Commit graph

281 commits

Author SHA1 Message Date
5b8d2d8658
Bug 23946: Remove Noun Project icons from the About page
This patch removes the part of the About page which gives attribution
for Noun Project icons on the staff client home page.

To test, apply the patch and view the About page in the staff client.
There should be no reference to Noun Project icons.

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-11-03 07:42:11 +00:00
374f59f3cd
Bug 22661: TinyMCE/WYSIWYG editor doesn't translate
This patch updates the TinyMCE editor to the latest version (5.0.16) and
adds a translatable include file which will allow the TinyMCE interface
to show the same translation as Koha.

The configuration of the editor has been updated according to the new
version's requirements, keeping all the tools available we had before
and adding emoji support.

To test, apply the patch and enable the UseWYSIWYGinSystemPreferences
system preference.

TESTING THE UPGRADED EDITOR

 - Go to Administration -> System preferences -> OPAC.
 - Multiple instances of the TinyMCE editor should appear on the page:
   opaccredits, OpacCustomSearch, OpacLoginInstructions, etc.
 - Test adding and editing content to one or more of these editors.
   Confirm that the various editor tools work correctly.
 - Verify that changing the contents of any editor (including via paste)
   enables the corresponding "Save all X preferences" button.

 - Test the news editor under Tools -> News.

 - Test the library "OPAC info" editor in libraries administration:
   Administration -> Libraries -> Edit library -> OPAC info.

TESTING TRANSLATABILITY

 - Update a translation:

   > cd misc/translator
   > perl translate update fr-FR

 - Open the corresponding .po file for the staff client, e.g.
   misc/translator/po/fr-FR-staff-prog.po
 - Locate strings pulled from includes/str/tinymce_i18n.inc for
   translation, e.g.:

   #. SCRIPT
   #: intranet-tmpl/prog/en/includes/str/tinymce_i18n.inc:1
   #, fuzzy
   msgid "File"
   msgstr "Fichier :"

 - Edit the "msgstr" string however you want (it's just for testing) and
   remove the "fuzzy" line.
 - Install the updated translation:

   > perl translate install fr-FR

 - Go to Administration -> System preferences -> OPAC.
 - In each instance of the TinyMCE editor, the first menu item should
   have as its label the translation "msgstr" string you edited.

 - Check that the "About" page shows updated information about
   the TinyMCE version, 5.0.16.

Signed-off-by: Michal Denar <black23@gmail.com>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-11-03 07:39:54 +00:00
6c92612c15
Bug 13193: (RM revert) Make Memcached usage fork safe
This reverts commit f7a5466c52. We need
the new dependancy packaged first.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-10-01 15:34:57 +01:00
Joonas Kylmälä
f7a5466c52
Bug 13193: Make Memcached usage fork safe
When a high enough number of forks try to access for example system
preferences with Koha::Cache using memcached as backend the results of
different cache requests get mixed up.

The problem is fixed by using Cache::Memcached::Fast::Safe that is a
fork safe version of Cache::Memcached::Fast.

Sponsored-by: The National Library of Finland
Signed-off-by: David Cook <dcook@prosentient.com.au>

Works as described, and solves an insidious difficult to debug
problem in Koha.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-10-01 15:14:31 +01:00
4c17151d74
Bug 23566: Continue on device - with QR codes
This patch adds the option to show a QR code on the OPAC bibliographic
detail page. The URL of the page is encoded in the image so that
scanning it will take the user to that page on their device. The feature
is controlled by a new system preference, OPACDetailQRCode, which is
disabled by default.

The QR Code is generated by a JavaScript library, "kjua"
(https://github.com/lrsjng/kjua), which has been added to the "About"
page in the staff client.

To test, apply the patch and run the database update. Rebuild the OPAC
CSS (https://wiki.koha-community.org/wiki/Working_with_SCSS_in_the_OPAC_and_staff_client).

 - In the staff client, go to Administration -> System preferences.
 - Locate the OPACDetailQRCode system preferences under OPAC ->
   Features. It should be disabled.
   - Enable the preference and switch to the OPAC.
 - Locate a title in the catalog and view the detail page.
   - In the sidebar menu there should be a "Send to device" link.
   - Clicking the link should display a QR Code.
   - Scan the code using a QR Code-capable device.
   - The URL should be correct.
 - Disable the system preference and confirm that the "Send to device"
   link no longer appears on the OPAC detail page.

