Commit graph

28 commits

Author SHA1 Message Date
Jonathan Druart
dcd1f5d48c Bug 13618: Add html filters to all the variables
Here we go, next step then.
As we did not fix the performance issue when autofiltering
the variables (see bug 20975), the only solution we have is to add the
filters explicitely.

This patch has been autogenerated (using add_html_filters.pl, see next
pathces) and add the html filter to all the variables displayed in the
template.
Exceptions are made (using the new 'raw' TT filter) to the variable we
already listed in the previous versions of this patch.

To test:
- Use t/db_dependent/Koha/Patrons.t to populate your DB with autogenerated
data which contain <script> tags

- Remove them from borrower_debarments.comments (there are allowed here)
update  borrower_debarments set comment="html tags possible here";

- From the interface hit page and try to catch alert box.
If you find one it means you find a possible XSS.
To know where it comes from:
* note the exact URL where you found it
* note the alert box content
* Dump your DB and search for the string in the dump to identify its
location (for instance table.field)

Next:
* Ideally we would like to use the raw filter when it is not necessary
to HTML escape the variables (in big loop for instance)
* Provide a QA script to catch missing filters (we want html, uri, url
or raw, certainly others that I am forgetting now)
* Replace the html filters with uri when needed (!)

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-17 15:55:05 +00:00
047ca33a93 Bug 19641: Move patron templates to the footer
This patch modifies the staff client patron module templates so that
JavaScript is included in the footer instead of the header.

This patch touches a lot of files because the changes are all
interdependent, affecting a couple of module-wide include files.

To test, apply the patch and test the JavaScript-driven features of the
modified templates: All button controls, DataTables functionality, tabs,
etc.

Patrons -> Patrons home, patron search results
  -> Manage pending modification requests
  -> Patron detail page
    -> Edit patron
      -> Set guarantor
    -> Fines
       -> Account, Pay fines, Create manual invoice, Create manual
          credit
       -> Print receipts for different kinds of charges
    -> Routing lists
    -> Circulation history
    -> Holds history
    -> Notices
    -> Statistics
    -> Files
    -> Purchase suggestions
    -> Discharges
    -> Housebound
    -> Set permissions
    -> Change password
    -> Print summary, slips, and overdues
    -> Update child to adult patron type

Patron toolbar and patron search bar operations should work correctly on
all pages.

This patch also updates the template for searching the Norwegian
national patron database, but it has NOT been tested.

Signed-off-by: Claire Gravely <claire.gravely@bsz-bw.de>

Signed-off-by: Zoe Bennett <zoebennett1308@gmail.com>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-02-15 13:30:23 -03:00
Lari Taskula
bb31d99065 Bug 18692 - intranet part
Fixes misplaced columns introduced by previous patch and adds the "-" for phone
transport type.

To test:
1. Set SMSSendDriver system preference on
2. Go to intranet messaging preferences
3. By default you should see checkboxes for all messages for SMS
4. Ensure columns are not misplaced (pushing one column too much to the right)
5. Delete sms method from one of the messages in message_transports table
6. Observe that "-" is displayed instead of checkbox for that message for SMS
7. Repeat same for TalkingTechItivaPhoneNotification system preference.
   By default it may not have transports in message_transports, so make sure
   to assign some in order to have the checkboxes visible.

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-01 13:02:25 -03:00
0c476f1508 Bug 16557 - Remove the use of "onclick" from several include files
This patch modifies several include files, removing "onclick" attributes
in favor of defining events in JavaScript.

A reusable "toggle" function has been added to the global JS file so
that clicking elements with the class "toggle_element" will toggle the
display of elements as defined in the click target's "data-element"
attribute.

Also changed: In subtypes_unimarc.inc some capitalization errors have
been fixed and label/id pairs corrected.

To test, apply the patch and clear your browser cache if necessary.

- On the Acquisitions home page, click the "Orders search" header search
  tab. Clicking the [+] link should expand and collapse the additional
  search fields.

- On the checkout or patron detail page, view the "Restrictions" tab.
  Click to add a restriction and use the datepicker to select a date.
  Clicking the "Clear date" link should clear the date.

- Trigger the help window on any page. Clicking the "close window"
  button should work correctly.

- Go to Administration -> Patron categories -> Edit. Checking and
  unchecking messaging preference options should work correctly. The "do
  not notify" checkbox should clear other checkboxes in that row and
  vice versa.

- In Serials, from a subscription detail page, clicking the "Renew"
  button should trigger the renew popup.

