Commit | Line | Data |
---|---|---|
6a488035 | 1 | <?php |
b081365f CW |
2 | /* |
3 | +--------------------------------------------------------------------+ | |
fee14197 | 4 | | CiviCRM version 5 | |
b081365f | 5 | +--------------------------------------------------------------------+ |
6b83d5bd | 6 | | Copyright CiviCRM LLC (c) 2004-2019 | |
b081365f CW |
7 | +--------------------------------------------------------------------+ |
8 | | This file is a part of CiviCRM. | | |
9 | | | | |
10 | | CiviCRM is free software; you can copy, modify, and distribute it | | |
11 | | under the terms of the GNU Affero General Public License | | |
12 | | Version 3, 19 November 2007 and the CiviCRM Licensing Exception. | | |
13 | | | | |
14 | | CiviCRM is distributed in the hope that it will be useful, but | | |
15 | | WITHOUT ANY WARRANTY; without even the implied warranty of | | |
16 | | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | | |
17 | | See the GNU Affero General Public License for more details. | | |
18 | | | | |
19 | | You should have received a copy of the GNU Affero General Public | | |
20 | | License and the CiviCRM Licensing Exception along | | |
21 | | with this program; if not, contact CiviCRM LLC | | |
22 | | at info[AT]civicrm[DOT]org. If you have questions about the | | |
23 | | GNU Affero General Public License or the licensing of CiviCRM, | | |
24 | | see the CiviCRM license FAQ at http://civicrm.org/licensing | | |
25 | +--------------------------------------------------------------------+ | |
26 | */ | |
27 | ||
28 | /** | |
29 | * @package CiviCRM_APIv3 | |
30 | */ | |
31 | ||
6a488035 | 32 | /** |
2fb1dd66 EM |
33 | * Set a single value using the api. |
34 | * | |
35 | * This function is called when no specific setvalue api exists. | |
36 | * Params must contain at least id=xx & {one of the fields from getfields}=value | |
9657ccf2 | 37 | * |
72b3a70c | 38 | * @param array $apiRequest |
9657ccf2 EM |
39 | * |
40 | * @throws API_Exception | |
41 | * @return array | |
6a488035 TO |
42 | */ |
43 | function civicrm_api3_generic_setValue($apiRequest) { | |
44 | $entity = $apiRequest['entity']; | |
45 | $params = $apiRequest['params']; | |
6a488035 TO |
46 | $id = $params['id']; |
47 | if (!is_numeric($id)) { | |
cf8f0fff | 48 | return civicrm_api3_create_error(ts('Please enter a number'), [ |
2fb1dd66 EM |
49 | 'error_code' => 'NaN', |
50 | 'field' => "id", | |
cf8f0fff | 51 | ]); |
6a488035 TO |
52 | } |
53 | ||
54 | $field = CRM_Utils_String::munge($params['field']); | |
55 | $value = $params['value']; | |
56 | ||
cf8f0fff | 57 | $fields = civicrm_api($entity, 'getFields', [ |
c1a920f1 EM |
58 | 'version' => 3, |
59 | 'action' => 'create', | |
cf8f0fff | 60 | "sequential"] |
c1a920f1 | 61 | ); |
6a488035 | 62 | // getfields error, shouldn't happen. |
6c552737 TO |
63 | if ($fields['is_error']) { |
64 | return $fields; | |
65 | } | |
6a488035 TO |
66 | $fields = $fields['values']; |
67 | ||
47737104 CW |
68 | $isCustom = strpos($field, 'custom_') === 0; |
69 | // Trim off the id portion of a multivalued custom field name | |
70 | $fieldKey = $isCustom && substr_count($field, '_') > 1 ? rtrim(rtrim($field, '1234567890'), '_') : $field; | |
71 | if (!array_key_exists($fieldKey, $fields)) { | |
cf8f0fff | 72 | return civicrm_api3_create_error("Param 'field' ($field) is invalid. must be an existing field", ["error_code" => "invalid_field", "fields" => array_keys($fields)]); |
6a488035 TO |
73 | } |
74 | ||
47737104 CW |
75 | $def = $fields[$fieldKey]; |
76 | $title = CRM_Utils_Array::value('title', $def, ts('Field')); | |
5ba3bfc8 CW |
77 | // Disallow empty values except for the number zero. |
78 | // TODO: create a utility for this since it's needed in many places | |
47737104 CW |
79 | if (!empty($def['required']) || !empty($def['is_required'])) { |
80 | if ((empty($value) || $value === 'null') && $value !== '0' && $value !== 0) { | |
