forked from Wavyzz/dolibarr
412 lines
13 KiB
PHP
412 lines
13 KiB
PHP
<?php
|
|
/* Copyright (C) 2011-2020 Laurent Destailleur <eldy@users.sourceforge.net>
|
|
*
|
|
* This program is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation; either version 3 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|
* or see https://www.gnu.org/
|
|
*
|
|
* $elementype must be defined.
|
|
*/
|
|
|
|
/**
|
|
* \file htdocs/core/actions_extrafields.inc.php
|
|
* \brief Code for actions on extrafields admin pages
|
|
*/
|
|
|
|
$maxsizestring = 255;
|
|
$maxsizeint = 10;
|
|
$mesg = array();
|
|
|
|
$extrasize = GETPOST('size', 'intcomma');
|
|
$type = GETPOST('type', 'alphanohtml');
|
|
$param = GETPOST('param', 'alphanohtml');
|
|
$css = GETPOST('css', 'alphanohtml');
|
|
$cssview = GETPOST('cssview', 'alphanohtml');
|
|
$csslist = GETPOST('csslist', 'alphanohtml');
|
|
|
|
if ($type == 'double' && strpos($extrasize, ',') === false) {
|
|
$extrasize = '24,8';
|
|
}
|
|
if ($type == 'date') {
|
|
$extrasize = '';
|
|
}
|
|
if ($type == 'datetime') {
|
|
$extrasize = '';
|
|
}
|
|
if ($type == 'select') {
|
|
$extrasize = '';
|
|
}
|
|
|
|
|
|
// Add attribute
|
|
if ($action == 'add') {
|
|
if (GETPOST("button") != $langs->trans("Cancel")) {
|
|
// Check values
|
|
if (!$type) {
|
|
$error++;
|
|
$langs->load("errors");
|
|
$mesg[] = $langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Type"));
|
|
$action = 'create';
|
|
}
|
|
if ($type == 'varchar' && $extrasize <= 0) {
|
|
$error++;
|
|
$langs->load("errors");
|
|
$mesg[] = $langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Size"));
|
|
$action = 'edit';
|
|
}
|
|
if ($type == 'varchar' && $extrasize > $maxsizestring) {
|
|
$error++;
|
|
$langs->load("errors");
|
|
$mesg[] = $langs->trans("ErrorSizeTooLongForVarcharType", $maxsizestring);
|
|
$action = 'create';
|
|
}
|
|
if ($type == 'int' && $extrasize > $maxsizeint) {
|
|
$error++;
|
|
$langs->load("errors");
|
|
$mesg[] = $langs->trans("ErrorSizeTooLongForIntType", $maxsizeint);
|
|
$action = 'create';
|
|
}
|
|
if ($type == 'select' && !$param) {
|
|
$error++;
|
|
$langs->load("errors");
|
|
$mesg[] = $langs->trans("ErrorNoValueForSelectType");
|
|
$action = 'create';
|
|
}
|
|
if ($type == 'sellist' && !$param) {
|
|
$error++;
|
|
$langs->load("errors");
|
|
$mesg[] = $langs->trans("ErrorNoValueForSelectListType");
|
|
$action = 'create';
|
|
}
|
|
if ($type == 'checkbox' && !$param) {
|
|
$error++;
|
|
$langs->load("errors");
|
|
$mesg[] = $langs->trans("ErrorNoValueForCheckBoxType");
|
|
$action = 'create';
|
|
}
|
|
if ($type == 'link' && !$param) {
|
|
$error++;
|
|
$langs->load("errors");
|
|
$mesg[] = $langs->trans("ErrorNoValueForLinkType");
|
|
$action = 'create';
|
|
}
|
|
if ($type == 'radio' && !$param) {
|
|
$error++;
|
|
$langs->load("errors");
|
|
$mesg[] = $langs->trans("ErrorNoValueForRadioType");
|
|
$action = 'create';
|
|
}
|
|
if ((($type == 'radio') || ($type == 'checkbox')) && $param) {
|
|
// Construct array for parameter (value of select list)
|
|
$parameters = $param;
|
|
$parameters_array = explode("\r\n", $parameters);
|
|
foreach ($parameters_array as $param_ligne) {
|
|
if (!empty($param_ligne)) {
|
|
if (preg_match_all('/,/', $param_ligne, $matches)) {
