Revert "DBRev to make notes of the XSS patches and the new important dependency."
This reverts commit e140603a59.
Revert "Bug 13618: Specific for branches.opac_info"
This reverts commit 06e4a50f00.
Revert "Bug 13618: (follow-up) Specific for other prefs"
This reverts commit d6475a111f.
Revert "Bug 13618: Fix for debarredcomment and patron messages"
This reverts commit dd98c9df92.
Revert "Bug 13618: Do not display html tags in patron's notices"
This reverts commit a065b243fe.
Revert "Bug 13618: Do not display and html tags in item fields content"
This reverts commit baeeaffbf8.
Revert "Bug 13618: Fix for system preference description"
This reverts commit a967a09261.
Revert "Bug 13618: Remove html filters for newly pushed code"
This reverts commit 0e98662b10.
Revert "Bug 13618: (follow-up) add missing lines for opac-shelves"
This reverts commit fc2fb605e5.
Revert "Bug 13618: (follow-up) Specific for ColumnsSettings"
This reverts commit bc308fdd9c.
Revert "Bug 13618: Fix for edit biblios and items"
This reverts commit 811c4e8402.
Revert "Bug 13618: followup to remove tabs"
This reverts commit ca8e8c397c.
Revert "Bug 13618: Fix last occurrences recently introduced to master"
This reverts commit bb417b256b.
Revert "Bug 13618: Fix for news"
This reverts commit ae5b98020a.
Revert "Bug 13618: Fix escape on sending baskets or shelves by email"
This reverts commit a7731ffe25.
Revert "Bug 13618: Specific for XSLTBloc"
This reverts commit 11fa38dc29.
Revert "Bug 13618: Specific for Salutation on editing a patron"
This reverts commit 36c07ad6d3.
Revert "Bug 13618: Specific for other prefs"
This reverts commit e6ea281a3b.
Revert "Bug 13618 - memberentrygen.tt errors Not a GLOB reference"
This reverts commit 7824874557.
Revert "Bug 13618: Specific for ColumnsSettings"
This reverts commit 1834da3da3.
Revert "Bug 13618: Specific for IntranetUser* and OPACUser* prefs"
This reverts commit 21ae62b253.
Revert "Bug 13618: Fix error 'Not a GLOB reference'"
This reverts commit 602bdbab4c.
Revert "Bug 13618: Specific for the ISBD view"
This reverts commit d254362435.
Revert "Bug 13618: Specific for pagination_bar"
This reverts commit 8837a8ae68.
Revert "Bug 13618: Specific places where we don't need to escape variables - intra"
This reverts commit 00eff140b3.
Revert "Bug 13618: Remove html filters at the intranet"
This reverts commit 7db851ff03.
Revert "Bug 13618: Specific places where we don't need to escape variables"
This reverts commit 49a3738b8d.
Revert "Bug 13618: Remove html filters at the OPAC"
This reverts commit cedaa0e23e.
Revert "Bug 13618: Use Template::Stash::AutoEscaping to use the html filter"
This reverts commit 01b38d3b13.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
This patch fixes an issue with a splitted sentence in facets (Avalability)
that leads to weird translations e.g.:
German: 'Zeige nur Verfügbar Exemplare'
French: 'Montrer seulement disponible exemplaires'
Additionally, the link "Show all items" gets it's own li tags to display
nicely like the other links in the facets column and it removes superfluous
dots.
To test in OPAC and Staff client:
- Apply patch
- Do a search that results in more than one available items
- In column "Refine your search", click on "Limit to currently available
items"
- Verify that the message "Showing only available items" and the link
"Show all items" display nicely.
Signed-off-by: Hector Castro <hector.hecaxmmx@gmail.com>
use_zebra_facets set to 0 in koha-conf.xml to test. Works as described
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
Bug 13789 has fixed this issue for the facet links (select/unselect) but
not for the "Show more" facets link.
This patch reuses the "url" variable, generated for the facets, for
these links. A new "local_url" variable is used to build links for each
entry.
