api/v3/Generic/Setvalue.php

   1 <?php
   2 /**
   3  * params must contain at least id=xx & {one of the fields from getfields}=value
   4  */
   5 function civicrm_api3_generic_setValue($apiRequest) {
   6   $entity = $apiRequest['entity'];
   7   $params = $apiRequest['params'];
   8   // we can't use _spec, doesn't work with generic
   9   civicrm_api3_verify_mandatory($params, NULL, array('id', 'field', 'value'));
  10   $id = $params['id'];
  11   if (!is_numeric($id)) {
  12     return civicrm_api3_create_error(ts('Please enter a number'), array('error_code' => 'NaN', 'field' => "id"));
  13   }
  14
  15   $field = CRM_Utils_String::munge($params['field']);
  16   $value = $params['value'];
  17
  18   $fields = civicrm_api($entity, 'getFields', array('version' => 3, 'action' => 'create', "sequential"));
  19   // getfields error, shouldn't happen.
  20   if ($fields['is_error'])
  21   return $fields;
  22   $fields = $fields['values'];
  23
  24   if (!array_key_exists($field, $fields)) {
  25     return civicrm_api3_create_error("Param 'field' ($field) is invalid. must be an existing field", array("error_code" => "invalid_field", "fields" => array_keys($fields)));
  26   }
  27
  28   $def = $fields[$field];
  29   if (array_key_exists('required', $def) && CRM_Utils_System::isNull($value)) {
  30     return civicrm_api3_create_error(ts("This can't be empty, please provide a value"), array("error_code" => "required", "field" => $field));
  31   }
  32
  33   switch ($def['type']) {
  34     case CRM_Utils_Type::T_INT:
  35       if (!is_numeric($value)) {
  36         return civicrm_api3_create_error("Param '$field' must be a number", array('error_code' => 'NaN'));
  37       }
  38
  39     case CRM_Utils_Type::T_STRING:
  40     case CRM_Utils_Type::T_TEXT:
  41       if (!CRM_Utils_Rule::xssString($value)) {
  42         return civicrm_api3_create_error(ts('Illegal characters in input (potential scripting attack)'), array('error_code' => 'XSS'));
  43       }
  44     if (array_key_exists('maxlength', $def)) {
  45       $value = substr($value, 0, $def['maxlength']);
  46     }
  47     break;
  48
  49     case CRM_Utils_Type::T_DATE:
  50       $value = CRM_Utils_Type::escape($value,"Date",false);
  51       if (!$value)
  52         return civicrm_api3_create_error("Param '$field' is not a date. format YYYYMMDD or YYYYMMDDHHMMSS");
  53       break;
  54
  55     case CRM_Utils_Type::T_BOOLEAN:
  56       $value = (boolean) $value;
  57       break;
  58
  59     default:
  60       return civicrm_api3_create_error("Param '$field' is of a type not managed yet (".$def['type']."). Join the API team and help us implement it", array('error_code' => 'NOT_IMPLEMENTED'));
  61   }
  62
  63   if (CRM_Core_DAO::setFieldValue(_civicrm_api3_get_DAO($entity), $id, $field, $value)) {
  64     $entity = array('id' => $id, $field => $value);
  65     CRM_Utils_Hook::post('edit', $entity, $id, $entity);
  66     return civicrm_api3_create_success($entity);
  67   }
  68   else {
  69     return civicrm_api3_create_error("error assigning $field=$value for $entity (id=$id)");
  70   }
  71 }
  72