Commit graph

44 commits

Author SHA1 Message Date
Julian Maurice
96cc447045 Bug 25898: Prohibit indirect object notation
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2020-10-15 12:56:30 +02:00
638786e719 Bug 24663: Remove authnotrequired if set to 0
It defaults to 0 in get_template_and_user

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2020-09-03 10:40:35 +02:00
21c9b685bf
Bug 20415: Remove UseKohaPlugins system preference
Owen Leonard 2018-03-16 10:47:47 UTC :
<<
I don't think the system preference adds any security. There are already multiple permissions required for working with plugins:

- Configure plugins
- Manage plugins ( install / uninstall )
- Use report plugins
- Use tool plugins

And even with those permissions your server must be configured to allow the use of plugins.
>>

Test plan :
1) Install kitchen sink plugin https://github.com/bywatersolutions/koha-plugin-kitchen-sink
2) Run misc/devel/install_plugins.pl
3) Set config enable_plugins=1
4) Check all parts of the plugin are working
5) Set config enable_plugins=0
6) Check all parts of the plugin are disabled

Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-03-26 11:42:02 +00:00
Kyle M Hall
5583a0a42c
Bug 20691: Implement fines view
This patch implements the logic to show guarantee's fines with guarantor user.

To test:
1) Apply (if not already done) steps 1 to 5 of previous patch
2) Apply this patch
3) Set OPACFinesTab and AllowStaffToSetFinesVisibilityForGuarantor preference to "Allow"
4) Find a guarantee and in accounting create a manual invoice
5) Enter OPAC with guarantor user
CHECK => In summary there is no "Relatives fines" tab
6) On intranet edit guarantee and set "Show fines to guarantors" to "Yes" and save
7) Reload guarantor's OPAC
SUCCESS => You see a "Relatives fines" tab with guarantee's fines information
8) Sign off

Signed-off-by: Agustin Moyano <agustinmoyano@theke.io>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-09-11 08:53:51 +01:00
49275f27d4
Bug 23115: Tweak display of totals on 'Fines and charges' page
This patch tweaks the display of totals on the OPAC 'Fines and charges'
page to clarify between the totals before and after applying credits.

Test Plan:
1) Add some debts and credits to a patrons account
2) Look at the 'Fines and charges' page before applying the patch
3) Look at the 'Fines and charges' page after applying the patch
4) Varify the new layout is an improvment or not

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nadine Pierre <nadine.pierre@inLibro.com>
Signed-off-by: Maryse Simard <maryse.simard@inlibro.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-06-24 14:22:58 +01:00
b74be6724b Bug 22588: (follow-up) Simplify getting accounts even more
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-04-16 13:17:33 +00:00
6d6aa48f6a Bug 22588: Simplify getting fines information in opac and selfcheckout
Test plan:
0) Have patron with some fines and credits
1) Go to opac and log in
2) Go to 'your summary' page and confirm it shows the right amount and
description for both, credit and debit
3) Go to 'your fines' page and confirm it show right information
4) Go to self checkout page and confirm the fines are right here

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-04-16 13:17:33 +00:00
9d10d07612 Bug 21137: Replace BORROWER_INFO with logged_in_user
it also removes 'category_type' and 'description' from a couple of
opac scripts, they are not needed.

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-14 12:43:12 +00:00
51aa6db46c Bug 12001: Move GetMemberAccountRecords to the Koha namespace
The GetMemberAccountRecords may be a perf killer, it retrieves all the
account lines of a patron and then the related item and biblio
information.
Most of the time we only want to know how much the patron owns to the
library (sum of amountoutstanding). We already have this information in
Koha::Patron->account->balance.

This patch replaces the occurrences of this subroutine by fetching only
the information we need, either the balance, the detail, or both.
It removes the formatting done in the module, to use the TT plugin
'Price' instead.
There is a very weird and error-prone behavior/feature in
GetMemberAccountBalance (FIXME): as the accountlines.accounttype is a
varchar(5), the value of the authorised value used for the
ManInvInNoissuesCharge pref (category MANUAL_INV) is truncated to the 5
first characters. That could lead to unexpected behaviors.

