ajaxtooltip.php 2.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293
  1. <?php
  2. /* Copyright (C) 2007-2023 Laurent Destailleur <eldy@users.sourceforge.net>
  3. * Copyright (C) 2018-2023 Frédéric France <frederic.france@netlogic.fr>
  4. *
  5. * This program is free software; you can redistribute it and/or modify
  6. * it under the terms of the GNU General Public License as published by
  7. * the Free Software Foundation; either version 3 of the License, or
  8. * (at your option) any later version.
  9. *
  10. * This program is distributed in the hope that it will be useful,
  11. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  12. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  13. * GNU General Public License for more details.
  14. *
  15. * You should have received a copy of the GNU General Public License
  16. * along with this program. If not, see <https://www.gnu.org/licenses/>.
  17. */
  18. /**
  19. * \file htdocs/core/ajax/ajaxtooltip.php
  20. * \ingroup tooltip
  21. * \brief This script returns content of tooltip
  22. */
  23. if (!defined('NOTOKENRENEWAL')) {
  24. define('NOTOKENRENEWAL', 1); // Disables token renewal
  25. }
  26. if (!defined('NOREQUIREMENU')) {
  27. define('NOREQUIREMENU', '1');
  28. }
  29. if (!defined('NOREQUIREHTML')) {
  30. define('NOREQUIREHTML', '1');
  31. }
  32. if (!defined('NOREQUIREAJAX')) {
  33. define('NOREQUIREAJAX', '1');
  34. }
  35. include '../../main.inc.php';
  36. include_once DOL_DOCUMENT_ROOT.'/core/class/html.form.class.php';
  37. $id = GETPOST('id', 'aZ09');
  38. $objecttype = GETPOST('objecttype', 'aZ09arobase'); // 'module' or 'myobject@mymodule', 'mymodule_myobject'
  39. $params = array('fromajaxtooltip' => 1);
  40. if (GETPOSTISSET('infologin')) {
  41. $params['infologin'] = GETPOST('infologin', 'int');
  42. }
  43. if (GETPOSTISSET('option')) {
  44. $params['option'] = GETPOST('option', 'restricthtml');
  45. }
  46. // Load object according to $element
  47. $object = fetchObjectByElement($id, $objecttype);
  48. if (empty($object->element)) {
  49. httponly_accessforbidden('Failed to get object with fetchObjectByElement(id='.$id.', objecttype='.$objecttype.')');
  50. }
  51. $module = $object->module;
  52. $element = $object->element;
  53. $usesublevelpermission = ($module != $element ? $element : '');
  54. if ($usesublevelpermission && !$user->hasRight($module, $element)) { // There is no permission on object defined, we will check permission on module directly
  55. $usesublevelpermission = '';
  56. }
  57. //print $object->id.' - '.$object->module.' - '.$object->element.' - '.$object->table_element.' - '.$usesublevelpermission."\n";
  58. // Security check
  59. restrictedArea($user, $object->module, $object, $object->table_element, $usesublevelpermission);
  60. /*
  61. * View
  62. */
  63. top_httphead();
  64. $html = '';
  65. if (is_object($object)) {
  66. if ($object->id > 0 || !empty($object->ref)) {
  67. /** @var CommonObject $object */
  68. $html = $object->getTooltipContent($params);
  69. } elseif ($res == 0) {
  70. $html = $langs->trans('Deleted');
  71. }
  72. unset($object);
  73. }
  74. print $html;
  75. $db->close();