = 0;
64}
65$object = fetchObjectByElement($objectId, $objectType, $element_ref);
66if (empty($object->element)) {
67 httponly_accessforbidden('Failed to get object with fetchObjectByElement(id=' . $objectId . ', objecttype=' . $objectType . ')');
68}
69
70$module = $object->module;
71$element = $object->element;
72
73// Security check
74$usesublevelpermission = ($module != $element ? $element : '');
75if ($usesublevelpermission && !$user->hasRight($module, $element, 'write') && !$user->hasRight($module, 'write')) { // There is no permission on object defined, we will check permission on module directly
76 $usesublevelpermission = '';
77}
78// print $object->id.' - '.$object->module.' - '.$object->element.' - '.$object->table_element.' - '.$usesublevelpermission."\n";
79
80restrictedArea($user, $object->module, $object, $object->table_element, $usesublevelpermission);
81
82
83
84
85/*
86 * View
87 */
88
89dol_syslog("Call ajax core/ajax/updateextrafield.php");
90
91top_httphead();
92
93// Update the object field with the new value
94if ($object->id > 0 && $field && isset($value)) {
95 // Fetch optionals attributes and labels
96 $extrafields->fetch_name_optionals_label($object->table_element);
97
98 // TODO Test specific permission of extrafield $field for object $object. It is stored into
99 // $extrafields->attributes[$object->table_element]['label']['perms'][$key]
100
101 $object->array_options['options_'.$field] = $value;
102 if ($object instanceof Societe) {
103 $result = $object->update($object->id, $user);
104 } else {
105 $result = $object->update($user);
106 }
107
108 if ($result < 0) {
109 print json_encode(['status' => 'error', 'message' => 'Error updating '. $field]);
110 } else {
111 print json_encode(['status' => 'success', 'message' => $field . ' updated successfully']);
112 }
113}
114
115$db->close();
$object
if(! $sortfield) if(! $sortorder) $object
Definition account.php:100
Societe
Class to manage third parties objects (customers, suppliers, prospects...)
Definition societe.class.php:57
$db
if(!isModEnabled('ai')||!getDolGlobalString('AI_ASSISTANT_ENABLED')) global $db
API class for accounts.
Definition execute_tool.php:46
GETPOST
GETPOST($paramname, $check='alphanohtml', $method=0, $filter=null, $options=null, $noreplace=0)
Return value of a param into GET or POST supervariable.
Definition functions.lib.php:1082
dol_syslog
dol_syslog($message, $level=LOG_INFO, $ident=0, $suffixinfilename='', $restricttologhandler='', $logcontext=null)
Write log message into outputs.
Definition functions.lib.php:2754
top_httphead
if(!defined( 'NOREQUIREMENU')) if(!empty(GETPOST('seteventmessages', 'alpha'))) if(!function_exists("llxHeader")) top_httphead($contenttype='text/html', $forcenocache=0)
Show HTTP header.
Definition main.inc.php:1512
httponly_accessforbidden
httponly_accessforbidden($message='1', $http_response_code=403, $stringalreadysanitized=0)
Show a message to say access is forbidden and stop program.
Definition security.lib.php:1070
restrictedArea
restrictedArea(User $user, $features, $object=0, $tableandshare='', $feature2='', $dbt_keyfield='fk_soc', $dbt_select='rowid', $isdraft=0, $mode=0)
Check permissions of a user to show a page and an object.
Definition security.lib.php:180
Generated on Mon Jun 22 2026 21:04:38 for dolibarr by Doxygen 1.11.0