Signed-off-by: Christopher Brannon <cbrannon@cdalibrary.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-10-01 14:38:02 +01:00
77d197c361
Bug 14570: Add about.pl entry for wrong relationship data
This patch adds a check and an entry to the about.pl, for bad
relationship data. The checks are:

- 'relationship' containing '_bad_data' (generated by the atomicupdate
  on undef relationships.
- 'relationship' values that are not in the borrowerRelationship
syspref.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-08-20 16:06:36 +01:00
7e4f25e088
Bug 23445: (RM follow-up) Missing filter
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-08-16 13:48:05 +01:00
1aae63606c
Bug 23445: (RM follow-up) Add warning for unexpected lengthunit
Discussions on this bug highlighted worries about behind the scenes
fallbacks to 'days' as a lengthunit should the lengthunit be set to an
unrecognised value. This patch adds a warning to the about page for any
such occurrences so librarians may be made aware of and resolve the issue.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-08-16 12:19:34 +01:00
ec08e5af12 Bug 21626: (QA follow-up) Don't crash on missing teams file
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-05-17 14:46:10 +00:00
77e91f34fc Bug 21626: (follow-up) Changes based on feedback
Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-05-17 14:46:10 +00:00
c07aaf8aca Bug 21626: Use teams.yaml for teams section
Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-05-17 14:46:09 +00:00
d4b503aa14 Bug 22893: Do not crash if contributors.yaml does not exist
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-05-14 18:16:37 +00:00
cf80509386 Bug 21662: (QA follow-up) Minor corrections
[1] Move doXulting and Universidad ORT Uruguay to Institutions.
    We do not mention the institution for each developer.
[2] Removing Anonymous.
[3] Adding the Bugzilla alias shantanoo as additional transliterated text.
[4] Resolve typo Continious.
[5] Removing three plural unused roles in about.tt.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-05-10 17:19:44 +00:00
594f7d64d0 Bug 21662: Use contributors.yaml for contributors list
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-05-10 17:19:43 +00:00
Katrin Fischer
e9f0212f35 Bug 21502: (QA follow-up) Rephrase warning slightly
Test plan:
Follow first test plan, look at warning, decide if you like it :)

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-04-29 12:44:08 +00:00
40f6822dc1 Bug 21502: Add check for YAML formatted system preferences to about page
So far there are these yaml formatted preferences:
    UpdateNotForLoanStatusOnCheckin
    OpacHiddenItems
    BibtexExportAdditionalFields
    RisExportAdditionalFields
    UpdateItemWhenLostFromHoldList
    MarcFieldsToOrder
    MarcItemFieldsToOrder

Test plan:
1) Add some badly formatted YAML into some of preferences listed above
2) Check the System information tab on About page for appropriate warnings

Signed-off-by: Michal Denar <black23@gmail.com>

Signed-off-by: Michal Denar <black23@gmail.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-04-29 12:44:07 +00:00
ef248b82d7 Bug 10659: Upgrade jQuery star ratings plugin
This patch replaces our current jQuery star ratings plugin with a newer
plugin which will be compatible with newer versions of jQuery:

http://antenna.io/demo/jquery-bar-rating/examples/

To test you should have one or more records in your catalog with star
ratings.

- Apply the patch and set the OpacStarRatings system preference
  to "results and details"
- Perform a search in the catalog which will return one or more titles
  which have ratings.
  - Confirm that the ratings appear correctly and the ratings are
    read-only.
- Open the "normal" detail page for that record.
  - Confirm that the star rating appears correctly.
  - Test setting and re-setting your star rating. Confirm that it is
    saved.
  - Confirm that the "cancel rating" link appears when you have a rating
    set, and that it disappears after you click it.
- Test that the "only details" and disabled options of the
  OpacStarRatings preference work as they should.
- Confirm that information about the plugin appears on the About page in
  the staff client, replacing the old star ratings plugin information.

Signed-off-by: Pierre-Marc Thibault <pierre-marc.thibault@inLibro.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-02-15 18:42:46 +00:00
Katrin Fischer
cfea47cb06 Bug 21441: Fix wrong reference to a 'holds' table on system information tab
It looks like a typo snuck in on the about page, listing a holds
table instead of reserves.

