Commit graph

1268 commits

Author SHA1 Message Date
Marc Véron
5dceb851dd Bug 13813: Remove deprecated module C4::Dates from system
Test plan: See Bugzilla.

Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-09-18 12:40:55 -03:00
Alex Arnaud
51c67bc139 Bug 12252: (follow-up) Include item data only in extended mode
Fix perlcritic error.

Signed-off-by: Signed-off-by: Gaetan Boisson <gaetan.boisson@biblibre.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-09-17 11:02:30 -03:00
ff807bc244 Bug 12252: Include item data only in extended mode
Previous patches attached to this bug have been refactored to merge bug
3206 and bug 13568 features. So OAI server must be carrefully tested to
ensure that there is no regression in this area: deleted records and
resumption token.

This last patch fixed the way items are returned. They are returned only
if OAI server operates in extended mode, and specifically for format
having the parameter include_item set to 1 (true). For example this
configuration file set via OAI-PMH:ConfFile syspref will return items:

Signed-off-by: Signed-off-by: Gaetan Boisson <gaetan.boisson@biblibre.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-09-17 11:02:19 -03:00
Robin Sheat
7116094470 Bug 12252: include item data in OAI-PMH ListRecords result
Same in spirit to the other patch, this also includes the item detail in
ListRecords.

Test plan:
* Fetch a URL like:
http://koha/cgi-bin/koha/oai.pl?verb=ListRecords&metadataPrefix=marcxml
* Verify that there are 952 entries in the returned records where
  appropriate.

Signed-off-by: Frederic Demians <f.demians@tamil.fr>

ListRecords OAI verb returns a list of records including items in 952/995 which
are not hidden based on OpacHiddenItems syspref.

Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>

Signed-off-by: Signed-off-by: Gaetan Boisson <gaetan.boisson@biblibre.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-09-17 11:02:10 -03:00
Robin Sheat
80aa17d266 Bug 12252: OAI-PMH result includes item data
GetRecord for OAI-PMH was pulling the MARCXML directly from the
database. Now it uses GetMarcBiblio and includes the item data with it,
making it more generally useful.

Test plan:
* Run an OAI-PMH query, for example:
http://koha/cgi-bin/koha/oai.pl?verb=GetRecord&identifier=KOHA-OAI-TEST:52&metadataPrefix=marcxml
  to fetch biblionumber 52
* Note that it doesn't include the 952 data
* Apply the patch
* Do the same thing, but this time see that the 952 data is at the
  bottom of the MARCXML.

Note:
* This patch also includes a small tidy-up in C4::Biblios to group
  things semantically a bit better, so I don't spend ages looking for a
  function that was staring me in the face all along again.

Signed-off-by: David Cook <dcook@prosentient.com.au>

Works as described. Simple yet useful patch.

Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>

Signed-off-by: Frederic Demians <f.demians@tamil.fr>

952/995 item fields are back in response to GetRecord OAI verb.

Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>

Signed-off-by: Signed-off-by: Gaetan Boisson <gaetan.boisson@biblibre.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-09-17 11:01:46 -03:00
9b8d7168be Bug 14683: [QA Follow-up] Mixup between mobile and smsalertnumber
This is an issue discussed on older reports already in the past.
Column mobile in borrowers is actually 'Other phone', not necessary a
mobile number. The name of the field is confusing. (Renaming it is
outside the scope of this report.)
The field that we are editing here is smsalertnumber. It should not be
compared with mobile at all.

What could be the side-effect of this correction?
===
First, the change is only relevant for libraries with pref SMSSendDriver
enabled.
In the past patrons editing their message preferences saw mobile (read:
other phone) in their smsalertnumber field (if the latter was still empty).
If they saved it, it was copied to smsalertnumber.
This change does not affect these patrons. They just have the same number
in two columns. No big deal.
What if a patron does not yet have a smsalertnumber? In that case no sms
is sent in Letters.pm. So no change in behavior. If he submits
opac-messaging now, he will no longer copy his other phone to smsalert [we
cannot assume that it was mobile anyway!]. If he enters a mobile number,
it will be saved correctly in the right field.

Conclusion: this change will not break things or hurt anyone. It only
prevents unwanted copying other phone to smsalertnumber.

Also modified the compare to prevent uninitialized warnings.
And removed a commented warn.

Test plan:
[1] Add, edit or delete the SMS number on opac-messaging regardless of
    the value of Other Phone (in the badly named mobile field).

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2015-09-07 12:17:14 -03:00
Joonas Kylmälä
5b1c7e4c35 Bug 14683: Unable to clear SMS number
Enables to clear SMS number.

To test:
1. Go to opac-messaging.pl
2. Insert SMS number and submit
3. Clear SMS number and submit
4. Observe that the sms number did not change
5. Apply patch
6. Clear SMS number and submit
7. Observe that the sms number changes

Sponsored-by: Vaara-kirjastot

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Adding a follow-up.

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2015-09-07 12:17:13 -03:00
64992a05ce Bug 14721: OAI-PMH must return error when no results
When getting records from OAI-PMH, an error must be returned if there is no results.

See : http://www.openarchives.org/OAI/openarchivesprotocol.html#ErrorConditions

Test plan :
- Enable OAI webservice
- Perform a query that will return no results. ie : /cgi-bin/koha/oai.pl?verb=ListRecords&metadataPrefix=marcxml&from=2099-12-30&until=2099-12-31
=> Without patch you get a response with :
   <ListRecords/>
=> With patch you get a response with error code :
   <error code="noRecordsMatch">No records match the given criteria</error>
- Check a good query returns still results
- Same test with ListIdentifiers verb

Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2015-09-07 11:15:17 -03:00
b711984885 Bug 9809: [QA Follow-up] Remove an erroneous call to GetReserveFee
The call to GetReserveFee in opac-reserve.pl is useless in its current
form. The first parameter undef takes care of receiving 0.
But note that the user is warned correctly for the charge via param
variable RESERVE_CHARGE on the opac form.

