Two parameters are now escaped in title (html element):
- query_desc
- limit_desc
This is a security correction against XSS.
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
I've made changes to the basket grouping interface to bring it
in line with other interfaces in Koha. I think it's better to
keep things following a consistent pattern.
On the page which lists basket groups:
- Basket groups listed in a table instead of as custom-styled lists
- Buttons use standard style
- Tabs are generated by jQuery
On the page for managing baskets in a group:
- Markup has been revised to be more consistent with established
patterns.
- Corrections have been made for validity
On the basket view page:
- Display of data has been streamlined a little bit
- An option has been added to the "Basket group" dropdown
for adding a new group
- Markup has been corrected for validity and consistency
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
1) Basket group page
The blue is gone and the new buttons are much better
readable than before.
2) Basket grouping page
Works.
3) Basket view page
I like the new option to create a new group from here.
Nice improvement to the workflow!
I removed a spare 'td' from line 264.
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
- Correcting permissions checks on the home page
- Adding default parameter (1) to numberofreviews subroutine
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
This patch adds count indicators on the staff client home page and
the tools page for the number of items pending approval. On the
home page this includes suggestions, comments, and tags. On the tools
page a count of pending comments and tags is shown.
Signed-off-by: Liz Rea <wizzyrea@gmail.com>
Counts appear for all types of actionable items listed, all are clickable through to the proper place.
Nice work!
Same fix that was done for normal order page and receive page.
Moving the style element for hiding the subfield into the li tag.
AcqCreateItem = on order
To recreate:
1) stage a marc file with 1 - many records
2) make sure you have an acq framework with hidden fields in 952
3) create new basket
4) order from your marc file
5) check item form below the record list for white space
Signed-off-by: Magnus Enger <magnus@enger.priv.no>
Followed the steps outlined by Katrin above. Before the patch there are gaping
holes left by the hidden fields. After the patch the holes are gone.
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
When running the Items with no checkouts report and outputting to
screen, the results do not include any identifying information for
the items. The only information listed is the item count and the
branch location.
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
245 Subfields in the Intranet Detail Display (MARC21slim2intranetDetail.xsl) are
being reordered on display. Instead of displaying 245$a 245$h 245$b, the
stylesheet was displaying 245$a 245$b 245$h. This patch does not address ISBD
punctuation.
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
Follow-up patch to address the issue in the staff client.
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
This patch doesn't fix the origial request to add the renewal date
to the list of checked out items, but follows the other bug commenter's
suggestion that the information be added to the item details page
(moredetail.pl).
The other part of this request, to add the checkout date, has already
been fixed by another patch.
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
The problem was, that the script was looking for the first
and second <a> tag in the code. When using plugins in the framework
this can't work. The patch changes the script to select the correct
<a> tags by using a class.
Also changes + and - to 'Add' and 'Delete' to make the meaning clearer
and clicking on them a bit easier.
To test:
1) AcqCreateItem = order
- Create a basket
- Create an order line
- Create more than one item
- Delete items
- Check quantity is calculated correctly
- Check items are created correctly
2) AcqCreateItem = receive
- Create basket
- Create 2 order lines, order >1 items
- Do a partial item by removing items from the receive form
- Receive all missing items
- Receive more items than ordered
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
This patch changes the catalog toolbar so that when there are no
items attached to a record the "Delete all items" menu item appears
to be disabled. Clicking it will trigger an alert, "This record
has no items."
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
With new 3.6.1 translation files, the lake of 'nbsp' entity definition make
fail t/00-valid-xml.t test.
This patch applies to HEAD and 3.6.x.
How to test:
- checkout 3.6.x branch
- generate French templates:
cd misc/translator
./translate install fr-FR
cd ../..
- run test:
prove -v t/00-valid-xml.t
you get failing error message
- apply this patch
- run test again: it passes
Signed-off-by: Frédéric Demians <f.demians@tamil.fr>
http://bugs.koha-community.org/show_bug.cgi?id=7141
Removing inline style setting the table width.
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
The order modification script doesn't retrieve an order's basket
when doing a delete, so the template must explicitly pass
the basket number if we want the redirect to work.
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
Fixed a couple of errors:
- [% CAN_user_staffaccess %] should be [% IF ( CAN_user_staffaccess ) %]
- added missing [% END %]
- added missing line new YAHOO.widget.Button("duplicate");
To test:
1) Open patron account
2) Go through tabs, especially 'Check out'
3) Check toolbars are correct and buttons work
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
To test run
perl xt/author/translatable-templates.t
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Test runs without any complaints about the fixed templates now.