|
|
if (count($matches[0]) > 1) {
|
|
$error++;
|
|
$langs->load("errors");
|
|
$mesg[] = $langs->trans("ErrorBadFormatValueList", $param_ligne);
|
|
$action = 'create';
|
|
}
|
|
} else {
|
|
$error++;
|
|
$langs->load("errors");
|
|
$mesg[] = $langs->trans("ErrorBadFormatValueList", $param_ligne);
|
|
$action = 'create';
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
if (!$error) {
|
|
if (strlen(GETPOST('attrname', 'aZ09')) < 3) {
|
|
$error++;
|
|
$langs->load("errors");
|
|
$mesg[] = $langs->trans("ErrorValueLength", $langs->transnoentitiesnoconv("AttributeCode"), 3);
|
|
$action = 'create';
|
|
}
|
|
}
|
|
|
|
// Check reserved keyword with more than 3 characters
|
|
if (!$error) {
|
|
if (in_array(GETPOST('attrname', 'aZ09'), array('and', 'keyword', 'table', 'index', 'int', 'integer', 'float', 'double', 'real', 'position'))) {
|
|
$error++;
|
|
$langs->load("errors");
|
|
$mesg[] = $langs->trans("ErrorReservedKeyword", GETPOST('attrname', 'aZ09'));
|
|
$action = 'create';
|
|
}
|
|
}
|
|
|
|
if (!$error) {
|
|
// attrname must be alphabetical and lower case only
|
|
if (GETPOSTISSET("attrname") && preg_match("/^[a-z0-9_]+$/", GETPOST('attrname', 'aZ09')) && !is_numeric(GETPOST('attrname', 'aZ09'))) {
|
|
// Construct array for parameter (value of select list)
|
|
$default_value = GETPOST('default_value', 'alpha');
|
|
$parameters = $param;
|
|
$parameters_array = explode("\r\n", $parameters);
|
|
$params = array();
|
|
//In sellist we have only one line and it can have come to do SQL expression
|
|
if ($type == 'sellist' || $type == 'chkbxlst') {
|
|
foreach ($parameters_array as $param_ligne) {
|
|
$params['options'] = array($parameters=>null);
|
|
}
|
|
} else {
|
|
// Else it's separated key/value and coma list
|
|
foreach ($parameters_array as $param_ligne) {
|
|
list($key, $value) = explode(',', $param_ligne);
|
|
if (!array_key_exists('options', $params)) {
|
|
$params['options'] = array();
|
|
}
|
|
$params['options'][$key] = $value;
|
|
}
|
|
}
|
|
|
|
// Visibility: -1=not visible by default in list, 1=visible, 0=hidden
|
|
$visibility = GETPOST('list', 'alpha');
|
|
if ($type == 'separate') {
|
|
$visibility = 3;
|
|
}
|
|
|
|
$result = $extrafields->addExtraField(
|
|
GETPOST('attrname', 'aZ09'),
|
|
GETPOST('label', 'alpha'),
|
|
$type,
|
|
GETPOST('pos', 'int'),
|
|
$extrasize,
|
|
$elementtype,
|
|
(GETPOST('unique', 'alpha') ? 1 : 0),
|
|
(GETPOST('required', 'alpha') ? 1 : 0),
|
|
$default_value,
|
|
$params,
|
|
(GETPOST('alwayseditable', 'alpha') ? 1 : 0),
|
|
(GETPOST('perms', 'alpha') ? GETPOST('perms', 'alpha') : ''),
|
|
$visibility,
|
|
GETPOST('help', 'alpha'),
|
|
GETPOST('computed_value', 'alpha'),
|
|
(GETPOST('entitycurrentorall', 'alpha') ? 0 : ''),
|
|
GETPOST('langfile', 'alpha'),
|
|
1,
|
|
(GETPOST('totalizable', 'alpha') ? 1 : 0),
|
|
GETPOST('printable', 'alpha'),
|
|
array('css' => $css, 'cssview' => $cssview, 'csslist' => $csslist)
|
|
);
|
|
if ($result > 0) {
|
|
setEventMessages($langs->trans('SetupSaved'), null, 'mesgs');
|
|
header("Location: ".$_SERVER["PHP_SELF"]);
|
|
exit;
|
|
} else {
|
|
$error++;
|
|
$mesg = $extrafields->error;
|
|
setEventMessages($mesg, null, 'errors');
|
|
}
|
|
} else {
|
|
$error++;
|
|
$langs->load("errors");
