Bugfix 2026 - Comments handling overhauled. Scrubber and Error feedback added.
Note: we CANNOT rely on window.close in onSubmit or $().submit to close our popups. On a relatively slow connection with a relatively large POST, commonly the close finishes *before* the POST completes, as reported with our New Zealand clients. Despite success in trivial cases, this should be obvious, since the event is necessarily before the submission. It also assumes success and prevents any kind of error feedback. Other popups are likely to exhibit this same defective behavior. Some FIXME's outstanding: need to allow users to delete their own comments, need to enforce and feedback on max comment length. Signed-off-by: Joshua Ferraro <jmf@liblime.com>
This commit is contained in:
Joe Atzberger
Joshua Ferraro
parent
74d3dc35ee
commit
70829660c2
2 changed files with 97 additions and 47 deletions
|
|
@ -1,15 +1,71 @@
|
|||
<!-- TMPL_INCLUDE name="doc-head-open.inc" --><!-- TMPL_IF NAME="LibraryNameTitle" --><!-- TMPL_VAR NAME="LibraryNameTitle" --><!-- TMPL_ELSE -->Koha Online<!-- /TMPL_IF --> Catalog › Library Home for <!-- TMPL_LOOP name="BORROWER_INFO" --><!-- TMPL_VAR name="firstname" --> <!-- TMPL_VAR name="surname" --><!-- /TMPL_LOOP -->
|
||||
<!-- TMPL_INCLUDE name="doc-head-open.inc" --><!-- TMPL_VAR NAME="LibraryNameTitle" DEFAULT="Koha Online" --> Catalog › Comments on <!--TMPL_VAR NAME="title" -->
|
||||
<!-- TMPL_INCLUDE NAME="doc-head-close.inc" -->
|
||||
<style type="text/css">
|
||||
#custom-doc { width:37.08em;*width:36.16em;min-width:485px; margin:1em auto; text-align:left; }
|
||||
</style>
|
||||
</head>
|
||||
<body id="comment">
|
||||
<div id="custom-doc" class="yui-t7">
|
||||
<style type="text/css">
|
||||
#custom-doc { width:37.08em;*width:36.16em;min-width:485px; margin:1em auto; text-align:left; }
|
||||
</style>
|
||||
<script type="text/JavaScript" language="JavaScript">
|
||||
//<![CDATA[
|
||||
$(document).ready(function() {
|
||||
var inject_old = function(comment) {
|
||||
<!-- TMPL_IF NAME="reviewid" -->
|
||||
<!-- TMPL_IF NAME="cgi_debug" -->alert("injecting OLD comment: " +comment);<!-- /TMPL_IF -->
|
||||
parent.opener.$('#c<!-- TMPL_VAR NAME="reviewid" --> p').prev("small").prev("h5").html("Your Edited Comment (preview, pending approval)");
|
||||
parent.opener.$('#c<!-- TMPL_VAR NAME="reviewid" --> p').html(comment);
|
||||
parent.opener.$('#c<!-- TMPL_VAR NAME="reviewid" --> p').append(" <a href=\"#comment\" onclick=\"Dopop(\'/cgi-bin/koha/opac-review.pl?biblionumber=<!-- TMPL_VAR NAME="biblionumber"-->&reviewid=<!-- TMPL_VAR NAME="reviewid" -->\');\">Edit</a>");
|
||||
<!-- /TMPL_IF -->
|
||||
return 1;
|
||||
};
|
||||
var inject_new = function(comment) {
|
||||
<!-- TMPL_IF NAME="cgi_debug" -->alert("injecting NEW comment: " +comment);<!-- /TMPL_IF -->
|
||||
parent.opener.$('#newcomment').attr("class","yours");
|
||||
parent.opener.$('#newcomment').html(
|
||||
"<h5>Your Comment (preview, pending approval)</h5>" +
|
||||
"<p>"+comment+"</p>" +
|
||||
"<a href=\"#comment\" onclick=\"Dopop(\'/cgi-bin/koha/opac-review.pl?biblionumber=<!-- TMPL_VAR NAME="biblionumber"-->\');\">Edit</a></p>"
|
||||
);
|
||||
parent.opener.$("#addcomment").prev("p").remove();
|
||||
parent.opener.$("#addcomment").remove();
|
||||
};
|
||||
<!-- TMPL_IF NAME="clean_review" -->
|
||||
var clean_review = "<!-- TMPL_VAR NAME="clean_review" ESCAPE=JS -->"; // TMPL var must not contain " quotes.
