Koha-community
/
Koha
13
5
Fork 0
Code Issues Releases Wiki Activity
Browse Source

Bug 27719: Apply _escape_str and _escape_price where needed 

This bug replaces calls for .escapeHtml and format_price for there null
checking counterparts

To test:

1: have a fresh Koha Testing Docker
2: have a basket set to create item records on ordering
3: populate basket from a marc file, only setting price and fund for the items
4: close basket
5: click to Receive, create invoice
6: on parcel.pl, "Processing" alert never resolves
CHECK => The console shows:
parcel.pl?invoiceid=1:810 Uncaught TypeError: Cannot read property 'format_price' of null
    at render (parcel.pl?invoiceid=1:810)
    at datatables.min_20.1200012.js:57
    at Object.b.fnGetData (datatables.min_20.1200012.js:51)
    at B (datatables.min_20.1200012.js:56)
    at Ha (datatables.min_20.1200012.js:64)
    at P (datatables.min_20.1200012.js:68)
    at vb (datatables.min_20.1200012.js:79)
    at datatables.min_20.1200012.js:76
    at i (datatables.min_20.1200012.js:74)
    at Object.success (datatables.min_20.1200012.js:75)

And that error points toward:
                        "data": "replacement_price",
                        "render": function(data, type, row, meta) {
                            return (row.replacement_price).format_price();
                        },
                    },
7: apply patch
8: redo steps 5 and 6
SUCCESS => "Processing" alert doesn't hangs, and prices with null values
are empty.

Sponsored-by: Virginia Polytechnic Institute and State University

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
21.05.x
Agustin Moyano 3 years ago
committed by Jonathan Druart
parent
6bd75d6dca
commit
740331c39e
1 changed files with 22 additions and 22 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 44
      koha-tmpl/intranet-tmpl/prog/en/modules/acqui/parcel.tt

