This patch will have to be tested deeply to make sure it will not
introduce regression!
The idea is to display an empty option in the patron attributes select
and ignore it. That way we can deal with false values 0 and "" which
were skipped before.
Test plan:
Add several patron attributes
Use the batch patron modification tool to add/update/remove them
Play with empty "" and 0 values, as well as other values
Modify several attributes in a row
Signed-off-by: Charles Farmer <charles.farmer@inLibro.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Translate the error messages, and the table headers.
Test plan:
1) Go to Home -> Tools -> Quote editor -> Import quotes
2) Upload quotes from a file. Try to trigger the error messages
3) On successful import, check the table header texts
4) Apply patch, update & install a language
5) The error messages and the table header texts should
show up in the xx-YY-staff-prog.po
6) Repeat 1,2,3
Signed-off-by: Pasi Kallinen <pasi.kallinen@joensuu.fi>
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch makes two trivial changes in the inventory interface:
[1] If you have uploaded a barcode file, the compare barcodes checkbox is
automatically checked. In most cases this will be the option the user wants.
The compare will report missed items on the shelf.
[2] If the compare barcodes checkbox is checked, the Skip items on loan-
checkbox is automatically checked. This again is often desirable. If you
compare, you normally are not interested in seeing items reported missing
while they are checked out.
Test plan:
[1] Upload a barcode file on inventory. Is the compare checked?
[2] Toggle compare. Does 'skip items on loan' change accordingly?
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Grace Smyth <gracesmythh@gmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Status does not tell me that this is the Not for loan column.
Trivial edit.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Grace Smyth <gracesmythh@gmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
If you have multiple languages installed, the notices and slips page
uses the same HTML id multiple times, once for each language. This
prevents eg. the SMS character count javascript from working, because
each of the textareas has the same id.
Test plan:
Test the sms characters counter, with and without TranslateNotices
Make sure other features on this page still work correctly
QA: Make sure this change of id did not break something else.
Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Test Plan:
0.1 - find at least one biblionumber that has at least one item checked out
0.2 - find at least one biblionumber that has zero items checked out.
1 - Go into the module "Tools > Batch record deletion"
2 - in "List of biblionumbers or authority ids (one per line)" put the values you found in step 0.1 and 0.2
3 - click continue
4 - biblionumbers with at least one item checked out should not be clickable.
5 - biblionumbers with zero items checked out should be clickable.
6 - click "Select all" and "Clear all", both buttons should change the "checked" status of the enabled AND disabled biblionumber checkboxes.
7 - apply patch
8 - click "Select all" and "Clear all", both buttons should change the "checked" status of ONLY the enabled biblionumber checkboxes.
Signed-off-by: JM Broust <jean-manuel.broust@univ-lyon2.fr>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
There is an untranslatable Delete-button in the patron batch modification
tool. Allow translating it.
Test plan:
1) Go to Home -> Tools -> Batch patron modification, put a patron's
card number in the box, and click on Continue
2) At the bottom of the screen there is an drop-down entry for
Attribute, click on the "New" at the nd of that line
3) There should now be another Attribute -line, with "Delete" -link
at the end of that line
4) Apply patch, install a language
5) Repeat 1-3 in that language, the Delete-link should be shown in
the correct language, if the msgid "Delete" was translated
in xx-YY-staff-prog.po
Signed-off-by: Pasi Kallinen <pasi.kallinen@joensuu.fi>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
When looking at the table showing the staged MARC records, the "View"
text in the Diff-column is not translatable. Make it so.
Test plan:
1) Go to Home -> Tools -> Stage MARC records for import
2) Select eg. t/db_dependent/www/data/marc21record.mrc and upload the file
3) Click on Stage for import
-> Manage staged records
-> Import this batch into the catalog
4) Wait for zebra to reindex, or trigger it yourself by
running rebuild_zebra.pl -a -b -r
5) Go to Home -> Tools -> Stage MARC records for import
6) Select the same file as in part 2 and upload the file
7) Change the Record matching rule to ISBN (020$a)
8) Click on Stage for import
-> Manage staged records
9) In the table below, there should now be a line showing
the staged MARC record matches biblio
10) Note the "View"-text in the "Diff"-column
11) Apply patch
12) Install a language, view the same batch in the
Manage staged MARC records -page in that language
13) The "View" should show up correctly, and if the
msgid "View" was translated in the xx-YY-staff-prog.po,
should show up in the correct language
Signed-off-by: Pasi Kallinen <pasi.kallinen@joensuu.fi>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch revises the breadcrumbs in the template for batch patron
deletion / anonymization so that they match the text used in the tools
menu and on Tools home.
