It was correctly pointed out that opac-showmarc would leak
the same way as catalogue/showmarc.pl, and so this patch
moves the authentication step up to the top where it
should be so as to prevent inappropriate data leaks.
TEST PLAN
---------
1) Set your OpacPublic system preference to Disabled
2) Open your OPAC and login
3) Find a biblio with items
4) Go to the opac details, particularly MARC view.
5) Copy the "view plain" shortcut link.
6) log out.
7) Paste the link into the address bar.
-- the information will leak!
8) apply the patch
9) restart_all
10) Refresh the OPAC link
-- log in screen will appear.
11) run koha qa test tools
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Before and after:
wget 'http://catalogue.kohadev.org/cgi-bin/koha/opac-showmarc.pl?id=1&viewas=html'
must be the same
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Change parameters to a hashref.
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Looks good to me.
Two calls in migration_tools/22_to_30 still in old style.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds the frameworkcode option param, using each record's frameworkcode
as expected by the filter. Otherwise the ViewPolicy filter falls back to the
default framework.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Koha::RecordProcessor and the defined filters are supposed to bring us
joy and happiness. Let's keep the code compact, simple and clean.
This patch removes record cloning all over the place.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Applying the filtering and then...
Debugging opac/opac-detail.pl filtering
Debugging opac/opac-ISBDdetail.pl more
Debugging opac/opac-export.pl
Tweak opac/opac-export.pl fix variable declarations, conditional assignments
Debugging opac/opac-showmarc.pl
https://bugs.koha-community.org/show_bug.cgi?id=11592
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Why not clean up the License Agreement stuff while the files
are being changed? Used the current one found at:
http://wiki.koha-community.org/wiki/Coding_Guidelines#Licence
Changed the strict and warning lines into just a Modern::Perl.
Signed-off-by: Robin Sheat <robin@catalyst.net.nz>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
In the OPAC if you view the MARC details for a title (and have
OPACXSLTDetailsDisplay enabled) there is a "view plain" link which displays the
output of opac-showmarc.pl. This is broken in master: fixed by this patch.
Test plan:
(1) Set OPACXSLTDetailsDisplay to default
(2) Do a search on OPAC, then display a specific biblio record
(3) Click on MARC view tab. Then click on 'view plain' link. Nothing is
displayed.
(4) Apply the patch. And refresh the MARC detail page.
(5) Click on 'view plain' link. Check that a plain text MARC record is
displayed.
Signed-off-by: Chris <chris@bigballofwax.co.nz>
Note: This makes a small change to C4::Templates::themelanguage so that
it works with .xsl files too (They live in the xslt dir)
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Works as described, passes tests and QA script.
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
Since we switched to Template Toolkit we don't need to stick with the
sufix we used for HTML::Template::Pro.
This patch changes the occurences of '.tmpl' in favour of '.tt'.
To test:
- Apply the patch
- Install koha, and verify that every page can be accesed
Regards
To+
P.S. a followup will remove the glue code.
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
Use C4::Languages::getlanguage() instead of
C4::Templates::_current_language()
Test plan:
1/ Set one of the 4 XSLT sysprefs to 'default'
2/ Go to the corresponding page
3/ Switch language and check that the right XSLT is used
4/ Set the same syspref to something with '{langcode}' in it. For
example:
"../koha-tmpl/opac-tmpl/bootstrap/{langcode}/xslt/UNIMARCslim2OPACDetail.xsl"
5/ Go back to the corresponding page
6/ Switch language and check that the right XSLT is used
7/ Change a compact.xsl for a language (for example
koha-tmpl/intranet-tmpl/prog/fr-FR/xslt/compact.xsl) to be able to see
differences
8/ Go to a biblio detail page in staff interface and click on "MARC
Preview: Show"
9/ Close the popup, switch language and click again on the same link
10/ Check that the correct XSLT is used.
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Works as described following test plan.
No koha-qa errors
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
No problems found, passes tests and QA script.
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
Modifies showmarc and opac-showmarc to use new XSLT handler.
Removes cardview.pl as obsolete script.
Modifies C4/Record.pm and a typo in the test Record.t.
Test plan:
[1] catalogue/showmarc: Go to Cataloging. Search. Click Card.
[2] opac-showmarc: Go to opac detail, MARC view.
Open URL for plain view in new tab.
Change URL: Change viewas=html to viewas=card
[3] Verify that there are no references in the codebase to cardview.pl
[4] C4/Record.pm: Run the Record.t test in db_dependent.
