Commit graph

19 commits

Author SHA1 Message Date
Galen Charlton
6c1da551ea bug 9401: remove direct reads of CGISESSID cookie by JavaScript
Having embedded JavaScript read the session cookie directly
is unnecessary and prevents the CGISESSID cookie being marked
httpOnly as a security measure.  The only Koha JS attempting
this was the AJAX tags code.

To test:

- In general, verify that there are no regression withs
  adding tags in the OPAC or reviewing them in the staff interface.
- In specific, for the OPAC
  - log into the OPAC
  - retrieve a bib record
  - add a tag
  - refresh the bib details page to verify that the
    tag was added
  - make sure the TagsInputOnList syspref is on
  - perform a search
  - add a tag to more than one record from the search results page
  - repeat the preceding using the CCSR theme
- And in the staff interface
  - Go to the review tags tool
  - Reject a tag
  - Refresh to verify that the tag was rejected

Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
2013-02-01 11:05:35 -05:00
Jonathan Druart
a469663d7b Bug 9108: Followup: send the dateformat value from C4::Auth
- the dateformat value is send to all templates (from
  C4::Auth::get_template_and_user)
- remove all assignment of dateformat in all .pl files
- the DHTMLcalendar_dateformat variable is unused

Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Fixed conflicts:
 - opac/sco/sco-main.pl
 - reports/acquisitions_stats.pl
 - tools/cleanborrowers.pl

All tests pass, perlcritic problems appeared in some files
before and after these patches were applied.

Checked sorting in following pages:
- acqui/addorderiso2709.tt - list of staged imports in acq
- acqui/histsearch.tt - sorting of dates in acq search result list
- acqui/invoices.tt - billing date in list of invoices in acq
- acqui/lateorders.tt - list of late orders in acq
- acqui/ordered.tt - ordered titles and estimated costs for a fund
- acqui/parcels.tt - receive shipment page
- acqui/spent.tt - received titles and actual costs for a fund
...
- serials-search.tt - subscription search result list
...
- opac/sco/sco-main.tt - due dates in list of checked out items
- reports/acquisitions-stats.tt - date searches, display of dates
- tools/cleanborrowers.tt
- tools.holidays.tt - different views of dates library is closed,
  adding dates

Checked dates display according to system preference everywhere and
searching, entering dates etc. still worked as expected.
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
2013-01-17 21:59:30 -05:00
Dobrica Pavlinusic
130e3d9c10 Bug 8315 - remove use C4::* version
This patch touches a lot of code, but basically it removes version
information from use C4::* in our code.

Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
All script still compiles after the patch (confirmed by pre-applypatch hook)
2012-07-13 14:17:20 +02:00
482c96c465 Bug 8315 - fix 'C4::Output 3.02' errors in Koha
modified:   opac/opac-ratings-ajax.pl
	modified:   opac/opac-tags.pl
	modified:   tags/review.pl

Signed-off-by: Robin Sheat <robin@catalyst.net.nz>
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
2012-06-29 11:59:13 +02:00
Paul Poulain
a1533359f8 Bug 6933 follow-up, perltyding new script list.pl 2012-02-02 10:17:43 +01:00
a526f2936e Bug 6933 [REVISED] Add a view of titles with a particular tag to the staff client
- Adds a new page to the tags moderation section for viewing all the
  titles tagged with a particular term.
- Adds display of approved tags to the catalog detail page matching the opac
  view. Adding tags from the detail view not implemented.

Follow-up adds tags display to XSLT detail view

Areas for improvement:

- I think it would be better to show "Also tagged with:" and exclude
  the current tag from the list of titles tagged with a particular tag.
- It would be nice to be able to show unapproved tags (and some idication of
  their status) along with approved tags on the detail page if the user had
  TagsModeration permission.

Signed-off-by: Nicole C. Engard <nengard@bywatersolutions.com>
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
2012-02-02 09:46:01 +01:00
e76bb63ae4 Fix for Bug 2377 - Review tags: format date according to system preference
Signed-off-by: Galen Charlton <gmcharlt@gmail.com>
2010-10-06 09:31:56 -04:00
Lars Wirzenius
ba059ce644 Fix FSF address in directory tags/
Signed-off-by: Galen Charlton <gmcharlt@gmail.com>
2010-03-16 20:17:53 -04:00
Garry Collum
79b8a27c0c Bug 3449: Fixes the perpetual error message that pops up when filtering by tag reviewer.
Duplicates the code for searching by reviewer in the form that is used in searching via a link.

It looks like it was the intention of the original writer to filter by borrower number or by name.  Filtering by name was not implemented.  Added a FIXME reference to indicate this.

Signed-off-by: Galen Charlton <gmcharlt@gmail.com>
2010-02-16 06:12:43 -05:00
Matthias Meusburger
88e99d1c29 BZ4104: Removes tagging in staff client
Signed-off-by: Galen Charlton <gmcharlt@gmail.com>
2010-02-08 07:59:46 -05:00
Nicole Engard
cef321e7bd replacement for bug 3817 added patron permissions for tag tool 2009-12-22 19:14:51 +01:00
Matthias Meusburger
1bed30a2a8 MT 1110 : Balance cart and lists : cart is now in the intranet 2009-10-14 15:04:53 +02:00
Pianohacker
b04f432857 New framework for AJAX services
This adds two new C4 modules, C4::Service and ::Output::JSONStream, and
makes important modifications to C4::Output. The first two are a basic
framework for JSON-based AJAX services and a simple JSON output wrapper,
respectively. C4::Output has been slightly refactored, with a new
function, output_with_http_headers, that supports different
content-types. output_html_with_http_headers still exists, and the three
pages affected by this change have been refactored to support it.

Signed-off-by: Galen Charlton <galen.charlton@liblime.com>
2009-05-14 07:29:18 -05:00
Galen Charlton
83b0d011e0 bug 2682: followup - only do lc() on $op once
Per suggestion by Joe Atzberger.

Signed-off-by: Galen Charlton <galen.charlton@liblime.com>
2008-10-23 16:08:07 -05:00
bc297e0b72 Fix for Bug 2682 ("Approving Multiple Tags - Doesn't Work"). Processing based on value of submit buttons didn't take into account capitalization.
Signed-off-by: Galen Charlton <galen.charlton@liblime.com>
2008-10-23 16:01:09 -05:00
Joe Atzberger
797c1d5502 Bugfix is_approved() to handle the 3-state nature of approval.
That is, a term is either approved, or rejected, or neither.
Without an external dictionary, most terms will fall into the
latter category.

Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-06-05 22:41:40 -05:00
Joe Atzberger
e0c1b0031b Adding basic get_filters to Tags, centralizing "counts" code for Terms Summary.
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-05-29 07:04:41 -05:00
Joe Atzberger
366affe120 Remove string processing (redundant to new pagination_bar)
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-05-29 07:04:39 -05:00
Joe Atzberger
bbb3f00955 Initial commit for Tags back-end moderation. Requires AJAX functions from Output.
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-05-29 06:22:44 -05:00