Bug 34478: Fix circ/set-library
Why do not we simply redirect instead of POSTing? Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This commit is contained in:
parent
d8cbdef12b
commit
c95e81aef5
GPG key ID:
A085E712BEF0E0F0
2 changed files with 30 additions and 13 deletions
|
|
@ -40,6 +40,7 @@ my ( $template, $borrowernumber, $cookie, $flags ) = get_template_and_user({
|
|||
my $sessionID = $query->cookie("CGISESSID");
|
||||
my $session = get_session($sessionID);
|
||||
|
||||
my $op = $query->param('op') || q{};
|
||||
my $branch = $query->param('branch');
|
||||
my $desk_id = $query->param('desk_id');
|
||||
my $register_id = $query->param('register_id');
|
||||
|
|
@ -48,8 +49,15 @@ my $userenv_desk = C4::Context->userenv->{'desk_id'} || '';
|
|||
my $userenv_register_id = C4::Context->userenv->{'register_id'} || '';
|
||||
my @updated;
|
||||
|
||||
my $library = Koha::Libraries->find($branch);
|
||||
# $session lines here are doing the updating
|
||||
if ( $branch and my $library = Koha::Libraries->find($branch) and ( C4::Auth::haspermission(C4::Context->userenv->{'id'}, { 'loggedinlibrary' => 1 }) or C4::Context::IsSuperLibraian() ) ) {
|
||||
if (
|
||||
$op eq 'cud-set-library'
|
||||
&& $library
|
||||
&& ( C4::Auth::haspermission( C4::Context->userenv->{'id'}, { 'loggedinlibrary' => 1 } )
|
||||
or C4::Context::IsSuperLibraian() )
|
||||
)
|
||||
{
|
||||
if ( !$userenv_branch or $userenv_branch ne $branch ) {
|
||||
my $branchname = $library->branchname;
|
||||
$session->param('branchname', $branchname); # update sesssion in DB
|
||||
|
|
@ -98,15 +106,15 @@ if ( $branch and my $library = Koha::Libraries->find($branch) and ( C4::Auth::ha
|
|||
$template->param(updated => \@updated) if (scalar @updated);
|
||||
|
||||
my @recycle_loop;
|
||||
foreach ($query->param()) {
|
||||
$_ or next; # disclude blanks
|
||||
$_ eq "branch" and next; # disclude branch
|
||||
$_ eq "desk_id" and next; # disclude desk_id
|
||||
$_ eq "register_id" and next; # disclude register
|
||||
$_ eq "oldreferer" and next; # disclude oldreferer
|
||||
foreach my $param ($query->param()) {
|
||||
$param or next; # disclude blanks
|
||||
$param eq "branch" and next; # disclude branch
|
||||
$param eq "desk_id" and next; # disclude desk_id
|
||||
$param eq "register_id" and next; # disclude register
|
||||
$param eq "oldreferer" and next; # disclude oldreferer
|
||||
push @recycle_loop, {
|
||||
param => $_,
|
||||
value => scalar $query->param($_),
|
||||
param => $param,
|
||||
value => scalar $query->param($param),
|
||||
};
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -57,7 +57,7 @@
|
|||
Updated:<ul>
|
||||
[% FOREACH update IN updated %]
|
||||
[% IF ( update.updated_branch || update.updated_desk || update.updated_register ) %]
|
||||
[% IF ( updated.updated_branch ) %]
|
||||
[% IF ( update.updated_branch ) %]
|
||||
<li>Library: [% update.old_branch or "?" | html %] ⇒ [% update.new_branch or "?" | html %]</li>
|
||||
[% END %]
|
||||
[% IF ( update.updated_desk ) %]
|
||||
|
|
@ -72,10 +72,16 @@ Updated:<ul>
|
|||
[% END %]
|
||||
</ul>
|
||||
<form method="post" action="[% referer or "/cgi-bin/koha/circ/circulation.pl" %]">
|
||||
[% INCLUDE 'csrf-token.inc' %]
|
||||
<div class="noshow">
|
||||
[% FOREACH recycle_loo IN recycle_loop %]
|
||||
<input type="text" name="[% recycle_loo.param | html %]" value="[% recycle_loo.value | html %]" />
|
||||
[% SET param = recycle_loo.param %]
|
||||
[% NEXT IF param == 'op' %]
|
||||
[% IF param == 'original_op' %][% param = 'op' %][% END %]
|
||||
<input type="text" name="[% param | html %]" value="[% recycle_loo.value | html %]" />
|
||||
[% IF param == 'op' %][% SET has_op = 1 %][% END %]
|
||||
[% END %]
|
||||
[% UNLESS has_op %]
|
||||
<input type="hidden" name="op" value="cud-no-op" /> [%# Trick to pass anti-CSRF requirements %]
|
||||
[% END %]
|
||||
</div>
|
||||
<button type="submit">Continue</button>
|
||||
|
|
@ -85,6 +91,7 @@ Updated:<ul>
|
|||
|
||||
<form method="post" action="set-library.pl">
|
||||
[% INCLUDE 'csrf-token.inc' %]
|
||||
<input type="hidden" name="op" value="cud-set-library" />
|
||||
[% IF ( CAN_user_superlibrarian || CAN_user_loggedinlibrary ) %]
|
||||
<fieldset class="rows">
|
||||
<legend>Set library</legend>
|
||||
|
|
@ -134,7 +141,9 @@ Updated:<ul>
|
|||
</fieldset>
|
||||
<div class="noshow">
|
||||
[% FOREACH recycle_loo IN recycle_loop %]
|
||||
<input type="text" name="[% recycle_loo.param | html %]" value="[% recycle_loo.value | html %]" />
|
||||
[% SET param = recycle_loo.param %]
|
||||
[% IF param == 'op' %][% param = 'original_op' %][% END %]
|
||||
<input type="text" name="[% param | html %]" value="[% recycle_loo.value | html %]" />
|
||||
[% END %]
|
||||
<input type="hidden" name="oldreferer" value="[% referer or "/cgi-bin/koha/circ/circulation.pl" %]" />
|
||||
</div>
|
||||
|
|
|
|||
Loading…
Reference in a new issue