This test uses marc2modsxml, triggering the change.
Additional: export to MODS from opac-detail.
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Views Ok. Test pass. No more cardview. No koha-qa errors
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
On "MARC view" in the OPAC, clicking on "Plain view" does not work
for UNIMARC and NORMARC.
To test:
- Make sure you have a UNIMARC or NORMARC setup
- Go to the "MARC view" of a record in the OPAC
- Click on "view plain" and observe the "Sorry, plain view is
temporarily unavailable." error message
- Apply the patch
- Click on "view plain" and observe that a plain view of the MARC
record is now displayed
- Sign off
I have only tested this on NORMARC, it might be good if someone
can test on UNIMARC.
Updated 2014-03-13: Incoroprates changes suggested by Marcel.
Test plan is the same as before.
Updated 2014-03-13: Tested in my UNIMARC system.
toggled opactheme to all three values, with OPACXSLTDetailsDisplay
and OPACXSLTResultsDisplay both set to default.
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Tested with MARC21 and UNIMARC, passes all tests and QA script.
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Instead of just running as_formatted, check if GetMarcBiblio returned
a reference. If you e.g. did not pass an id, return 404 instead of 500.
Consistent with opac-export.pl
Test plan:
[1] Run opac-showmarc.pl with valid biblionumber in id parameter.
[2] Remove id parameter from URL. You should get a 404 now.
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
The code in opac-showmarc.pl isn't smart enough to find the xsl files in
the "default" (prog) theme if the ccsr theme is enabled, so the "view
plain" option on opac-MARCdetail.pl fails ever time.
This patch copies some path-handling code from XSLT.pm to improve xsl
file path handling when dealing with a "sub-theme."
To test, view the MARC view in the OPAC and click the "view plain" link.
This should work correctly in prog and ccsr themes and with different
languages enabled (keeping in mind the ccsr theme will fail in general
for languages other than en).
Signed-off-by: Nicole C. Engard <nengard@bywatersolutions.com>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Checked plain view works in both prog and ccsr themes now.
All tests and QA script pass.
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
Simplifies template (eliminating opac-bottom include).
Makes encoding for card and html view more consistent with approach in Templates module.
Rearranges a few lines in script for consistency and performance.
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
Passed-QA-by: Mason James <mtj@kohaaloha.com>
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
Previously we did not sanitize biblionumber and authids passed in by
the user.
To test:
1) Go to /cgi-bin/koha/opac-detail.pl?biblionumber=2hi (substituting a
valid biblionumber for the 2).
2) Notice the presence of "2hi" on this page, and also on the ISBD and
MARC views.
3) Go to /cgi-bin/koha/opac-authoritiesdetail.pl?authid=2bye
(substituting a valid authid for the 2).
4) Notice the presence of "2bye" on this page.
3) Apply patch.
4) Notice that "2hi" and "2bye" strings are gone.
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
Couldn't help but reformat the indentation a bit.
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Card view works correctly in cataloguing search.
Plain view/labelled show correctly in OPAC.
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Fixing merge conflict.
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
No more encoding problems spotted.
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
applied to git tag 'v3.02.00-rc'
Frédéric Demians:
- Rebased this patch to HEAD
- Solved a merge conflict
- The patch works as described here:
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=4289
Signed-off-by: Frédéric Demians <f.demians@tamil.fr>
Signed-off-by: Jared Camins-Esakov <jcamins@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
- Eliminates the "Extended MARC View" tab
- Points the "MARC View" tab to opac-MARCDetail.pl as it is when XSLT is off
- Offers a "view plain" link on opac-MARCDetail.pl. Clicking this link
replaces the standard labeled MARC view with an unformatted view similar to the
one displayed in the pop-up modal MARC view.
- When viewing the "plain view," clicking the "view labeled" link will return
you to the standard labeled MARC view.
- Adds a new XSL file for displaying MARC data in a slightly-more-formatted
manner (compared to one big <pre></pre> block).
Removed a conflict marker line from Owen's patch (Marcel).
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
This patch implements Fridolyn SOMERS' suggested change
to the .xsl file path but copies compact.xsl from the
intranet template dir and points to that instead.
Signed-off-by: Galen Charlton <gmcharlt@gmail.com>
Also some cleanup of opac-showmarc script including removing bogus
dependencies (DBI, CGI methods). Should consider using C4::XSLT if
applicable.
Signed-off-by: Galen Charlton <galen.charlton@liblime.com>