This patch updates jQueryUI assets in the staff interface with an
upgraded and trimmed version which includes only support for jQueryUI
autocomplete.
Global staff interface CSS has been modified to remove unused
jQueryUI-related styles and to accommodate the updated assets.
The patch also removes some unused jQueryUI image assets from the OPAC
templates.
To test, apply the patch and rebuild the staff interface CSS. Test the
"Check out" form in the header to confirm that it still looks correct
and works correctly.
Signed-off-by: Émily-Rose Francoeur <emily-rose.francoeur@inLibro.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch updates icons which are listed as having changed names in
this document:
https://fontawesome.com/docs/web/setup/upgrade/upgrade-from-v4
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch implements the code to allow a patron to receive multiple
orders at the same time in /cgi-bin/koha/acqui/orderreceive.pl page
To test:
1. apply all patches
2. updatedatabase
3. Go to system preferences and allow AcqReceiveMultipleOrderLines
4. In acquisitions module, create a vendor if you don't have one and add
3 baskets.. one with create items on ordering, one with create items
on receiving and finally one with create items when cataloguing
5. Fill baskets with orders (There should be at least 15 orders in total). There should be a mix of orders created by suggestions, others by subscriptions and others by neither of those methods.
6. Close all baskets and receive shipment.
CHECK => in /cgi-bin/koha/acqui/parcel.pl page, in top table there is a column with checkboxes, and a button that says "Receive selected"
7. If all orders from all baskets are shown in the table, set the rows per page to 10, so table has more than one page
8. Check some of the checkboxes
CHECK => "Receive selected" button shows how many rows are selected
9. Go to the next page and select some more rows
CHECK => Changing page does not modify how many rows where selected
10. Go back to previous page
CHECK => Previously selected rows are still selected
11. Reload the page to deselect all rows
12. Select only one row and click on "Receive selected" button
CHECK => the page /cgi-bin/koha/acqui/orderreceive.pl behaves just the same as if the "receive" link in the selected row would have been clicked.
13. Click on cancel to go back to parcel.pl page
14. Select all rows (even the ones from the next page of the table) and
click on "Receive selected"
CHECH => In orderreceive.pl page there is a table with all selected rows
15. Ensure table has more than one page, as in step 7
16. Click on the "edit" link in the last row of the current page
CHECK => A modal window is displayed with 4 tabs within: Info,
Accounting, Receipt history and Items
CHECK => Modal has 4 buttons at the bottom, 'Previous' to go to previos
order, 'Cancel' to close the modal without keeping modifications, 'Save'
to close modal keeping modifications and 'Next' to go to the next order
CHECK => Even that we are at the end of the current page, 'Next' button
is still available
17. Click on 'Next' button
CHECK => The table behind the modal now displays the next page, and the modal was not closed
18. Click on 'Previous'
CHECK => The table behind the modal went back to the first page, and the modal was not closed
19. Click on 'Previous' button till you reach the first row of the first
page
CHECK => Only when you reach the first row of the first page 'Previous'
button gets disabled
20. Click on 'Next' button till you reach the last row of the last page
CHECK => Only when you reach the last button of the last page 'Next'
button gets disabled
21. Check that behaviour for the different types of order are still the
same
a. For orders that where created through suggestion, check that the
suggestion info is present in Info tab. If when suggestion was accepted
you set a reason, a dropdown to change the reason shoul display also.
b. For orders that where created through subscriptions, check that
the Items tab is disabled, and the Receipt history is enabled. On
accounting tab you should be able to change quantity ordered. If there
were less items received than ordered, the next time you receive this
order the child order generated from this one shoul appear in receipt
history.
c. For orders that don't come from subscription and creates there items on ordering, Receipt history
should be disabled, and a table with prefilled items shold appear in the
Items tab. You can edit them and the changes should appear in the item's
row.
d. For orders that don't come from subscription and creates there
items on receiving, Receipt history should be disabled, and a form to
create the items should appear in Items tab. When you add an item a
table should appear.
e. For orders that don't come from subscription and creates there
ites on cataloguing, Receipt history and Items tabs should be disabled.
f. Any changes made in quantity (received or ordered) or funds in the modal should be
reflected in the table if you click save from the modal.
22. Once you've done all you checking and verifications click save
23. While saving a progress bar should appear
24. If no error was detected, you should be redirected back to parcel.pl
page
25. If an error or warning was detected (like there is an order with 0
items to receive) the save button should be disabled and warnings
are dispayed.
