Commit graph

12453 commits

Author SHA1 Message Date
0c6538f033 Bug 17834: Make translation easier
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-06 13:15:12 -03:00
Aleisha Amohia
1417f83e8b Bug 17834: Change library news text for single-branch libraries
To test:
1) Log into OPAC, go to home page
2) Confirm that the text shows as 'RSS feed for (branchname) library
news' if single-branch library
3) Confirm text shows as normal for libraries with more than one branch

Sponsored-by: Catalyst IT

Signed-off-by: maricris <mlabancia@gmail.com>

Signed-off-by: anafe <anafeazuela@yahoo.com>

Signed-off-by: iflora <iflora@unimas.my>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-06 13:02:46 -03:00
Aleisha Amohia
f7e8391fd3 Bug 19215: Fixing typo in URL for patron clubs
To test:
1) Go to Tools -> Clubs
2) Create a new club template if you do not already have one
3) Edit the template
4) Notice the URL is incorrect and the page is not found
5) Apply patch and go back to Clubs
6) Click edit button
7) Link should work as expected

Sponsored-by: Catalyst IT
Signed-off-by: Claire Gravely <claire.gravely@bsz-bw.de>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-06 12:55:23 -03:00
ecf6ca5d6e Bug 18708 [Revised] Show itemBarcodeFallbackSearch results in a modal window
This patch modifies the circulation template so that
itemBarcodeFallbackSearch results show in a modal window.

To test, enable the itemBarcodeFallbackSearch system preference and open
a patron's account in circulation.

- Submit a string which will return search results. When the page
  reloads a modal should display showing a table of title search
  results.
  - Test the "Check out" button and confirm that the correct item is
    submitted.
  - Test closing the modal and re-displaying it using the new "Show
    matching titles" button.
  - Confirm that the "Add record using fast cataloging" button still
    works correctly.
- Submit a string which will return no results. No modal window should
  display, and only the "Add record" button should appear.
- Confirm that normal checkout works correctly.
- Test with itemBarcodeFallbackSearch disabled, and with a user who
  lacks Fast Cataloging permission.

Revision removes a heading which was made redundant by the modal markup.

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-01 17:07:22 -03:00
Katrin Fischer
327495b5e0 Bug 14316: Clarify meaning of record number in Batch record modification tool
Same change as the first patch, but for the batch record
modification tool.

Signed-off-by: Marc Véron <veron@veron.ch>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-01 13:02:26 -03:00
Katrin Fischer
4934ee4a16 Bug 14316: Clarify meaning of record number in Batch record deletion tool
Changes the label from 'list of record numbers...' to
'List of biblionumbers or authority ids...' to make it
more clear to the user which kind of input is expected.

To test:
- Go to Tools > Batch record deletion
- Check the new description
- Decide if it's more clear or not

Signed-off-by: Marc Veron <veron@veron.ch>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-01 13:02:26 -03:00
Lari Taskula
bb31d99065 Bug 18692 - intranet part
Fixes misplaced columns introduced by previous patch and adds the "-" for phone
transport type.

To test:
1. Set SMSSendDriver system preference on
2. Go to intranet messaging preferences
3. By default you should see checkboxes for all messages for SMS
4. Ensure columns are not misplaced (pushing one column too much to the right)
5. Delete sms method from one of the messages in message_transports table
6. Observe that "-" is displayed instead of checkbox for that message for SMS
7. Repeat same for TalkingTechItivaPhoneNotification system preference.
   By default it may not have transports in message_transports, so make sure
   to assign some in order to have the checkboxes visible.

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-01 13:02:25 -03:00
8fd0847c82 Bug 18692 - same with syspref TalkingTechItivaPhone
Fixes misplaced columns introduced by previous patch and adds the "-" for phone
transport type.