|
|
$mesg = $langs->trans("ErrorFieldCanNotContainSpecialNorUpperCharacters", $langs->transnoentities("AttributeCode"));
|
|
setEventMessages($mesg, null, 'errors');
|
|
$action = 'create';
|
|
}
|
|
} else {
|
|
setEventMessages($mesg, null, 'errors');
|
|
}
|
|
}
|
|
}
|
|
|
|
// Rename field
|
|
if ($action == 'update') {
|
|
if (GETPOST("button") != $langs->trans("Cancel")) {
|
|
// Check values
|
|
if (!$type) {
|
|
$error++;
|
|
$langs->load("errors");
|
|
$mesg[] = $langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Type"));
|
|
$action = 'edit';
|
|
}
|
|
if ($type == 'varchar' && $extrasize <= 0) {
|
|
$error++;
|
|
$langs->load("errors");
|
|
$mesg[] = $langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Size"));
|
|
$action = 'edit';
|
|
}
|
|
if ($type == 'varchar' && $extrasize > $maxsizestring) {
|
|
$error++;
|
|
$langs->load("errors");
|
|
$mesg[] = $langs->trans("ErrorSizeTooLongForVarcharType", $maxsizestring);
|
|
$action = 'edit';
|
|
}
|
|
if ($type == 'int' && $extrasize > $maxsizeint) {
|
|
$error++;
|
|
$langs->load("errors");
|
|
$mesg[] = $langs->trans("ErrorSizeTooLongForIntType", $maxsizeint);
|
|
$action = 'edit';
|
|
}
|
|
if ($type == 'select' && !$param) {
|
|
$error++;
|
|
$langs->load("errors");
|
|
$mesg[] = $langs->trans("ErrorNoValueForSelectType");
|
|
$action = 'edit';
|
|
}
|
|
if ($type == 'sellist' && !$param) {
|
|
$error++;
|
|
$langs->load("errors");
|
|
$mesg[] = $langs->trans("ErrorNoValueForSelectListType");
|
|
$action = 'edit';
|
|
}
|
|
if ($type == 'checkbox' && !$param) {
|
|
$error++;
|
|
$langs->load("errors");
|
|
$mesg[] = $langs->trans("ErrorNoValueForCheckBoxType");
|
|
$action = 'edit';
|
|
}
|
|
if ($type == 'radio' && !$param) {
|
|
$error++;
|
|
$langs->load("errors");
|
|
$mesg[] = $langs->trans("ErrorNoValueForRadioType");
|
|
$action = 'edit';
|
|
}
|
|
if ((($type == 'radio') || ($type == 'checkbox')) && $param) {
|
|
// Construct array for parameter (value of select list)
|
|
$parameters = $param;
|
|
$parameters_array = explode("\r\n", $parameters);
|
|
foreach ($parameters_array as $param_ligne) {
|
|
if (!empty($param_ligne)) {
|
|
if (preg_match_all('/,/', $param_ligne, $matches)) {
|
|
if (count($matches[0]) > 1) {
|
|
$error++;
|
|
$langs->load("errors");
|
|
$mesg[] = $langs->trans("ErrorBadFormatValueList", $param_ligne);
|
|
$action = 'edit';
|
|
}
|
|
} else {
|
|
$error++;
|
|
$langs->load("errors");
|
|
$mesg[] = $langs->trans("ErrorBadFormatValueList", $param_ligne);
|
|
$action = 'edit';
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
if (!$error) {
|
|
if (strlen(GETPOST('attrname', 'aZ09')) < 3 && empty($conf->global->MAIN_DISABLE_EXTRAFIELDS_CHECK_FOR_UPDATE)) {
|
|
$error++;
|
|
$langs->load("errors");
|
|
$mesg[] = $langs->trans("ErrorValueLength", $langs->transnoentitiesnoconv("AttributeCode"), 3);
|
|
$action = 'edit';
|
|
}
|
|
}
|
|
|
|
// Check reserved keyword with more than 3 characters
|
|
if (!$error) {
|
|
if (in_array(GETPOST('attrname', 'aZ09'), array('and', 'keyword', 'table', 'index', 'integer', 'float', 'double', 'position')) && empty($conf->global->MAIN_DISABLE_EXTRAFIELDS_CHECK_FOR_UPDATE)) {
|
|
$error++;
|
|
$langs->load("errors");
|
|