On the way, this patchset also replace the GetMemberAccountBalance
subroutine, which returns the balance, the non issues charges and the
other charges. We only need to have the balance and the non issues
charges to calcul the third one.

Test plan:
Add several fees for a patron and play with HoldsInNoissuesCharge,
RentalsInNoissuesCharge and ManInvInNoissuesCharge.
The information (biblio and item info, as well as the account line) must
be correctly displayed on the different screens: 'Fines' module, fine
slips, circulation module

Note that this patchset could introduce regression on price formatting,
but will be easy to fix using the TT plugin.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-02-23 10:57:30 -03:00
402c7f7567 Bug 19173: Add opac payment and marc conversion plugins to the pulldown filter list
Edit: fixed tab-for-space errors (tcohen).

Signed-off-by: Magnus Enger <magnus@libriotech.no>
New categories are added to the pulldown and work as expected.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-19 14:15:52 -03:00
323b1553b0 Bug 19173: Make OPAC online payments pluggable
While PayPal is fairly universal, there is a plethora of online
payment system that are far more localized, servicing a single
country ( e.g. Bug 18968 ) or even a single  city! Instead of
adding support for each and every one of these payment options
directly into Koha, it makes more sense to add the ability to
create online payment plugins.

Test Plan:
1) Apply this patch
2) Download and install the Kitchen Sink plugin version 2.1.1 or later
   https://github.com/bywatersolutions/koha-plugin-kitchen-sink/releases
3) In the plugin options, enable the opac payments option
4) Create a patron with one or more fines
5) Log into the opac as that patron, note you now have the option
   to pay online via KitchenSink ImaginaryPay
6) Make an online payment
7) Note the payment was processed correctly

Sponsored-by: Washoe County Library System

Signed-off-by: Kyle M Hall <kyle@gmail.com>

Signed-off-by: Magnus Enger <magnus@libriotech.no>
Awesome enhancement! I know we want to add at least one Norwegian
payment service at some point.
I followed the test plan and everything works as advertised. Turning
off the "opac payments option" makes the option dissappear cleanly
from the OPAC. I have *not* looked at the code or done any
considerations about security.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-19 14:15:52 -03:00
2b90ea2cb0 Bug 17829: Move GetMember to Koha::Patron
GetMember returned a patron given a borrowernumber, cardnumber or
userid.
All of these 3 attributes are defined as a unique key at the DB level
and so we can use Koha::Patrons->find to replace this subroutine.
Additionaly GetMember set category_type and description.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-07-10 13:14:19 -03:00
f3e4b5bbb6 Bug 16154: CGI->multi_param - Force scalar context
This patch replaces the occurrences of
  $template->param( foo => $cgi->param('foo') );
with
  $template->param( foo => scalar $cgi->param('foo') );

perl -p -i -e 's/(\s*=>\s*)\$(cgi|input|query)\->param\(/$1scalar
\$$2\->param\(/xms' **/*.pl

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>
2016-04-26 23:16:43 +00:00
c9840ad918 Bug 11622 [QA Followup] - Payment message always displays on opac-account.pl
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2015-12-31 13:28:02 +00:00
678df3132f Bug 11622 [QA Followup] - Display payment messages directly on opac account view
Fixed spelling of "Receive" in preferences.

Signed-off-by: David Kuhn <techservspec@gmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2015-12-31 13:28:01 +00:00
85c5efa0c7 Bug 11622 - Add ability to pay fees and fines from OPAC via PayPal
This patch adds the ability for a logged in user to pay fines and
fees from the OPAC via PayPal.