To test:
1. Set SMSSendDriver system preference on
2. Go to intra and OPAC messaging preferences
3. By default you should see checkboxes for all messages for SMS
4. Ensure columns are not misplaced (pushing one column too much to the right)
5. Delete sms method from one of the messages in message_transports table
6. Observe that "-" is displayed instead of checkbox for that message for SMS
7. Repeat same for TalkingTechItivaPhoneNotification system preference.
   By default it may not have transports in message_transports, so make sure
   to assign some in order to have the checkboxes visible.

https://bugs.koha-community.org/show_bug.cgi?id=8692

Signed-off-by: Michael Andrew Cabus <michael@bywatersolutons.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-01 13:02:25 -03:00
a932d05ace Bug 18692 - When SMS is enabled the OPAC messaging table is misaligned
Bug 6726 had corrected the fact that when SMS is enabled the messaging table is missing a column.
Bug 6458 has broken this.
The SMS column is missing an else case with cell containing only "-" like other columns.

Test plan :
- set SMSSendDriver preference empty
- go to OPAC patron messaging
- column SMS should not be visible
- set SMSSendDriver preference not empty
- go to OPAC patron messaging
- column SMS appears with checkboxes

Signed-off-by: Michael Andrew Cabus <michael@bywatersolutons.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-01 13:02:25 -03:00
Marc Véron
65bce82b1f Bug 18636: Sysprefs: Add explanation for conflict autonumbernum / BorrowerMandatoryFields
This patch adds a note to the system preferences autonembernum and
BorrowerMandatoryFields regarding a conflict if automembernum is on
and BorrowerMandatoryFields contains cardnumber.

To reproduce issue: See initial comment.

To test:
- Apply patch
- Verify that in system preferences note appears with both prefs
  automembernum and BorrowerMandatoryFields

Followed test plan, works as described
Signed-off-by: Alex Buckley <alexbuckley@catalyst.net.nz>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-01 13:02:25 -03:00
Marc Véron
6c1504cfdb Bug 16485: collection column in Item search is always empty
This patch fills the column 'Collection' in item search from the item values.

To test:
- Go to item search
- Reproduce issue from initial comment
- Apply patch
- Verify that the column 'Collection' is filled

Still to do, but outside of my datatable skills:
Filter by drop down in the column header does a substring search.
Example: Filter for 'Fiction" returns both 'Fiction' and 'Non-fiction' items.

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Laurence Rault <laurence.rault@biblibre.com>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-01 13:02:25 -03:00
515e629928 Bug 18621: Added in value attribute to dateexpiry field
Test plan:
1. Create a patron category with the dateexpiry value of 29/9/2017

2. Create a patron user from that patron category (which I'll refer to as patron A) with the date
expiry value of 1/10/2017 and submit the form

3. Notice that the manual dateexpiry you have submitted is correctly
displayed

4. Create a duplicate patron with the same firstname and surname and
patron A, and set the date expiry value of 1/10/2017 and submit the form

5. The form displays a duplicate patron message. Notice that the dateexpiry input box is empty now

6. Select the new member (not a duplicate member) option in the
messagebox

7. The form successfully submits and notice that the date expiry value
displayed is that of the patron category (i.e. it is 29/9/2017) not the
dateexpiry value of 1/10/2017 that you manually set for this patron

8. Apply patch

9. Repeat step 4

10. The form displays a duplicate patron message. Notice the dateexpiry input box still
contains the value you entered which is 1/10/2017. Select the new member
(not a duplicate member) option in the messagebox

11. The form successfully submits and notice that the date expiry value
displayed is 1/10/2017 that you manually set for this patron

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-01 13:02:24 -03:00
Katrin Fischer
a887aeb2df Bug 19129 - Follow-up - Add changes to patron duplicate warning
Adds logic from the previous fix to the brief patron summary
shown when checking a possible patron duplicate.

Bonus: Also fixes missing patron category description there.

To Test:
- Add 2 patrons
- Add a patron with the same surname and firstname as an
  existing patron in order to trigger the duplicate message
- Click "View existing patron"
- Verify display is correct when existing patron is
  - an organisation
  - not an organisation
- Verify that the patron category description shows

Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-01 13:02:23 -03:00
Katrin Fischer
82f183c5ea Bug 19129 - Clean up Details tab for Organisation patrons
Problem: A patron category "I" would cause display problems
on the details in the intranet. This is because the templates
confused patron category "I" with patron type "I" (organisation).