Test plan (for OPAC and intranet):
- Search for a very common term
- Filter the results using facets
- You should get more than 5 entries for a facet and 1 selected:
Author
author 1
author 2 [x] # Selected
author 3
author 4
author 5
Show more # you see this link if there is 5+ values for this facet
- Click on the Show more link
Without this patch, the url contains double-encoded characters and you
will certainly don't get any results
With this patch, you should get results.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Bug 13425 tried to fix XSS in OPAC, by using url filter in template toolkit
on whole generated url. This doesn't work and create double encoded strings
in facets because we are creating url variable by concatenating query_cgi
(which did pass through uri_escape_utf8 on perl side) and other
parameters which have to be escaped in template.
Also, code like
[% SET limit_cgi_f = limit_cgi | url %]
doesn't do anything (at least doesn't apply url filter) so it's not needed.
This patch also fixes encoding of hidden fields used in sort by form.
And lastly, it tries to make facet changes for opac and intranet as same as
possible to simplify future maintencence of this code.
Test scenario:
1. find results in your opac which contain accented characters
2. click on them and verify that results are missing
3. apply this patch
4. re-run search and click on facets link verifying that there are
now results
5. test sort by form and verify that results are ok
6. verify that facets are still safe from injection by constructing url like
/cgi-bin/koha/opac-search.pl?q=123&sort_by='"><script>prompt('Happy_Holidays')</script>&limit=123
and verifying that you DON'T see prompt window in your browser
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
To Test
1/ Craft a url like /cgi-bin/koha/catalogue/search.pl?q=smith&sort_by='"><script>prompt('Happy_Holidays')</script>
It is important it must return results and facets
2/ Notice the js is executed
3/ Apply the patch test again
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
No prompts, no functional regressions found.
Checked selecting and undoing facets, show more links and paging.
Signed-off-by: Mason James <mtj@kohaaloha.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
When searching (at the OPAC or pro), facets can be enabled but never
disabled. So a user is obliged to relaunch the search.
This patch adds a new link "[x]" at the right of each selected facet.
This link relaunch the search without this facet.
Test plan:
- Launch a search (OPAC and pro)
- Enable some facets
- Disable some facets
Signed-off-by: sonia bouis <sonia.bouis@univ-lyon3.fr>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Patches pass all tests and QA script. Nice feature!
Tested in Boostrap and Prog, adding end removing multiple
facets in different sequences, adding and removing the
availability limit.
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
This patch adds classes for both the facet label and count, and adds
'inline-block' to the 'facet-count' class so text shows properly.
To reproduce:
- Have facets to show some right to left text (example on the bug
report) in English language templates.
- Enable the displayFacetCount.
- Check it displays like the attached screenshot.
To test:
- Apply the patch
- Do a search that previously reproduced the problem on the staff
interface
=> Shows correctly
- Repeat for OPAC (the three themes)
=> Shows correctly
Sponsored-by: Universidad Nacional de Cordoba
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Still work as described. Checked in Arabic with Arabic records.
No koha-qa errors
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Passes all tests and QA script.
Confirmed bug and that the patch fixes it, tested in staff,
prog, ccsr and bootstrap.
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
The current "Library" facet is somewhat ambiguous for Koha installations
with multiple libraries. It refers to the holdingbranch, but does not
explicitly state this. It would be beneficial to allow the administrator
to choose to show facets for the holding library, home library, or both.
In addition, the facets should be more explicitly labeled. This patch
adds this flexibility.
Test plan:
1) Apply this patch
2) Check that the facets label "Libraries" now reads "Holding libraries"
3) Update the system preference DisplayLibraryFacets to "home library"
4) Check that the facet now reads "Home libraries"
5) Update the preference again to "both home and holding library"
6) Check that both the facets for home and holding library are now
displayed.
Signed-off-by: Jen DeMuth <jdemuth@roseville.ca.us>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Passes all tests and QA script.
Changes apply to both prog and bootstrap OPAC and staff client.
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Test plan:
launch a search and verify all facet headers have an id.
Signed-off-by: Francesca Moore <francescalamoore@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
add c-span to series facet
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Works as described.
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Label in staff client on places facets not easily css selectable
To test:
with data that contains places, right click places heading in facets,
ensure it is wrapped in a span.
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Works as described.