cf8f0fff | 81 | return civicrm_api3_create_error(ts('%1 is a required field.', [1 => $title]), ["error_code" => "required", "field" => $field]); |
47737104 | 82 | } |
6a488035 TO |
83 | } |
84 | ||
85 | switch ($def['type']) { | |
47737104 CW |
86 | case CRM_Utils_Type::T_FLOAT: |
87 | if (!is_numeric($value) && !empty($value) && $value !== 'null') { | |
cf8f0fff | 88 | return civicrm_api3_create_error(ts('%1 must be a number.', [1 => $title]), ['error_code' => 'NaN']); |
47737104 | 89 | } |
c866eb5f | 90 | break; |
47737104 | 91 | |
da54ec85 | 92 | case CRM_Utils_Type::T_INT: |
47737104 | 93 | if (!CRM_Utils_Rule::integer($value) && !empty($value) && $value !== 'null') { |
cf8f0fff | 94 | return civicrm_api3_create_error(ts('%1 must be a number.', [1 => $title]), ['error_code' => 'NaN']); |
6a488035 | 95 | } |
c866eb5f | 96 | break; |
6a488035 | 97 | |
da54ec85 CW |
98 | case CRM_Utils_Type::T_STRING: |
99 | case CRM_Utils_Type::T_TEXT: | |
6a488035 | 100 | if (!CRM_Utils_Rule::xssString($value)) { |
cf8f0fff | 101 | return civicrm_api3_create_error(ts('Illegal characters in input (potential scripting attack)'), ['error_code' => 'XSS']); |
6a488035 | 102 | } |
c866eb5f TO |
103 | if (array_key_exists('maxlength', $def)) { |
104 | $value = substr($value, 0, $def['maxlength']); | |
105 | } | |
106 | break; | |
6a488035 | 107 | |
da54ec85 | 108 | case CRM_Utils_Type::T_DATE: |
be2e0c6a | 109 | $value = CRM_Utils_Type::escape($value, "Date", FALSE); |
6c552737 | 110 | if (!$value) { |
6a488035 | 111 | return civicrm_api3_create_error("Param '$field' is not a date. format YYYYMMDD or YYYYMMDDHHMMSS"); |
6c552737 | 112 | } |
6a488035 TO |
113 | break; |
114 | ||
da54ec85 | 115 | case CRM_Utils_Type::T_BOOLEAN: |
47737104 CW |
116 | // Allow empty value for non-required fields |
117 | if ($value === '' || $value === 'null') { | |
118 | $value = ''; | |
119 | } | |
120 | else { | |
121 | $value = (boolean) $value; | |
122 | } | |
6a488035 TO |
123 | break; |
124 | ||
125 | default: | |
cf8f0fff | 126 | return civicrm_api3_create_error("Param '$field' is of a type not managed yet (" . $def['type'] . "). Join the API team and help us implement it", ['error_code' => 'NOT_IMPLEMENTED']); |
6a488035 TO |
127 | } |
128 | ||
abe95f29 | 129 | $dao_name = _civicrm_api3_get_DAO($entity); |
cf8f0fff | 130 | $params = ['id' => $id, $field => $value]; |
47737104 CW |
131 | |
132 | if ((!empty($def['pseudoconstant']) || !empty($def['option_group_id'])) && $value !== '' && $value !== 'null') { | |
99efe93a | 133 | _civicrm_api3_api_match_pseudoconstant($params[$field], $entity, $field, $def); |
47737104 CW |
134 | } |
135 | ||
75c9b470 CW |
136 | CRM_Utils_Hook::pre('edit', $entity, $id, $params); |
137 | ||
7a8e775a | 138 | // Custom fields |
47737104 | 139 | if ($isCustom) { |
7a8e775a | 140 | CRM_Utils_Array::crmReplaceKey($params, 'id', 'entityID'); |
47737104 CW |
141 | // Treat 'null' as empty value. This is awful but the rest of the code supports it. |
142 | if ($params[$field] === 'null') { | |
143 | $params[$field] = ''; | |
144 | } | |
7a8e775a | 145 | CRM_Core_BAO_CustomValueTable::setValues($params); |
1273d77c | 146 | CRM_Utils_Hook::post('edit', $entity, $id); |
7a8e775a CW |
147 | } |
148 | // Core fields | |
149 | elseif (CRM_Core_DAO::setFieldValue($dao_name, $id, $field, $params[$field])) { | |
abe95f29 | 150 | $entityDAO = new $dao_name(); |
151 | $entityDAO->copyValues($params); | |
bb0c64a4 | 152 | CRM_Utils_Hook::post('edit', $entity, $entityDAO->id, $entityDAO); |
6a488035 TO |
153 | } |
154 | else { | |
155 | return civicrm_api3_create_error("error assigning $field=$value for $entity (id=$id)"); | |
156 | } | |
99efe93a CW |
157 | |
158 | // Add changelog entry - TODO: Should we do this for other entities as well? | |
159 | if (strtolower($entity) === 'contact') { | |
160 | CRM_Core_BAO_Log::register($id, 'civicrm_contact', $id); | |
161 | } | |
162 | ||
163 | return civicrm_api3_create_success($params); | |
6a488035 | 164 | } |