- Go to Acquisitions -> Vendor -> Add to basket -> From a subscription.
  Clicking the "Advanced search" link in the left hand sidebar should
  toggle the sidebar search form.

- In a UNIMARC system, view the advanced search page. Clicking the "Show
  coded information filters" link should show additional search fields.
  (I tested in my MARC21 system by temporarily moving line 174 of
  advsearch.tt to line 172).

Signed-off-by: Claire Gravely <c.gravely@arts.ac.uk>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-06-24 13:51:01 +00:00
Julian Maurice
1c9b9e3e0e Bug 16238: QA fix: remove tab characters
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-04-29 14:18:24 +00:00
Julian Maurice
27770b7c8f Bug 16238: Use .prop() instead of .attr() for 'checked'
According to https://jquery.com/upgrade-guide/1.9/#attr-versus-prop-
.attr() is no longer correct to access the checked state of a checkbox.

This patch do the following replacements:
  .attr('checked')               =>  .prop('checked')
  .attr('checked, '')            =>  .prop('checked', false)
  .attr('checked, 'checked')     =>  .prop('checked', true)
  .attr('checked', boolValue)    =>  .prop('checked', boolValue)
  .removeAttr('checked')         =>  .prop('checked', false)
  .attr('checked') == 'checked'  =>  .is(':checked')

Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-04-29 14:18:24 +00:00
891526e311 Bug 14836: Use Koha::PatronCategor[y|ies] in admin/categories.pl
Test plan:
Add/edit/remove patron categories from the administration module
(admin/categories.pl).
You should get message feedback after each action.

Signed-off-by: Frederic Demians <f.demians@tamil.fr>
  Operations in admin/category is unchanged, and functionnal

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2015-11-05 10:57:40 -03:00
0cab6f2ef3 Bug 14915: Use Font Awesome instead of Glyphicons for the staff intranet
We should be using Font Awesome for our icons instead of Glyphicons, for
the reasons discussed on bug 13696.

Test Plan:
1) Apply this patch
2) Note all Glyphicons have been replaced with FA icons in the staff intranet
3) git grep "icon-" ./koha-tmpl/intranet-tmpl/prog/en/modules/
   should give no results
4) git grep "icon-" ./koha-tmpl/intranet-tmpl/prog/en/includes/
   should give no results

Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
We need a follow-up to cover the files changes since this
patch was written. Especially to cover the changes in the
label creator modules.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2015-10-27 10:02:42 -03:00
Marc Véron
fba5ce2754 Bug 14127: Typo in message preference form - "mesage"
This path fixes the typo.

To reproduce and test:
Go to a patron's detail page
The message appears as hint in column-header 'Digests only (i)'

Sponsored-by: Universidad de El Salvador

Signed-off-by: Hector Castro <hector.hecaxmmx@gmail.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
2015-05-06 10:39:54 -03:00
Jonathan Druart
d2dd4ca624 Bug 10174: Add a tooltip to explain what is a digest
The digest term seems to be ambiguous for some people.

This patch adds a tooltip to explain what it is (feel free to provide
a better wording).

Test plan:
Go at the OPAC and click on the "Your messaging tab", you should see an
icon close to "Digest only" to explain what is a digest.
Same at the intranet on editing/showing patron info

Signed-off-by: Nick Clemens <nick@quecheelibrary.org>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
2015-04-23 12:50:38 -03:00
7d6edc6f18 Bug 10511: (follow-up) jQuery .removeAttr() has only one parameter
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
2013-08-12 14:12:38 +00:00
e608f4d48c Bug 10511: fix message preference form glitch concerning phone notifications
An error in the onclick for phone notices causes the "Do not notify"
checkbox to be checked when the phone checkbox is checked. Also,
checking "Do not notify" does not uncheck the phone checkbox.

Test plan:
1) Enable TalkingTechItivaPhoneNotification
2) Browse to the new patron screen ( memberentry.pl )
3) In the patron messaging preferences check the Phone checkbox
4) Not the "do not notify" checkbox is then checked
5) Uncheck the "do not notify" checkbox, and check the Email checkbox as well
6) Now check the "do not notify" checkbox, note the Phone checkbox remains checked
7) Apply this patch
8) Repeat steps 3-6, noting the odd behavior is no longer present

Signed-off-by: Srdjan <srdjan@catalyst.net.nz>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
2013-08-12 14:11:12 +00:00
59dc3e59a3 Bug 9002 - Remove Problematic Logic from Patron Messaging Preferences Form
If you do not have SMSSendDriver set and you do not have a message_transport_type of "sms", you will get an extra table column filled with a hyphen "-" and no corresponding table heading in the Patron Messaging Preferences table.

