In comment #20, Katrin requested the about page be updated
to reflect the addition of a jquery plugin.
TEST PLAN
---------
1) Apply all patches
2) Log in to Staff Client
3) Home -> About Koha -> Licenses
-- jQuery Validation Plugin is now listed nicely.
4) Run koha qa test tools
License appears as expected, qa OK
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch makes a few changes to the way errors are handled in the
OPAC:
- The validation plugin has been moved from the global include file to
the template itself. Since we aren't doing form validation on any
other page yet it doesn't make sense to include it globally at this
time.
- The error message which appears if you have JavaScript disabled and
have submitted invalid emails was styled in a non-standard way.
- I have added in-page links to the error message which appears if you
have JavaScript disabled so that you can click to jump to the field
which contains the error.
- I have modified the error message language slightly to make it (I
hope) read better.
Signed-off-by: Nicole Engard <nengard@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch contains the recompiled opac.css file based on changes made
to opac.less in the previous patch.
Signed-off-by: Nicole Engard <nengard@bywatersolutions.com>
FIXED the compress. - mtompset
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds server-side & client-side validation for email
form fields in the members/memberentry -view and in the
opac/memberentry-view (bootstrap).
I recently added simple validation for phone number and email address fields
for our in-house koha and saw this old bug: I'm open to any ideas on how
to do this better. Validation for phone numbers would be easy to add on
top of this but I left it out since this bug is only about the email
fields.
To test:
1) Select a member and go to any of the edit forms with email fields
(Primary info, "Library use", "Alternate address", "Alternative
contact").
2) Disable javascript in the browser in order to test server-side
validation and try to input invalid emails in each of the email form
fields.
3) Confirm that an invalid address is catched from any of the email
fields, an alert shown for each invalid address and that the member's
information was not updated with invalid data.
4) Enable javascript in the browser.
5) Confirm that the jquery validation plugin caches invalid addresses
from any of the email fields and that you cannot send the form before
correcting the problem.
6) Perform the same tests for the opac-memberentry-view.
Note: as the jQuery validation plugin doesn't exist in the bootstrap
folder, I just copied it over from the staff-client folder -how to deal
with this?
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
I have undone the changes to opac.css so that they can be submitted as a
separate patch. I have some other follow-ups to make as well.
Signed-off-by: Nicole Engard <nengard@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch swaps the authority records according to the refenrece record selection.
To TEST:
Merge two authority records, select the second as merge reference.
The reference authority is always the first.
Apply the patch.
Repeat previous steps, the authority is now merged using the selected reference record.
modified: authorities/merge.pl
Signed-off-by: Nick Clemens <nick@quecheelibrary.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
The call to AddMember_Opac does not take care of the messaging prefs
when enhanced messaging is enabled.
This patch adds the call to handle_form_action to do that.
Test plan:
Enable self registering patrons and enhanced messaging.
Check the (default) message prefs for the relevant patron category. At least
enable email for one notice.
Self-register a user with and without verification email enabled.
Check in both cases that the message prefs of the user conform to
those in the patron category. (So at least one enabled.)
Followed test plan, works as expected.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Amit Gupta <amit.gupta@informaticsglobal.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
The script acqui/check_uniqueness.pl has been introduced by bug 7178.
But bug 11425 added a call to a new subroutine SearchItemsByField in
order to refactore some code. This subroutine calls SearchItems with an
arrayref, which is not what SearchItems is expecting.
This broke the duplicate check done on creating items in the acquisition
module.
To reproduce the issue:
1/ Fill the pref UniqueItemFields with "barcode" and AcqCreateItem with
"placing an order"
2/ Create a new basket
3/ Create a new order
4/ Close the basket
5/ Receive items and set barcode with one already in your DB
6/ Save
7/ Nothing happen on the interface, but an error should have been added
in your Koha log file:
Can't use an undefined value as an ARRAY reference at
/home/koha/src/acqui/check_uniqueness.pl line 48.
Test plan:
1/ Repeat steps 1-6
2/ You should see a warning on the interface
Note that this should also happen with AcqCreateItem set to "creating an
order".
Works well, no errors.
Signed-off-by: Amit Gupta <amit.gupta@informaticsglobal.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
If the system preference IncludeSeeFromInSearches is enabled, records
exported for zebra indexing are being additionally processed by
EmbedSeeFromHeadings record filter (right now used only in rebuild_zebra.pl
script). This filter embeds 'see from' fields (extracted from authority
records linked with the given biblio via $9 subfields) into target MARC
record, which is then subsequently indexed in zebra.
