Commit graph

15 commits

Author SHA1 Message Date
a8942c2884 Revert bug 13618 - "Prevent XSS in the Staff Client and the OPAC" due to performance issues
Revert "DBRev to make notes of the XSS patches and the new important dependency."

This reverts commit e140603a59.

Revert "Bug 13618: Specific for branches.opac_info"

This reverts commit 06e4a50f00.

Revert "Bug 13618: (follow-up) Specific for other prefs"

This reverts commit d6475a111f.

Revert "Bug 13618: Fix for debarredcomment and patron messages"

This reverts commit dd98c9df92.

Revert "Bug 13618: Do not display html tags in patron's notices"

This reverts commit a065b243fe.

Revert "Bug 13618: Do not display   and html tags in item fields content"

This reverts commit baeeaffbf8.

Revert "Bug 13618: Fix for system preference description"

This reverts commit a967a09261.

Revert "Bug 13618: Remove html filters for newly pushed code"

This reverts commit 0e98662b10.

Revert "Bug 13618: (follow-up) add missing lines for opac-shelves"

This reverts commit fc2fb605e5.

Revert "Bug 13618: (follow-up) Specific for ColumnsSettings"

This reverts commit bc308fdd9c.

Revert "Bug 13618: Fix for edit biblios and items"

This reverts commit 811c4e8402.

Revert "Bug 13618: followup to remove tabs"

This reverts commit ca8e8c397c.

Revert "Bug 13618: Fix last occurrences recently introduced to master"

This reverts commit bb417b256b.

Revert "Bug 13618: Fix for news"

This reverts commit ae5b98020a.

Revert "Bug 13618: Fix escape on sending baskets or shelves by email"

This reverts commit a7731ffe25.

Revert "Bug 13618: Specific for XSLTBloc"

This reverts commit 11fa38dc29.

Revert "Bug 13618: Specific for Salutation on editing a patron"

This reverts commit 36c07ad6d3.

Revert "Bug 13618: Specific for other prefs"

This reverts commit e6ea281a3b.

Revert "Bug 13618 - memberentrygen.tt errors Not a GLOB reference"

This reverts commit 7824874557.

Revert "Bug 13618: Specific for ColumnsSettings"

This reverts commit 1834da3da3.

Revert "Bug 13618: Specific for IntranetUser* and OPACUser* prefs"

This reverts commit 21ae62b253.

Revert "Bug 13618: Fix error 'Not a GLOB reference'"

This reverts commit 602bdbab4c.

Revert "Bug 13618: Specific for the ISBD view"

This reverts commit d254362435.

Revert "Bug 13618: Specific for pagination_bar"

This reverts commit 8837a8ae68.

Revert "Bug 13618: Specific places where we don't need to escape variables - intra"

This reverts commit 00eff140b3.

Revert "Bug 13618: Remove html filters at the intranet"

This reverts commit 7db851ff03.

Revert "Bug 13618: Specific places where we don't need to escape variables"

This reverts commit 49a3738b8d.

Revert "Bug 13618: Remove html filters at the OPAC"

This reverts commit cedaa0e23e.

Revert "Bug 13618: Use Template::Stash::AutoEscaping to use the html filter"

This reverts commit 01b38d3b13.

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
2016-02-11 19:39:53 +00:00
Jonathan Druart
7db851ff03 Bug 13618: Remove html filters at the intranet
Signed-off-by: Signed-off-by: Joonas Kylmälä <j.kylmala@gmail.com>

Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
2016-01-29 17:54:12 +00:00
Jesse Weaver
ed0ff59152 Bug 11559: Supporting changes for Rancor
* Extends login screen to pass along #hash
  * Adds JSONP support to C4::Service
  * Extends humanmsg to allow per-message classes
  * Adds proper charset to results of svc/bib

Test plan:

  1. C4/Auth.pm and .../intranet/.../auth.tt: verify that login/usage
     works as expected, despite the change to pass on the fragment (...#blah)
     from the URL.
  2. C4/Service.pm and humanmsg.js: verify that editing system
     preferences (the main user of these modules) works correctly despite
     updates.
  3. svc/bib: verify that records can be correctly downloaded with the
     change of character set. This can be done in a Firebug/Chrome Devtools
     console by running `$.get('/cgi-bin/koha/svc/bib/1')` and inspecting the
     results (possibly replacing 1 with a different valid biblionumber).

Signed-off-by: Nick Clemens <nick@quecheelibrary.org>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2015-10-27 12:16:05 -03:00
912f238c5e Bug 15005: Replace CGI->url with the corresponding url
CGI->url does not return the correct url on install using packages.

Test plan:
1/ Try to reproduce the bug from the description of bug 15005.
You should be able to login to the intranet and the OPAC
2/ Send a basket and a list from the intranet and the OPAC.