26. prove t/db_dependent/Koha/Acquisition/Fund.t t/db_dependent/Koha/Acquisitoin/Order.t t/db_dependent/Koha/Item.t
Sponsored-by: Virginia Polytechnic Institute and State University
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Laura Escamilla <laura.escamilla@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch suggests to have a "Configure table" button when a table can
be configured in the "Table settings" administraition area.
Test plan:
Go to different views where the table can be configured (you an
exhaustive list on bug 29648), notice the "Configure table" button (if
you have the 'manage_column_config' subpermission.
Note that the link is correct but the scrollbar is not adjusted at the
correct position. Maybe we could improve that switching to the bootstrap
accordion plugin?
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Andrew <andrewfh@dubcolib.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch updates templates to include the new version of jQueryUI. It
removes some references to the now unused datepicker widget as well as
the jQuery timepicker addon.
Some minor JavaScript and style updates to fix issues resulting from the
upgrade.
To test, apply the patch and update the CSS in the staff interface AND
in the OPAC
(https://wiki.koha-community.org/wiki/Working_with_SCSS_in_the_OPAC_and_staff_client).
IN THE OPAC:
- The OPAC only uses the tabs jQueryUI widget.
- View pages where tabs are used: Bibliographic details, user summary,
advanced search.
IN THE STAFF INTERFACE:
- The staff interface uses four jQueryUI widgets: accordion,
autocomplete, sortable, and tabs
- Test the accordion widget on two pages: Administration -> Table
settings and Patrons -> Patrons requesting modifications.
- Test autocomplete (requires PatronAutoComplete to be enabled) on
various pages. For example:
- From the "Check out" tab in the header search box.
- From the "Search patrons" tab in the header search box, e.g. from
the main Patrons page.
- Place hold -> Search patrons.
- Tools -> Patron lists -> Add patrons to list -> Patron search.
- Test sortable:
- Administration -> System preferences -> Language.
- With more than one language installed you should be able to
drag to re-order the enabled languages. Confirm that your change
is saved successfully.
- Administration -> MARC bibliographic framework -> MARC structure ->
Edit subfields on a tag with multiple subfields. You should be able
to drag to re-order the tabs at the top of the subfield constraints
edit page. Confirm that your changes are saved successfully.
- Cataloging -> New record. Test that you can re-order subfields
under a tag with multiple subfields and that your changes are
saved.
- Tabs: View various pages with tabs: Check out, bibliographic details,
basic MARC editor. They're everywhere.
Also confirm that the removal of the leftover datepicker doesn't affect
pages which use the calendar include: Test various pages which use
Flatpickr, e.g. check out, renew, reports, etc.
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
TO test:
-apply patch
-go to the Koha staff client and inspect the page, look at the HTML <head>
-there should be a line that looks like this:
<meta name="generator" content="Koha 20.12.00">
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This adds a check that the lang variable is defined before testing
against it. In normal operation this is likely a no-op, but it is
required for compiling templates during QA.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2 js files (Gettext.js, i18n.js) + 1 generated js file (locale_data.js)
were added by bug 21156. Their URL are broken and the files are not loaded.
Use Template::Toolkit plugin Asset to include these files, and exclude
locale_data.js when language is english, because obviously translations
are not needed in this case.
Test plan:
1. Just make sure the files mentioned above are loaded correctly when in
English and in other languages as well
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
It adds Javascript equivalent of Koha::I18N's exported subroutines, and
they are used the same way.
String extraction is done only on *.js files and require gettext 0.19
(available in Debian jessie, and also in wheezy-backports)
It adds Javascript library Gettext.js for handling translation and a
Perl script po2json to transform PO file into JSON.
Gettext.js and po2json both come from Locale::Simple.
There are several tools named po2json. It's simpler to integrate this
one into Koha than to check if the good one is installed on the system.
Locale::Simple is not needed.
To avoid polluting the global namespace too much, this patch also
introduce a global JS object named Koha and add some stuff in Koha.i18n
Test plan:
1. Add a translatable string in a JS file. For example, add this:
alert(__nx("There is one item", "There are {count} items", 3,
{count: 3}));
to staff-global.js
2. cd misc/translator && ./translate update fr-FR
3. Open misc/translator/po/fr-FR-messages-js.po, verify that your
string is present, and translate it
4. cd misc/translator && ./translate install fr-FR
5. (Optional) Verify that
koha-tmpl/intranet-tmpl/prog/fr-FR/js/locale_data.js exists and
contains your translation
6. Open your browser on the staff main page, change language and verify
that the message is translated
7. Repeat 1-6 on OPAC side
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Works well, translation is OK and test message is displayed correctly.
