Koha-community/Koha
13
7
Fork 0
Code Issues Releases Wiki Activity

fixed permissions for updateitem

Browse source 
Per new bug 1783, it would be nice if editcatalogue would
work as well, but a change to the public API of C4::Auth
is needed for that to work.

Signed-off-by: Chris Cormack <crc@liblime.com>
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
This commit is contained in:
Galen Charlton 2008-01-21 14:20:46 -06:00 committed by Joshua Ferraro
parent 396f998788
commit 46bd98ec44
2 changed files with 75 additions and 46 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
catalogue/updateitem.pl
View file

@ -20,6 +20,7 @@
use strict; use strict;
use warnings; use warnings;
use CGI; use CGI;
use C4::Auth;
use C4::Context; use C4::Context;
use C4::Biblio; use C4::Biblio;
use C4::Items; use C4::Items;
@ -30,6 +31,8 @@ use C4::Reserves;
my $cgi= new CGI; my $cgi= new CGI;
my ($loggedinuser, $cookie, $sessionID) = checkauth($cgi, 0, {circulate => 1}, 'intranet');
my $biblionumber=$cgi->param('biblionumber'); my $biblionumber=$cgi->param('biblionumber');
my $itemnumber=$cgi->param('itemnumber'); my $itemnumber=$cgi->param('itemnumber');
my $biblioitemnumber=$cgi->param('biblioitemnumber'); my $biblioitemnumber=$cgi->param('biblioitemnumber');