Patch:
- Cleans up variable confusion between categorycode and
  categorytype.
- The template contained code to change the labels below
  the address to 'Organisational phone:" etc., I have removed
  this part as it does not match the edit form anymore.
- Initials, date of birth and gender are still hidden for
  organisation - matching the edit form.

Bonus:
- The patron category description was missing on the
  right and left side of the details tab. Now it displays.
- Fixes some html issues:
  - doubled up class attribute in a tag
  - doubled up </li></li>

To test:
- Create 3 patrons
  - patron category code doesn't matter, but category type organisation
  - patron category code 'I', category type NOT organisation
  - patron category code NOT I, category type NOT organisaton
- Check details tab in patron account in staff for all 3
  - Verify patron category description shows correctly
  - Verify information added to the account displays correctly
    (phone numbers, emails, ...)

Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-01 13:02:23 -03:00
Aleisha Amohia
f24e339dd6 Bug 16726: [FOLLOW-UP] Putting text in h1
Works as outlined in test plan, search terms now appear at top as h1 as well

Signed-off-by: Dilan Johnpullé <dilan@calyx.net.au>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-01 13:00:07 -03:00
Aleisha Amohia
f10f6a19c5 Bug 16726: Clear text in syspref searchbox after submitting
To test:
1) Go to Admin -> search for a system preference
2) Notice your search stays in the search box (this is inconsistent with
    search behaviour across Koha)
3) Apply patch and refresh page
4) Make another search
5) Confirm search still works as expected and search terms have been
cleared from search box
6) Confirm search terms show at the top of the results

Sponsored-by: Catalyst IT

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-01 13:00:06 -03:00
Marc Véron
8d08254b22 Bug 14353 - Show 'damaged' and other status on the 'place holds' page in staff
This patch adds status 'Damaged' to 'Information' 'Status' in the items
table on 'Place hold' page.

To test:
- Apply patch
- In staff client, try to place an item level hold for items with 'Damaged'
  status.
- Verify that the status 'Damaged' appears in the column 'Information'.

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-01 13:00:05 -03:00
85b963d11f Bug 15924 - Coce not enabled on lists
To test:
Enable Coce and disable other image services
Load a list and not there are no covers
Apply patch
Load a list and note there are covers

https://bugs.koha-community.org/show_bug.cgi?id=15924

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-01 13:00:04 -03:00
831d75d09c Bug 19208 - Pay select option doesn't pay the selected fine
The "Pay selected" option on the Fines tab in the borrower account page doesn't work as intended.
The fine on top of the list gets the amount deducted, even if another fine is choosen from the list.

Test Plan:
1) Create two or three fines, using the Create manual invoice function.
2) Choose one of the fines (not the one on the top) and click Pay selected
3) Pay a partial amount
4) Go back to the Pay fines tab an notice that the fine you selected has not changed. Instead, either the top fine or the total (see attachment) has ben affected.
5) Apply this patch
6) Repeat steps 1-3
7) Note the correct fine is paid

Signed-off-by: Andreas Hedström Mace <andreas.hedstrom.mace@sub.su.se>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-01 13:00:04 -03:00
Marc Véron
239589b119 Bug 18718: Language selector in staff header menu similar to OPAC
This patch adds a language selector menu to the top menu of staff client
similar to the OPAC.
Display of language selectors at top, bottom or both can be configured
with system preference StaffLangSelectorModer. It defaults to bottom.