Current qa-tool error is a false positive.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch upgrades DataTables and makes some style changes to the
default DataTables toolbar style. DataTables assets are now combined and
minified using their download customizer, bundling together these
elements:
- JSZip 2.5.0
- pdfmake 0.1.36
- DataTables 1.10.18
- Buttons 1.5.6
- Column visibility 1.5.6
- HTML5 export 1.5.6
- Print view 1.5.6
- FixedHeader 3.1.4
DataTables assets have been moved from lib/jquery/plugins to
lib/datatables. The global header and footer include files are updated
correspondingly.
This patch removes the custom "four_button" pagination configuration and
updates pages which used it to use the built-in "full" type instead.
This is done for the sake of consistency and upgradability. This change
touches a lot of files.
Table-specific CSS has been moved from staff-global.scss to a new
include, _tables.scss. A second common include, _mixins.scss has some
variable definitions used in both files.
Many images have been made obsolete by this change and have been
removed.
To test, apply the patch and regenerate the staff client CSS. View
various pages in the staff client with tables:
- Not formatted by DataTables:
- Reports -> Most circulated items
- Catalog -> Search results
- Formatted by DataTables without column configuration
- Acquisitions -> Vendor search
- Lists
- Formatted by DataTables with column configuration
- Administration -> Libraries
- Administration -> Item types
- Reports -> Saved SQL reports
- Non-standard DataTables configurations:
- Circulation -> Checkouts
- Administration -> System preferences
- Reports -> Lost items
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
DataTables are used on enough pages in the staff client that it
doesn't make sense to put inclusion of the CSS into each template
where it is needed. This patch moves includes of datatables.css from
individual templates into the global header file.
To test, apply the patch and view various pages which have DataTables.
View various styles of DataTables, e.g.
- Full pagination, like item search results
- Four-button, like Saved SQL reports
Everything should look the same as it was.
Signed-off-by: Jose-Mario Monteiro-Santos <jose-mario.monteiro-santos@inLibro.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
This patch modifies staff client templates to remove the "type"
attribute from <style> tags. The attribute is no longer valid.
To test, apply the patch and confirm the changes to the templates. The
appearance of the staff client should be unchanged.
Validating pages from the staff client should not return any errors
related to the <style> "type" attribute.
Signed-off-by: Jose-Mario Monteiro-Santos <jose-mario.monteiro-santos@inLibro.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
We should have plugin hooks for the staff interface just like we have for the OPAC as detailed on bug 20181.
Test Plan:
1) Apply this patch
2) Download and install the Kitchen Sink plugin ( v2.1.19 or later )
https://github.com/bywatersolutions/koha-plugin-kitchen-sink/releases/download/v2.1.19/koha-plugin-kitchen-sink-v2.1.19.kpz
3) Install the plugin
4) Restart all the things if you can ( restart_all if you are using kohadevbox )
This will ensure the plugin takes effect right away, it should be
necessary but it won't hurt anything!
5) Load the staff intranet, notice you get an console error log message and the background
for your staff intranet is now orange ( assuming you've not customized the
staff intranet in any way )
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Here we go, next step then.
As we did not fix the performance issue when autofiltering
the variables (see bug 20975), the only solution we have is to add the
filters explicitely.
This patch has been autogenerated (using add_html_filters.pl, see next
pathces) and add the html filter to all the variables displayed in the
template.
Exceptions are made (using the new 'raw' TT filter) to the variable we
already listed in the previous versions of this patch.
To test:
- Use t/db_dependent/Koha/Patrons.t to populate your DB with autogenerated
data which contain <script> tags
- Remove them from borrower_debarments.comments (there are allowed here)
update borrower_debarments set comment="html tags possible here";
- From the interface hit page and try to catch alert box.
If you find one it means you find a possible XSS.
To know where it comes from:
* note the exact URL where you found it
* note the alert box content
* Dump your DB and search for the string in the dump to identify its
location (for instance table.field)
Next:
* Ideally we would like to use the raw filter when it is not necessary
to HTML escape the variables (in big loop for instance)
* Provide a QA script to catch missing filters (we want html, uri, url
or raw, certainly others that I am forgetting now)
* Replace the html filters with uri when needed (!)