When the hold is placed, AddReserve calls GetReserveFee. So if the routine
would work correctly, we would not need this extra call in opac-reserve
in the whole place. Unfortunately, the routine is not working correctly.

I will submit a fix for GetReserveFee under a new report (14702).

Test plan:
[1] Add a hold fee to some category.
[2] Check the warn for placing a hold on such a book in OPAC.
[3] Observe that the actual fee is not charged. This is a current bug and
    it will be addressed on report 14702.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2015-08-26 10:26:54 -03:00
ad3239479d Bug 9809: Update AddReserve prototype to remove constraint parameter
Test Plan:
1) Apply this patch set
2) prove t/db_dependent/Circulation.t
3) prove t/db_dependent/Holds.t
4) prove t/db_dependent/Holds/LocalHoldsPriority.t
5) prove t/db_dependent/Holds/RevertWaitingStatus.t
6) prove t/db_dependent/HoldsQueue.t
7) prove t/db_dependent/Reserves.t

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

AMENDED: An else branch in reserve/placerequest.pl was removed. This had
the effect of making it no longer possible to place an any hold in the
staff client.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Verified placing a biblio level and an item level hold.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2015-08-26 10:26:43 -03:00
Martin Stenberg
d5a5e9576e Bug 14675: Don't update details if no changes made
if no changes has been made for personal details, bring user back to details
page and inform them that no changes has been made.

Signed-off-by: Aleisha <aleishaamohia@hotmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-08-20 13:42:04 -03:00
cb1ac9f36a Bug 13485: Use the Koha template plugin to access syspref values
And remove the useless use of the KohaDates plugin

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-08-11 15:15:36 -03:00
Simith D'Oliveira
43fadbadea Bug 13485: Add a page to display links to restricted sites
To test:

I) Apply the patch
II) Run updatedatabase.pl

scenario I)

1) Add some content in RestrictedPageContent and RestrictedPageTitle sysprefs.
2) Add your machine ip (ex. 127.0.0)
3) Validate cgi-bin/koha/opac-proxypage.pl shows a page with RestrictedPageContent and RestrictedPageTitle contents.

scenario II)

1) Logout opac page
2) Add some content in RestrictedPageContent and RestrictedPageTitle sysprefs.
3) Add other ip that your machine ip.
4) Validate: cgi-bin/koha/opac-proxypage.pl shows a login page.
5) Validate: cgi-bin/koha/opac-proxypage.pl shows a page with RestrictedPageContent and RestrictedPageTitle contents after login.

Followed both scenarios, works as expected.
Signed-off-by: Marc Veron <veron@veron.ch>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Bug 13485 [QA Followup]

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Bug 13485 - Atomic Update + Rename Proxy page to Restricted page

Test plan:

I) Apply the patch
II) Run updatedatabase.pl

scenario I)

1) Add some content in RestrictedPageContent and RestrictedPageTitle sysprefs.
2) Add your machine ip (ex. 127.0.0)
3) Validate cgi-bin/koha/opac-restrictedpage.pl shows a page with RestrictedPageContent and RestrictedPageTitle contents.

scenario II)

1) Logout opac page
2) Add some content in RestrictedPageContent and RestrictedPageTitle sysprefs.
3) Add a diffrent ip.
4) Validate: cgi-bin/koha/opac-restrictedpage.pl shows a login page.
5) Validate: cgi-bin/koha/opac-restrictedpage.pl shows a page with RestrictedPageContent and RestrictedPageTitle contents after login.

	new file:   installer/data/mysql/atomicupdate/Bug13485_RestrictedSitesPage.sql
	modified:   installer/data/mysql/sysprefs.sql
	modified:   koha-tmpl/intranet-tmpl/prog/en/modules/admin/preferences/opac.pref
	renamed:    koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-proxypage.tt -> koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-restrictedpage.tt
	renamed:    opac/opac-proxypage.pl -> opac/opac-restrictedpage.pl

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-08-11 15:15:16 -03:00
d7cdb6e15e Bug 6874: [QA Follow-up] Adjustments for opac-retrieve
Adds httpheaders sub to UploadedFiles; this will be extended on a new
report. (Idea is to add configurable headers for file extensions.)
Trivial unit test added.
Small cosmetic changes to opac-retrieve-file.

Test plan:
Run test UploadedFiles.t

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-08-07 15:23:36 -03:00
Mark Tompsett
98ccd548ee Bug 6874: License Text Update
This updates the license text for
- C4/UploadedFiles.pm
- cataloguing/value_builder/upload.pl
- opac/opac-retrieve-file.pl
to GPL v3 as per the
http://wiki.koha-community.org/wiki/Coding_Guidelines#Licence
text.

TEST PLAN
---------
1) Don't apply this patch as part of 6874.
2) Run the koha qa test tool.
   -- It will FAIL for those three file.
3) Apply this patch
4) Run the koha qa test tool.
   -- License problem is corrected, no FAILs.

Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-08-07 15:23:05 -03:00
Paul Poulain
bfe5680186 Bug 6874: QA follow-up
Squash of the following commits:
  return with explicit undef removed
  Follow-up for PBP fixes
  follow-up fix POD syntax
  follow-up jquery has moved

Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Amended: removed POD changes in Biblio.pm while rebasing.
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-08-07 15:22:06 -03:00
Julian Maurice
2def11d678 Bug 6874: Attach files to bibliographic records
New cataloging plugin upload.pl and new system preference 'uploadPath'.

upload.pl provide a way to upload files on the server and store a link
(url) to it in MARC
uploadPath is the absolute path on the server where the files will be
stored. It's possible to have a hierarchy of directories under this path
and the plugin will allow to choose in which directory to store the
file.
Stored value in MARC subfield looks like this:
<OPACBaseURL>/cgi-bin/koha/opac-retrieve-file.pl?id=<SHA-1 of the file>
So both 'uploadPath' and 'OPACBaseURL' sysprefs have to be set for this
plugin to work correctly

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>

Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Slightly amended/simplified the patch during QA: The changes to
GetMarcUrls are not really needed, and would have needed some
attention. Another link text can be supplied by the plugin too.

This also reduces the need for changes in basket.pl,
MARCdetail.pl, detail.pl, opac-basket.pl and opac-detail.pl.
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>

Edit: more meaninfull commit subject
2015-08-07 15:21:31 -03:00
Juhani Seppälä
ab1fd8a556 Bug 5685: Validation of email address field
This patch adds server-side & client-side validation for email
form fields in the members/memberentry -view and in the
opac/memberentry-view (bootstrap).

I recently added simple validation for phone number and email address fields
for our in-house koha and saw this old bug: I'm open to any ideas on how
to do this better. Validation for phone numbers would be easy to add on
top of this but I left it out since this bug is only about the email
fields.

To test:
1) Select a member and go to any of the edit forms with email fields
(Primary info, "Library use", "Alternate address", "Alternative
contact").
2) Disable javascript in the browser in order to test server-side
validation and try to input invalid emails in each of the email form
fields.
3) Confirm that an invalid address is catched from any of the email
fields, an alert shown for each invalid address and that the member's
information was not updated with invalid data.
4) Enable javascript in the browser.
5) Confirm that the jquery validation plugin caches invalid addresses
from any of the email fields and that you cannot send the form before
correcting the problem.
6) Perform the same tests for the opac-memberentry-view.

Note: as the jQuery validation plugin doesn't exist in the bootstrap
folder, I just copied it over from the staff-client folder -how to deal
with this?

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

I have undone the changes to opac.css so that they can be submitted as a
separate patch. I have some other follow-ups to make as well.

Signed-off-by: Nicole Engard <nengard@bywatersolutions.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2015-07-24 13:47:32 -03:00
f7ed250d61 Bug 11693: Default emailing preferences not loaded for self registering patron
The call to AddMember_Opac does not take care of the messaging prefs
when enhanced messaging is enabled.
This patch adds the call to handle_form_action to do that.

Test plan:
Enable self registering patrons and enhanced messaging.
Check the (default) message prefs for the relevant patron category. At least
enable email for one notice.
Self-register a user with and without verification email enabled.
Check in both cases that the message prefs of the user conform to
those in the patron category. (So at least one enabled.)

Followed test plan, works as expected.
Signed-off-by: Marc Véron <veron@veron.ch>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2015-07-24 13:44:39 -03:00
Julian FIOL
468d3d9c83 Bug 14496: Improving opac-detail.pl performances
Get notes and subjects from MARC record
ONLY when XSLT is not activated.

It's useless doing it when XSLT is activated,
because XSLT takes care of it by its own.

=> With this patch, we are saving precious
milliseconds

I compared the display of some records in XSLT view with and without patch, was the same (as expected).
Signed-off-by: Marc Veron <veron@veron.ch>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
On a slower server, I saw a time save of 0.0274 to 0.0908 seconds (with XSLT).
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-07-10 10:53:48 -03:00
Matthias Meusburger
6d91e791cd Bug 3206: (QA followup) OAI repository deleted records support.
- Fix QA.

Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
New pref in right order, new option 'no' on syspref, other
fixes following comment #12
All seems to work
No errors

Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2015-07-08 14:55:17 -03:00
Matthias Meusburger
fc95762725 Bug 3206: OAI repository deleted records support.
This patch allows Koha OAI repository to support deleted records.

The OAI-PMH:DeletedRecord syspref is introduced and can be set to:

- persistent (in case Koha's deletedbiblio table will never be emptied
  or truncated)
- transient (in case Koha's deletedbiblio table might be emptied or
  truncated at some point)

Test plan:

- After applying the patch, test that:
   - Deleted records appear in ListRecords and ListIdentifiers requests.
   - Filter parameters (from, until, set and resumptionToken) still work
     and are applied to ListRecords and ListIdentifiers requests.
   - Identify request shows if the repository is considered persistent
     or transient, according to the OAI-PMH:DeletedRecord syspref.
   - Deleted records that used to belong to a set are still displayed in
     those sets and marked as deleted.
   - GetRecord requests work on deleted records, which are marked as deleted.

Requests examples:
/cgi-bin/koha/oai.pl?verb=ListRecords&metadataPrefix=oai_dc
/cgi-bin/koha/oai.pl?verb=ListRecords&metadataPrefix=oai_dc&from=2015-02-20T11:08:33Z
/cgi-bin/koha/oai.pl?verb=ListRecords&metadataPrefix=oai_dc&set=new_specSet1
/cgi-bin/koha/oai.pl?verb=GetRecord&identifier=KOHA-OAI-TEST:2&metadataPrefix=oai_dc
/cgi-bin/koha/oai.pl?verb=Identify

Signed-off-by: Frederic Demians <f.demians@tamil.fr>
  It works in all situations described in the test plan. Great addition.
  Thanks.

Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>

Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2015-07-08 14:55:12 -03:00
f1acb5615d Bug 14440: get_template_and_user can not have an empty template_name (opac-ratings.pl)
Since Bug 14408, the method get_template_and_user can not have an empty template_name.
Pages calling with an empty value should use C4::Auth::checkauth()

This patch corrects opac/opac-ratings.pl

Test plan :
- Apply patch
- Set sysopref OpacStarRatings to 'results and details'
- Disable Javascipt on your browser (otherwise it will use ajax)
- Login at OPAC
- Go to a record
- Click on a button left of 'Rate me' to choose a rating, ie 4
- Click on 'Rate me'
=> The page is reloaded and you see 'your rating: 4'
- Loggout from OPAC
- Try to access URL : http://<serveur>/cgi-bin/koha/opac-ratings.pl
=> You see the loggin page

Signed-off-by: Indranil Das Gupta (L2C2 Technologies) <indradg@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-06-25 14:41:21 -03:00
Nick Clemens
219f7b5c8f Bug 14371: Facets should be sorted by label (displayed) not title (link value)
This patch changes one small line in catalogue/search.pl and opac/opac-search to sort facets by:
facet_label_value
instead of
facet_title_value

To test:
1 - Perform a search with results in two branches e.g. Centerville (code CPL) and Fairfield (code FPL)
2 - Notice that branch facets appear correctly sorted
3 - Rename the branches Centervile->Zebra and Fairfeild->Aardvark (but don't change codes)
4 - Repeat original search
5 - Note that branch facets are no longer correctly sorted
6 - Apply patch
7 - Repeat search
8 - Facets should be correctly sorted
9 - Test in both staff and opac search
10 - Ensure there are no unintended consequences/regressions

Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Work as described,  staff AND opac
No errors

Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-06-22 11:49:01 -03:00
Chris Cormack
57b01fb655 Bug 14412: SQL injection possible
There is a SQL Injection vulnerability in the
/cgi-bin/koha/opac-tags_subject.pl script.

By manipulating the variable 'number', the database can be accessed
via time-based blind injections.

The following string serves as an example:

/cgi-bin/koha/opac-tags_subject.pl?number=1+PROCEDURE+ANALYSE+(EXTRACTVALUE(9743,CONCAT(0x5c,(BENCHMARK(5000000,MD5('evil'))))),1)

To exploit the vulnerability, no authentication is needed

To test
1/ Turn on mysql query logging
2/ Hit /cgi-bin/koha/opac-tags_subject.pl?number=1+PROCEDURE+ANALYSE+(EXTRACTVALUE(9743,CONCAT(0x5c,(BENCHMARK(5000000,MD5('evil'))))),1)
3/ Check the logs notice something like
  SELECT entry,weight FROM tags ORDER BY weight DESC LIMIT 1
  PROCEDURE ANALYSE
  (EXTRACTVALUE(9743,CONCAT(0x5c,(BENCHMARK(5000000,MD5('evil'))))),1)
4/ Apply patch
5/ Hit the url again
6/ Notice the log now only has
   SELECT entry,weight FROM tags ORDER BY weight DESC LIMIT 1

Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Confirmed the problem and the fix for it.
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-06-22 11:00:10 -03:00
Jonathan Druart
be35039b55 Bug 4137: Fix the OPACViewOthersSuggestions behavior
This pref does not work at all, the interface let the user choose to
list all suggestions, but whatever he chooses the suggestion list is the
same.

This patch cleans a bit the suggestedby management.

There are a lot of cases to test, because linked to 2 prefs:
 AnonSuggestions and OPACViewOthersSuggestions.
1/ AnonSuggestions = 0 and OPACViewOthersSuggestions = 0
  - A non logged in user is not able to make a suggestion.
  - A logged in user is not able to see suggestions made by someone else.
2/ AnonSuggestions = 0 and OPACViewOthersSuggestions = 1
  - A non logged in user is not able to make a suggestion.
  - A logged in user is able to see suggestions made by someone else.
3/ AnonSuggestions = 1 and OPACViewOthersSuggestions = 0
  - A non logged in user is able to make a suggestion.
  The suggestedby field will be filled with the AnonymousPatron pref value.
  He is not able to see suggestions, even the ones made by AnonymousPatron.
  - A logged in user is not able to see suggestions made by someone else.
4/ AnonSuggestions = 1 and OPACViewOthersSuggestions = 1
  - A non logged in user is able to make a suggestion.
  He is able to see all suggestions.
  - A logged in user is able to see suggestions made by someone else.

In all cases a logged in user should be able to search for suggestions
(except if he is not able to see them).

Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
All use cases tested, work as expected
No errors

Only comment is perhaps (in the future) a gracefull failure
when AnonymousPatron is not set, or has '0' value

Message is DBIx::Class::ResultSet::create(): Column 'suggestedby' cannot be null at ...

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-06-19 11:34:27 -03:00
Katrin Fischer
38048bc420 Bug 14351: Remove given-when from opac-search.pl
Reformats given-when to if-elsif-else in opac-search.pl
to remove the experimental feature and with it a lot
of warnings from the logs.

To test:
- Do several different advanced searches with and
  without expanded search options
- Verify the link back to the search appears above
  the results list and works correctly

See also: test plan on bug 13307

NOTE: Even installed firefox plug in to edit cookies to
      trigger else case. :)

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2015-06-17 09:53:47 -03:00
Matthias Meusburger
cc7b795f84 Bug 14280: Add branches fields to discharges letters
Currently, when generating a discharge letter, branches fields are not translated in the letter (<<branches.branchname>>, <<branches.branchaddress1>>, etc.)
This patch fixes that.