Currently all fields containing $9 are getting the same exact treatment
by this filter. But on the export stage when the filter is applied, MARC
record being processed already does have holdings data fields added in
the previous stage (usually 952 / 995, depending on the MARC format).
Problem is that holdings data fields use to have $9 subfields in them
as well (mapped to item.itemnumber by default). As a consequence, some
(great many in the typical setup) records exported for zebra indexing
may have surplus "see from" fields added erroneously in semi-random
fashion, so biblio searches would often return some completely
unexpected additional results.
EmbedSeeFromHeadings record filter should not process holdings fields
when dealing with MARC records intended for zebra indexing.
To reproduce:
1) database with as many sample or real-world biblio, item and authority
records as possible is recommended for testing purposes
2) enable IncludeSeeFromInSearches
3) export a bunch of biblio records for zebra (e.g.:
misc/migration_tools/rebuild_zebra.pl -I -b -x -k -length=1000),
inspect the result xml records in /tmp/<whatever> file; observe that at
the end of many records, here and there some extra "see from" (= 1st
indicator: 'z') fields tend to appear, which shouldn't be there ;)
To test:
4) apply patch
5) redo 3)
6) compare results from 3) and 5) with diff
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
I introduced a regression test for this. You should run the tests
without/with the patch and verify that the patch actually fixes the problem.
Good job Jacek! I'm sure writing the regression test would take less time
than such a detailed commit message!
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch introduces a regression test for the situation in which
an itemnumber on a record matches the authid of an authority record
and the current implementation of the EmbedSeeFromHeadings filter
wrongly includes new holding fields with authority data...
To test:
- Apply the patch
- Run:
$ prove t/db_dependent/RecordProcessor_EmbedSeeFromHeadings.t
=> FAIL: The test 'Holdings fields not processed to introduce See-from heading'
fails.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Typo found in stage-marc-import.tt file for Koha help in 3.20
Test plan:
1) Go to url 'koha-tmpl/intranet-tmpl/prog/en/modules/help/tools/stage-marc-import.tt:28' and check the typo "precendence" or go to Tools > Stage MARC records for import and open up the help
2) Apply the patch
3) Repeat step 1 and check if the typo is fixed.
Sponsored-by: Universidad de El Salvador
Signed-off-by: Nick Clemens <nick@quecheelibrary.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Trivial correction. Only touches comments.
Test plan:
Run git grep -E "borroewr|borow". You should not find anything now.
Signed-off-by: Hector Castro <hector.hecaxmmx@gmail.com>
Typos in comments corrected.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
We don't need that file in the package build because it's generated on a
per-site basis from a template.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch makes Koha::Logger use 'warn' instead of just printing
to STDERR. It introduces tests for this warnings too.
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
Moving the BEGIN block to _init for the most part. We only need to
initialize when we actually start using the logger.
Removed the third init part. If we do not have a log4perl_conf in the
koha config, we are not using it yet.
Method get uses hash parameters now. It calls init. If we do not have a
config or the logfile is not writable, we will not use log4perl.
Using AUTOLOAD as a wrapper around Log4perl in order to add some checks
that log4perl does not have.
If a logrotate would change file permissions on a default logfile, we
should catch that now too (see recheck).
Test plan:
Run the previous tests again.
Will still add a unit test.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Amended: upgraded DEBUG level to WARN in config file.
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
The first patch makes the category parameter mandatory.
This patch makes it optional, falling back to the current package. This is
the expected log4perl model. It would not be necessary to pass the class
name everywhere (check subclasses..)
It also adds a delimiter between the interface and the class name.
This allows you to add config lines like:
log4perl.logger.opac.C4.Auth = DEBUG, OPAC
log4perl.logger.intranet.C4.Circulation = TRACE, INTRANET
The first line would make the logger more sensitive to C4::Auth log
messages while staying at the WARN level for other messages, etc. The
second line makes the trace visible from the renewal example.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
Koha needs a better logger, and it seems like the best solution would be
to take advantage of Log4perl which is already a fully featured logger.
We use Log4perl to selectively decide what statements should be logged,
and where they should go!