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2015-10-19 09:36:43 -03:00
9bdd33de21 Bug 14671: Allow correct translation of CAS authentication
In authentication pages with CAS, the use of acronym or abbr tags does not allow a correct translation of the text.
See http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=5983#c7

It does not help a lot end users to know that CAS is Central Authentication Service, I think. Now one can custom the login page with NoLoginInstructions syspref to describe how to use the authentication.

This patch removes the use of acronym and abbr is authentication pages.

Test plan (example with fr-FR locale) :
- Without patch
- Update translation files : cd misc/translator ; perl translate update fr-FR
- You see in fr-FR-opac-bootstrap.po : msgid "If you have a "
- Is is translated in : msgstr "Si vous avez un compte "
- Apply patch
- Update translation files : cd misc/translator ; perl translate update fr-FR
- You see in fr-FR-opac-bootstrap.po : msgid "If you have a CAS account, %s please "
- You can now translate it : msgstr "Si vous avez un compte CAS, %s veuillez "
- Same test for intranet authentication page
- Install the translation : cd misc/translator ; perl translate install fr-FR
- Look at the result

Signed-off-by: Hector Castro <hector.hecaxmmx@gmail.com>
Works as advertised. Tranlated OK, tested in spanish es-ES

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2015-10-02 15:07:58 -03:00
Matthias Meusburger
bb63ef6a2e Bug 13507: Add intranet support for CAS authentication
This patch allows to use CAS authentication for intranet login.

 It works exactly the same as the OPAC login, except that the
 staffClientBaseURL syspref must be set for intranet login
 (like OPACBaseURL must be set for OPAC login).

Signed-off-by: Koha Team AMU <koha.aixmarseille@gmail.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
2015-04-08 12:04:26 -03:00
Marc Véron
66c9e7a183 Bug 11400 - Follow-up for nicer design
This patch tries to get the Bug out of "In discussion" by changing the design a little bit.

Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
2015-03-07 22:09:45 +01:00
9b56ae7627 Bug 11400: Show "Log in as a different user" in the error message instead of the "Logout" button
Bug 11146 introduced a way to go back, and have a logout link for the
"Not enough permissions" message page. I belive the logout button is redundant. And
also "Log in as a different user" tells the user more about its options on the scenario.

Simple and disputable usability/string change.
Regards
To+

Sponsored-by: Universidad Nacional de Cordoba
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
2015-03-07 22:09:38 +01:00
Fridolyn SOMERS
d1bec84142 Bug 11146: Show a go back link on no permission page
When a user does not have permissions for a page or module, the
authentication page is displayed with message

  "Error: You do not have permission to access this page.".

Most librarians uses the "previous page" button of their browser to
come back on the page they were before trying to get to the
non-permitted page.

This patch adds a button to help coming back to previous page.
It also changes the "Click to log out" link as a button.

Test plan :
- Define a user with staff permissions but no permission on tools module
- Login with this user
=> You get to intranet home page
- Edit URL to go to tools module : cgi-bin/koha/tools/tools-home.pl
=> You get a page with a red error message and 2 buttons "Previous page"
   and "Log out"
- Click on "Previous page"
=> Go get to intranet home page
- Edit URL to go to tools module : cgi-bin/koha/tools/tools-home.pl
- Click on "Log out" button
=> You are logged-out and get to authentication page : cgi-bin/koha/mainpage.pl?logout.x=1

Signed-off-by: Garming Sam <garming@catalyst.net.nz>

Works as intended.

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
2013-11-23 19:43:37 +00:00
b00ec06968 Bug 10080 - Change system pref IndependantBranches to IndependentBranches
Test Plan:
1) Enable IndependantBranches
2) Apply this patch
3) Run updatedatabase.pl
4) Verify that the system preference still functions correctly

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
2013-05-22 07:58:23 -07:00
Katrin Fischer
bdf3453512 Bug 2780 - Capitalize strings consistently (home, about, login)
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
2012-04-10 11:10:02 +02:00
Katrin Fischer
18149078e9 Bug 7760: More ids and classes for the staff interface
Owen pointed out that I missed 3 files - this corrects my omission.

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
2012-03-26 16:21:06 +02:00
Gaetan Boisson
d500929cfd Bug 7731 - Library should be used instead of branch and site
standardized the use of the term "library" instead of "Branch" accross the interface and opac

Signed-off-by: Nicole C. Engard <nengard@bywatersolutions.com>
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
2012-03-20 15:17:08 +01:00
Chris Cormack
afaf7eaffa Bug 6895 : First attempt at fixing the diacritics bug
This is a fairly hacky solution, a counter patch would be more than
welcome

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Updated, translated and installed German po files after applying this patch.
No problems found.

Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
2011-11-04 08:02:55 +01:00
Chris Cormack
5884fb1000 Bug 5917 : Swapping templates over 2011-04-10 20:38:30 +12:00
Renamed from koha-tt/intranet-tmpl/prog/en/modules/auth.tt (Browse further)