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Allows the Item types facet to be CSS or JQuery selectable
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Works as described.
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Label in staff client - authors on facets not easily accessible
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Works as described.
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Search in intranet, verify that Topics in the facets is wrapped in a span
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Adds an id, works as described.
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Currently, the headings for facets (such as location) are showing even
if there are no actual values/links for that facet type.
This patch simply checks if the facet array contains any facets before
printing the heading and HTML for each facet value/link.
Test Plan:
Before applying:
0) If you want to check the location facet (which is easiest),
enable singlebranch mode in the globals system preferences.
1) Do a search for records/items that you have no shelving location
specified (or simply remove the shelving location for a small range
of records that you can find in a search query).
2) Note that "Location" appears amongst the facets even though there
are no values/links present. (If you look at the HTML source, you'll
see some empty HTML tags have been printed out.)
Apply patch.
3) Flush your cache and refresh your page.
4) You should no longer see a "Location" facet (or those empty HTML
tags) on the facet sidebar.
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Template changes only.
Checked according to test plan, made sure location facet
still shows up when values exist, otherwise it's hidden.
It might make sense to add ids to the facets so libraries
can decide to hide some of them easily. Or alternatively
add a system preference to make that possible.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
This patch adds an id to the <li> which contains
the "limit to available" facet in the OPAC and
staff client.
To test, add custom CSS for the staff client and
OPAC to hide the id "availability_facet" and
confirm that the link is no longer visible.
Signed-off-by: Gaetan Boisson <gaetan.boisson@biblibre.com>
Passed-QA-by: Mason James <mtj@kohaaloha.com>
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
This patch enables the shelving location facet as an
alternative to the branches fact in two situations:
A) SingleBranchMode is enabled
B) There is only one branch in the branches table
Test Plan:
1) Catalog multiple items with different shelving locations.
2) Test enable by enabling SingleBranchMode
3) Test enable by deleting all but one branch
Based on initial patch by Ian Walls.
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Tested cases 2) and 3) successfully in OPAC and staff client
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
This is for MARC 21 only.
Made following changed:
- In getFacets in C4/Koha.pm added item type facet for 952y and 942c
- In getRecords in C4:Search.pm added code to get description of itemtype codes
- facets.inc in both staff and opac to show item types related label in the facets block
To test:
Add records such that a certain itype (say BK) is present in both 942c and 952y in two DIFFERENT records.
Run a search where both test records are present. Test to see if itype types are presented in the facets block (both OPAC and staff).
Click on the itype (say BK), both the test records should appear in the refined results. This shows that the feature works for both 942c and 952y.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Ian Walls <koha.sekjal@gmail.com>
QA Comment: fixed capitalization in template includes according to HTML4 coding
guideline ("Item types" instead of "ItemTypes")
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
The change to Template::Toolkit broke a number of things on the Staff Client
results display. This patch:
* Fixes the formatting of the results table, which had an unnecessary colspan=2
* Enables the display of the "Edit record" and "Edit items" links
* Corrects the display of item counts, so that labels for "Available,"
"On loan," and "Unavailable" only appear when appropriate
* Corrects facet links, which were starting new searches rather than limiting
due to a variable scoping error
* Changes the resort dropdown so that it will show the currently-selected
sorting
Signed-off-by: Jared Camins-Esakov <jcamins@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Based on patch from Fridolyn Somers with input of Frederic Demians.
Added new Searching preference maxRecordsForFacets.
This pref contains number of result records used in facet building.
Also added pref displayFacetCount (with thanks to Frederic).
Follow up patch takes care of install issues; functionality can already be tested with this patch only.
Updated on March 17 for changes in include files.
Signed-off-by: Nicole C. Engard <nengard@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Re-doing Nahuel's fix so that it applies to master
Signed-off-by: Galen Charlton <gmcharlt@gmail.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Following suggestion by Vincent Danjean for Debian
packaging, 0755 -> 0644 for non-executable
files.
Also removed shebang from a few modules in C4.
Signed-off-by: Galen Charlton <galen.charlton@liblime.com>
Pushes modified facets display from OPAC to librarian interface.
Corrects also OPAC version which were omitting Titles facet.
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
