1<?php
2/* Copyright (C) 2017 Laurent Destailleur  <eldy@users.sourceforge.net>
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License as published by
6 * the Free Software Foundation; either version 3 of the License, or
7 * (at your option) any later version.
8 *
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12 * GNU General Public License for more details.
13 *
14 * You should have received a copy of the GNU General Public License
15 * along with this program. If not, see <https://www.gnu.org/licenses/>.
16 */
17
18/**
19 *       \file       htdocs/core/ajax/selectobject.php
20 *       \brief      File to return Ajax response on a selection list request
21 */
22
23if (!defined('NOTOKENRENEWAL')) {
24	define('NOTOKENRENEWAL', 1); // Disables token renewal
25}
26if (!defined('NOREQUIREMENU')) {
27	define('NOREQUIREMENU', '1');
28}
29if (!defined('NOREQUIREHTML')) {
30	define('NOREQUIREHTML', '1');
31}
32if (!defined('NOREQUIREAJAX')) {
33	define('NOREQUIREAJAX', '1');
34}
35if (!defined('NOREQUIRESOC')) {
36	define('NOREQUIRESOC', '1');
37}
38if (!defined('NOCSRFCHECK')) {
39	define('NOCSRFCHECK', '1');
40}
41
42require '../../main.inc.php';
43
44$objectdesc = GETPOST('objectdesc', 'alpha');
45$htmlname = GETPOST('htmlname', 'aZ09');
46$outjson = (GETPOST('outjson', 'int') ? GETPOST('outjson', 'int') : 0);
47$id = GETPOST('id', 'int');
48
49
50/*
51 * View
52 */
53
54//print '<!-- Ajax page called with url '.dol_escape_htmltag($_SERVER["PHP_SELF"]).'?'.dol_escape_htmltag($_SERVER["QUERY_STRING"]).' -->'."\n";
55//print_r($_GET);
56
57require_once DOL_DOCUMENT_ROOT.'/core/class/html.form.class.php';
58$form = new Form($db);
59
60//$langs->load("companies");
61
62top_httphead();
63
64if (empty($htmlname)) {
65	return;
66}
67
68
69$InfoFieldList = explode(":", $objectdesc);
70$classname = $InfoFieldList[0];
71$classpath = $InfoFieldList[1];
72if (!empty($classpath)) {
73	dol_include_once($classpath);
74	if ($classname && class_exists($classname)) {
75		$objecttmp = new $classname($db);
76	}
77}
78if (!is_object($objecttmp)) {
79	dol_syslog('Error bad param objectdesc', LOG_WARNING);
80	print 'Error bad param objectdesc';
81}
82
83// When used from jQuery, the search term is added as GET param "term".
84$searchkey = (($id && GETPOST($id, 'alpha')) ? GETPOST($id, 'alpha') : (($htmlname && GETPOST($htmlname, 'alpha')) ? GETPOST($htmlname, 'alpha') : ''));
85
86// Add a security test to avoid to get content of all tables
87restrictedArea($user, $objecttmp->element, $id);
88
89$arrayresult = $form->selectForFormsList($objecttmp, $htmlname, '', 0, $searchkey, '', '', '', 0, 1);
90
91$db->close();
92
93if ($outjson) {
94	print json_encode($arrayresult);
95}
96