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Having to write [% KOHA_VERSION %] for each url is bad because:
- It's easily forgettable when adding new <script> or <link>
- It prevents grep'ing for the full filename
- It violates the DRY principle
- If at some point we want to change the "force js and css reload"
mechanism, it will be tedious
This patch:
- adds a Template::Toolkit plugin that generates <script> and
<link> tags for JS and CSS files, and inserts automatically the Koha
version in the filename
- use the new plugin to remove all occurences of [% KOHA_VERSION %]
- remove the code that was adding KOHA_VERSION as a template variable
Test plan:
1. Apply patch
2. Go to several different pages in Koha (opac and intranet) while
checking your browser's dev tools (there should be no 404 for JS and
CSS files, and the Koha version should appear in filenames) and the
server logs (there should be no "File not found")
3. `git grep KOHA_VERSION` should return nothing
4. prove t/db_dependent/Koha/Template/Plugin/Asset.t
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch modifies CSS and markup in the staff client header to
override the default responsive style of the menu bar. The changed
layout will keep the menu bar items in a horizontal line at lower screen
widths.
To test, apply the patch and clear your browser cache if necessary.
- Log in to the staff client and confirm that the appearance of the
menu bar at the top of the screen looks correct at various browser
widths.
- Confirm that the logged-in user menu label and help link expand and
collapse according to browser width.
Signed-off-by: Dominic Pichette <dominic.pichette@inlibro.com>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This patch moves a line of template code from js_includes.inc back into
doc-head-close.inc where it belongs.
To test, apply the patch and view a page which uses a template that
depends on html_helpers.inc being processed. For example:
- The set library page
- The holds queue report
- The new patron form
The pages should work correctly.
Signed-off-by: Claire Gravely <claire_gravely@hotmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This patch alters the header and footer include files so that JavaScript
can be included in either one or the other. As a proof of concept, the
staff client home page is updated to include JS in the footer instead
of the header.
The processing of JavaScript included on individual pages can now be
similar to how it is done in the OPAC. A block is created with the
page's JavaScript which is then processed in js_includes.inc in the
correct order, after other required js assets.
On pages which have been modified to allow JavaScript to be moved to the
footer you must add a variable to the template: [% SET footerjs = 1 %].
Eventually all staff client templates should be modified so that setting
a flag is not required.
"[% MACRO jsinclude BLOCK %]" is used instead of "[% BLOCK %]" and "[%
PROCESS %]" because MACRO allows the template directives to be
processed correctly when included by intranet-bottom.inc.
To test, apply the patch and view the staff client home page.
- Confirm that you get a confirmation when deleting a news item from the
home page.
- Enable the CircAutocompl system preference and test that patron
autocomplete works from the "Check out" tab from the staff home page
and from other pages where the "Check out" tab is present.
- Test that JavaScript is working correctly on other pages like
Circulation, Preferences, etc.
Signed-off-by: Claire Gravely <claire_gravely@hotmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
In order to prepare to move staff client javascript assets into the
footer, this patch creates a new include file containing all <script>
content. This change should have no visible effect on how pages are
generated.
To test, apply the patch and view various pages in the staff client
(ciruclation, preferences, etc) to confirm that JavaScript is working
correctly.
Signed-off-by: Claire Gravely <claire_gravely@hotmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This patch adds an "add to cart" link to each line of search results in
the staff client.
To test, apply the patch and clear your browser cache if necessary.
- Enable the intranetbookbag system preference.
- Perform a search which will return multiple search results.
- Each result should have an "Add to cart" link.
- Clicking the "Add to cart" link should add the title to the cart,
triggering the correct pop-up message and changing the link to read
"In your cart (remove)."
- Clicking the "remove" link should remove the title from your cart
and trigger the correct messages.
- Add multiple titles to your cart and perform the same search again.
Each result should correctly indicate which titles are already in your
cart.
- Open the cart popup window.
- Check the checkbox for one or more titles in your cart and choose
"Remove." The titles should be removed, and the "In your cart" label
in the search results page should reflect that the titles are no
longer in the cart.
- Choose "Empty and close." All titles in the parent page should now
indicate that they are not in the cart.
- Disable the intranetbookbag preference and confirm that the "Add to
cart" links are no longer there.
Followed test plan. Works as expected.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This patch moves the JavaScript files in prog/en/js to prog/js.
JavaScript files do not need to be in the directory which is processed
by the translator.
To test, apply the patch and visit various pages in the staff client to
confirm that JavaScript files are still loading correctly.
Revised: I intended for this to be built on top of Bug 15883 as well as
Bug 16242. Now it is.
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
On top of 15883 and 16241
All seems to work, js files pulled from new dir.