This pushes the table out of alignment so the email checkbox goes under "Digests Only?", the digests checkbox goes under "Do not notify", and the Do not notify checkbox is pushed to the side with no heading.

Signed-off-by: Sophie Meynieux <sophie.meynieux@biblibre.com>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Tested for regressions.
All tests and QA script pass.
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
2013-03-30 21:14:24 -04:00
Ian Walls
d29efac4f3 Talking Tech Support - Phase I
Implements support for Talking Tech I-tiva phone notification for OVERDUE, PREDUE and HOLD notifications.
Overdues respect triggers as configured for the patron's branch.
Predue and Holds notifications respect patron's messaging preference choices.
A new column for phone notification is added if the TalkingTechItivaPhoneNotification system preference is turned on

Record of phone messages being sent to patrons is added to the patron's Notices
tab; notice of success or failure can be retrieved from I-tiva.

See the TalkingTech.README for installation and set-up instructions.

Aside from the control system preference, and the necessary changes to Messaging Preferences
forms to make use of phone notifications, the bulk of the code resides in external
cronjobs.

TalkingTech_itiva_outbound.pl generates the Spec C file to send to I-tiva.  Actual transmission
of the file must be handled by the system administrator.

TalkingTech_itiva_inbound.pl processes the received Results file from I-tiva.  Getting the
file from I-tiva to Koha is the job of the system administrator, as well.

Both scripts have a --help option with full documentation.

The only necessary change to core Koha behavior is in C4::Letters::EnqueueLetter.  The return
value was changed from 0 or 1 (successful addition of letter to message_queue or not), to the actual
insert ID of the letter.  This was required by the outbound script to present a unique Transaction ID
for the notice added to the patron's record (so a 'sent' or 'failed' status could be updated).  Since
the dbh and sth are not shared, and the last_insert_id() command is table-specific, this should be thread-safe.
No changes are necessary to any parts of Koha, as all usage of EnqueueLetter currently ignores the return value.

To Test:

1. Turn on TalkingTechItivaPhoneNotification system preference
2. Verify that 'phone' is now a valid notification option for patrons on both staff and OPAC side
3. Attempt to set a 'phone' preference for PREDUE or HOLD messaging; attempt should succeed
4. Set up the patron for notices to triggers:
   a. include checked out items due in a range of days, including the value set up in their messaging preferences.
   b. place several holds, some in position, others waiting for pickup, others in transit.
   c. set the patron up to have overdues, overdue by a range of days that includes the delay values for
the patrons branch and categorycode
5. Run TalkingTech_itiva_outbound.pl --type=RESERVE --type=PREOVERDUE --type=OVERDUE --outfile=/tmp/talkingtechtest.csv

The resulting talkingtechtest.csv file should include all the items due on X days (where X is the patrons' preference),
and none of the ones due in other increments.  Similarly, overdues messages should be added for each item due by a delay
value as configured; overdues of other numbers of days should be ignore.  Holds that are waiting pick up or in transit should
have messages, those still pending should not.

Messages should be added to the patron's notices tab for each issue sent.  Verify these messages exist, and all Notices
tokens are replaced with appropriate information.

Repeat, this time with 4c making use of the default branch overdue triggers, instead of branch-specific triggers.

To test the inbound script, create a CSV with rows in the format "<<Message_id>>","<<SUCCESS or FAIL>>"
Message ID should correspond to the final column of the talkingtechtest.csv file (the transaction id) for the message.

Primary Authorship: Ian Walls
Additional modifications: Kyle M Hall

http://bugs.koha-community.org/show_bug.cgi?id=4246
Signed-off-by: Nicole C. Engard <nengard@bywatersolutions.com>

Tested and in use in production by two public libraries : Middletown
and Washoe. Both have given their sign off, but don't have git to
actually sign off.

Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
2012-06-10 17:46:52 +02:00
d1e3773e3b Bug 5184 - Upgrade jQuery to the latest version (staff client)
Upgrade jQuery in the staff client. Besides the change
to the jQuery file syntax has been changed wherever this
syntax was written:

$(foo).attr("checked","");

The new correct way to un-check a checkbox:

$(foo).removeAttr("checked");

I also removed some JavaScript altogether from
branch-transfer-limits.tt which used the old syntax but
which wasn't used on the page at all anymore.