|
||||
<!-- TMPL_IF NAME="reviewid" -->
|
||||
inject_old(clean_review);
|
||||
<!-- TMPL_ELSE -->
|
||||
inject_new(clean_review);
|
||||
<!-- /TMPL_IF -->
|
||||
<!-- /TMPL_IF -->
|
||||
<!-- TMPL_IF NAME="WINDOW_CLOSE" -->
|
||||
<!-- TMPL_IF NAME="ERRORS" -->
|
||||
setTimeout("window.close()",5000); // flash this page, then close. Change warning in template if you change this value.
|
||||
<!-- TMPL_ELSE -->
|
||||
window.close();
|
||||
<!-- /TMPL_IF -->
|
||||
<!-- /TMPL_IF -->
|
||||
// $('#reviewf').submit(function() {});
|
||||
});
|
||||
//]]>
|
||||
</script>
|
||||
</head>
|
||||
<body id="comment">
|
||||
<div id="custom-doc" class="yui-t7">
|
||||
<div class="container">
|
||||
<!-- TMPL_IF NAME="ERRORS" -->
|
||||
<div class="error">
|
||||
<!-- TMPL_LOOP NAME="ERRORS" -->
|
||||
<p>
|
||||
<!-- TMPL_IF NAME="scrubbed" -->Note: your comment contained illegal markup code.
|
||||
It has been saved with the markup removed, as below.
|
||||
You can edit the comment further, or cancel to retain the comment as is.
|
||||
<!-- /TMPL_IF -->
|
||||
<!-- TMPL_IF NAME="scrubbed_all" -->Error! Your comment was entirely illegal markup code. It has NOT been added.<!-- /TMPL_IF -->
|
||||
<!-- TMPL_IF NAME="empty" -->Error! You cannot add an empty comment. Please add content or cancel.<!-- /TMPL_IF -->
|
||||
</p>
|
||||
<!-- /TMPL_LOOP -->
|
||||
<!-- TMPL_IF NAME="WINDOW_CLOSE" -->Note: this window will close automatically in 5 seconds<!-- /TMPL_IF -->
|
||||
</div>
|
||||
<!-- /TMPL_IF -->
|
||||
<form id="reviewf" action="/cgi-bin/koha/opac-review.pl" method="post">
|
||||
<input type="hidden" name="biblionumber" value="<!-- TMPL_VAR NAME="biblionumber" -->" />
|
||||
<input type="hidden" name="type" value="<!-- TMPL_VAR NAME="type" -->" />
|
||||
<fieldset class="brief">
|
||||
<legend>Comments on <i><!--TMPL_VAR NAME="title" --> <!-- TMPL_VAR NAME="subtitle" --></i><!-- TMPL_IF NAME="author" -->by <!-- TMPL_VAR NAME="author" --><!-- /TMPL_IF --></legend>
|
||||
<ol><li><textarea id="review" name="review" cols="60" rows="8"><!--TMPL_VAR NAME="review"--></textarea></li></ol>
|
||||
|
|
@ -17,30 +73,6 @@
|
|||
<p>Note: Your comment must be approved by a librarian. </p>
|
||||
<fieldset class="action"> <input type="submit" value="Submit and close this window" /> <a class="cancel close" href="#">Cancel</a></fieldset>
|
||||
</form></div>
|
||||
<script type="text/JavaScript" language="JavaScript">
|
||||
//<![CDATA[
|
||||
$(document).ready(function() {
|
||||
$('#reviewf').submit( function() {
|
||||
<!-- TMPL_IF NAME="reviewid" -->
|
||||
parent.opener.$('#c<!-- TMPL_VAR NAME="reviewid" --> p').prev("small").prev("h5").html("Your Edited Comment (preview, pending approval)");
|
||||
parent.opener.$('#c<!-- TMPL_VAR NAME="reviewid" --> p').html($("#review").val().replace(/&/g,'&').replace(/</g,'<').replace(/>/g,'>'));
|
||||
parent.opener.$('#c<!-- TMPL_VAR NAME="reviewid" --> p').append(" <a href=\"#comment\" onclick=\"Dopop(\'/cgi-bin/koha/opac-review.pl?biblionumber=<!-- TMPL_VAR NAME="biblionumber"-->&reviewid=<!-- TMPL_VAR NAME="reviewid" -->\');\">Edit</a>");
|
||||
window.close();
|
||||
<!-- TMPL_ELSE -->
|
||||
parent.opener.$('#newcomment').attr("class","yours");
|
||||
parent.opener.$('#newcomment').html("<h5>Your Comment (preview, pending approval)</h5>");
|
||||