$mesg[] = $langs->trans("ErrorReservedKeyword", GETPOST('attrname', 'aZ09'));
|
|
$action = 'edit';
|
|
}
|
|
}
|
|
|
|
if (!$error) {
|
|
if (GETPOSTISSET("attrname") && preg_match("/^\w[a-zA-Z0-9-_]*$/", GETPOST('attrname', 'aZ09')) && !is_numeric(GETPOST('attrname', 'aZ09'))) {
|
|
$pos = GETPOST('pos', 'int');
|
|
// Construct array for parameter (value of select list)
|
|
$parameters = $param;
|
|
$parameters_array = explode("\r\n", $parameters);
|
|
$params = array();
|
|
//In sellist we have only one line and it can have come to do SQL expression
|
|
if ($type == 'sellist' || $type == 'chkbxlst') {
|
|
foreach ($parameters_array as $param_ligne) {
|
|
$params['options'] = array($parameters=>null);
|
|
}
|
|
} else {
|
|
//Esle it's separated key/value and coma list
|
|
foreach ($parameters_array as $param_ligne) {
|
|
list($key, $value) = explode(',', $param_ligne);
|
|
if (!array_key_exists('options', $params)) {
|
|
$params['options'] = array();
|
|
}
|
|
$params['options'][$key] = $value;
|
|
}
|
|
}
|
|
|
|
// Visibility: -1=not visible by default in list, 1=visible, 0=hidden
|
|
$visibility = GETPOST('list', 'alpha');
|
|
if ($type == 'separate') {
|
|
$visibility = 3;
|
|
}
|
|
|
|
// Example: is_object($object) ? ($object->id < 10 ? round($object->id / 2, 2) : (2 * $user->id) * (int) substr($mysoc->zip, 1, 2)) : 'objnotdefined'
|
|
$computedvalue = GETPOST('computed_value', 'nohtml');
|
|
|
|
$result = $extrafields->update(
|
|
GETPOST('attrname', 'aZ09'),
|
|
GETPOST('label', 'alpha'),
|
|
$type,
|
|
$extrasize,
|
|
$elementtype,
|
|
(GETPOST('unique', 'alpha') ? 1 : 0),
|
|
(GETPOST('required', 'alpha') ? 1 : 0),
|
|
$pos,
|
|
$params,
|
|
(GETPOST('alwayseditable', 'alpha') ? 1 : 0),
|
|
(GETPOST('perms', 'alpha') ?GETPOST('perms', 'alpha') : ''),
|
|
$visibility,
|
|
GETPOST('help', 'alpha'),
|
|
GETPOST('default_value', 'alpha'),
|
|
$computedvalue,
|
|
(GETPOST('entitycurrentorall', 'alpha') ? 0 : ''),
|
|
GETPOST('langfile'),
|
|
GETPOST('enabled', 'nohtml'),
|
|
(GETPOST('totalizable', 'alpha') ? 1 : 0),
|
|
GETPOST('printable', 'alpha'),
|
|
array('css' => $css, 'cssview' => $cssview, 'csslist' => $csslist)
|
|
);
|
|
if ($result > 0) {
|
|
setEventMessages($langs->trans('SetupSaved'), null, 'mesgs');
|
|
header("Location: ".$_SERVER["PHP_SELF"]);
|
|
exit;
|
|
} else {
|
|
$error++;
|
|
$mesg = $extrafields->error;
|
|
setEventMessages($mesg, null, 'errors');
|
|
}
|
|
} else {
|
|
$error++;
|
|
$langs->load("errors");
|
|
$mesg = $langs->trans("ErrorFieldCanNotContainSpecialCharacters", $langs->transnoentities("AttributeCode"));
|
|
setEventMessages($mesg, null, 'errors');
|
|
}
|
|
} else {
|
|
setEventMessages($mesg, null, 'errors');
|
|
}
|
|
}
|
|
}
|
|
|
|
// Delete attribute
|
|
if ($action == 'delete') {
|
|
if (GETPOSTISSET("attrname") && preg_match("/^\w[a-zA-Z0-9-_]*$/", GETPOST("attrname", 'aZ09'))) {
|
|
$result = $extrafields->delete(GETPOST("attrname", 'aZ09'), $elementtype);
|
|
if ($result >= 0) {
|
|
header("Location: ".$_SERVER["PHP_SELF"]);
|
|
exit;
|
|
} else {
|
|
$mesg = $extrafields->error;
|
|
}
|
|
} else {
|
|
$error++;
|
|
$langs->load("errors");
|
|
$mesg = $langs->trans("ErrorFieldCanNotContainSpecialCharacters", $langs->transnoentities("AttributeCode"));
|
|
}
|
|
}
|