28
koha-tmpl/intranet-tmpl/prog/en/modules/catalogue/moredetail.tmpl
View file

@ -62,6 +62,7 @@
<li><span class="label">Current Location:</span> <!-- TMPL_VAR NAME="holdingbranchname" -->&nbsp;</li> <li><span class="label">Current Location:</span> <!-- TMPL_VAR NAME="holdingbranchname" -->&nbsp;</li>
<li><span class="label">Circulation Status:</span> <!-- TMPL_IF NAME="issue" -->Checked out to <a href="/cgi-bin/koha/members/moremember.pl?borrowernumber=<!-- TMPL_VAR NAME="borrowernumber" -->"><!-- TMPL_VAR NAME="cardnumber" --></a>, Due back on <!-- TMPL_VAR NAME="onloan" --><!-- TMPL_ELSE -->Not Checked out <!-- /TMPL_IF --></li> <li><span class="label">Circulation Status:</span> <!-- TMPL_IF NAME="issue" -->Checked out to <a href="/cgi-bin/koha/members/moremember.pl?borrowernumber=<!-- TMPL_VAR NAME="borrowernumber" -->"><!-- TMPL_VAR NAME="cardnumber" --></a>, Due back on <!-- TMPL_VAR NAME="onloan" --><!-- TMPL_ELSE -->Not Checked out <!-- /TMPL_IF --></li>
<li><span class="label">Lost Status:</span> <li><span class="label">Lost Status:</span>
<!-- TMPL_IF NAME="CAN_user_circulate" -->
<form action="updateitem.pl" method="post"> <form action="updateitem.pl" method="post">
<input type="hidden" name="biblionumber" value="<!-- TMPL_VAR Name="biblionumber" -->" /> <input type="hidden" name="biblionumber" value="<!-- TMPL_VAR Name="biblionumber" -->" />
<input type="hidden" name="biblioitemnumber" value="<!-- TMPL_VAR Name="biblioitemnumber" -->" /> <input type="hidden" name="biblioitemnumber" value="<!-- TMPL_VAR Name="biblioitemnumber" -->" />
@ -78,8 +79,17 @@
<input type="hidden" name="wthdrawn" value="<!-- TMPL_VAR NAME="wthdrawn" -->" /> <input type="hidden" name="wthdrawn" value="<!-- TMPL_VAR NAME="wthdrawn" -->" />
<input type="hidden" name="damaged" value="<!-- TMPL_VAR NAME="damaged" -->" /> <input type="hidden" name="damaged" value="<!-- TMPL_VAR NAME="damaged" -->" />
<input type="submit" name="submit" class="submit" value="Set Status" /></form> <input type="submit" name="submit" class="submit" value="Set Status" /></form>
<!-- TMPL_ELSE -->
<!-- TMPL_LOOP NAME="itemlostloop" -->
<!-- TMPL_IF NAME="selected" -->
<!-- TMPL_VAR NAME="lib" -->
<!-- /TMPL_IF -->
<!-- /TMPL_LOOP -->
&nbsp;
<!-- /TMPL_IF -->
</li> </li>
<li><span class="label">Damaged Status:</span> <li><span class="label">Damaged Status:</span>
<!-- TMPL_IF NAME="CAN_user_circulate" -->
<form action="updateitem.pl" method="post"> <form action="updateitem.pl" method="post">
<input type="hidden" name="biblionumber" value="<!-- TMPL_VAR Name="biblionumber" -->" /> <input type="hidden" name="biblionumber" value="<!-- TMPL_VAR Name="biblionumber" -->" />
<input type="hidden" name="biblioitemnumber" value="<!-- TMPL_VAR Name="biblioitemnumber" -->" /> <input type="hidden" name="biblioitemnumber" value="<!-- TMPL_VAR Name="biblioitemnumber" -->" />
@ -96,8 +106,17 @@
<input type="hidden" name="wthdrawn" value="<!-- TMPL_VAR NAME="wthdrawn" -->" /> <input type="hidden" name="wthdrawn" value="<!-- TMPL_VAR NAME="wthdrawn" -->" />
<input type="hidden" name="itemlost" value="<!-- TMPL_VAR NAME="itemlost" -->" /> <input type="hidden" name="itemlost" value="<!-- TMPL_VAR NAME="itemlost" -->" />
<input type="submit" name="submit" class="submit" value="Set Status" /></form> <input type="submit" name="submit" class="submit" value="Set Status" /></form>
<!-- TMPL_ELSE -->
<!-- TMPL_LOOP NAME="itemdamagedloop" -->
<!-- TMPL_IF NAME="selected" -->
<!-- TMPL_VAR NAME="lib" -->
<!-- /TMPL_IF -->
<!-- /TMPL_LOOP -->
&nbsp;
<!-- /TMPL_IF -->
</li> </li>
<li><span class="label">Withdrawn?:</span><!-- TMPL_IF NAME="wthdrawn" -->Yes<!-- TMPL_ELSE -->No<!-- /TMPL_IF --> <li><span class="label">Withdrawn?:</span><!-- TMPL_IF NAME="wthdrawn" -->Yes<!-- TMPL_ELSE -->No<!-- /TMPL_IF -->
<!-- TMPL_IF NAME="CAN_user_circulate" -->
<form action="updateitem.pl" method="post"> <form action="updateitem.pl" method="post">
<input type="hidden" name="biblionumber" value="<!-- TMPL_VAR Name="biblionumber" -->" /> <input type="hidden" name="biblionumber" value="<!-- TMPL_VAR Name="biblionumber" -->" />
<input type="hidden" name="biblioitemnumber" value="<!-- TMPL_VAR Name="biblioitemnumber" -->" /> <input type="hidden" name="biblioitemnumber" value="<!-- TMPL_VAR Name="biblioitemnumber" -->" />
@ -112,6 +131,7 @@
<input type="submit" name="submit" class="submit" value="Restore" /><!-- TMPL_ELSE --><input type="submit" name="submit" class="submit" value="Withdraw" /> <input type="submit" name="submit" class="submit" value="Restore" /><!-- TMPL_ELSE --><input type="submit" name="submit" class="submit" value="Withdraw" />
<!-- /TMPL_IF --> <!-- /TMPL_IF -->
</form> </form>
<!-- /TMPL_IF -->
</li> </li>
</ol></div> </ol></div>
<div class="listgroup"><h4>History</h4> <div class="listgroup"><h4>History</h4>
@ -131,11 +151,17 @@
<!-- TMPL_IF NAME="card2" --><li><span class="label">Previous Borrower:</span> <a href="/cgi-bin/koha/circ/circulation.pl?borrowernumber=<!-- TMPL_VAR NAME="borrower2" -->"><!-- TMPL_VAR NAME="card2" --></a>&nbsp;</li><!-- /TMPL_IF --> <!-- TMPL_IF NAME="card2" --><li><span class="label">Previous Borrower:</span> <a href="/cgi-bin/koha/circ/circulation.pl?borrowernumber=<!-- TMPL_VAR NAME="borrower2" -->"><!-- TMPL_VAR NAME="card2" --></a>&nbsp;</li><!-- /TMPL_IF -->
<li><span class="label">Paid for?:</span> <!-- TMPL_VAR NAME="paidfor" -->&nbsp;</li> <li><span class="label">Paid for?:</span> <!-- TMPL_VAR NAME="paidfor" -->&nbsp;</li>
<li><span class="label">Public Note:</span> <li><span class="label">Public Note:</span>
<!-- TMPL_IF NAME="CAN_user_circulate" -->
<form class="inline" action="updateitem.pl" method="post"><input type="hidden" name="biblionumber" value="<!-- TMPL_VAR Name="biblionumber" -->" /> <form class="inline" action="updateitem.pl" method="post"><input type="hidden" name="biblionumber" value="<!-- TMPL_VAR Name="biblionumber" -->" />
<input type="hidden" name="biblioitemnumber" value="<!-- TMPL_VAR Name="biblioitemnumber" -->" /><input type="hidden" name="itemnumber" value="<!-- TMPL_VAR Name="itemnumber" -->" /> <input type="hidden" name="biblioitemnumber" value="<!-- TMPL_VAR Name="biblioitemnumber" -->" /><input type="hidden" name="itemnumber" value="<!-- TMPL_VAR Name="itemnumber" -->" />
<textarea name="itemnotes" rows="2" cols="30"><!-- TMPL_VAR NAME="itemnotes" --></textarea><input type="submit" name="submit" class="submit" value="Update" /> <textarea name="itemnotes" rows="2" cols="30"><!-- TMPL_VAR NAME="itemnotes" --></textarea><input type="submit" name="submit" class="submit" value="Update" />
</li> </li>
</ol></form></div> </ol></form>
<!-- TMPL_ELSE -->
<!-- TMPL_VAR NAME="itemnotes" -->
&nbsp;
<!-- /TMPL_IF -->
</div>
</div> </div>
<!-- /TMPL_LOOP --> <!-- /TMPL_LOOP -->