No errors
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
The staff client CSS is not language-specific, so it can be moved out of
the en/ directory and thus not be duplicated for every translation.
In order to be able to have a generic path to the YUI CSS files, the YUI
directory is moved by this patch to the staff client's lib/ directory.
To test, apply the patch and visit various pages in the staff client.
Look in particular at pages which include more than the standard CSS.
For example:
- The staff client login page.
- The staff client home page.
- Patron -> Set permissions.
- The advanced cataloging editor.
- Acquisitions -> Vendor -> Basket groups.
- Tools -> News -> Edit news.
- Administration -> System preferences.
Revised: I intended for this to be built on top of Bug 15883. Now it is.
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
On top of 15883
Works as described, all pages on test plan
No Errors
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This patch updates the staff client version of jQuery to 2.2.3. In order
to maintain compatibility with existing scripts, the jQuery migrate
plugin has also been added.
Included is the development version of the jQuery migrate plugin.
Developers could modify doc-head-close.inc to use this version if they
wanted to take advantage of its upgrade warning log.
To test, apply the patch and test JavaScript interactions everywhere in
the staff client.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Brendan Gallagher <bredan@bywatersolutions.com>
Most of the scripts called via greybox (which uses iframe) don't include
doc-head-close. But some do.
This patch adds a popup parameter for these templates, not to include
the legacy browser trick and avoid the replacement of the location.
Test plan:
1/ Export patroncard and label
2/ translate itemtypes
3/ click on a idref link at the OPAC
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Web pages that can be embedded in frames are vulnerable to cross-frame
scripting attacks. Cross-frame scripting is a type of phishing attack
that involves instructions to an unsuspecting user to follow a specific
link to update confidential information in an online application.
Because the link leads to a legitimate page from the online application
that is embedded in a frame hosted by the attackers' server, the
attackers can capture all the information that the user enters.
https://www.owasp.org/index.php/Clickjacking_Defense_Cheat_Sheet
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Single quotes audio selector break ability to edit an alert
Test Plan:
1) Enable audio alerts
2) Add new a alert with a select containing single quotes such as: input[name*='test']
3) Note you cannot edit the alert
4) Apply this patch
5) Reload the page
6) You should now be able to edit the alert
Signed-off-by: Hector Castro <hector.hecaxmmx@gmail.com>
Bug 15734 applied on top. Works as advertised
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
Bug 14189 added some global JavaScript to a new include file which is
included in doc-head-close.inc. Since it's included globally, there is
no reason not to move it to staff-global.js. This patch does so.
To test, apply the patch and clear your browser cache if necessary.
- Navigate to any page in the staff client which has multiple header
search tabs.
- Type something in one of the tabs.
- Switch tabs. Verify that your text was copied to the newly-displayed
form field.
Followed test plan, works as expected.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
Revert "DBRev to make notes of the XSS patches and the new important dependency."
This reverts commit e140603a59.
Revert "Bug 13618: Specific for branches.opac_info"
This reverts commit 06e4a50f00.
Revert "Bug 13618: (follow-up) Specific for other prefs"
This reverts commit d6475a111f.
Revert "Bug 13618: Fix for debarredcomment and patron messages"
This reverts commit dd98c9df92.
Revert "Bug 13618: Do not display html tags in patron's notices"
This reverts commit a065b243fe.
Revert "Bug 13618: Do not display and html tags in item fields content"
This reverts commit baeeaffbf8.
Revert "Bug 13618: Fix for system preference description"
This reverts commit a967a09261.
Revert "Bug 13618: Remove html filters for newly pushed code"
This reverts commit 0e98662b10.
Revert "Bug 13618: (follow-up) add missing lines for opac-shelves"
This reverts commit fc2fb605e5.
Revert "Bug 13618: (follow-up) Specific for ColumnsSettings"
This reverts commit bc308fdd9c.
Revert "Bug 13618: Fix for edit biblios and items"
This reverts commit 811c4e8402.
Revert "Bug 13618: followup to remove tabs"
This reverts commit ca8e8c397c.
Revert "Bug 13618: Fix last occurrences recently introduced to master"
This reverts commit bb417b256b.
Revert "Bug 13618: Fix for news"
This reverts commit ae5b98020a.
Revert "Bug 13618: Fix escape on sending baskets or shelves by email"
This reverts commit a7731ffe25.
Revert "Bug 13618: Specific for XSLTBloc"
This reverts commit 11fa38dc29.
Revert "Bug 13618: Specific for Salutation on editing a patron"
This reverts commit 36c07ad6d3.