Also checked detail pages without XSLT turned on display correctly.
* fixed documentation in C4/Auth_with_ldap.pm
* updated ILSDI/Utility.pm to work with debarred being a date
* updated Members.pm/patronflags to work with debarred being a date (copy/paste of BibLibre code that had not been backported)
* fixed opac-reserve to check correctly for debarred status
I also have removed a duplicate line on circulation.pl when the patron was restricted = the information was displayed twice
Some code coming from BibLibre has been lost in the process of inclusion in
3.4. The result is that fine in days does not work at all (you can setup rules,
but it does nothing)
Step to reproduce:
- Koha > Admin > circ rules > set 1 day fine every day of overdue for default
rule
- Issue a book return date last week
- check-in the book => no debarment is set
The following patch will fix all of those problems by :
* updating borrowers.debarred to a date field (instead of tinyint). It contains
the limit of the debarment
* changing API of DebarMember and UpdateBorrowerDebarred to pass a date
* display debarrdate where applicable. Note that a debarrdate of 31/12/9999 is
considered as unlimited and not displayed
* added a debarrcomment, usefull to explain why a patron is debarred (this is
independant from debarrdate changes and can be used when placing an unlimited
debarment too)
[2011-05-12] F. Demians. It works as described. And I can confirm this
functionality is impatiently awaited by French libraries since one year. Thanks
BibLibre for the good work and for contributing this code.
Bug 6328 Followup--update DB structure
Thanks Katrin.
Bug 6328: make comment a textbox / fix debar by notice trigger
Debarring by notice triggers was broken, because the new function
expects a date as second parameter.
The comment field in patron account details was a very long text field.
Patch changes it to be a textbox instead.
Bug 6328: Lift debarment leaves patron account
'Lift debarment' redirects to an empty circulation page.
BZ6328 follow-up 3
Fixes comment 23 from Fernando L. Canizo : when the patron was debarred and debar removed
he still could not check-out.
The changes in the IsMemberBlocked (that were on biblibre/master) were lost somewhere
The sub was still checking for old_issues instead of calling CheckBorrowerDebarred
to get a debardate if applicable
Note : this bug was appearing only is you had issuing rules defined for itemtype/categorycode/branch.
Seemed to work if you had only default rules. That's probably why it hadn't been spotted before
BZ6328 follow-up 4
Comments fron Zeno Tajoli: The patch is OK and I sign-off it. Two little changes done on
installer/data/mysql/kohastructure.sql and installer/data/mysql/updatedatabase.pl
Signed-off-by: koha <koha@kohabase.localdomain>
This patch makes it possible to add the account number to the
vendor information. The used field aqbookseller.accountnumber was
already existent in the database.
To test:
1) Add a new vendor with accountnumber
> Verify form has a field for accountnumber
> Verify accountnumber does show up on vendor summary page
2) Edit this vendor, change accountnumber
> Verify change was correctly saved and new number is displayed on
vendor summary page
3) Delete accountnumber
Signed-off-by: Liz Rea <lrea@nekls.org>
Tested 1-3, no troubles found.
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
Also removing some YAHOO.widget.Button declarations which
are redundant.
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Works as advertised, doesn't affect display for non-organisational patrons.
Note: Display change in OPAC only affects the summary tab.
It would be a little bit more consistent to make the name show the
same on all tabs in OPAC patron account.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
I repeated Katrin's signoff here (with permission). The patch only changed for some minor rebasing and cosmetic QA requests. Passed QA now.
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
Fixes for output in a couple of acquisitions templates where
user-generated data should be escaped. This instances were found
by creating a vendor name like "Baker & Taylor" and finding
that the ampersand was not escaped, causing validation errors.
This patch also consolidates multiple <script> blocks which
do not need to be separate and corrects a couple of unclosed
<input> tags.
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
A javascript error could occur if the CloneSubfield function failed for
any reason. This would prevent the popup from disappearing.
Example : Importing informations of a UNIF_TITLE authority with multiple
$x subfields in the biblio's 440 field. 440$x isn't repeatable, so an
error occurs when trying to clone it.
http://bugs.koha-community.org/show_bug.cgi?id=6977
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
http://bugs.koha-community.org/show_bug.cgi?id=7033
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Test plan:
- apply patch
- update po files using 'perl translate update <language-code>
- check po files for new strings from 007 plugin
- translate some / all of them
- update templates with changed po files 'perl translate install <language-code>
- verify 007 still works and got translated
When viewing an item's details, selecting the accession date for it now
takes you to the invoice for that item.
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
This works as advertised.