Test plan:
0) Install Log::Log4perl via packages or cpan
1) Apply this patch and the example renewal patch
2) Copy etc/log4perl.conf to your koha conf directory, edit the paths
to match your current error logs
3) Edit your koha-conf file and add the
<log4perl_conf>/path/to/log4perl.conf</log4perl_conf> line
4) Watch your intranet and opac error logs
5) Perform a renewal via the staff interface, note there is nothing new
in the log file
7) Update the log4perl.conf, change the log level from WARN to TRACE
for both the staff and opac sides
8) Perform a renewal via the staff interface, note the logged lines
9) Perform a renewal via the opac, note the logged lines
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Amended this patch: Moved the renewal stuff to a separate example patch.
And upgraded the DEBUG level to WARN in the log4perl config file.
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
adds alphabetical sorting to <select> lists displayed by
preferences.tt. although added for sorting the days of the
week, this may have larger ramifications. haven't been
tested thoroughly, but no apparent breakage seems to be
happening in preferences.
NOTE: Nice tweak. Makes days of week in sensible order.
Properly adds sorting based on documentation that
is really hard to find.
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Mubassir Ahsan asked on the Koha mailing list:
Is there any option to set Saturday as the first day of
the week? Please help me.
CalendarFirstDayOfWeek is currently either Sunday|Monday.
By converting it to 0|1|2|3|4|5|6
(Sunday, Monday, ..., Saturday), we can allow any day of the
week to be the first day of the week in the date picker.
TEST PLAN
---------
1) Backup DB
2) In mysql:
> DELETE FROM systempreferences;
> SOURCE .../installer/data/mysql/sysprefs.sql
> SELECT variable,value FROM systempreferences;
-- It should say 'CalendarFirstDayOfWeek' and '0'
May say '1' if you are using Norwegian.
3) Restore your DB
4) .../installer/data/mysql/updatedatabase.pl
-- If your previous value for 'CalendarFirstDayOfWeek' was
'Sunday', it should be '0'. For 'Monday', it should be '1'.
5) Test an installation with 'de-DE' as the language.
-- The default value should be '1'.
6) Test an installation with 'nb-NO' as the language.
-- The default value should be '1'.
7) In the staff client, confirm that any day of the week is
available in the I18N/L10N system preferences for the
CalendarFirstDayOfWeek dropdown.
-- I'm aware they aren't in order, but I'm after
functionality, not finesse.
8) In another tab, go to a staff place that has a datepicker.
For example, Home -> Tools -> Inventory/stocktaking
9) For each possible value in the CalendarFirstDayOfWeek,
go to the other tab, refresh the page after updating the
system preference, and click the datepicker icon.
-- The date picker should then start on the selected
day of the week.
10) Log into OPAC
-- This may require setting: opacuserlogin to 'Allow'.
11) Click the personal details tab on the left.
12) There is a date picker for the date of birth.
-- The date picker should then start on the selected
day of the week.
13) Run koha QA test tools.
NOTE: not an atomic update, since this is an old patch.
Signed-off-by: Indranil Das Gupta (L2C2 Technologies) <indradg@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
This patch make inactive vendors really inactive.
That means an inactive vendor would not be able to add a basket / add an order.
Revised test plan
=================
1/ In the acquisition module create 2 vendors: 1 active and 1 inactive.
2/ On the acqui/booksellers.pl, acqui/uncertainprice.pl,
admin/aqcontract.pl and acqui/supplier.pl (pages which include the
acq toolbar), you should be able to, for both the 'active' as well
as the inactive vendor :
(a) add new basket
(b) add order items to the basket
Remark: This is *wrong*. You should be able to do so only for active
vendor.
3/ Apply the patch
4/ Go to the links in step #2 above and select the inactive vendor
you should no longer be able to:
(a) add new basket
(b) add order items to the basket
Remark: This is the *correct* behaviour
5/ No change should be noted for vendor marked "active", and should
be able to undertake operations 4 (a), 4 (b) and 4 (c).
Remark: This is the *correct* behaviour.
6/ run koha qa tests tool
Bug 12054: (follow-up) Inactive vendors should be inactive
Don't display "add order""block and buttons if the vendor is inactive.
Signed-off-by: Indranil Das Gupta (L2C2 Technologies) <indradg@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
Libraries are reporting that patrons are very confused during
self-checkout. The problem is they are expecting the list of checkouts
to be in the order they checked out the items ( first checkout on the
bottom, last item checked out on top ). However, the checkouts
table is sorted by title ( ascending ) then due date ( descending ).
This is not intuitive.
Test Plan:
1) Enable Koha's self checkout
2) Use the SCO to check out a random assortment of items,
make sure you don't check them out in alphabetical order
3) Note the order of the items in the list is not based on the order
you checked them out in
4) Apply this patch
5) Refresh the page
6) Note the items are now in the order you checked them out
with the last on top and the first on bottom
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
When creating a new notice, warn is triggered "Argument "" isn't numeric in numeric gt (>) at line 400". Same warn is triggered when changing Koha module option to any other module.
To test:
1) Go to Tools, then Notices & Slips
2) Click 'new notice'. Notice warn in intranet-error.log
3) Change Koha module to another module. Notice warn is triggered for every change
4) Apply patch and reload page
5) Change Koha module to another module. Notice there are no longer warns
6) Go back to Notices & Slips and click 'new notice' again. Notice there are no warns
Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
When changing Koha module to 'Circulation', there is a warn saying that $code is uninitialized. This patch sets $code to an empty string to silence the warn.
To test:
1) Go to Tools, the Notices & Slips
2) Click 'new notice' (This will trigger warns, but ignore these as they will be corrected in the next patch)
3) Change Koha module to 'Circulation'
4) Notice warn about uninitialized $code variable
5) Apply patch and reload page, change Koha module to 'Circulation'
6) Notice page still works and warns are gone
Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
TEST PLAN
---------
1) $ prove t/db_dependent/Auth_with_cas.t
-- CGI security warning
2) apply patch
3) $ prove t/db_dependent/Auth_with_cas.t
-- no noise.
4) koha qa test tools
Signed-off-by: Nick Clemens <nick@quecheelibrary.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Not able to reproduce the error on my setup, but the code
is a clear improvement over the previous version.
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
Bug 11202 introduced a new index 'dissertation-information' for
UNIMARC. This patch adds the index also for MARC21 installations.
http://www.loc.gov/marc/bibliographic/bd502.html
To test:
- Apply patch
- Copy files in etc/zebradb changed by this patch to your
corresponding directory (koha-dev..)
- Make sure you have records with 502
- Reindex
- Verify you can search the field contents with
dissertation-information= and
diss=
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Can find by dissertation-information,
No errors
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
The patron modification request page in the staff client does show
the name and home library of a patron, but there is no way to
go to the patron record. This patch adds a link to the patron details.
Extras: changes display of patron name, so a missing firstname won't
result in an extra , showing.
To test:
- Make some update requests from different patron accounts in the OPAC
- Go to the patron modification request page in staff
- Verify a link 'Patron details' now shows on each entry and
works correctly
Followed test plan. Works as expected. QA tools OK.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Not sure the "Patron details" link is at the best place, but I don't
have something better to suggest.
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
According to the doc, we should not escape query_cgi with the uri
filter:
http://www.template-toolkit.org/docs/manual/Filters.html#section_uri
Since query_cgi can contains something like: "idx=kw&q=42", we should
not escape the & char
Test plan:
0/ Don't apply the patch
1/ Go on launch a search at the OPAC
2/ Click on the RSS icon
3/ You should arrive on
opac-search.pl?idx%3Dkw%26q%3D42&count=50&sort_by=acqdate_dsc&format=rss2
The & has been escaped.
4/ Apply the patch
5/ Now you should get result and see an url correctly formatted.
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
The second patch of this report made some changes to CalcDateDue.
We are adding some unit tests here.
See the commments on the third patch too.
Test plan:
Run t/db_dependent/Circulation_dateexpiry.t
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Amended patch: Set the number of tests for the second subtest (was
commented) and perltidy the second block.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Moved the test on its own. Nicer than adding TestBuilder in the final part
of the test. No warnings/errors from TestBuilder, no dependency..
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
An expiry date like 9999-12-31 in the local timezone will make DateTime
spend a lot of time (maybe 60 seconds) on date calculation. See the
DateTime documention on CPAN.
A calculation in floating (or alternatively in UTC) would only take
a few milliseconds.
This patch makes two changes in this regard:
[1] The compare between expiry date and today in CanBookBeIssued has been
adjusted in Jonathan's patch. I am moving the compare to the floating
timezone (as was done in my original patch). This removes a hardcoded
9999.
[2] If ReturnBeforeExpiry is enabled, CalcDateDue compares the normal due
date with the expiry date. The comparison is now done in the floating
timezone. If the expiry date is before the due date, it is
returned in the user context's timezone.
NOTE: The calls to set_time_zone moving to or from floating do not adjust
the local time.
TEST PLAN:
First without this patch (and the one from Jonathan):
[1] Set expiry date to 9999-12-31 for a patron.
[2] Enable ReturnBeforeExpiry.
[3] Checkout a book to this patron. This will be (very) slow.
Continue now with this patch applied:
[4] Check in the same book.
[5] Check it out again. Should be much faster.
Bonus test:
[6] Set borrower expiry date to today. Change relevant circulation rule
to loan period of 21 hours. Test checking out with a manual due date
/time just before today 23:59 and after that. In the second case the
due date/time should become today 23:59 (note that 23:59 is not
shown on the checkout form).
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
If a patron has a expiry date set to 9999-12-31 (for organizations for
instance), the checkouts are very slow.
It's caused by 2 different calls to DateTime in CanBookBeIssued:
1/
DateTime->new( year => 9999, month => 12, day => 31, time_zone => C4::Context->tz );
The time_zone should not be set (as it's done in Koha::DateUtils), set to UTC or floating tz.
2/
DateTime->compare($today, $expiry_dt)
The comparaison of 2 DT with 1 related to 9999 is very slow, as you can
imagine.
For 1/ we need to call Koha::DateUtils::dt_from_string (actually, we
should never call DateTime directly).
For 2/ we just need to test if the date is != 9999, no need to compare
it in this case.
Test plan:
Before this patch, confirm that the checkouts are slow if the patron has a
dateexpiry set to 9999-12-31.
update borrowers set dateexpiry="9999-12-31" where borrowernumber=42;
After this patch, you should not see any regression when checking out
items to an expired patron and to a valid patron.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
This patch fixes a SQL injection vulnerability in the local use
system preferences.
_TEST PLAN_
Before applying:
1) Go to Global System Preferences
2) Click on the "Local use" tab
3) Add a new preference with the value "') or '1' = '1' -- "
(be sure to include the space at the end after the comment --).
4) When the page refreshes, you should now see about 99 other system
preferences which shouldn't be showing up.
5) Apply the patch
6) Refresh the page
7) Note that you now only see a system preference for "') or '1' = '1' -- "
and the other actual local use system preferences.
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
TEST PLAN
---------
1) Backup the koha intranet error log.
2) Empty the koha intranet error log.
3) In staff client, go to Patrons
(/cgi-bin/koha/members/members-home.pl)
4) Pick any letter to 'Browse by last name'
-- koha intranet error log now has warns.
-- the one of importance is the uninitalized value.
5) Empty the koha intranet error log.
6) apply this patch
7) Repeat steps 3 & 4.
-- koha intranet error log does not contain the
uninitialized value error.
8) run koha qa test tools.
Signed-off-by: Indranil Das Gupta (L2C2 Technologies) <indradg@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
Happily this was only used for intranetdir.
It's time to remove it and replace existing calls.
I used the following commands to catch calls to C4::Context:
git grep 'C4::Context\->' | grep -v 'C4::Context->preference' | grep -v
'C4::Context->config' | grep -v 'C4::Context->userenv' | grep -v
'C4::Context->IsSuperLibrarian' | grep -v 'C4::Context->dbh' | grep -v
'C4::Context->set_preference' | grep -v '_syspref_cache' | grep -v
_userenv | grep -v 'C4::Context->interface' | grep -v
'C4::Context->Zconn' | grep -v 'C4::Context->queryparser' | grep -v
'C4::Context->tz' | grep -v 'C4::Context->boolean_preference' | grep -v
'C4::Context->memcached'
NOTE: I applied 14428, and then did what I suggested in comment #2.
Only intranetdir references appeared.
I applied this patch, and repeated.
Nothing appeared. This means the autoload references are
properly removed.
koha qa test tools complained about whitespace, I just fixed
those. Though, we may wish to perltidy
auth_fields_substructure.pl on another bug.
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
The script catalogue/getitem-ajax.pl is called by acqui/orderreceive.pl
when item is receipt.
There is not auth check done, this means anybody can retrieve item info.
Test plan:
With the acquisition => order_receive permission, try to receive an
item.
It should work.
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Very easy to test.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
The exported CSV file from the item search didn't display the publication
year in MARC21 installations and the title always contained 'by'
even if there was no author information to display. Also the by is
not needed by MARC21 as the data should include punctuation.
This basically copies the changes done to the JSON format
on bug 13859 to the CSV include.
To test: Switch from 'Screen' to 'CSV'
- Check publication date always displays (MARC21 and UNIMARC)
- Check that for MARC21 the 'by' has been removed from the title information
- Check that for UNIMARC the 'by' only displays when there is also
an author to display
Tested for MARC21, works as expected.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
Jonathan Druart agreed that C4::Input is vestigial code that should be removed.