Revert "Bug 13618: Specific for other prefs"
This reverts commit e6ea281a3b.
Revert "Bug 13618 - memberentrygen.tt errors Not a GLOB reference"
This reverts commit 7824874557.
Revert "Bug 13618: Specific for ColumnsSettings"
This reverts commit 1834da3da3.
Revert "Bug 13618: Specific for IntranetUser* and OPACUser* prefs"
This reverts commit 21ae62b253.
Revert "Bug 13618: Fix error 'Not a GLOB reference'"
This reverts commit 602bdbab4c.
Revert "Bug 13618: Specific for the ISBD view"
This reverts commit d254362435.
Revert "Bug 13618: Specific for pagination_bar"
This reverts commit 8837a8ae68.
Revert "Bug 13618: Specific places where we don't need to escape variables - intra"
This reverts commit 00eff140b3.
Revert "Bug 13618: Remove html filters at the intranet"
This reverts commit 7db851ff03.
Revert "Bug 13618: Specific places where we don't need to escape variables"
This reverts commit 49a3738b8d.
Revert "Bug 13618: Remove html filters at the OPAC"
This reverts commit cedaa0e23e.
Revert "Bug 13618: Use Template::Stash::AutoEscaping to use the html filter"
This reverts commit 01b38d3b13.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
To test:
-Check that the space near to exclamation mark (!) is fixed
Signed-off-by: Briana <brianagreally@gmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
This patch enable use of IntranetUserCss on staff client
login page.
To test:
1) Add something to IntranetUserCSS to modify login page,
for example
#login h1 a {
height:30px;
}
2) Logout from staff client, no changes on login page.
3) Apply the patch
4) Reload, now logo is cut in half :)
Bonus) Login again an try changing image, add
#login h1 {
background: url(http://example.com/img/other-logo.png) no-repeat top center;
}
and fix height. Logout and check
This also affects 3.20 and perhaps earlier versions.
Re-upload to fix examples
Works as expected.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Fixes the variable name to avoid a double-up that made it
impossible to turn off the sounds in general. If AudioAlerts
are turned off, they will only work on the audio administration
page now so you can set up and test the different sounds there.
Also fixes a little typo in the help file.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch set replaces and extends Koha's current sound options.
This is implemented be removing the existing sound system, and
re-engineering using a table of selector/sound combinations such that
the highest precedence selector that is found in the DOM will trigger
and audio alert. The existing audio behaviors are implemented as a set
of default audio alerts.
Test Plan:
1) Apply this patch set
2) Run updatedatabase.pl
3) Enable the AudioAlerts system preference
4) Test existing sounds
5) Enter the new alerts editor in the admin section
6) Add a new audo alert with the following selector:
"body:contains('Check in message')",
choose any sound alert you wish, make sure it's not one of the 3
sounds already used! Make this selector precedence 1
4) Browse to the checkins page, you should hear the default sound
5) Attempt to return an invalid barcode, you should hear your custom sound!
Signed-off-by: Nick Clemens <nick@quecheelibrary.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Font Awesome is similar to Glyphicons included in Twitter Bootstrap,
except better in every way and more Free.
Test Plan:
1) Apply this patch
2) Edit the template for a page, and add a Font Awesome tag to it,
examples can be found here:
http://fortawesome.github.io/Font-Awesome/examples/
3) Reload the page and verify the icon displays.
Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
To test:
Apply the patch and see that the text now is there in the search
box when clicking the tabs: check in, check out etc..
(More files changed for persistent text in searchbox)
Sponsored-by: Halland County Library
Signed-off-by: Magnus Enger <magnus@enger.priv.no>
This is something I have wanted quite a few times over the years...
Tested by going to every main area of Koha, entering some random
text into the search box and then clicking on all the available tabs
to check that the entered text is carried over to all the boxes.
There are a couple of places where text is not carried over, but I
guess that might be because one of the boxes is structurally
different to the others. These are:
- "Vendor search" and "Orders search" in Acquisitions
- "Search subscriptions" in Serials
I have not looked at how this is implemented, just that it works as
it should.
Bug 14189 refactor after failed QA.
Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Amended patch: replace tabs with spaces
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
To match IntranetUserCSS, intranetuserjs should be renamed
IntranetUserJS.
Test plan:
1/ Be sure there is no occurrence of intranetuserjs
2/ Confirm the pref still works as before
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
NOTE: Worked before and after updatedatabase.pl, though after
is less confusing to the person unaware of case insensitivity.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>