To test:
- Apply patch
- Udate database
- Restart plack and memchached
- Go to staff client, verify that language selector displays at
  the bottom of the page (as before)
- Go to system preferences, verify that there is a new preference
  StaffLanguageSelectorMode (name similar to the sypref ror OPAC), and
  that it is set to 'footer'
- Change mode for top, both and footer and verify, go to staff client
  and verify for each that the language selector displays as appropriate

(Amended for comment #2  2017-06-02 mv)

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-01 11:30:26 -03:00
Serhij Dubyk {Сергій Дубик}
d5ea914f4d Bug 17827 - Untranslatable "by" in MARC21slim2intranetResults.xsl
Signed-off-by: Serhij Dubyk {Сергій Дубик} <serhijdubyk@gmail.com>

The "by" after the title was not translatable in the result
lists of the intranet. This patch fixes it by removing
a comment, that caused a problem with the translation
scripts.

To test:
Test:

Before this patch in file en-GB-marc-MARC21.po present next paragraph:

msgid "by "
msgstr " by "

According string "by " in the file MARC21slim2intranetResults.xsl can not be translated (in other languages).

After applying this patch performed next command:
cd /usr/share/koha/misc/translator
sudo env KOHA_CONF=/etc/koha/sites/mykohainstance/koha-conf.xml PERL5LIB=/usr/share/koha/lib perl -I /usr/share/koha/lib "./translate" update

Now in the file en-GB-marc-MARC21.po present the following (modified) paragraph:

msgid "by "
msgstr " by "

https://bugs.koha-community.org/show_bug.cgi?id=17827
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-01 11:14:58 -03:00
Aleisha Amohia
d510598076 Bug 18871: Make patron list name a link to view contents of list
The link is the same as the 'Add patrons' button in Actions dropdown,
but requires one less click, and makes finding the contents of the list
more obvious.

To test:
1) Go to Tools -> Patron lists
2) Create a patron list if you haven't already
3) Confirm that clicking the name of the list takes you to the correct
list and shows the expected content.

Sponsored-by: Catalyst IT

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-08-30 16:51:21 -03:00
Aleisha Amohia
6babeeccab Bug 18860: Adding thead tags to OPAC messaging settings table
So that it can be styled alongside other tables in the OPAC.

To test:
1) Log into staff side
2) Find OPACUserCSS syspref and add the following CSS:
thead {
color: red;
}
3) Log into the OPAC
4) Go to your fines, your search history, your reading history etc -
notice all of these table's headings are styled with red text
5) Go to your messaging. Notice this table's headings are not styled
with red text
6) Apply patch and refresh page
7) Your messaging table should now have red headings.
(You can delete the CSS from OPACUserCSS if you'd like.)

Sponsored-by: Catalyst IT

Signed-off-by: Jesse Maseto <jesse@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-08-30 16:49:23 -03:00
Aleisha Amohia
9a8a6da3f4 Bug 18869: [FOLLOW-UP] Show enrollments as disabled link
if club has no enrolled patrons

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-08-30 16:44:00 -03:00
Aleisha Amohia
af293fd886 Bug 18869: [FOLLOW-UP] Make page reload after club or template delete
If deleting the last club or template in a table, the row is deleted
from the webpage by ajax so the nice blue bubble message does not show.
This patch forces the page to reload so the blue bubble message shows
instead of the empty table.

To test:
Confirm that the blue message shows when tables are empty. Add a
template and a club, then delete a club. Confirm the page reloads and
the message shows. Test with template

Sponsored-by: Catalyst IT

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-08-30 16:44:00 -03:00
Aleisha Amohia
79439a0262 Bug 18869: Fixing display of patron clubs tables
This patch
1) Hides the club templates table if there are no club templates, shows
an appropriate message
2) Hides the clubs table if there are no clubs. Shows an appropriate
message for whether templates exist
3) Puts the actions in one column, or a dropdown menu

Sponsored-by: Catalyst IT

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-08-30 16:44:00 -03:00
Marc Véron
23cc8b3968 Bug 18781: Translatability: Get rid of exposed tt directives in openlibrary-readapi.inc
The file koha-tmpl/opac-tmpl/bootstrap/en/includes/openlibrary-readapi.inc
exposes template directives to translation. The only string that should
appear in .po from this file is "Open Library: "