Signed-off-by: Chris Nighswonger <cnighswonger@foundations.edu>
Signed-off-by: Mason James <mtj@kohaaloha.com>
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
2012-05-11 11:05:19 +02:00
85592866ab Bug 2780 - Capitalize strings consistently (Patrons)
Correcting Patron-related includes

Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
2012-04-04 17:54:37 +02:00
7cc412d337 Fix for Bug 6458 - incorrect parsing result in translation processing
Fixing improperly nested template logic inside HTML tags in
messaging preferences include.

Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
2011-09-15 08:41:28 +12:00
3270d384c5 Fix for Bug 6726 - When SMS is enabled the messaging table is misaligned
The SMS section of the template was commented out in the patch
pushed for Bug 5889, 'Allow message names to be translatable'
with the comment 'fixing columns overflow.' That seems to have been
a cosmetic fix for what I can only imagine was a different bug?

Also fixing a T:T variable scope error.

After applying this patch the "SMS" column in the Patron messaging
preferences should appear when the SMSSendDriver preference is not empty.

Signed-off-by: Nicole C. Engard <nengard@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
2011-08-23 15:14:50 +12:00
d3205d768f Bug 6229: Message preferences on patron details tab broken
TT scoping problems fixed.

Table now greyed out on the details tab and last column 'Don't notify'
shows correctly.

Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
2011-04-22 06:48:50 +12:00
Chris Cormack
5884fb1000 Bug 5917 : Swapping templates over 2011-04-10 20:38:30 +12:00
Chris Cormack
7e62b5f22a Bug 5917 : Missed one dash
Conflicts:

	koha-tt/intranet-tmpl/prog/en/includes/messaging-preference-form.inc
2011-04-04 13:09:28 +12:00
Chris Cormack
4594a053bd Bug 5917 : Removing spaces in variable names 2011-04-04 12:55:50 +12:00
Chris Cormack
a4b2280b6b Merge remote branch 'kc/new/bug_3670' into kcmaster
Conflicts:
	koha-tmpl/intranet-tmpl/prog/en/includes/messaging-preference-form.inc
2011-03-27 21:19:24 +13:00
Ian Walls
3884e1693f Bug 3670 Followup: fixes message preference form
Changing the database value from "Item DUE" to "Item Due" broke the matching performed in the
messaging-preferences-form.inc file, resulting it the notice being labeled as "Unknown".

This patch changes both the matching, and the display, to "Item Due"

Signed-off-by: Nicole C. Engard <nengard@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
2011-03-27 21:17:16 +13:00
Sophie Meynieux
6282f652b2 Bug 5889: Messages name in english for notifications on public interface.
Modification of template to allow multilanguage support. Alsa fixing columns
overflow.

BibLibre bug #5939

Tests: It works. Messages strings can now be extracted and placed in .po file
for translation.

Signed-off-by: Frédéric Demians <f.demians@tamil.fr>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
2011-03-18 09:25:08 +13:00
Christopher Hall
c02e4d02d5 Bug 5462: fixed dashes (replaced with _) and fullstops (removed) for variable names
Done within opac and intranet templates, still needs to be done for corresponding scripts.

Signed-off-by: Colin Campbell <colin.campbell@ptfs-europe.com>
2011-02-03 09:54:50 +00:00
Galen Charlton
b6e62489d8 bug 3222: moved messaging preference editing
The display and editing of messaging preferences
for a patron have been moved as follows:

* the prefs for a patron are now displayed on the
  patron details tab, not the messaging tab.
* the prefs are now modified by editing the patron
  record, not on the messaging tab.

The messaging tab now contains only the list of
messages that have been or will be sent to the patron.

When creating a new patron record, changing the patron
category via the category dropdown now also changes
the default messaging preferences for that patron.  If
you start editing a new patron, change one of the messaging
preferences, then change the patron category, the form will
ask you if you want to keep the preferences or get
the defaults belonging to the new patron category.

Note that when you edit an existing patron record, changing
the patron category will *not* cause the messaging preferences
to be automatically changed.

Programmer's note: this commit introduces a new web service,
members/default_messagingprefs.pl, that uses Jesse Weaver's
C4::Service module.

Signed-off-by: Daniel Sweeney <daniel.sweeney@liblime.com>
Signed-off-by: Galen Charlton <galen.charlton@liblime.com>
2009-05-22 13:20:56 -05:00
Galen Charlton
ca7db466d6 bug 3222: changes to messaging preferences form
Moved the messaging preferences form to a new
include, messaging-preference-form.inc, so that
it can be used to set messaging prefs both for a
patron and for a patron category.

Signed-off-by: Daniel Sweeney <daniel.sweeney@liblime.com>
Signed-off-by: Galen Charlton <galen.charlton@liblime.com>
2009-05-22 13:20:49 -05:00