Test Plan:
 1) Apply this patch
 2) Create a paypal developer account
 3) Create two test accounts, a Personal account and a Business account
 4) Enable PayPal in Sandbox mode via the system preferences.
 5) Enter the business account API credentials into the new system
    preferences.
 6) Create a new patron, add some fines/fees
 7) Log in as that patron in the OPAC
 8) Choose to pay via PayPal, log in as the sandbox Personal account
 9) Complete the transaction
10) Note the fee is now paid

Signed-off-by: Carol Corrales <ccorrales@losgatosca.gov>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2015-12-31 13:27:14 +00:00
010a32d95f Bug 15344: Remove some other calls of GetMemberDetails from pl scripts
Same as previously.
For these files it's a bit less obvious.
To make sure these changes won't introduce any regression, check that
the variable returned by GetMember is never used to get something
else than a borrower fields.
The 'flags' should not be get neither.
For opac-user.tt it's different, other keys are got but there are defined
in the pl script.

On the way:
- 'showname' is removed (never used)
- fix scope var issue in opac-user.tt (BORROWER_INF.OPACPatronDetails vs
OPACPatronDetails)

Signed-off-by: Marc Véron <veron@veron.ch>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2015-12-30 11:53:18 +00:00
542ab0bce9 Bug 5371: Force no caching for private pages at the OPAC
In order no to slow too much the browsing, it is certainly not a good
idea to add this cache-control value for all pages at the OPAC.

This patch just adds where the author found it could be useful.

Test plan:
1/ Login at the OPAC
2/ Go on the account page (opac/opac-account.pl)
3/ Click log out
4/ Use the back button of your browser
Without this patch you will see the previous page.
With this patch, the previous page will be reloaded and you will be
redirected to the login form.

Signed-off-by: Marc Véron <veron@veron.ch>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-10-02 11:06:17 -03:00
Jonathan Druart
baea0a79d5 Bug 7976: Remove the borrow permission
The borrow permission was used but uselessly.
For instance, at the opac, the flagsrequired parameter was set to
'borrow' but the 'authnotrequired' was set also (which means no auth
required).
At the end, this permission was used at only 1 place: for the basket,
intranet side.
This can be replaced with the catalogue permission (which is used to
search).

Test plan:
1/ Confirm that you are able to show/download/sent the cart (intranet side)
with the catalogue permission.
2/ At the OPAC, you should be able to access the same pages as before
with any other permissions.

Concretely it is quite difficult to test this patch, you should have a
look at the code.

Signed-off-by: Nick Clemens <nick@quecheelibrary.org>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
2015-06-05 13:43:34 -03:00
Jonathan Druart
a6c9bd0eb5 Bug 9978: Replace license header with the correct license (GPLv3+)
Signed-off-by: Chris Nighswonger <cnighswonger@foundations.edu>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

http://bugs.koha-community.org/show_bug.cgi?id=9987

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
2015-04-20 09:59:38 -03:00
Jonathan Druart
e20270fec4 Bug 11944: use CGI( -utf8 ) everywhere
Signed-off-by: Paola Rossi <paola.rossi@cineca.it>
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Signed-off-by: Dobrica Pavlinusic <dpavlin@rot13.org>

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
2015-01-13 13:07:21 -03:00
afd2418d73 Bug 11349: Change .tmpl -> .tt in scripts using templates
Since we switched to Template Toolkit we don't need to stick with the
sufix we used for HTML::Template::Pro.

This patch changes the occurences of '.tmpl' in favour of '.tt'.

To test:
- Apply the patch
- Install koha, and verify that every page can be accesed

Regards
To+

P.S. a followup will remove the glue code.

Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>

Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
2014-07-17 11:05:49 -03:00
fffe2ccbf5 Bug 4330 : Fixing FSF address and copyright statements
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
2012-05-28 17:53:46 +02:00
Julian Maurice
f42176cb6d Bug 7743: Update opac-account.pl to use KohaDates TT plugin
Signed-off-by: Marijana Glavica <mglavica@ffzg.hr>
2012-03-26 16:22:35 +02:00
Garry Collum
90fc2ef1e8 Bug 4192: Fixes warnings generated by opac-account.pl.
Signed-off-by: Galen Charlton <gmcharlt@gmail.com>
2010-02-16 06:12:38 -05:00
Chris Cormack
d32d5bfb9b Adding warnings, fixing a bug that meant the title of an item that had a fine was never printed
Signed-off-by: Galen Charlton <galen.charlton@liblime.com>
2009-05-01 17:06:53 -05:00
0f1825d055 Changes to allow highlighting of current tab on user pages.
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-03-19 15:46:17 -05:00
Joshua Ferraro
71edba65d4 cleanup for opac/ Dates - missing format_date, etc. 2007-12-04 18:56:27 -06:00
Joe Atzberger
093e3f5215 opac subdir - Dates.pm integration and warnings fixes.
Signed-off-by: Chris Cormack <crc@liblime.com>
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2007-12-04 18:21:03 -06:00
hdl
b642e687d2 Still Code Cleaning.
Abiding by Name Convention.
Using Members wherever it should be used.
Borrower is only used for borrower Categories.
+ GetBorrowersWhoHaveNeverBorrowed
and lists like that.
2007-04-24 15:41:27 +00:00
hdl
100e6a9808 functions that were in C4::Interface::CGI::Output are now in C4::Output.
So this implies quite a change for files.
Sorry about conflicts which will be caused.
directory Interface::CGI should now be dropped.
I noticed that many scripts (reports ones, but also some circ/stats.pl or opac-topissues) still use Date::Manip.
2007-04-24 13:54:28 +00:00
hdl
0b66bd800d Code Cleaning Members.
- checkaccount and getborraccountno => GetBorrowerAcctRecord

Many changes in names,
some changes in function signature.
Will be detailed in a mail to kohadevel.
2007-04-23 13:10:07 +00:00
tipaul
c596d55374 HUGE COMMIT : code cleaning circulation.
some stuff to do, i'll write a mail on koha-devel NOW !
2007-04-04 16:46:22 +00:00
tipaul
fc1342f73d rel_3_0 moved to HEAD 2007-03-09 15:12:54 +00:00
kados
ef8a07c21b merging dev-week and HEAD 2006-05-21 02:07:44 +00:00
tipaul
e82eca42c9 see mail on koha-devel : code cleaning on Search.pm + normalizing API + use of biblionumber everywhere (instead of bn, biblio, ...) 2005-09-22 10:01:45 +00:00
tipaul
c52e5b61dd synch'ing 2.2 and head 2005-08-04 14:10:52 +00:00
oleonard
7ed4e50430 Added Paul's LibraryName variable to template 2004-01-08 18:23:36 +00:00
wolfpac444
8b4a044bb5 Changed the scripts to use format_date 2003-05-08 13:19:39 +00:00
acli
f1c8e7e686 Forgot to use C4::Interface::CGI::Output 2003-02-03 22:24:38 +00:00
acli
52a5fd4bbd Moved C4/Charset.pm to C4/Interface/CGI/Output.pm
Create output_html_with_http_headers function to contain the "print $query
->header(-type => guesstype...),..." call. This is in preparation for
non-HTML output (e.g., text/xml) and charset conversion before output in
the future.

Created C4/Interface/CGI/Template.pm to hold convenience functions specific
to the CGI interface using HTML::Template

Modified moremembers.pl to make the "sex" field localizable for languages
where M and F doesn't make sense
2003-02-02 07:18:37 +00:00
tipaul
747a71aa67 little bugfixes for opac templated.
Need "use HTML::Template" at the beginning of every script.

Note : opac-reserve does not work at all.
Could katipo/finlay check why ?
2002-12-19 11:04:14 +00:00
finlayt
2b8ef90945 merged in changes from the rel-1-2 branch into the main branch. Some of the default templates are a bit broken now.... 2002-12-04 22:25:01 +00:00
tonnesen
52a3126df1 Merging changes from rel-1-2 to trunk 2002-10-28 21:44:33 +00:00