To test:
- Apply patch
- Verify that code changes make sense
- Bonus test: create a new language 'aa-AA', verify in aa-AA-opac-bootstrap.po
  that there is only the following string for openlibrary-readapi.inc:
msgid "Open Library: "
msgstr ""

NOTE: Followed a test plan similar to bug 18776 comment 3

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-08-30 16:43:37 -03:00
Marc Véron
255cadeb77 Bug 18780: Translatability: Get rid of exposed tt directive in masthead-langmenu.inc
The file opac-tmpl/bootstrap/en/includes/masthead-langmenu.inc exposes following tt directive to translators:

"[%% IF ( ( opaclanguagesdisplay ) && ( ! one_language_enabled ) && "
"( languages_loop ) && ( OpacLangSelectorMode == 'both' || "
"OpacLangSelectorMode == 'top') ) %%] "

This patch fixes it.

To test:
- Apply patch
- Verify that language selector in OPAC (top of the page) works as expected
- Bonus test: create a new language 'aa-AA', verify that line above does not
show up in aa-AA-opac-bootstrap.po

NOTE: Followed a test plan similar to bug 18776 comment 3

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-08-30 16:43:37 -03:00
Marc Véron
331320f93a Bug 18779: Translatability: Get rid of exposed tt directives in authorities-search-results.inc (OPAC)
The file opac-tmpl/bootstrap/en/includes/authorities-search-results.inc
exposes template directives to translation where translators should not
be confronted with.

Example:
"[%% PROCESS showreference heading=seeals.heading linkType='seealso' "
"type=seeals.type authid=seeals.authid %%] "

To test:
- Apply patch
- Verify that Authority search in OPAC works as before
- Bonus test: create a new language 'aa-AA', verify that line above
  does not show up in aa-AA-opac-bootstrap.po

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-08-30 16:43:37 -03:00
Marc Véron
c8551645d5 Bug 18778 - Translatability: Get rid of tt directive in translation for item-status.inc
The file opac-tmpl/bootstrap/en/includes/item-status.inc exposes a template directive where translators should not be confronted with.

"%s %s [%%#- This include takes two parameters: an item structure and an "
"optional loan (issue) structure. The issue structure is used by course "
"reserves pages, which do not use an API to fetch items that populates item."
"datedue. -%%] %s %s %s %s "

This patch fixes new lines inside a tt directive (comment).
It is merely a string patch.

To test:
Verify that the code changes make sense.
(Bonus test: create a new language 'aa-AA', verify that line above does not
show up in aa-AA-opac-bootstrap.po)

NOTE: Followed test plan similar to bug 18776 comment 3.

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-08-30 16:43:37 -03:00
Marc Véron
9ed4bdc87e Bug 18777: Translatability: Get rid of exposed tt directives in opac-memberentry.tt
The file opac-memberentry.tt exposes template directives to translation where
translators should not be confronted with.

Example from po file:
"%s [%% UNLESS hidden.defined('B_address') && hidden.defined('B_address2') && "
"hidden.defined('B_city') && hidden.defined('B_state') && hidden."
"defined('B_zipcode') && hidden.defined('B_country') && hidden."
"defined('B_phone') && hidden.defined('B_email') && hidden."
"defined('contactnote') %%] "

To test:
- Apply patch
- Verify that advanced search in OPAC the page 'your personal details'
  behaves as before
- Verify that you can change values and submit an update request
- Create a new translation for a 'language' aa-AA (perl translate create aa-AA)
- Verify that template directives ar no longer exposed in aa-AA-opac-bootstrap.p

NOTE: Followed test plan similar to bug 18776 comment 3.