44
koha-tmpl/intranet-tmpl/prog/en/modules/acqui/parcel.tt
View File

@ -402,7 +402,7 @@
"orderable": true,
"render": function(data, type, row, meta) {
if (type != 'display') return _escape_str(data);
return "<a href=\"/cgi-bin/koha/acqui/basket.pl?basketno=" + encodeURIComponent(row.basket.basket_id) + "\">" + data.escapeHtml() + " (" + row.basket.basket_id.escapeHtml() + ")</a>";
return "<a href=\"/cgi-bin/koha/acqui/basket.pl?basketno=" + encodeURIComponent(row.basket.basket_id) + "\">" + _escape_str(data) + " (" + _escape_str(row.basket.basket_id) + ")</a>";
}
},
{ "data": "basket.basket_group.name",
@ -418,7 +418,7 @@
return "<a href=\"/cgi-bin/koha/acqui/basketgroup.pl?op=add&amp;booksellerid="
+ encodeURIComponent(row.basket.vendor_id) + "&amp;basketgroupid="
+ encodeURIComponent(row.basket.basket_group_id) + "\">"
+ row.basket.basket_group.name.escapeHtml() + " (" + row.basket.basket_group_id.escapeHtml() + ")</a>";
+ _escape_str(row.basket.basket_group.name) + " (" + _escape_str(row.basket.basket_group_id) + ")</a>";
}
}
},
@ -426,7 +426,7 @@
"data": "order_id",
"render": function(data, type, row, meta) {
if (type != 'display') return _escape_str(data);
return "<a href=\"neworderempty.pl?ordernumber="+encodeURIComponent(data)+"&amp;booksellerid="+encodeURIComponent(row.basket.vendor_id)+"\">"+data.escapeHtml()+"</a>";
return "<a href=\"neworderempty.pl?ordernumber="+encodeURIComponent(data)+"&amp;booksellerid="+encodeURIComponent(row.basket.vendor_id)+"\">"+_escape_str(data)+"</a>";
}
},
{
@ -436,22 +436,22 @@
"render": function(data, type, row, meta) {
var result = '';
if ( row && row.biblio_id != null ) {
result = "<p><a href=\"/cgi-bin/koha/catalogue/detail.pl?biblionumber="+encodeURIComponent(row.biblio_id)+"\">"+row.biblio.title.escapeHtml()+"</a>";
result = "<p><a href=\"/cgi-bin/koha/catalogue/detail.pl?biblionumber="+encodeURIComponent(row.biblio_id)+"\">"+_escape_str(row.biblio.title)+"</a>";
if ( row.biblio.author != null )
result += _(" by ") + row.biblio.author.escapeHtml();
result += _(" by ") + _escape_str(row.biblio.author);
if ( row.biblio.isbn != null )
result += " &ndash; " + row.biblio.isbn.escapeHtml();
result += " &ndash; " + _escape_str(row.biblio.isbn);
[% IF Koha.Preference('marcflavour')=='UNIMARC' %]
if ( row.biblio.ean != null )
result += " &ndash; EAN:" + row.biblio.ean.escapeHtml();
result += " &ndash; EAN:" + _escape_str(row.biblio.ean);
[% END %]
if ( row.biblio.publisher != null ) {
result += "<br/>" + _("Publisher: ") + row.biblio.publisher.escapeHtml();
result += "<br/>" + _("Publisher: ") + _escape_str(row.biblio.publisher);
if ( row.biblio.publication_year != null ) {
result += ", " + row.biblio.publication_year.escapeHtml();
result += ", " + _escape_str(row.biblio.publication_year);
}
else if ( row.biblio.copyright_date != null ) {
result += row.biblio.copyright_date.escapeHtml();
result += _escape_str(row.biblio.copyright_date);
}
}
var suggestions = row.biblio.suggestions;
@ -461,10 +461,10 @@
var suggester = suggestion.suggester;
var suggested_by = [];
if ( suggester.surname != null ) {
suggested_by.push(suggester.surname.escapeHtml());
suggested_by.push(_escape_str(suggester.surname));
}
if ( suggester.firstname != null ) {
suggested_by.push(suggester.firstname.escapeHtml());
suggested_by.push(_escape_str(suggester.firstname));
}
result += "<br/>" + _("Suggested by: ") +
@ -472,7 +472,7 @@
+ encodeURIComponent(suggestion.suggestionid)
+ '&amp;op=show">'
+ suggested_by.join(", ")
+ " (#" + suggestions[0].suggestionid.escapeHtml() + ")</a>"; // FIXME: could be changed if we allow matching multiple suggestions
+ " (#" + _escape_str(suggestions[0].suggestionid) + ")</a>"; // FIXME: could be changed if we allow matching multiple suggestions
}
}
result += '</p>';
@ -482,7 +482,7 @@
if ( internal_note != null && internal_note != '' ) {
result += '<p class="ordernote"><strong>'
+ _("Internal note: ")
+ '</strong>' + internal_note.escapeHtml()
+ '</strong>' + _escape_str(internal_note)
+ ' [<a href="/cgi-bin/koha/acqui/modordernotes.pl?ordernumber='
+ encodeURIComponent(row.order_id) + '&amp;referrer=/cgi-bin/koha/acqui/parcel.pl%3Finvoiceid=[% invoiceid | uri %]'
+ '&type=internal">' + _("Change internal note") + '</a>]</p>';
@ -497,7 +497,7 @@
if ( vendor_note != null && vendor_note != '' ) {
result += '<p class="ordernote"><strong>'
+ _("Vendor note: ")
+ '</strong>' + vendor_note.escapeHtml() + '</p>';
+ '</strong>' + _escape_str(vendor_note) + '</p>';
}
else {
result += ' [<a href="/cgi-bin/koha/acqui/modordernotes.pl?ordernumber='
@ -523,7 +523,7 @@
{
"data": "replacement_price",
"render": function(data, type, row, meta) {
return (row.replacement_price).format_price();
return _escape_price(row.replacement_price);
},
},
{
@ -533,13 +533,13 @@
{
"data": "ecost",
"render": function(data, type, row, meta) {
return (row.ecost).format_price();
return _escape_price(row.ecost);
},
},
{
"data": "",
"render": function(data, type, row, meta) {
return (row.quantity * row.ecost).format_price();
return _escape_price(row.quantity * row.ecost);
},
"orderable": false, // FIXME: How can we do it in DBIC?
"searchable": false
@ -547,8 +547,8 @@
{
"data": "fund.name",
"render": function(data, type, row, meta) {
if (type != 'display') return data.escapeHtml();
return row.fund.name.escapeHtml();
if (type != 'display') return _escape_str(data);
return _escape_str(row.fund.name);
}
},
{
@ -557,7 +557,7 @@
return '<a href="orderreceive.pl?ordernumber='
+ encodeURIComponent(row.order_id) + '&amp;invoiceid=[% invoiceid | uri %]' + '">'
+ _("Receive") + '</a><br/>'
+ '<a href="#" onclick="transfer_order_popup(' + row.order_id.escapeHtml() + '); return false;">'
+ '<a href="#" onclick="transfer_order_popup(' + _escape_str(row.order_id) + '); return false;">'
+ _("Transfer") + '</a>';
},
"orderable": false,
@ -570,7 +570,7 @@
if ( row.current_holds_count > 0 ) {
result += '<span class="button" title="'
+ _("Can't cancel order, (%s) holds are linked with this order. Cancel holds first").format( row.holds_count.escapeHtml() ) + '">'
+ _("Can't cancel order, (%s) holds are linked with this order. Cancel holds first").format( _escape_str(row.holds_count) ) + '">'
+ _("Can't cancel order") + '</span><br/>';
}
else {

Write Preview
Loading…
Cancel
Save