To test:
- Manually create the same PK (reserve_id) in reserves and old_reserves
- Verify that the message on about > system information now
  correctly lists those tables (not holds and old_reserves)

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-02-11 18:32:40 +00:00
4b82ed3549 Bug 21751: Replace fixFloat with HC-sticky to fix Chrome display
This patch replaces the fixFloat jQuery plugin with a new one: HC-sticky
(https://github.com/somewebmedia/hc-sticky). This plugin provides the
same functionality without the page-reflow problems fixFloat suffers
from.

To test, apply the patch and regenerate the staff client CSS. Test the
behavior of the floating toolbar on these pages:

 - Acquisitions -> Vendor -> Vendor details
 - Acquisitions -> Vendor -> View basket
   - On both these pages, test toolbar behavior before and after
     expanding the "Orders search" options at the top of the page.
 - Administration -> System preferences
 - Authorities -> Create or edit an authority
 - Catalog -> Advanced search
   - Search results
 - Catalog -> Item search
 - Cataloging -> Add or edit a record
   - Open the plugin window for the 008 field
 - Tools -> Label creator -> New label batch -> Add items -> Search ->
   Results
 - Patrons -> New patron
   - Test before and after expanding the patron search options at the
     top of the page
   - Test editing a patron too
 - Tools -> Automatic item modifications by age -> Edit
 - Tools -> Notices & slips -> Edit
 - Lists -> View list

Check that the About page has been updated with information about the
plugin.

Signed-off-by: David Cook <dcook@prosentient.com.au>

Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-02-04 14:13:35 +00:00
824e9a7c9e Bug 7143: Fix typo in adding new dev
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-01-18 20:12:08 +00:00
2bab07458f Bug 7143: Update about page for new devs (Academy)wq
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-01-17 02:23:29 +00:00
5d49ea039c Bug 22007: Remove html filters when KohaDates called with a parameter
Bug 13618 took care of the KohaDates output but not if it is called
with a parameter (eg. [% var | $KohaDates with_hours => 1 %]).

We could avoid unnecessary processing by removing the extra html filter.

Patch generated with the following command:
  % perl -p -i -e 's/KohaDates([^%\|]*)\s?\|\s?html\s?/KohaDates $1/g' **/*.inc **/*.tt

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-01-02 20:42:18 +00:00
Nazlı Çetin
52b52ab896 Bug 7143: Update about page for Nazlı
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-11-29 18:45:01 +00:00
d0e72b4373 Bug 7143: Update OpenHub link for Fridolin Somers in about page
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-11-29 18:44:52 +00:00
505e10585c Bug 7143: Update about page for new dev Thatcher Leoonard
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-11-15 12:47:37 +00:00
Dimitris Antonakis
446142cd2b Bug 17597: Outdated translation credits
Updated translation credits for the Greek language.

Signed-off-by: Andreas Roussos <arouss1980@gmail.com>
Works as expected, hyperlink to openhub tested OK.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-11-13 21:11:44 +00:00
c28ad651a6 Bug 21782: Release team 18.11 in About
[1] Moved the (usual) 18.05 positions to the Dev section.
[2] Added the 18.11 positions to the Release team section.

Test plan:
[1] Look at About/Koha team.
[2] Compare with roles 18.05 and roles 18.11.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-11-13 16:35:47 +00:00
Andrew Isherwood
1c8952a36b Bug 20996: Remove prefix use of borrower category
This patch removes the potential use of borrower category as a ILL
request ID prefix. It makes no sense. We provide the ability for a site
to define a request prefix based on branch, there is no use case for
using the borrower category. Add to this that the borrower for every
request was being retrieved in order to get the category, it's a huge
performance hit also.

We also now require the <branch> block in the <interlibrary_loans> block
and complain if it's not present. The request prefix should be defined
in this block.

This patch also improves the performance of the API request that returns all
requests, optionally including additional data.

It also deprecates the overloaded TO_JSON method and moves the request
augmentation code into the API route's controller. It may be that we
want to shift it out of there at some point, but it is fine where it is
for now.

Signed-off-by: Magnus Enger <magnus@libriotech.no>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-11-02 10:33:02 +00:00
Katrin Fischer
3a150b5d75 Bug 20720: (QA follow-up) Some minor corrections
Made some corrections to countries, spelling and
changed OPUS entry.

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-10-29 01:07:40 +00:00
5367bfcabd Bug 20720: Found some more sponsors to add to 'about'
git log|grep -i "sponsored-by"|sort -n | uniq
git log|grep -i "sponsored by"|sort -n | uniq

Signed-off-by: Michal Denar <black23@gmail.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-10-29 01:07:39 +00:00
cde4bb0d23 Bug 20720: Using git Sponsored-by lines to update 'about'
Signed-off-by: Michal Denar <black23@gmail.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-10-29 01:07:39 +00:00
59757c1f5b Bug 21669: Do not html filter TT assignement statements
Why? Because we must filter the variables when we display them.
If we escape them on assignement, they will be double escaped:
  [% XXX = "<span>pouet</span>" | html %]
  [% XXX | html %]
  => &lt;span&gt;pouet&lt;/span&gt;

Also it will bring trouble if we are assigning a structure (see bug
21663 for instance).

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-10-26 16:38:36 +00:00
d71fb84f6f Bug 7143: Update about page for new devs Margaret Hade and Isobel Graham
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-10-26 16:25:02 +00:00
2497ef5f0a Bug 20554: (follow-up) Add local font files and add method for loading them
This patch adds local copies of the font files specified in the original
patch. A new JavaScript file has been added, fontfaceobserver.min.js,
which helps gracefully load font assets.

https://github.com/bramstein/fontfaceobserver

Information about the new assets has been added to the about page.

When using web fonts, there can be a delay, while the browser loads the
font files, between the time the page loads and the time the fonts
render. Font Face Observer allows us to specify a default font for the
initial page render, and then apply the web font after it has loaded.

To test, apply the patch and regenerate the OPAC css. View any page in
the OPAC and confirm that the custom font renders properly.

View the About page in the staff client and confirm that the new license
information looks correct.

Patch applies and OPAC and license look good. Looking forward to this.
Signed-off-by: Dilan Johnpullé <dilan@calyx.net.au>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-10-19 17:27:42 +00:00
01646f9743 Bug 7143: (follow-up) remove trailing apostrophe
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-10-09 16:13:57 +00:00
9de145077a Bug 7143: Update about page for new dev - Cori Lynn Arnold`
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-10-03 17:56:22 +00:00
Alex Arnaud
edb627bcf2 Bug 17282: Ability to create charts for SQL reports
Add a form under report's result that allow to configure and draw a
chart (pie, bar, line and combination).

Pie: Usefull only for a two-column report's result

bar: Horizontal: Can be horizontal or vertical (check/uncheck
horizontal checkbox),
     Group: allows to group columns (stacked bar chart),
     Line: show some columns as line in a bar chart (combination)

line: line chart :)

This patch adds 2 new js libraries: d3js and c3js:
  - c3.min.css
  - c3.min.js
  - d3.min.js

Test plan:
- Apply this patch,
- execute a report,
- click on show chart settings button (in the tool bar),
- draw chart (click on draw button),
- check the chart

Features:
- Include all rows (ignore pagination),
- Download the chart (svg),
- Choose x column and y columns,
- Exclude last line (Rollup)

Signed-off-by: Michal Denar <black23@gmail.com>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-10-01 13:56:35 +00:00
90ff0f3343 Bug 7143: Update about page for new dev - Alberto Martinez
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-09-26 19:00:16 +00:00
Zoe Bennett
b9bbc4b32a Bug 19833: Changing the "biblios"
To Test:
Check the following files that all the "biblio" or "biblio record" are
now written in rull as "bibliographic record".

modules/about.tt

Corrected a single capitalization error during signoff

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-09-19 13:54:48 +00:00
Charlotte Cordwell
5cf279aea0 Bug 19833: Kill the "biblios"
1) Check files modules/about.tt, modules/acqui/booksellers.tt and
modules/acqui/invoices.tt for typos nad check that there are no "biblio"
and only "biblographic record".

Fixed one capitalization error during signoff.

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-09-19 13:54:44 +00:00
a389c751cb Bug 7143: Update about page for new dev - Jane Sandberg
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-09-19 13:46:00 +00:00
8f84ef2483 Bug 21317: Format long lists under Koha Team tab as columns
This patch adds a couple of new CSS classes for formatting content in
columns: .columns-3 and .columns-4. The four-column class is applied to
the dev team and contributing companies lists on the about page.

The patch also modifies the style of H3 on this page to improve
readability.

Unrelated: "Nelsonville Public Library" corrected to "Athens County
Public Libraries."

To test, apply the patch and regenerate staff client CSS
(https://wiki.koha-community.org/wiki/Working_with_SCSS_in_the_OPAC_and_staff_client).

View the various tabs on the about page and confirm that everything
looks good. Confirm that the dev team and contributing companies lists
are formatted as columns.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-09-16 04:20:08 +00:00
289e96848a Bug 21319: Remove highlight and tooltip on Koha Team version
This patch modifies the about page to remove a <span> on the Koha
version number which explained the version numbering change.

To test, apply the patch and view the "Koha team" tab on the about page.
The "Koha 18.05 release team" header should not have the number
highlighted.

Signed-off-by: pierre-marc <pierre-marc.thibault@inLibro.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-09-07 15:07:36 +00:00
bee097b39b Bug 14302: Remove GRS1 specific code
Remove:
- BIB_INDEX_MODE and AUTH_INDEX_MODE env var
- bib_index_mode and auth_index_mode options from scripts
- Warnings from about page, just kept one if zebra_bib_index_mode or
zebra_auth_index_mode still exist in config and are set to grs1

Test plan:
- Install Koha from src
- Install Koha from pkg
- Read the code, carefully!

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Rebased

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-31 11:24:20 +00:00
10c154353f Bug 13618: Remove html filters for HtmlTags
We will have to make sure this filter (HtmlTags) is not used with
unsafe variables.

Generated by:
perl -p -i -e 's/HtmlTags tag([^\|]*)\| html -%]/HtmlTags tag\1-%]/g' **/*.tt **/*.inc
perl -p -i -e 's/HtmlTags tag([^\|]*)\| html %]/HtmlTags tag\1%]/g' **/*.tt **/*.inc

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-17 15:55:08 +00:00
Jonathan Druart
dcd1f5d48c Bug 13618: Add html filters to all the variables
Here we go, next step then.
As we did not fix the performance issue when autofiltering
the variables (see bug 20975), the only solution we have is to add the
filters explicitely.

This patch has been autogenerated (using add_html_filters.pl, see next
pathces) and add the html filter to all the variables displayed in the
template.
Exceptions are made (using the new 'raw' TT filter) to the variable we
already listed in the previous versions of this patch.

To test:
- Use t/db_dependent/Koha/Patrons.t to populate your DB with autogenerated
data which contain <script> tags

- Remove them from borrower_debarments.comments (there are allowed here)
update  borrower_debarments set comment="html tags possible here";

- From the interface hit page and try to catch alert box.
If you find one it means you find a possible XSS.
To know where it comes from:
* note the exact URL where you found it
* note the alert box content
* Dump your DB and search for the string in the dump to identify its
location (for instance table.field)

Next:
* Ideally we would like to use the raw filter when it is not necessary
to HTML escape the variables (in big loop for instance)
* Provide a QA script to catch missing filters (we want html, uri, url
or raw, certainly others that I am forgetting now)
* Replace the html filters with uri when needed (!)

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-17 15:55:05 +00:00
985eb92914 Bug 20647: (alternate) When ILL is enabled the hover effect on the ILL requests button is wrong
This alternate patch adds a new icon to the sprite image which gives
icons to the link on the staff client home page. It modifies the CSS
positioning for all the links as the new image sprite is somewhat
different.

The SVG file from which the sprite image was generated is also updated,
and the about page has been updated to give credit to the creator of the
icon.

Unrelated change: The cataloging link is moved to the second column.
Although it's probably rare for all modules to be enabled and available,
this puts the same number of links in each column.

To test, apply the patch and clear your browser cache if necessary. With
interlibrary loan enabled, view the staff client home page and confirm
that all the module links look correct, including when you hover your
mouse over them.

Confirm that the about page lists the new icon under the "licenses" tab.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-10 10:38:12 +00:00
12ff371728 Bug 7143: Update about page for new dev - Vassilis Kanellopoulos
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-10 10:21:00 +00:00
70bfac5ce5 Bug 7143: Update timeline (2 new devs)
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-08 21:25:50 +00:00
Lee Jamison
c1c7f5ede6 Bug 7143: Update about page for documentation team
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-16 13:13:09 -03:00