How I tested:
- Set syspref 'useDischarge' to 'allow'
- Go to Home > Tools > Notices & Slips
- Edit DISCHARGE, add to 'Email message':
<p><<branches.branchname>><br />
<<branches.branchaddress1>><br />
<<branches.branchaddress2>><br />
<<branches.branchaddress3>><br />
<<branches.zip>> <<branches.city>><br />
</p>
- Go to detail page of a patron > discharge
- Click 'Generate discharge'
- Verify that the PDF contains the information above.

Signed-off-by: Marc Véron <veron@veron.ch>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-06-11 13:12:32 -03:00
0114465ced Bug 14330: Remove unused email_sender from sendbasket/sendshelf
The sendbasket/sendshelf scripts and templates do not use email_sender
as a cgi parameter or as a template var. Probably a leftover from previous
changes.
Let's make Koha cleaner :)

Test plan:
[1] Send your cart from opac or staff.
[2] Send a shelf from opac or staff.
[3] Git grep email_sender. No results.

Followed test plan. Works as expected.
Signed-off-by: Marc Véron <veron@veron.ch>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
2015-06-08 10:38:08 -03:00
Jonathan Druart
5a02cf9b48 Bug 10938: Item columns displayed in random order - OPAC
Same as before for the OPAC.

Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Good result, no errors

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
2015-06-05 14:13:39 -03:00
Jonathan Druart
baea0a79d5 Bug 7976: Remove the borrow permission
The borrow permission was used but uselessly.
For instance, at the opac, the flagsrequired parameter was set to
'borrow' but the 'authnotrequired' was set also (which means no auth
required).
At the end, this permission was used at only 1 place: for the basket,
intranet side.
This can be replaced with the catalogue permission (which is used to
search).

Test plan:
1/ Confirm that you are able to show/download/sent the cart (intranet side)
with the catalogue permission.
2/ At the OPAC, you should be able to access the same pages as before
with any other permissions.

Concretely it is quite difficult to test this patch, you should have a
look at the code.

Signed-off-by: Nick Clemens <nick@quecheelibrary.org>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
2015-06-05 13:43:34 -03:00
2e23236c9f Bug 10824: OAI-PMH repository/server not handling time in 'until' and 'from'
This patch removes the DATE() function from a query on timestamp, and adds a
sub that strips the UTC designators "T" and "Z" from incoming "from" and
"until" arguments in OAI-PMH requests so that they're more compliant with
MySQL (and probably other databases as well). This means that the date
and time for the 'from' and 'until' arguments will be matched correctly
in the database.

This patch also adds 'T00:00:00Z' to 'from' arguments and 'T23:59:59Z' to
until arguments, when only dates are provided via the OAI parameters.

The zero time isn't necessary, since MySQL treats '2013-09-30' as
'2013-09-30 00:00:00' by default. However, the near midnight time
is needed for 'until'. Otherwise, you'll never be able to retrieve
a record with a date/time matching the 'until' argument.

In summary, this patch adds handling for times as well as dates, which
is necessary so that Koha is closer to meeting the actual OAI-PMH spec.

TEST PLAN:

0) Note down a selection of timestamps from your biblio table

1) Enable your OAI-PMH server through the global system preferences
Web services tab.

2) Craft and submit a similar request to the following in your browser:
KOHAINSTANCE/cgi-bin/koha/oai.pl?verb=ListRecords&metadataPrefix=oai_dc&
from=2013-09-02T13:44:33Z&until=2013-09-05T13:44:33Z

Change the exact dates to accord with your timestamps, but keep the
YYYY-MM-DDTHH:MM:SSZ format.

3) Note the unexpected behaviour. A "from" argument with the timestamp
2013-09-02T13:44:33Z will show records from 2013-09-03 but not records
from 2013-09-02 even though the timestamp in the database will say
"2013-09-02 13:44:33".

Also note that records with a timestamp later than 13:44:33 will show
up for the day 2013-09-05, even though they shouldn't.

4) APPLY THE PATCH

5) Resubmit the links you tried above

6) Note that the applicable records now appear (or do not appear) in
accordance with the precise date/time ranges!

--

Developer Note: We could've not stripped the UTC designators and used
DATE() around the parameters in the SQL queries, but that would have
lost the whole purpose of using times in the "from" arguments, since
they would've been generalized to just the dates.

I think this is probably the best solution. Admittedly, creating
"form_arg" and "until_arg" hashrefs in the ResumptionToken object
might not be ideal, but I preferred that to copying the
_strip_UTC_designator subroutine into two other objects. Perhaps this
sub could go somewhere else and be imported into those other two objects
but this seemed to be the most sensible decision. I'm open to other
opinions though.

Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Works, find results with correct timestamp
No koha-qa errors

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
2015-06-05 12:53:10 -03:00
Mark Tompsett
1651cf70d1 Bug 5010: Fix OPACBaseURL to include protocol
First, it is strongly recommended to set the OPACBaseURL. But
this patch allows the inclusion of the protocol and not just
a site.

Next, C4/Auth now puts OPACBaseURL into the template parameters
regardless of OPAC or Staff clients.  t/db_dependent/Auth.t was
tweaked to add a check for confirming that get_template_and_user
adds OPACBaseURL to both OPAC and Staff templates.

In the staff client, once the OPACBaseURL is set, you get a nice
OPAC View link when viewing a biblio's detail. It should reflect
the protocol used now.

Hard coded 'http://' strings were removed from the
sample_notices.sql files. This is what required also updating
the letters table in the updatedatabase.pl script.

