3 +--------------------------------------------------------------------+
4 | Copyright CiviCRM LLC. All rights reserved. |
6 | This work is published under the GNU AGPLv3 license with some |
7 | permitted exceptions and without any warranty. For full license |
8 | and copyright information, see https://civicrm.org/licensing |
9 +--------------------------------------------------------------------+
13 * @package CiviCRM_APIv3
17 * Set a single value using the api.
19 * This function is called when no specific setvalue api exists.
20 * Params must contain at least id=xx & {one of the fields from getfields}=value
22 * @param array $apiRequest
24 * @throws API_Exception
27 function civicrm_api3_generic_setValue($apiRequest) {
28 $entity = $apiRequest['entity'];
29 $params = $apiRequest['params'];
31 if (!is_numeric($id)) {
32 return civicrm_api3_create_error(ts('Please enter a number'), [
33 'error_code' => 'NaN',
38 $field = CRM_Utils_String
::munge($params['field']);
39 $value = $params['value'];
41 $fields = civicrm_api($entity, 'getFields', [
45 // getfields error, shouldn't happen.
46 if ($fields['is_error']) {
49 $fields = $fields['values'];
51 $isCustom = strpos($field, 'custom_') === 0;
52 // Trim off the id portion of a multivalued custom field name
53 $fieldKey = $isCustom && substr_count($field, '_') > 1 ?
rtrim(rtrim($field, '1234567890'), '_') : $field;
54 if (!array_key_exists($fieldKey, $fields)) {
55 return civicrm_api3_create_error("Param 'field' ($field) is invalid. must be an existing field", ["error_code" => "invalid_field", "fields" => array_keys($fields)]);
58 $def = $fields[$fieldKey];
59 $title = CRM_Utils_Array
::value('title', $def, ts('Field'));
60 // Disallow empty values except for the number zero.
61 // TODO: create a utility for this since it's needed in many places
62 if (!empty($def['required']) ||
!empty($def['is_required'])) {
63 if ((empty($value) ||
$value === 'null') && $value !== '0' && $value !== 0) {
64 return civicrm_api3_create_error(ts('%1 is a required field.', [1 => $title]), ["error_code" => "required", "field" => $field]);
68 switch ($def['type']) {
69 case CRM_Utils_Type
::T_FLOAT
:
70 if (!is_numeric($value) && !empty($value) && $value !== 'null') {
71 return civicrm_api3_create_error(ts('%1 must be a number.', [1 => $title]), ['error_code' => 'NaN']);
75 case CRM_Utils_Type
::T_INT
:
76 if (!CRM_Utils_Rule
::integer($value) && !empty($value) && $value !== 'null') {
77 return civicrm_api3_create_error(ts('%1 must be a number.', [1 => $title]), ['error_code' => 'NaN']);
81 case CRM_Utils_Type
::T_STRING
:
82 case CRM_Utils_Type
::T_TEXT
:
83 if (!CRM_Utils_Rule
::xssString($value)) {
84 return civicrm_api3_create_error(ts('Illegal characters in input (potential scripting attack)'), ['error_code' => 'XSS']);
86 if (array_key_exists('maxlength', $def)) {
87 $value = substr($value, 0, $def['maxlength']);
91 case CRM_Utils_Type
::T_DATE
:
92 $value = CRM_Utils_Type
::escape($value, "Date", FALSE);
94 return civicrm_api3_create_error("Param '$field' is not a date. format YYYYMMDD or YYYYMMDDHHMMSS");
98 case CRM_Utils_Type
::T_BOOLEAN
:
99 // Allow empty value for non-required fields
100 if ($value === '' ||
$value === 'null') {
104 $value = (boolean
) $value;
109 return civicrm_api3_create_error("Param '$field' is of a type not managed yet (" . $def['type'] . "). Join the API team and help us implement it", ['error_code' => 'NOT_IMPLEMENTED']);
112 $dao_name = _civicrm_api3_get_DAO($entity);
113 $params = ['id' => $id, $field => $value];
115 if ((!empty($def['pseudoconstant']) ||
!empty($def['option_group_id'])) && $value !== '' && $value !== 'null') {
116 _civicrm_api3_api_match_pseudoconstant($params[$field], $entity, $field, $def);
119 CRM_Utils_Hook
::pre('edit', $entity, $id, $params);
123 CRM_Utils_Array
::crmReplaceKey($params, 'id', 'entityID');
124 // Treat 'null' as empty value. This is awful but the rest of the code supports it.
125 if ($params[$field] === 'null') {
126 $params[$field] = '';
128 CRM_Core_BAO_CustomValueTable
::setValues($params);
129 CRM_Utils_Hook
::post('edit', $entity, $id);
132 elseif (CRM_Core_DAO
::setFieldValue($dao_name, $id, $field, $params[$field])) {
133 $entityDAO = new $dao_name();
134 $entityDAO->copyValues($params);
135 CRM_Utils_Hook
::post('edit', $entity, $entityDAO->id
, $entityDAO);
138 return civicrm_api3_create_error("error assigning $field=$value for $entity (id=$id)");
141 // Add changelog entry - TODO: Should we do this for other entities as well?
142 if (strtolower($entity) === 'contact') {
143 CRM_Core_BAO_Log
::register($id, 'civicrm_contact', $id);
146 return civicrm_api3_create_success($params);