1) Order and receive an item in acquisition
2) Search for it in staff and go to the 'items' tab
3) Click on the 'receive date' link
Fixed conflict in moredetail.pl.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
QA. This patch does only work when AcqCreateItem==placing an order. This is caused by an existing bug. See Bugzilla for more details.
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
Thanks Stefano Bargioni for the typo fix
[2011.09.16] Thanks Paul for catching the display error.
[2011.10.11] Thanks Katrin for finding display error on OPAC.
Signed-off-by: Colin Campbell <colin.campbell@ptfs-europe.com>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Tested prediction pattern and display in OPAC.
No problems found.
When ordering from an existing record the 'no budgets and funds defined' error
message was shown below the result list.
To test:
A) No budgets defined for this user and library
Basket summary page shows a warning instead of the link for creation
of orders.
B) Budgets and funds are properly defined for this user and library
Basket summary page shows links for order creation.
Before patch: A search for an existing record had the alert at the bottom
of the search result list.
After patch: The links for creation of orders are shown instead.
Signed-off-by: Liz Rea <lrea@nekls.org>
Verified A and B.
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
This patch adds the table sorter to Holds Queue. Sponsored by Farmington Public Library.
Signed-off-by: Nicole C. Engard <nengard@bywatersolutions.com>
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
dealing with some BNF/SUDOC invalid utf-8 (in title, the removed fields are used to mark non-sorted words)
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
I can't test this works ok for UNIMARC, but it does not cause any
problems with the translation scripts or MARC21 so signing off
Instead of using the 'p' subfield directly, use the subfield letter
associated with the items.barcode column.
http://bugs.koha-community.org/show_bug.cgi?id=6963
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Test cases tested:
- 1 item, barcode empty
- 2 items, barcodes both empty
- 1 item, existing barcode
- 1 item, new barcode
- 2 items, one barcode empty, one existing
All test cases worked nicely and gave correct error messages.
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
If the AcqCreateItem preference is set to "ordering" and the barcode for
the new item is already in use, no error is returned, but an invalid
itemnumber is saved in the aqorders_items table and the item is never
created.
This patch adds a duplicate barcode verification in neworderempty.pl
_koha_add_item is also modified so it won't return an invalid ID when
an item can't be added.
http://bugs.koha-community.org/show_bug.cgi?id=6963
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Test plan on second patch.
This is a fairly hacky solution, a counter patch would be more than
welcome
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Updated, translated and installed German po files after applying this patch.
No problems found.
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
http://bugs.koha-community.org/show_bug.cgi?id=7069
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Patch changes '' to "" to make it work for strings which contain '.
Patch does NOT add new strings to the po files.
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
Table sorter script causes error if there is no <tbody> to sort.
JS errors cause the YUI toolbar js to abort, causing the problem
observed. When there are no results the whole table should be
omitted and a message displayed in its place.
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
To test:
- check toolbar on top of patron reading history with no entries
- check toolbar on top of patron reading history after a few checkouts
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
http://bugs.koha-community.org/show_bug.cgi?id=6414
Signed-off-by: Nicole C. Engard <nengard@bywatersolutions.com>
Signed off with a note: this doesn't fix everything mentioned in the bug.
It also might clash with bug 4831 and should be tested with that patch.
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
This follow-up adds a system preference which controls display
of a link to recent comments in the OPAC masthead alongside
"Advanced search," "Tag cloud," etc.
Signed-off-by: Nicole C. Engard <nengard@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
The item form on the order receive page (AcqCreateItem = on receive) contains a
lot of blank space which makes it hard to read and fill out.
To test:
- set AcqCreateItem = on receive
- create basket, order something, receive shipment
- check item form is nicely formatted and doesn't include lots of blank space
Note: It will be easier to test if you have an ACQ framework created to hide some
unnecessary subfields, because the hidden fields create the blank space.
Signed-off-by: Magnus Enger <magnus@enger.priv.no>
Created an ACQ framework and hid some of the fields (hidden = 5). Before the
patch there were gaps between the fields as shown in the screenshot from
Katrin. After the patch fields line up nicely, with no extra space between
them.
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
This patch adds a check for the value of the ExtendedPatronAttributes
preference to the scripts and corresponding logic to the templates
controlling the sidebar menu.
The patch also corrects a duplication of attributes code in moremember.pl
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
1) Added extended patron attributes in configuration, turned ExtendedPatronAttributes on
2) Altered patron details, added values for patron attributes
> Verified patron attributes show show correctly
3) Turned off ExtendedPatronAttributes
> Verified patron attributes were hidden everywhere
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>