The explanation text in the sysprefs.sql needed updating too to
reflect the inclusion of the protocol. And this was the other
update done in the updatedatabase.pl script. The opac.pref file
was similarly changed as well.

catalogue/detail.pl had no need to pass a custom OpacUrl value,
since C4/Auth passes the required OPACBaseURL, so it and the
corresponding template were modified.

Both the MARC21 and NORMARC intranet details files had 'http://'
hard coded in them. This was removed.

Both the bootstrap and prog theme opac-detail template had a
protocol parameter that was used. The logic for the parameter
was not removed, because it is used extensively in one template.
Perhaps it should be used to simplify the other. However, the
calculated current_url parameter had references to the protocol
removed, because of the changes to OPACBaseURL.

opac/opac-shareshelf.pl had a hard coded 'http://' which was
removed.

t/db_dependent/Auth_with_cas.t had 'http://' added to the value
set for OPACBaseURL.

In virtualshelves/sendshelf.pl explicit code which sent the
OPACBaseURL preference was removed, since C4/Auth sends it all
the time now.

C4::Context::set_preference was tweaked to ensure that
OPACBaseURL would always start with http.
t/db_dependent/Context.t was tweaked to specifically test this.

The Shibboleth authentication needs OPACBaseURL set, and that
it be https protocol. The _get_uri routine was tweaked to always
pass back https:// as the protocol on the OPACBaseURL.
t/Auth_with_shibboleth.t was tweaked to specifically test the
changes.

TEST PLAN
---------
This is not an easy patch to test. Difficulties include:
- configuring Koha to run under https
    (tweaking apache2 isn't so hard, just tricky)
- configuring Koha to run OPAC and Staff with Plak
    (since code with comments about plak were sliced out)
- configuring Koha to use CAS
    (may be requires for the CAS test)

 1) Apply patch
 2) Make sure OPACBaseURL is set without the protocol included.

UPDATEDATABASE
 3) back up your DB
 4) ./installer/data/mysql/updatedatabase.pl
    -- It should run without errors.
 5) Look up the OPACBaseURL system preference in the staff
    client
    -- It should have http:// prepended.
 6) Run the mysqlclient from your koha git directory
      USE koha_library;
      SELECT content FROM letter WHERE content LIKE "%<<OPACBaseURL>>%";
    -- There should be no prepended http:// on the
       <<OPACBaseURL>>.
 7) restore your DB
 8) Make sure OPACBaseURL is set with the protocol included,
    preferably https.
    -- Using https requires a bunch of apache2 tweaks.

AUTH
 9) Call up staff client.
10) Call up OPAC.
    -- C4/Auth.pm doesn't barf.
11) Call up Plack staff client
12) Call up Plack OPAC.
    -- C4/Auth.pm doesn't barf.
13) prove -v t/db_dependent/Auth.t

CONTEXT
14) Home -> Koha administration -> Global System Preferences
         -> OPAC
15) Modify and save OPACBaseURL to not have http:// or https://
    on it.
    -- It should be modified to include http://
16) Modify and save another system preference.
    -- It should save normally
17) prove -v t/db_dependent/Context.t

CATALOGUE/DETAIL (tt & pl)
18) Confirm the OPACBaseURL is set
19) Navigate to any biblio details in the staff client
    -- There should be a "OPAC view" link which has the
       correct http:// or https:// in it.

SQL (sample notices and sysprefs)
20) Run the mysqlclient from your koha git directory
      USE koha_library;
      DELETE FROM letter;
      source installer/data/mysql/de-DE/mandatory/sample_notices.sql;
      SELECT content FROM letter WHERE content LIKE "%<<OPACBaseURL>>%";
      DELETE FROM letter;
      source installer/data/mysql/en/mandatory/sample_notices.sql;
      SELECT content FROM letter WHERE content LIKE "%<<OPACBaseURL>>%";
      DELETE FROM letter;
      source installer/data/mysql/nb-NO/1-Obligatorisk/sample_notices.sql;
      SELECT content FROM letter WHERE content LIKE "%<<OPACBaseURL>>%";
      DELETE FROM letter;
      source installer/data/mysql/es-ES/mandatory/sample_notices.sql;
      SELECT content FROM letter WHERE content LIKE "%<<OPACBaseURL>>%";
      DELETE FROM letter;
      source installer/data/mysql/fr-FR/1-Obligatoire/sample_notices.sql;
      SELECT content FROM letter WHERE content LIKE "%<<OPACBaseURL>>%";
      DELETE FROM letter;
      source installer/data/mysql/it-IT/necessari/notices.sql;
      SELECT content FROM letter WHERE content LIKE "%<<OPACBaseURL>>%";
      DELETE FROM letter;
      source installer/data/mysql/pl-PL/mandatory/sample_notices.sql;
      SELECT content FROM letter WHERE content LIKE "%<<OPACBaseURL>>%";
      DELETE FROM letter;
      source installer/data/mysql/ru-RU/mandatory/sample_notices.sql;
      SELECT content FROM letter WHERE content LIKE "%<<OPACBaseURL>>%";
      DELETE FROM letter;
      source installer/data/mysql/uk-UA/mandatory/sample_notices.sql;
      SELECT content FROM letter WHERE content LIKE "%<<OPACBaseURL>>%";
    -- Each of the selects should should lines that have
       <<OPACBaseURL>> starting them, but no hard-coded http://
      DELETE FROM systempreferences;
      source installer/data/mysql/sysprefs.sql;
      SELECT * FROM systempreferences WHERE variable='OPACBaseURL';
    -- The explanation should reflect the new explanation.
      QUIT
21) restore your DB
22) Make sure OPACBaseURL is set with the protocol included,
    preferably https.
    -- Using https requires a bunch of apache2 tweaks.