To test, apply the patch and go through a batch patron anonymization
process. At each step the breadcrumbs should read "Batch patron
deletion/anonymization" instead of "clean patron records."
Signed-off-by: Roch D'Amour <roch.damour@inlibro.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Finally we add the ability to export the list of lost items.
The items will be export in CSV format using a CSV profile defined.
Test plan:
0/ Apply all the patches from this patch set
1/ Define a CSV profile (type=SQL, Usage=Export lost items in report)
Try something like that to get the same columns as the default table:
Title=biblio.title
|Author=biblio.author
|Lost status=items.itemlost
|Lost on=items.itemlost_on
|Barcode=items.barcode
|Call number=items.itemcallnumber
|Date last seen=items.datelastseen
|Price=items.price
|Rep. price=items.replacementprice
|Library=items.homebranch
|item type=items.itype
|Current location=items.holdingbranch
|Location=items.location
|Not for loan status=items.notforloan
|Notes=items.itemnotes
2/ Use the filters and select items to export
3/ Export the list of items you want and make sure the CSV is correctly
formatted and contains the items you selected
QA Notes:
- I think we should add default CSV profiles for the different "usage",
but I would consider it as a separate enhancement since none of them is
defined yet
- Most of the code to export CSV is no reusable. We should make
Koha::Exporter::Record support CSV export for type=SQL (it only
supports MARC type so far).
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Test Plan:
1) Apply this patch
2) Test importing patrons from command line,
options are availble with --help.
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Tested with minimal csv
(cardnumber,surname,firstname,categorycode,branchcode,password,userid)
Overwrite does not change category or branch.
Patrons are loaded, userid & password works
Updated license to GPLv3
No other koha-qa errors.
Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Bug 12598 - Tidy import_borrowers.pl
Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Bug 12598 - Move importing code to a subroutine
Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Bug 12598 - Update command line script to use patron import subroutine
Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Bug 12598 [QA Followup]
* Fix copyright on import_borrowers.pl
* Changes -c --csv to -f --file
* Adds -c --confirm option
* Renames misc/import_borrowers.pl to misc/import_patrons.pl
* Restore userid matchpoint option
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Bug 12598 - Fix merge to master. Backport 3 updates from latest import_borrowers.pl
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Bug 12598 - Started regression tests. Fix missing C4::Members::Attributes package
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Bug 12598 - More refactoring and regression tests in Koha::Patrons::Import
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Bug 12598 - Creating objects in misc/import_patrons.pl and tools/import_borrowers.pl
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Bug 12598 - Refactoring Koha::Patrons::Import includes bug fixed for critical date types and header column parsing
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Bug 12598 - Rebase + backport of 16426 plus fixing 16426
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Bug 12598: catch warnings raised by import_patrons in tests
Signed-off-by: Colin Campbell <colin.campbell@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Test plan:
Go to any patron and then to Modification log of this patron
-- without patch you will not see the left side menu and patron information
-- with patch menu and patron information is here, and should be fully
working (links)
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
In order to simplify and make uniform the code, the controller scripts send
a Koha::Patron object to the templates instead of all attributes of a patron.
That will make the code much more easier to maintain and will be less
error-prone.
The variable "patron" sent to the templates is supposed to represent the
patron the librarian is editing the detail.
In the members module and some scripts of the circulation module, the
patron's detail are sent one by one to the template. That leads to
frustration from developpers (making sure everything is passed from all
scripts) and to regression (we got tone of bugs in the last year because
of this way to do).
With this patch set it will be easy access patron's detail, passing only
1 variable from the controllers.
Test plan:
Play with the patron and circulation module and make sur the detail of
the patron you are editing/seeing info are correctly displayed.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch updates several single-column Tools templates to
use the Bootstrap grid.
- batchMod-del.tt - Tools -> Batch item deletion -> Submit barcodes or
item numbers for deletion. The grid is changed for the results and
confirmation screens.
- batchMod-edit.tt - Tools -> Batch item modification -> Submit barcodes
or item numbers for modification. The grid is changed for the results
and confirmation screens.
- koha-news.tt - Tools -> News -> Edit or create a new news item. The
grid is changed for the edit screen.
- letter.tt - Tools -> Notices and Slips -> Edit or create a notice. The
grid is changed for the edit screen.
Each of these pages should look correct. The News and Notices page
should have a single centered column with wide margins on either side.
At lower browser widths the margins should disappear.
The batch mod screens should be displayed at full screen width.