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-08-30 16:43:36 -03:00
Marc Véron
ae684fc949 Bug 18776: Translatability: Get rid of exposed tt directives in opac-advsearch.tt
The file opac-advsearch.tt exposes template directives to translation where translators should not be confronted with.
Example in po file:
"[%% IF ( ( OpacAdvSearchOptions and OpacAdvSearchOptions.grep('itemtype')."
"size > 0 and not expanded_options ) or ( OpacAdvSearchMoreOptions and "
"OpacAdvSearchMoreOptions.grep('itemtype').size > 0 and expanded_options ) ) "
"%%] "

To test:
- Apply patch
- Verify that advanced search in OPAC behaves as before
- Create a new translation for a 'language' aa-AA (perl translate create aa-AA)
- Verify that template directives ar no longer exposed in aa-AA-opac-bootstrap.po

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-08-30 16:43:36 -03:00
ff591f2c77 Bug 18754: [QA Follow-up] Tiny corrections
Converted one INCLUDE directive to PROCESS; we are not changing variables here. (The PROCESS directive is slightly faster than INCLUDE because it avoids the need to localise (i.e. copy) the variable stash before processing the template.)

Removed one vim inserted letter i.

Error in [% IF ( XISBN.publicationyear ) _ ', ' _ XISBN.publicationyear %][% END %] The concatenation became part of the condition.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-08-30 16:43:36 -03:00
Marc Véron
752aef4593 Bug 18754: Translatability: Get rid of exposed tt directives in opac-detail.tt
The file opac-detail.tt exposes a lot of template directives to translation where translators should not be confronted with.

Some examples from po file are:

$[% SUBFIELD.code %] [% SUBFIELD.value %]

%s [%% INCLUDE \"openlibrary-readapi.inc\" bib = { normalized_isbn => "
"normalized_isbn, lccn => lccn, normalized_oclc => normalized_oclc } %%]

See: [% IF ( nextTitle ) %][% nextTitle |html %][% ELSE %]next biblio[% END "
"%]

To test:
- Apply patch
- Do a search in OPAC that has more than 1 results
- Go to the detail page of one of the items found
- Verify that the details display as before and that you can
  browse the results with Previous and Next
- In staff client, change OPACXSLTDetailsDisplay from 'default' to
  empty for "no xslt" and repeat steps above
- In staff client, set HTML5MediaEnabled to 'OPAC' or 'OPAC and staff client'
- Verify that media catalogued in field 856 still work
- Create a new translation for a 'language' aa-AA (perl translate create aa-AA)
- Verify that template directives ar no longer exposed in aa-AA-opac-bootstrap.po

Followed test plan which works as intended

Signed-off-by: Alex Buckley <alexbuckley@catalyst.net.nz>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-08-30 16:43:36 -03:00
Marc Véron
7e39bbc61a Bug 18660: Translatability: Get rid of template directives [%% in translation for patroncards-errors.inc
Translation for koha-tmpl/intranet-tmpl/prog/en/includes/patroncards-errors.inc
contains a lot of (partial) template directives like:
%%]%s %sLayout: [%%

This patch fixes it

To test:
- Verify that code changes make sense
- Apply patch
- Create a translation (cd misc/translator , then: perl translate create aa-AA
- Verify that in po/aa-AA-staff-prog.po contains no fragments like %%] or [%%
  for patroncards-errors.inc
- Try to get an error: Try a link like
  http://[YOUR SERVER]/cgi-bin/koha/patroncards/create-pdf.pl?batch_id=1&template_id=999&layout_id=999&start_card=1
  ...where template_id and layout_id do not exist

(Amended for comment #2 2017-06-05 mv)
(Amended for comment #6 2017-08-02 mv)

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-08-30 16:43:36 -03:00
Marc Véron
03c7f9366c Bug 18687: Translatability: abbr tag should not contain lang attribute
In manage-marc-import.tt, we have an abbreviation:

<abbr title="Differences between the original biblio and the imported" lang="en">Diff</abbr>

In translations (e.g. German), the line appears as follows:
<abbr title="Unterschiede zwischen Originaltitelsatz und importiertem Titelsatz" lang="en">Diff</abbr>

The lang attribute is wrong here, it is still "en".
The text language is the same as defined at the top of the page - or with other
words, the lang tag is superfluous.

This patch removes it.

To test:
Verify that code change makes sense.