SLIM2INTRANETDETAIL
23) Set 'XSLTDetailsDisplay' system preference to default.
24) Set 'marcflavour' system preference to MARC21.
25) View any biblio's details.
    -- the URL beside 'OPAC View' should have the appropriate
       http:// or https://
26) Set 'marcflavour' system preference to NORMARC.
27) View any biblio's details.
    -- the URL beside 'OPAC View' should have the appropriate
       http:// or https://

OPAC-DETAIL
28) Set 'opacthemes' to bootstrap.
29) Set 'SocialNetworks' to enabled.
30) In OPAC, view any biblio's details.
    -- the Share links should have the appropriate protocol on
       the OPACBaseURL.
31) Set 'opacthemes' to prog.
32) In OPAC, view any biblio's details.
    -- the Share links should have the appropriate protocol on
       the OPACBaseURL.

AUTH_WITH_CAS
33) prove -v t/db_dependent/Auth_with_cas.t

OPAC-SHARESHELF
34) Set 'OpacAllowSharingPrivateLists' to allow.
35) In OPAC, 'Save to Lists' a search result.
36) Save it to a new private list.
37) Click the Lists button, and select the new list.
38) Click the Share button.

AUTH_WITH_SHIBBOLETH
39) prove -v t/Auth_with_shibboleth.t
    -- needs to be tests on Debian, because I can't get
       the Test::DBIx::Class installed in Ubuntu. :(

Rebased again on kohadevbox...

Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>

Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
2015-06-04 10:00:04 -03:00
Jonathan Druart
c7a8e4dd25 Bug 14266: Trim the email address in the pl script
The original concern of bug 14266 was to provide a compatibility for
<IE9.
But actually we don't need to trim the email address template side.
It will even better to trim it in the perl script, so that the email
will be trimed even if JS is disabled.

Test plan:
1/ Share a list and does not provide any email address
2/ Submit
=> The form is not submited, no alert/message is displayed (same as
before this patch).
3/ Share a list and provide an email address with spaces before and
after
4/ Submit
=> You should receive the email

Signed-off-by: Indranil Das Gupta (L2C2 Technologies) <indradg@gmail.com>
Test output compliant with expected test plan outcome.

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
2015-06-01 14:15:58 -03:00
109c610e99 Revert "Bug 6679: Fixing code so it passes basic Perl:::Critic tests"
This reverts commit 8b9a555cc9.

Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
2015-05-26 14:16:31 -03:00
8b9a555cc9 Bug 6679: Fixing code so it passes basic Perl:::Critic tests
opac/ilsdi.pl: Stricture disabled at line 217, column 17.  See page 429 of PBP.  (Severity: 5)

Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
2015-05-26 10:42:06 -03:00
Aleisha
fd14184873 Bug 14185: Undefined $limit causes warn in opac/opac-readingrecord.pl
This patch sets $limit to be an empty string.

Test plan
=========

1/ login into the opac using your user account credentials
2/ in a terminal, run a `tail -f ` on your instance's opac-error.log
3/ go back to the opac, click on 'your reading history' tab to go to
   opac-readingrecord.pl
4/ notice the warning - "opac-readingrecord.pl: Use of uninitialized
   value $limit" appear in the `tail`ed opac-error.log
5/ apply the patch
6/ reload the page (opac-readingrecord.pl)
7/ page works but the warning in step #4 is no longer logged
8/ run qa test (i.e. koha-qa.pl -c 1 -v 2), there should be no error

Remarks: Testing result match expected test plan output. The QA tests
         pass with "OK" for the commit.

Signed-off-by: Indranil Das Gupta (L2C2 Technologies) <indradg@gmail.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
2015-05-26 10:42:05 -03:00
Indranil Das Gupta
642e6012cd Bug 14186 [QA Followup]: Undefined $reservedfor causes warn in opac-reserve.pl
This is a followup for Bug 14186 that removes the extraneous tab
char on line 470, so that the patch can clear QA tools.

This patch sets $reservedfor to an empty string.

Test plan
=========

1/ in a terminal, run `tail -f ` on your instance's opac-error.log
2/ go to the opac and search from an item that exists on the Koha
   instance.
3/ Select the title (if more than one title is returned) and click on
   'Place hold' link to go to opac-reserve.pl
4/ notice the warning - "opac-reserve.pl: Use of uninitialized value
   $reservedfor" appear in the `tail`ed opac-error.log
5/ apply the patch
6/ reload the page (opac-reserve.pl)
7/ page works but the warning in step #4 is no longer thrown up
8/ run qa test (i.e. koha-qa.pl -c 1 -v 2), there should be no error

Remarks: Testing result match expected test plan output. The QA tests
         pass with "OK" for the commit.

Signed-off-by: Indranil Das Gupta (L2C2 Technologies) <indradg@gmail.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
2015-05-26 10:42:05 -03:00
Aleisha
8fdd352bc9 Bug 14186: Undefined $reservedfor causes warn in opac-reserve.pl
This patch sets $reservedfor to an empty string.

Test plan
=========

1/ in a terminal, run `tail -f ` on your instance's opac-error.log
2/ go to the opac and search from an item that exists on the Koha
   instance.
3/ Select the title (if more than one title is returned) and click on
   'Place hold' link to go to opac-reserve.pl
4/ notice the warning - "opac-reserve.pl: Use of uninitialized value
   $reservedfor" appear in the `tail`ed opac-error.log
5/ apply the patch
6/ reload the page (opac-reserve.pl)
7/ page works but the warning in step #4 is no longer thrown up
8/ run qa test (i.e. koha-qa.pl -c 1 -v 2), there should be no error

Remarks: The QA test failed - "forbidden pattern: tab char (line 470)".

