Koha-community
/
Koha
13
5
Fork 0
Code Issues Releases Wiki Activity
Browse Source

Bug 11338: prevent deletion of items that are captured for holds 

In C4::Items::DelItemCheck, there are two SQL queries: one to check
if item is on loan, the other if item is reserved.

Those two queries use "SELECT * FROM table", fetch the data with
"$var = $sth->fetchrow", and use "$var" as a boolean condition.

This is not correct, SQL query should be "SELECT COUNT(*) FROM table".

As a consequence, it was possible to delete an item without warning to
the operator even if it was waiting on the hold shelf or in transit to
fill a hold.

This patch corrects the SQL queries and sets my ($var) to show that
fetchrow returns an array.

Test plan :
- Set an item A onloan
- Set an item B reserved and the reserve waiting
- Go to items cataloguing : cgi-bin/koha/cataloguing/additem.pl?biblionumber=XXX
- Try to delete item A
=> You get an alert and item is not deleted
- Try to delete item B
=> You get an alert and item is not deleted

Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>

Works, and has the added bonus of being a tiny bit faster.

Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Passes t, xt and QA script tests.
Also tried deleting via batch delete - correct warnings are displayed.

Signed-off-by: Galen Charlton <gmc@esilibrary.com>
3.16.x
Fridolyn SOMERS 11 years ago
committed by Galen Charlton
parent
18888359b6
commit
d000a71635
1 changed files with 11 additions and 4 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 15
      C4/Items.pm

15
C4/Items.pm
View File

@ -2253,11 +2253,14 @@ sub DelItemCheck {
# check that there is no issue on this item before deletion.
my $sth=$dbh->prepare("select * from issues i where i.itemnumber=?");
my $sth = $dbh->prepare(q{
SELECT COUNT(*) FROM issues
WHERE itemnumber = ?
});
$sth->execute($itemnumber);
my ($onloan) = $sth->fetchrow;
my $item = GetItem($itemnumber);
my $onloan=$sth->fetchrow;
if ($onloan){
$error = "book_on_loan"
@ -2270,9 +2273,13 @@ sub DelItemCheck {
}
else{
# check it doesnt have a waiting reserve
$sth=$dbh->prepare("SELECT * FROM reserves WHERE (found = 'W' or found = 'T') AND itemnumber = ?");
$sth = $dbh->prepare(q{
SELECT COUNT(*) FROM reserves
WHERE (found = 'W' OR found = 'T')
AND itemnumber = ?
});
$sth->execute($itemnumber);
my $reserve=$sth->fetchrow;
my ($reserve) = $sth->fetchrow;
if ($reserve){
$error = "book_reserved";
} elsif ($countanalytics > 0){

Write Preview
Loading…
Cancel
Save