Passes QA test and the change is logical
Signed-off-by: Alex Buckley <alexbuckley@catalyst.net.nz>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-08-30 16:43:35 -03:00
Marc Véron
25fa02272d Bug 18654 - Translatability: Get rid of tt directives starting with [%% in translation for itemsearch.tt
This patch removes entries like the following in translations of itemsearch.tt:
"[%% INCLUDE form_field_select name=\"homebranch\" options = branches "
"empty_option = \"All libraries\" %%] [%% INCLUDE form_field_select name="
"\"holdingbranch\" options = branches empty_option = \"All libraries\" %%] %s "
"[%% INCLUDE form_field_select name=\"location\" options = locations "
"empty_option = \"All locations\" %%] %s "

New patch on top of Bug 18633 that resolves parts of initial comment.

To test:
- Verify that in itemsearch.tt no tt directives are splitted by new lines
  (search for [% INCLUDE )
- Verify that itemsearch.tt works as before

Followed test plan and verified that tt directives are not split by new
lines, the changes to the fieldset tags in comment 3 have been removed
and itemtype.tt still works correctly as before

Signed-off-by: Alex Buckley <alexbuckley@catalyst.net.nz>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-08-30 16:43:35 -03:00
Marc Véron
2ee82801c7 Bug 18652: Get rid of tt directive in translation for uncertainprice.tt
Translation tool shows toe following for ncertainprice.tt
0; url=[% scriptname %]?booksellerid=[% booksellerid %]

This patch fixes it.

To test:
- Apply patch
- Verify that code change makes sense
- Verify that Home > Acquisitions > [vendor] > Uncertain prices for [vendor]
  works as before

- Additional test (for a langunage 'aa-AA')
  perl translate create aa-AA
  verify that line 41 no longer appears in aa-AA-staff-prog.po

Amended to switch from BLOCK to a template variable, see comment #5

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-08-30 16:43:35 -03:00
Marc Véron
79338bde3e Bug 18649: Translatability: Get rid of tt directive in translation for admin/categories.tt and onboardingstep2.tt
New patch without trailing IF construction in tt directives as
requested in comment #28

To test: Verify that translation tool no longer shows tt directives as
described in comment #1

New patch, needs SO.

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-08-30 16:43:35 -03:00
Marc Véron
59e95182cf Bug 18629: (followup) Plain text "Continue..." instead of BLOCK
Remove
[% BLOCK txt_continue %]Continue to the next step[% END %]
...and restore original text

See comment #19 and comment #20

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-08-30 16:43:34 -03:00
Marc Véron
bd81047f42 Bug 18629 - Translatability: Fix problems with web installer 17.05
The new web installer for 17.05 has a great new design - but it has a lot of
translatability issues. Some strings are not picked for translations,
some expose the content of tt directives, and others are splitted by
html tags, resulting in small text fragments that are not easy to translate.

This patch weeds out such translation problems for step1.tt, step2.tt and
step3.tt

To test:
- Apply patch (on top of Bug 18665 because of html tags inside of
  tt directives in step2.tt)
- Prepare a fresh install (drop database, create database)
- Walk through the installation process and verify that it works as before
- Verify that string changes (in English) make sense
- Create a translation( cd misc/translator, then perl translate create aa-AA)
  then: vim po/aa-AA-staff-prog.po and search for: /installer\/step
  Verify that strings for step1.tt, step2.tt, step3.tt are not fragmented,
  do not contain [%%, and are easily translatable (make sense without having
  to search in source files for context).