parent.opener.$('#newcomment').append("<p>"+$("#review").val().replace(/&/g,'&').replace(/</g,'<').replace(/>/g,'>'));
|
||||
parent.opener.$('#newcomment p').append(" <a href=\"#comment\" onclick=\"Dopop(\'/cgi-bin/koha/opac-review.pl?biblionumber=<!-- TMPL_VAR NAME="biblionumber"-->&reviewid=<!-- TMPL_VAR NAME="reviewid" -->\');\">Edit</a></p>");
|
||||
parent.opener.$("#addcomment").prev("p").remove();
|
||||
parent.opener.$("#addcomment").remove();
|
||||
window.close();
|
||||
<!-- /TMPL_IF -->
|
||||
});
|
||||
});
|
||||
//]]>
|
||||
</script>
|
||||
</div>
|
||||
|
||||
</body>
|
||||
</html>
|
||||
|
||||
|
|
|
|||
|
|
@ -18,20 +18,19 @@
|
|||
# Suite 330, Boston, MA 02111-1307 USA
|
||||
|
||||
use strict;
|
||||
require Exporter;
|
||||
use warnings;
|
||||
use CGI;
|
||||
use C4::Auth;
|
||||
use C4::Koha;
|
||||
use C4::Output;
|
||||
use C4::Circulation;
|
||||
use C4::Review;
|
||||
use C4::Biblio;
|
||||
use C4::Scrubber;
|
||||
use C4::Debug;
|
||||
|
||||
my $query = new CGI;
|
||||
my $biblionumber = $query->param('biblionumber');
|
||||
my $type = $query->param('type');
|
||||
my $review = $query->param('review');
|
||||
my $reviewid = $query->param('reviewid');
|
||||
my ( $template, $borrowernumber, $cookie ) = get_template_and_user(
|
||||
{
|
||||
template_name => "opac-review.tmpl",
|
||||
|
|
@ -41,22 +40,41 @@ my ( $template, $borrowernumber, $cookie ) = get_template_and_user(
|
|||
}
|
||||
);
|
||||
|
||||
my $biblio = GetBiblioData( $biblionumber);
|
||||
# FIXME: need to allow user to delete their own comment(s)
|
||||
|
||||
my $savedreview = getreview( $biblionumber, $borrowernumber );
|
||||
if ( $type eq 'save' ) {
|
||||
savereview( $biblionumber, $borrowernumber, $review );
|
||||
my $biblio = GetBiblioData($biblionumber);
|
||||
my $savedreview = getreview($biblionumber,$borrowernumber);
|
||||
my ($clean, @errors);
|
||||
if (defined $review) {
|
||||
if ($review !~ /\S/) {
|
||||
push @errors, {empty=>1};
|
||||
} else {
|
||||
$clean = C4::Scrubber->new('comment')->scrub($review);
|
||||
if ($clean !~ /\S/) {
|
||||
push @errors, {scrubbed_all=>1};
|
||||
} else {
|
||||
if ($clean ne $review) {
|
||||
push @errors, {scrubbed=>$clean};
|
||||
my $js_ok_review = $clean;
|
||||
$js_ok_review =~ s/"/"/g; # probably redundant w/ TMPL ESCAPE=JS
|
||||
$template->param(clean_review=>$js_ok_review);
|
||||
}
|
||||
if ($savedreview) {
|
||||
updatereview($biblionumber, $borrowernumber, $clean);
|
||||
} else {
|
||||
savereview($biblionumber, $borrowernumber, $clean);
|
||||
}
|
||||
unless (@errors){ $template->param(WINDOW_CLOSE=>1); }
|
||||
}
|
||||
}
|
||||
}
|
||||
elsif ( $type eq 'update' ) {
|
||||
updatereview( $biblionumber, $borrowernumber, $review );
|
||||
}
|
||||
$type = ($savedreview) ? "update" : "save";
|
||||
(@errors ) and $template->param( ERRORS=>\@errors);
|
||||
($cgi_debug) and $template->param(cgi_debug=>1 );
|
||||
$template->param(
|
||||
'biblionumber' => $biblionumber,
|
||||
'borrowernumber' => $borrowernumber,
|
||||
'type' => $type,
|
||||
'review' => $savedreview->{'review'},
|
||||
'reviewid' => $reviewid,
|
||||
'review' => $clean || $savedreview->{'review'},
|
||||
'reviewid' => $query->param('reviewid') || 0,
|
||||
'title' => $biblio->{'title'},
|
||||
);
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue