Commit graph

492 commits

Author SHA1 Message Date
448dd50cf5 Bug 21454: Remove html filter for Price filtered variables
Generated with:
perl -p -i -e 's/\|\s?\$Price\s?\|\s?html\s%]/| \$Price %]/g' **/*.tt **/*.inc

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-10-01 13:56:34 +00:00
0862f77769 Bug 17877: Add the order's notes to the table
This patch adds the vendor and internal note from the acquisition order
to the subscription detail page

Test plan:
- Create an order from a subscription, fill the internal and vendor
notes
- Go to the subscription's detail page
- Confirm that the columns are displayed in the "Acquisition details"
table and contain the correct values
- Make sure the "Home › Administration › Columns settings" admin page
let you hide them by default (for those who will not need them).

Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-10-01 13:56:30 +00:00
4fe0b35018 Bug 17877: Add columns settings to the orders table on subscription-detail
Test plan:
- Apply this patch and make sure to restart memcached (to re-read the yaml
file that is cached)
- Go to Home › Administration › Columns settings
- Confirm that a new "Serials" tab contain the different columns of the
"Acquisition details" table displayed on the subscription detail page
(if an order exist for this subscription)
- Play with it
- Go to Home › Serials › Details for subscription #ID
- Confirm that the "Column visibility" button is now displayed on top of
the table that it works correctly.

Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-10-01 13:56:29 +00:00
Mark Tompsett
623f1db90a Bug 13272: (follow-up) add missing type="text"
This addresses comment #13.
This also applies cleanly.

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-10-01 11:18:32 +00:00
a51681fc7a Bug 20726: (RM follow-up) Add missing filters
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-30 13:47:58 +00:00
0757736eaf Bug 20726: Add title to the price column headers
Sponsored-by: BULAC - http://www.bulac.fr/

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-30 13:40:39 +00:00
cd43cf715b Bug 20726: Sort by statuses then ordernumbers
Not received and most recent at the top.

Sponsored-by: BULAC - http://www.bulac.fr/

Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-30 13:40:38 +00:00
8302af7b01 Bug 20726: Add show/hide already received orders links
Sponsored-by: BULAC - http://www.bulac.fr/

Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-30 13:40:38 +00:00
f191e2ad67 Bug 20726: Add DataTables
Sponsored-by: BULAC - http://www.bulac.fr/

Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-30 13:40:38 +00:00
284cf15a25 Bug 20726: Add acquisition history on the subscription detail page
Since bug 20365 is going to add the ability to create several pending orders on
the same subscription we should display the history of the acquisitions on the
subscription detail page.

Sponsored-by: BULAC - http://www.bulac.fr/

Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-30 13:40:38 +00:00
be691d86e3 Bug 21096: Do not display loggedinusername in template
This patch is a little fix for a much bigger hidden issues.

The original issue:
1. Set the firstname and surname values of a paontr to utf-8 characters
("wide characters"), for instance 月月
2. Use this patron to login at the staff interface
=> In the header the logged in patron's info (concat of firstname and
surname) are displayed correctly
3. Hit whatever link
=> In the header the info are now displayed incorrectly
("ææ")

What happens?
After that the user loggin, loggedinusername is set with the value from
the DB (borrowers.userid)
On next hits it is picked from the session (which contains the decoded
utf8 value, see first lines of C4::Context->set_userenv)
From C4::Auth::checkauth:
834             $s_userid = $session->param('id') // ''

The quick fix is to use the logged_in_user variable in the template, but
it seems that issues may occurred if external authentication is used
(ldap, shib, cas). Could someone test this?

Test plan:
Make sure the original issue is fixed

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-30 13:40:31 +00:00
22ab4ba524 Bug 13618: Remove filter when assigning array
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-17 16:53:56 +00:00
dd9e978c2c Bug 13618: Fix BLOCKs
perl -p -i -e  's/BLOCK \| html/BLOCK/g' **/*.inc **/*.tt

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-17 15:55:09 +00:00
Jonathan Druart
dcd1f5d48c Bug 13618: Add html filters to all the variables
Here we go, next step then.
As we did not fix the performance issue when autofiltering
the variables (see bug 20975), the only solution we have is to add the
filters explicitely.

This patch has been autogenerated (using add_html_filters.pl, see next
pathces) and add the html filter to all the variables displayed in the
template.
Exceptions are made (using the new 'raw' TT filter) to the variable we
already listed in the previous versions of this patch.

To test:
- Use t/db_dependent/Koha/Patrons.t to populate your DB with autogenerated
data which contain <script> tags

- Remove them from borrower_debarments.comments (there are allowed here)
update  borrower_debarments set comment="html tags possible here";

- From the interface hit page and try to catch alert box.
If you find one it means you find a possible XSS.
To know where it comes from:
* note the exact URL where you found it
* note the alert box content
* Dump your DB and search for the string in the dump to identify its
location (for instance table.field)

Next:
* Ideally we would like to use the raw filter when it is not necessary
to HTML escape the variables (in big loop for instance)
* Provide a QA script to catch missing filters (we want html, uri, url
or raw, certainly others that I am forgetting now)
* Replace the html filters with uri when needed (!)

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-17 15:55:05 +00:00
54944bd102 Bug 7910: Give feedack when the subscriptions have been renewed
This patch adds a message to the user to let them know the subscription
have been renewed successfully.

Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-11 11:04:44 -03:00
50c68497a2 Bug 7910: Add the ability to renew several subscriptions at once
This patch adds a "Renew all selected subscriptions" action link on top
of the table of the "Check expiration" page.

It will allow to auto-renew several subscriptions.

Test plan:
Make sure this new link renew the selected subscriptions as expected.

Sponsored-by: BULAC - http://www.bulac.fr/

Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-04-24 12:04:46 -03:00
a2999c047a Bug 20614: Use GET instead of POST for subscription renewing
It will prevent Firefox (and certainly other browsers) to block the form
resubmit:

"To display this page, Firefox must send information that will repeat
any action (such as a search or order confirmation) that was performed
earlier."

Test plan:
Renew a subscription and save

=> You should not longer see the browser warning

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-04-24 12:04:46 -03:00
Katrin Fischer
582d566aac Bug 20616: (QA follow-up) Make alert translatable
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-04-24 11:30:29 -03:00
e14ee4ad0a Bug 20616: Prevent "edit serials" form submission if no serial is selected
In order to prevent the form to submit and gives an ugly error if no
issues are selected we will make sure at least one is checked otherwise
an alert will be displayed.

Test plan:
- create a subscrpition
- go to the serials collection page
- don't check any checkboxes for serials
- click 'Edit serials'

Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-04-24 11:30:29 -03:00
fb61cade43 Bug 19855: Use patron-title to display patron's info
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-04-23 14:22:15 -03:00
5c7ff786d5 Bug 19855: Move getalert, addalert and delalert to Koha::Subscription
This patch removes 3 subroutines from C4::Letters:
- getalert
- addalert
- delalert

And add 3 methods to Koha::Subscription:
- subscribers
- add_subscriber
- remove_subscriber

It makes the code cleaner for future cleanup.
TODO - we should remove alert.alertid and alert.type, and rename
alert.externalid with alert.subscriptionid
That way alert will be renamed borrowers_subscriptions (or similar) and
will become a simple join table between borrowers and subscriptions.
We will need to deal with FK that could not be satisfied.
Let's do that after this patch is pushed.

Test plan:
Subscribe and unsubscribe to email notifications sent when a new issues
is available.
Make sure everything works as before and you receive the emails.

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-04-23 14:22:15 -03:00
6cc44f96b8 Bug 18426: Replace 'Modify' with 'Edit'
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-04-23 14:22:14 -03:00
64b689fcc8 Bug 18426: Make sure the logged in user can edit the subscriptions
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-04-23 14:22:14 -03:00
b366d8d4de Bug 18426: Address QA issues
- Replaced with the "action" links we already have on the biblio detail
page and the items lost report.
- Display all the editable values in the table
- Add a 'Cancel' link

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-04-23 14:22:14 -03:00
f839259357 Bug 18426: Fix datepicker
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-04-23 14:22:14 -03:00
Julian Maurice
4e698f7b47 Bug 18426: Allow to edit subscriptions in batch
This adds a checkbox column in serials-search.pl tables that allow to edit
selected subscriptions.
The following fields can be modified:
 - Bookseller
 - Location
 - Library
 - Item type
 - Public note
 - Nonpublic note
 - "Create item when receiving" flag
 - Expiration date
+ the additional fields defined in serials/add_fields.pl

Test plan:

1. Go to Serials module
2. If there is no additional fields defined, define some (at least one with an
   authorized value and one without)
3. Start a subscription search
4. Select some results using the checkboxes and click the "Edit" button above
   the table
5. Select values for some fields (not all) and click "Start batch edit"
6. Verify you are being redirected to the previous search results
7. Verify that the fields for which you selected a value were modified and that
   the others fields weren't
8. Repeat steps 4 to 7 but this time, modify the other fields.

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-04-23 14:22:13 -03:00
Julian Maurice
d119336f19 Bug 18426: Refactor subscriptions tables code in a BLOCK
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-04-23 14:22:13 -03:00
7c448494f1 Bug 18327: Style 'Multi receiving' button like others
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-04-19 16:37:22 -03:00
4aa45fc489 Bug 18327: Same change for serials-edit
And use an include file to avoid copy/paste

Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-04-19 16:37:21 -03:00
d3ed24560c Bug 18327: Add the ability to set the received date to today on multi receiving serials
When receiving several issues for a subscription (Serials > Serial
collection > Multi receiving), the reception date is always identical to the
publication date.
In some use cases we would like to set this "date received" value to
today.
Note: "date received" refers to the DB column serial.planneddate

To make this possible this patch replaces the JS prompt with a modal
dialog asking for
 1. the number of issues to receive
 2. if the received date must be set to today

Ergonomic note: bootstrap styled buttons are used, but they do not display correctly
We may need to improve that (later)

Test plan:
- Receive 1 or more serials using the "Multi receiving" buttons
Note that this button appears twice, on the "serial collection
information" and the "serial edition" pages
- Try with and without the new checkbox ticked and confirm the behaviour
is correct (i.e. date received is set to today or set to the publish
date)
- Make sure "Edit serials" and "Generate next" buttons still work as
before

Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-04-19 16:37:21 -03:00
Julian Maurice
ed7543287b Bug 20538: Remove the need of writing [% KOHA_VERSION %] everywhere
Having to write [% KOHA_VERSION %] for each url is bad because:
- It's easily forgettable when adding new <script> or <link>
- It prevents grep'ing for the full filename
- It violates the DRY principle
- If at some point we want to change the "force js and css reload"
  mechanism, it will be tedious

This patch:
- adds a Template::Toolkit plugin that generates <script> and
  <link> tags for JS and CSS files, and inserts automatically the Koha
  version in the filename
- use the new plugin to remove all occurences of [% KOHA_VERSION %]
- remove the code that was adding KOHA_VERSION as a template variable

Test plan:
1. Apply patch
2. Go to several different pages in Koha (opac and intranet) while
   checking your browser's dev tools (there should be no 404 for JS and
   CSS files, and the Koha version should appear in filenames) and the
   server logs (there should be no "File not found")
3. `git grep KOHA_VERSION` should return nothing
4. prove t/db_dependent/Koha/Template/Plugin/Asset.t

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-04-13 11:49:44 -03:00
18fb2f12e7 Bug 20045: Switch single-column templates to Bootstrap grid: Various
This patch updates various unrelated templates to use the Bootstrap
grid.

- about.tt - The about page
- auth.tt - The login page

  These pages should look correct.

- reports/reports-home.tt - The reports home page
- admin/admin-home.tt - The administration home page

  These pages should look correct, with a single centered column
  with wide margins on either side. At lower browser widths the margins
  should disappear.

- serials/subscription-add.tt - Serials -> Add subscription. The entry
  form should look correct during each step of the add/edit process.

- suggestion/suggestion.tt - Acquisitions -> Suggestions -> New
  suggestion. The page with the new suggestion form should look correct.

Signed-off-by: Roch D'Amour <roch.damour@inlibro.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-03-26 17:31:26 -03:00
Katrin Fischer
1bc1a8daa2 Bug 20290: Fix capitalization of "Routling List"
This fixes some strings to be properly capitalized.

To test:
- Create a new routing list, check title and breadcrumbs
- View the routing list tab in the patron account in staff,
  check title and breadcrumbs

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-02-27 11:45:16 -03:00
4609e95f9d Bug 20240: Remove space before : when searching for a vendor in serials (Vendor name :)
This patch removes the space before the colon in the "vendor" label in
the vendor search pop-up window.

To test, apply the patch and go to Serials -> New subscription.

- Click the "Search for a vendor" link next to the vendor form field.
- In the pop-up window, confirm that there is no space before the colon
  in the "vendor" label.

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-02-23 10:57:15 -03:00
b86a9ee984 Bug 20037: Switch single-column templates to Bootstrap grid: Serials
This patch updates several single-column Serials module templates to
use the Bootstrap grid. In addition to grid changes, some templates have
been modified to include the footer with the correct popup parameter.

- serials\acqui-search.tt - Go to Serials -> New subscription. Click
  "Search for a vendor."

- serials\acqui-search-result.tt - Vendor search results

- serials\result.tt - Click "Search for record."

- serials\subscription-bib-search.tt - Catalog search results.

Each of these pages should look correct.

Signed-off-by: Claire Gravely <claire.gravely@bsz-bw.de>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-02-18 16:48:48 -03:00
b59988f78d Bug 19738: Fix XSS on vendor name in serials module
Test plan:

1) do not apply this patch
2) Have at least one vendor which name does contain javascript, for
example: <i>Vendor 1</i><script>alert('Hi');</script>
3) go to serial module and create new subscription
4) use "Search for vendor"
5) Search for your vendor, when search results table is presented, the
javascript is executed
6) go through subscription creation and save the new subscription
7) On subscription detail page, the javascript is executed as well
8) apply this patch
9) Repeat 3-7, the script is not executed, the input is escaped

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-02-15 16:04:40 -03:00
9293e428b4 Bug 19950: Update popup window templates to use Bootstrap grid: Serials
This patch updates the two serials templates to use the Bootstrap grid
instead of the YUI grid.

Apply the patch and go to Serials and locate an existing
subscription.

- Click the "Edit routing list" in the sidebar.
- Save the routing list, and click "Save and preview routing slip."
- The routing slip preview should look correct and buttons should work
  correctly.

- When viewing the details of a subscription, click the "Renew" button
  in the toolbar. The popup window should look correct.

Signed-off-by: Zoe Bennett <zoebennett1308@gmail.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-02-15 13:30:23 -03:00
0ad922011c Bug 12904: Force browser to load new javascript files after upgrade
This patch has been automatically generated using:
  perl kv.pl **/*.tt **/*.inc

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
2018-02-08 14:53:24 -03:00
e66a78d107 Bug 19767: Remove unused serial-issues.pl script
This patch removes three unused files:

serials/serial-issues.pl

...and its associated templates:

koha-tmpl/intranet-tmpl/prog/en/modules/serials/serial-issues-full.tt
koha-tmpl/intranet-tmpl/prog/en/modules/serials/serial-issues.tt

To test, apply the patch and search the Koha codebase for references to
any of those files. None should exist.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-12-14 16:58:39 -03:00
04d79ba063 Bug 19778: Move template JavaScript to the footer: Serials, part 4
This patch modifies more and more staff client serials templates so
that JavaScript is included in the footer instead of the header.

This patch adds a new JavaScript include, showpredictionpattern.js,
which is used by subscription-add.tt and subscription-numberpatterns.tt.
it also adds subscription-add.js, moving most of the JS embedded in
subscription-add.tt into an external file.

To test, apply the patch and test the JavaScript-driven features of the
modified templates: All button controls, DataTables functionality, tabs,
etc.

 - Serials -> New subscription
   - Date pickers
   - Popup search windows for vendors and bibliographic
     records
   - Next / Previous buttons
   - Form validation
   - Prediction pattern operations

   Test with new subscriptions, editing existing subscriptions, and
   duplicating subscriptions.

 - Serials -> Manage Numbering Patterns
   - Datatable
   - Delete confirmation
   -> Edit
      - Datepicker, test pattern
 - Serials -> Manage frequencies
   - Delete confirmation
   -> Edit
      - Form validation
 - Serials -> Subscription details -> Planning tab
   -> Edit history
      -> Datepicker
 - Serials -> Subscription details -> Renew
   - Datepicker

Signed-off-by: Dominic Pichette <dominic@inlibro.com>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-12-14 16:58:13 -03:00
666a1b2760 Bug 19777: Move template JavaScript to the footer: Serials, part 3
This patch modifies even more staff client serials templates so
that JavaScript is included in the footer instead of the header.

This patch adds a new JavaScript include, serials-toolbar.js, which is
required on pages which include serials-toolbar.inc.

To test, apply the patch and test the JavaScript-driven features of the
modified templates: All button controls, DataTables functionality, tabs,
etc.

 - Serials
   - Search for a subscription
     - Tabs, datatables, date pickers
     - Open a subscription for viewing
       - Tabs, toolbar buttons for delete, renew, and close.
   - Serial collection (in the sidebar menu)
     - Select all / clear all
     - Datatable
     - Print slip
     - Generate next

Signed-off-by: Claire Gravely <claire.gravely@bsz-bw.de>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-12-14 16:58:13 -03:00
512c5f0c0d Bug 19761: Move template JavaScript to the footer: Serials, part 2
This patch modifies more staff client serials templates so
that JavaScript is included in the footer instead of the header.

To test, apply the patch and test the JavaScript-driven features of the
modified templates: All button controls, DataTables functionality, tabs,
etc.

 - Serials -> Subscription detail -> Edit routing list
   - Add recipients
   - Save
     - "Save and preview routing slip" should trigger preview
       - In preview popup: Print and Close buttons should work correctly

Signed-off-by: Claire Gravely <claire.gravely@bsz-bw.de>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-12-14 16:58:13 -03:00
cc4cf2bde4 Bug 19758: Move template JavaScript to the footer: Serials, part 1
This patch modifies some staff client serials templates so
that JavaScript is included in the footer instead of the header.

To test, apply the patch and test the JavaScript-driven features of the
modified templates: All button controls, DataTables functionality, tabs,
etc.

- Serials -> New subscription
  - Search for a vendor
    - "Choose" link and "Cancel" button should work correctly
  - Search for record
    - "Choose" link and "Cancel" button should word correctly
- Serials -> Add subscription fields
  - Datatable, delete confirmation
  - Edit
    - Form validation (submit both authorised value and MARC field)
- Serials -> Check expiration
  - Date picker in search form
  - Search
    - Renew button triggers popup
- Serials -> Claims -> Search results
  - Date picker, datatable, form validation
  - Select all/none; Download claims

Signed-off-by: Claire Gravely <claire.gravely@bsz-bw.de>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-12-14 16:58:13 -03:00
Katrin Fischer
0bbe968fe5 Bug 19086: Fix Stored XSS in subscription-detail.pl
Add script to the callnumber field on adding a subscription.

Verify script is executed without this patch, but not with it.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-29 12:20:45 -03:00
Amit Gupta
ec86950780 Bug 19086: Fix Stored XSS in subscription-add.pl
To Test
1. Hit the page /cgi-bin/koha/serials/subscription-add.pl
2. Add a text in the field Public note and Nonpublic note
   that contains js (Internalnotes, notes)
2. Save the page.
3. Notice js is execute
4. Apply patch and reload, the js is escaped

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-29 12:20:45 -03:00
Marc Véron
16307c4034 Bug 13747: Fix problems with frequency descriptions containing quotes
If a serial frequency description contains quotes or is surrounded by
quotes, the description is empty ("TEST" > empty) or shown without the
quotes part (TEST "sth" > TEST) on editing the frequency.

To verify:
- Create a new frequency with description: "Test"
- Modify frequency
- Verify the description field is empty

To test:
- Apply patch
- Try to recreate, verify that the description field is
  correctly filled when editing
- Test also with a name like: 'A "souble quoted" name'

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-06-05 16:34:26 -03:00
Aleisha Amohia
2dc81eb9a1 Bug 18035: Front-end changes to serials -> numbering patterns
This patch:
1) Uses datatables functionality on numbering patterns table
2) Shows breadcrumbs when using the form to add or modify numbering
patterns
3) Updates the Save, Reset, and Test Pattern buttons in the form to be
bootstrap 3 buttons

To test:
1) Confirm that datatable sorting works on all columns EXCEPT Actions
column
2) Click 'New numbering pattern'
3) Confirm breadcrumbs reads 'New numbering pattern'
4) Go back to numbering patterns and Edit an existing one
5) Confirm breadcrumbs reads 'Modifying number pattern '<name of
numbering pattern>'
6) Confirm Save, Reset and Test pattern buttons now show as bootstrap3
buttons
7) Confirm all buttons work as expected

Sponsored-by: Catalyst IT

Followed test plan works as expected.
Signed-off-by: Marc Véron <veron@veron.ch>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2017-05-09 20:55:56 +00:00
5e8366d77a Bug 17866: [QA Follow-up] Reword message for missing email address
See BZ, comment 14 from Jonathan.

In the exceptional case that branch email address and fallback, i.e.
preference KohaAdminEmailAddress, are both empty or not valid, the error
message should reflect that (of course :)

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Removed branch email and KohaAdminEmailAddress.
Followed the test plan of the first patch and saw the alert.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2017-03-31 13:19:30 +00:00
Blou
9f460de741 Bug 15030 - continue. The enumchron value was overwritten by 'header' even when value supplied
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2017-02-07 17:43:48 +00:00
804677265e Bug 16239: Update templates
Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2017-01-13 14:41:22 +00:00