Here is how I checked. First I found where C4::Input was used. Then, I checked
what functions are in the package: just checkdigit. Then, I confirmed that
checkdigit is not used at all in any acquisition, administration, or member
related perl scripts. Lastly, I took a look at our supposed test file for the
package. It was painfully sparse.
As such, this patch removes the test file and the package file, and removes
C4::Input references from these six files:
- acqui/addorderiso2709.pl
- acqui/basketgroup.pl
- acqui/neworderempty.pl
- acqui/uncertainprice.pl
- admin/aqplan.pl
- members/memberentry.pl
NOTE: neworderempty had 3 lines of it?! Didn't anyone see that?!
Here is the output of what I did to confirm this correction:
mtompset@debian:~/kohaclone$ git reset --hard origin/master
HEAD is now at 6e9086f Bug 3206: (QA followup) missing comma on sysprefs.sql
mtompset@debian:~/kohaclone$ git grep C4::Input
C4/Input.pm:package C4::Input; #assumes C4/Input
C4/Input.pm:C4::Input - Miscellaneous sanity checks
C4/Input.pm: use C4::Input;
acqui/addorderiso2709.pl:use C4::Input;
acqui/basketgroup.pl:use C4::Input;
acqui/neworderempty.pl:use C4::Input;
acqui/neworderempty.pl:use C4::Input;
acqui/neworderempty.pl:use C4::Input;
acqui/uncertainprice.pl:use C4::Input;
admin/aqplan.pl:use C4::Input;
members/memberentry.pl:use C4::Input;
t/Input.t: use_ok('C4::Input');
mtompset@debian:~/kohaclone$ grep sub C4/Input.pm
sub checkdigit ($;$) {
my $temp2 = substr($infl,$i,1);
if ($rem eq substr($infl,8,1)) {
} # sub checkdigit
mtompset@debian:~/kohaclone$ grep checkdigit `find acqui -type f`
mtompset@debian:~/kohaclone$ grep checkdigit `find admin -type f`
mtompset@debian:~/kohaclone$ grep checkdigit `find members -type f`
mtompset@debian:~/kohaclone$ cat t/Input.t
use strict;
use warnings;
use Test::More tests => 1;
BEGIN {
use_ok('C4::Input');
}
Apply this patch, and the output of git grep C4::Input will be empty.
Run koha qa test tools (kind of overkill)
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
Get notes and subjects from MARC record
ONLY when XSLT is not activated.
It's useless doing it when XSLT is activated,
because XSLT takes care of it by its own.
=> With this patch, we are saving precious
milliseconds
I compared the display of some records in XSLT view with and without patch, was the same (as expected).
Signed-off-by: Marc Veron <veron@veron.ch>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
On a slower server, I saw a time save of 0.0274 to 0.0908 seconds (with XSLT).
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
This patch makes includes/patron-toolbar.inc (the one in charge of
rendering the 'New patron' dropdown) make use of the Categories
Template Toolkit plugin to create the list of categories.
(1) To check the setup is sane:
- Go to the Patrons page
=> SUCCESS: The 'New patron' dropdown is populated
- Click on the [+] symbol on the Patron search on the top
=> SUCCESS: The Categories dropdown is populated
(2) To test the patch:
- On the checkout form, perform a patron search that
(a) returns more than one result
(b) returns zero results
- Click the dropdown menu to create a new patron
=> FAIL: Dropdown is empty
- Repeat for (a) or (b)
- Apply the patch and reload
=> SUCCESS: The dropdown is correctly populated
- Repeat (1)
=> SUCCESS: Nothing got broken
- Verify the logs
=> SUCCESS: No new warnings
- Sign off :-D
- Get a cookie
- Smile
Regards
Discussion: we might need a new bug to start cleaning stuff like this:
@categories=C4::Category->all;
if(scalar(@categories) < 1){
$no_add = 1;
$template->param(no_categories => 1);
}
else {
$template->param(categories=>\@categories);
}
but it belongs to a new bug me thinks. Well, suggestions are welcome, but this must
be fixed on stable ASAP so hurry :-D
Followed test plan, works as expected.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
There is no help for the pending on site checkouts report. This patch
adds it.
To test:
* visit pending on site checkouts
* click help
* confirm help is there and correct
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
This patch adds the missing order from subscription help and updates basket
help.
To test:
* Visit a basket, review the help
* Click order from a subscrption, review the help
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