         Marking this as 'FAILED QA'

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
2015-05-26 10:42:05 -03:00
Julian Maurice
1970b245f5 Bug 13687: Move hold policy check into CanItemBeReserved
This way ILS-DI HoldItem and HoldTitle services also benefit from this
check

Test plan:

1/ Define some default holds policies by item type in
/admin/smart-rules.pl
2/ Use ILS-DI HoldItem service and check that those rules are respected
3/ Check that staff and opac hold behaviour is unchanged regarding
these rules.

Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Passes tests and QA script. No regressions found,
improves the ILS-DI HoldItem response.
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
2015-05-19 12:05:50 -03:00
159cb0ed05 Bug 13986: Implement fix for OPAC
Tested wit OPAC, full list is printed.
Signed-off-by: Marc Veron <veron@veron.ch>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
2015-05-15 16:01:47 -03:00
Jonathan Druart
11049f9d02 Bug 13758: Move the Koha version from kohaversion.pl
It will permit not to run another perl interpreter.

Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2015-05-07 11:39:04 -03:00
432deab9ed Bug 7843: (QA followup) Make news selection persistant
This patch makes the following changes:
1) If there is no logged in patron, the RSS link states it is for
   system-wide news.
2) If a patron is logged in, the RSS link states it is for system-wide
   news *and* news for the patron's home library.
3) The patron's home branch code is embedded in the RSS feed url so
   he or she no longer needs to be logged in for us to know what branch's
   news to pull.

Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
2015-04-30 16:33:21 -03:00
Jonathan Druart
5bbc5834d8 Bug 7843: (qa-followup) Create an RSS feed for news in Opac
1/ use strict and warnings are useless, Modern::Perl is used
2/ Prefer to use the interface and theme TT var instead of the hard
coded path

Signed-off-by: Pierre <tredok.pierre@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
2015-04-30 16:12:33 -03:00
Jonathan Druart
cb10626c05 Bug 7843: Remove the useless use of casAuthentication
Certainly a c/p error from opac-main.pl

Signed-off-by: Pierre <tredok.pierre@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
2015-04-30 16:12:28 -03:00
Viktor Sarge
22ed7c7d8f Bug 7843: Create an RSS feed for news in Opac
Test plan:
* Install the patch
* Make shure there is news in the Opac
* Go to the Opac (opac-main.pl)
* Make shure you see an RSS icon below the news and a short text.
* Click the RSS icon and verify that you get an RSS feed that validates.

Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>

I took the liberty of fixing the copyright statement when signing it off

Signed-off-by: Pierre <tredok.pierre@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
2015-04-30 16:12:25 -03:00
Jonathan Druart
a333a13da5 Bug 8007: (QA followup) Add error handling when generating the pdf
If error occurs when generating the pdf, it would be better to get an
encapsulated error instead of the "software error" message in the pdf
file.
To test this patch I added this change:

b/Koha/Borrower/Discharge.pm
-115,6 +115,7 @@ sub generate_as_pdf {
     say $html_fh $html_content;
     close $html_fh;
     my $pdf = PDF::FromHTML->new( encoding => 'utf-8' );
+    $html_path .= "poeut";
     $pdf->load_file( $html_path );
     $pdf->convert;

Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
2015-04-30 12:34:21 -03:00
Jonathan Druart
753c8ef6c2 Bug 8007: Compatibility with bug 11944
This patch should be applied to work with bug 11944.
If you don't have 11944 yet, just don't apply this patch.

Note that the line
  binmode(STDOUT);
in pl files is mandatory.

It comes from bug 11944 that adds the line
  binmode( STDOUT, ":utf8" );
in C4::Templates::gettemplate.

Signed-off-by: Lucie <lucie.rousseaux@dracenie.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
2015-04-30 12:34:09 -03:00
Yohann Dufour
9ad589189e Bug 8007: Discharge management
This patch is the main patch. It adds new package and files for the new
pages (opac-discharge, members/discharge and members/discharges).

At the intranet, it is now possible to generate a discharge for a patron.
At the opac, a patron can request a discharge and a discharge if it has
been validated by a librarian.

Requirements:
    The perl module PDF::FromHTML

New sysprefs:
 - useDischarge: Allows librarians to discharge borrowers and borrowers
   to request a discharge

New letter with a letter_code DISCHARGE.

Test plan:
- Switch on the syspref useDischarge.
- Verify a new tab appears in the patron page (intranet and opac).
- Verify the discharge cannot be generated if the patron has issues.
- Verify the patron can request a discharge from it's opac area.
- The request appears on the main page (intranet).
- Generate the discharge from the intranet.
- Try to download it (from the opac and the intranet).

Signed-off-by: Lucie <lucie.rousseaux@dracenie.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
2015-04-30 12:33:56 -03:00
d90b6d2ba2 Bug 1917 - Add RSS Feeds for Lists
Test Plan:
1) Apply this patch
2) Create one or more public lists
3) View the list in the opac
4) Note the new RSS icon next to the list name
5) Open the link in FireFox or an RSS reader
6) You should see an RSS feed of your list with the title
   and author of each item as a hyperlink to the record details

Signed-off-by: Nicole Engard <nengard@bywatersolutions.com>

Followed test plan. Works as expected.
Signed-off-by: Marc Véron <veron@veron.ch>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
2015-04-29 12:08:36 -03:00