Jump to content
Sign in to follow this  
IAmEric

Prevent CustomFieldSave From Actually Saving?

Recommended Posts

I know that using the CustomFieldSave hook I can override the value that is saved to the database but is there any way to prevent the saving of the value altogether? Something along the lines of an undocumented return value that will prevent the new value from being saved? I have tried returning an empty array as well as returning a boolean false but in both cases the custom field was updated with the new value.

The reasoning behind this is that I am obscuring the value of certain sensitive custom fields using the CustomFieldLoad hook by overriding their value with the string "** HIDDEN **". If the custom field is then subsequently saved with the value of "** HIDDEN **" I want to prevent the true custom field value from being overwritten in the database. I know that I can fetch the true value of the custom field and set it as the override value but I am concerned about edge cases where the database Capsule query fails and I am not able to fetch the true value of the custom field before it is saved.

Does anyone know of any way to definitively prevent a custom field value from being saved?

Share this post


Link to post
Share on other sites

Use this action hook.

<?php

use WHMCS\Database\Capsule;

add_hook('CustomFieldSave', 1, function($vars)
{
    $ReadOnlyFields = array('1', '2'); // IDs of Custom Fields that cannot be edited
    $DisallowAdmin = false; // true = Even Administrators can't edit them | false = Administrators can freely update any Custom Field

    /* Do not edit below */
    $IsAdmin = (basename($_SERVER['PHP_SELF']) == 'clientsprofile.php' ? true : false);

    if (in_array($vars['fieldid'], $ReadOnlyFields) AND (($IsAdmin AND $DisallowAdmin) OR (!$IsAdmin)))
    {
        return array('value' => Capsule::table('tblcustomfieldsvalues')->where(['fieldid' => $vars['fieldid'], 'relid' => $vars['relid']])->first(['value'])->value);
    }
});

 

Share this post


Link to post
Share on other sites
On 3/27/2019 at 6:16 PM, Kian said:

Use this action hook.

.....

hello

the code does not work.

it seems that $vars['fieldid'] and $vars['relid'] are blank or null in $vars

you can fix it?

Share this post


Link to post
Share on other sites

The above hook code works. I tested it but the issue I think is that it is not actually hiding the custom fields.

It does not allow you to save the custom fields. Even when I logged in as an Admin and logged in as Owner, I was still unable to edit the field. So this hook seems to just not allow editing at all for the custom IDs you place in that hook.

So you will need a developer/programmer to edit the above code or provide you another hook. However, you can also just click on the Admin Only checkbox for the custom field and thats it for it to be only edited by the admin only. If you do not check "show on order form" it will not display these custom fields on the Account Details page via the client area.

So, the above code does not allow these custom fields (IDs have to be edited depending on your custom field IDs) to be edited if the "Show on order form" is checked to show these fields in the Account Details page via the client area.

Please explain on if you want the client to be able to edit these custom fields at all or what are you actually using them for so they cannot be edited? Maybe that will help one of our community members get a better idea on what you are looking to do...

Share this post


Link to post
Share on other sites
21 hours ago, WHMCS Danny said:

The above hook code works. I tested it but the issue I think is that it is not actually hiding the custom fields.

It does not allow you to save the custom fields. Even when I logged in as an Admin and logged in as Owner, I was still unable to edit the field. So this hook seems to just not allow editing at all for the custom IDs you place in that hook.

So you will need a developer/programmer to edit the above code or provide you another hook. However, you can also just click on the Admin Only checkbox for the custom field and thats it for it to be only edited by the admin only. If you do not check "show on order form" it will not display these custom fields on the Account Details page via the client area.

So, the above code does not allow these custom fields (IDs have to be edited depending on your custom field IDs) to be edited if the "Show on order form" is checked to show these fields in the Account Details page via the client area.

Please explain on if you want the client to be able to edit these custom fields at all or what are you actually using them for so they cannot be edited? Maybe that will help one of our community members get a better idea on what you are looking to do...

hello.

if I check the option "Administrators only" this will make the field disappear from the registration form.

therefore I don't want it to disappear from the registration form.

if not that the client "put the data in this field only the first time", but in the future or later only an administrator can edit it.

hope now you understand the difference.

on the hook, it works more or less well. (within the client and administrator area)

However, if a new customer tries to register the following error appears: 

error_value.thumb.png.f579f29616310c64d81331f4de5f8673.png

apparently the VALUE returns null.

this is why you get an error in the registry.

Share this post


Link to post
Share on other sites

So to solve my problem, it occurred to me that the code is executed only if it is in the administration area or in the client area, and in this way it easily only executes for the client that is already registered.

I will leave the code in case someone else needs it in the future: https://pastebin.com/xqd3pQEC

Note that the value of the custom field must be set to "Required field" for a value to exist in the record and when edited "there is something to search the database or it may return null".

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated