Commit | Line | Data |
---|---|---|
6a488035 TO |
1 | <?php |
2 | /** | |
3 | * params must contain at least id=xx & {one of the fields from getfields}=value | |
4 | */ | |
5 | function civicrm_api3_generic_setValue($apiRequest) { | |
6 | $entity = $apiRequest['entity']; | |
7 | $params = $apiRequest['params']; | |
8 | // we can't use _spec, doesn't work with generic | |
9 | civicrm_api3_verify_mandatory($params, NULL, array('id', 'field', 'value')); | |
10 | $id = $params['id']; | |
11 | if (!is_numeric($id)) { | |
12 | return civicrm_api3_create_error(ts('Please enter a number'), array('error_code' => 'NaN', 'field' => "id")); | |
13 | } | |
14 | ||
15 | $field = CRM_Utils_String::munge($params['field']); | |
16 | $value = $params['value']; | |
17 | ||
18 | $fields = civicrm_api($entity, 'getFields', array('version' => 3, 'action' => 'create', "sequential")); | |
19 | // getfields error, shouldn't happen. | |
20 | if ($fields['is_error']) | |
21 | return $fields; | |
22 | $fields = $fields['values']; | |
23 | ||
24 | if (!array_key_exists($field, $fields)) { | |
25 | return civicrm_api3_create_error("Param 'field' ($field) is invalid. must be an existing field", array("error_code" => "invalid_field", "fields" => array_keys($fields))); | |
26 | } | |
27 | ||
28 | $def = $fields[$field]; | |
5ba3bfc8 CW |
29 | // Disallow empty values except for the number zero. |
30 | // TODO: create a utility for this since it's needed in many places | |
9b10578b | 31 | // if (array_key_exists('required', $def) && CRM_Utils_System::isNull($value)) { |
5ba3bfc8 | 32 | if (array_key_exists('required', $def) && empty($value) && $value !== '0' && $value !== 0) { |
6a488035 TO |
33 | return civicrm_api3_create_error(ts("This can't be empty, please provide a value"), array("error_code" => "required", "field" => $field)); |
34 | } | |
35 | ||
36 | switch ($def['type']) { | |
da54ec85 | 37 | case CRM_Utils_Type::T_INT: |
6a488035 TO |
38 | if (!is_numeric($value)) { |
39 | return civicrm_api3_create_error("Param '$field' must be a number", array('error_code' => 'NaN')); | |
40 | } | |
41 | ||
da54ec85 CW |
42 | case CRM_Utils_Type::T_STRING: |
43 | case CRM_Utils_Type::T_TEXT: | |
6a488035 TO |
44 | if (!CRM_Utils_Rule::xssString($value)) { |
45 | return civicrm_api3_create_error(ts('Illegal characters in input (potential scripting attack)'), array('error_code' => 'XSS')); | |
46 | } | |
47 | if (array_key_exists('maxlength', $def)) { | |
48 | $value = substr($value, 0, $def['maxlength']); | |
49 | } | |
50 | break; | |
51 | ||
da54ec85 | 52 | case CRM_Utils_Type::T_DATE: |
6a488035 TO |
53 | $value = CRM_Utils_Type::escape($value,"Date",false); |
54 | if (!$value) | |
55 | return civicrm_api3_create_error("Param '$field' is not a date. format YYYYMMDD or YYYYMMDDHHMMSS"); | |
56 | break; | |
57 | ||
da54ec85 | 58 | case CRM_Utils_Type::T_BOOLEAN: |
6a488035 TO |
59 | $value = (boolean) $value; |
60 | break; | |
61 | ||
62 | default: | |
63 | return civicrm_api3_create_error("Param '$field' is of a type not managed yet (".$def['type']."). Join the API team and help us implement it", array('error_code' => 'NOT_IMPLEMENTED')); | |
64 | } | |
65 | ||
66 | if (CRM_Core_DAO::setFieldValue(_civicrm_api3_get_DAO($entity), $id, $field, $value)) { | |
67 | $entity = array('id' => $id, $field => $value); | |
68 | CRM_Utils_Hook::post('edit', $entity, $id, $entity); | |
69 | return civicrm_api3_create_success($entity); | |
70 | } | |
71 | else { | |
72 | return civicrm_api3_create_error("error assigning $field=$value for $entity (id=$id)"); | |
73 | } | |
74 | } | |
75 |