(Amended to remove some superfluous chomps 2017-06-27 mv)

Signed-off-by: Alex Buckley <alexbuckley@catalyst.net.nz>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-08-30 16:43:34 -03:00
Amit Gupta
36ba8be88a Bug 19035 - Stored XSS in lists.pl
To Test
1. Hit the page /cgi-bin/koha/patron_lists/lists.pl
2. Click on new patron list
3. Add a text in the field Name that contains js
4. Save the page.
5. Notice js is execute
6. Apply patch and reload, the js is escaped

Fixed in both the pages list.pl and list.pl?patron_list_id=xx
xx is patronlist id

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-08-29 12:00:37 -03:00
Amit Gupta
8534ca2780 Bug 19114 - Stored XSS in parcels.pl
Test
1. Hit the page /cgi-bin/koha/acqui/parcels.pl?booksellerid=xx
   xx is booksellerid
2. Add a text in the field Vendor invoice that contains java script
3. Save the page.
4. Notice js is execute
5. Apply patch and reload the js is escaped

Fixed XSS for parcels.pl/parcel.pl/orderreceive.pl

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-08-29 12:00:37 -03:00
Amit Gupta
d31c635fe2 Bug 19112 - Stored XSS in basketheader.pl page
To Test

1. Hit the page /cgi-bin/koha/acqui/basketheader.pl?booksellerid=1&op=add_form
2. Add a text in the field Basket name, Internal note, Vendor note that contains java script
3. Save the page
4. Notice js is execute
5. Apply patch, reload, js is escaped.

Fixed XSS on pages basket.pl/basketheader.pl/bookseller.pl

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-08-29 12:00:37 -03:00
Amit Gupta
d4b588aca8 Bug 19110 - XSS Stored in branches.pl
To Test
1. Hit the page /cgi-bin/koha/admin/branches.pl?op=add_form_category
2. Add a text in the field Name and description that contains js.
3. Save the page.
4. Notice js is execute
5. Apply patch and reload, the js is escaped

Fixed for js escaped execute for both pages

1. /cgi-bin/koha/admin/branches.pl?op=delete_confirm&branchcode=xx
   xx is branchcode
2. /cgi-bin/koha/admin/branches.pl?op=add_form with Group(s):

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-08-29 12:00:37 -03:00
Amit Gupta
73a66ccaf4 Bug 19100 - XSS Flaws in memberentry.pl
1. Hit /cgi-bin/koha/members/memberentry.pl?op=add&guarantorid=xx<script>alert('amit')</script>
   xx - is a guarantorid
2. Notice the java script is executed.
3. Apply patch.
4. Reload page, and hit the page again /cgi-bin/koha/members/memberentry.pl?op=add&guarantorid=xx<script>alert('amit')</script>
   xx - is a guarantorid.
5. Notice it is no longer executed.

NOTE: I had to test in Microsoft Edge, because Chrome was blocking XSS for me.

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-08-29 12:00:37 -03:00
Amit Gupta
6b3449627f Bug 19105 - XSS Stored in holidays.pl
To Test
1. Hit the page /cgi-bin/koha/tools/holidays.pl
2. Select the date
3. Add a text in the field Title and Description that contains js
4. Save the page.
5. Notice js is execute
6. Apply patch and reload, the js is escaped

Fixed for all holidays

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-08-29 12:00:37 -03:00
Amit Gupta
fd44f2fed7 Bug 16069 - XSS issue in basket.pl page
1. Hit /cgi-bin/koha/acqui/basket.pl?basketno=xx<script>alert('amit')</script>
   xx - is a basketno
2. Notice the java script is executed.
3. Apply patch.
4. Reload page, and hit the page again /cgi-bin/koha/acqui/basket.pl?basketno==xx<script>alert('amit')</script>
   xx - is a basketno.
5. Notice it is no longer executed.

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-08-29 12:00:37 -03:00
Amit Gupta
8c3da35130 Bug 19033: XSS Flaws in Currencies and exchange page
1. Hit /cgi-bin/koha/admin/currency.pl
2. Enter <IFRAME SRC="javascript:alert('XSS');"></IFRAME> search currencies box.
3. Notice the iframe is executed
4. Apply patch
5. Reload page, and enter iframe again on search currencies box.
6. Notice it is no longer executed

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Fixes the issue, follows common practice on the codebase.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-08-29 12:00:37 -03:00
4b11d0c862 Bug 19034: (followup 2) Fix letters.tt XSS flaw
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-08-29 12:00:37 -03:00