Signed-off-by: Claire Gravely <claire.gravely@bsz-bw.de>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch modifies two patron-related tools templates in the staff
client so that JavaScript is included in the footer instead of the
header.
To test, apply the patch and test the JavaScript-driven features of
each modified template: All button controls, DataTables functionality,
form validation, etc.
- Import patrons
- Upload patron images
Signed-off-by: Claire Gravely <claire.gravely@bsz-bw.de>
Edit for QA: Fixed datepickers on import patron form
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Changes made by bug 12904 appear to have affected TinyMCE.
Test plan:
1) Edit a library, note the OPAC info editor is missing
2) Apply this patch
3) Reload the page
4) The editor is back!
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
It turns out the modules had the option expected built in, we just didn't call
it. This patch set expands the options for passing to the export.
To test:
1 - Go to Tools->Export data
2 - Perform an export and check 'Remove non-local items'
3 - Note that file contains only 'local' records, but includes all items
on those records
4 - Apply patch
5 - Note Tools->Export data has a new option to remove records not owned
by logged in branch
6 - Export as before checking records option, file should be as before
7 - Now check 'Remove items not owned by logged in branch'
8 - File should now only have local items (may have empty records)
9 - Check both boxes and recieve only 'local' records and items
Signed-off-by: Scott Kehoe <scott@masslibsystem.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch modifies the staff client patron lists templates so that
JavaScript is included in the footer instead of the header.
To test, apply the patch and test the JavaScript-driven features of
each modified template: All button controls, DataTables functionality,
form validation, etc.
Revised: My original patch included changes to batchMod-edit.tt but
didn't take into account the MARC plugins which are loaded in the item
edit form. I have discarded those changes for now.
Tools -> Batch record modification
- Page highlighting in the sidebar
- Patron autocomplete in the "Check out" tab
- Submit records for deletion
- Page highlighting in the sidebar
- Checkbox selection links
- Warning when no records selected
- Patron autocomplete in the "Check out" tab
Tools -> Batch item modification
- Page highlighting in the sidebar
- Patron autocomplete in the "Check out" tab
Tools -> Batch item deletion
- Page highlighting in the sidebar
- Patron autocomplete in the "Check out" tab
- Submit items for deletion
- Patron autocomplete in the "Check out" tab
- Checkbox selection links
- Column-hiding checkboxes
- Datatables
Tools -> Batch record modification
- Page highlighting in the sidebar
- Patron autocomplete in the "Check out" tab
- Submit records for modification
- Page highlighting in the sidebar
- Patron autocomplete in the "Check out" tab
- Checkbox selection links
- Datatables
- MARC preview
- Warning when no records selected
- Progress bar after submitting items for modification
Signed-off-by: Claire Gravely <claire.gravely@bsz-bw.de>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch just replaces the link to detail.
Detail provides item information needed in case of inventory problems.
Test plan:
Go to Tools/Inventory.
Create an inventory list without barcode file.
Check if the link goes to detail now.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch modifies more staff client patrons and circulation tools
templates so that JavaScript is included in the footer instead of the
header.
To test, apply the patch and test the JavaScript-driven features of
each modified template: All button controls, DataTables functionality,
form validation, etc.
- Batch patron deletion/anonymization
- Overdue notice/status triggers
- Batch patron modification
Signed-off-by: Claire Gravely <claire.gravely@bsz-bw.de>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch modifies more staff client tools templates so that
JavaScript is included in the footer instead of the header.
To test, apply the patch and test the JavaScript-driven features of
each modified template: All button controls, DataTables functionality,
form validation, etc.
Export data
Inventory
Notices & slips
Upload local cover image
Signed-off-by: Claire Gravely <claire.gravely@bsz-bw.de>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch modifies some staff client templates from the "Tools"
section so that JavaScript is included in the footer instead of the
header.
- Automatic item modifications by age
- MARC modification templates
- Stage MARC records for import
- Staged MARC record management
To test, apply the patch and test the JavaScript-driven features of
each modified template: All button controls, DataTables functionality,
form validation, etc.
Signed-off-by: Claire Gravely <claire.gravely@bsz-bw.de>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch modifies the staff client "Additional tools" templates so
that JavaScript is included in the footer instead of the header:
- Calendar
- CSV profiles
- Log viewer
- News
- Task scheduler
- Edit quotes for QOTD feature
- Upload
Note that the log viewer template has been modified so that the
"interface" variable (passed to the template to provide the correct path
to staff client assets) isn't overwritten by an "interface" variable
required by the log viewer.
To test, apply the patch and test the JavaScript-driven features of
each modified template: All button controls, DataTables functionality,
form validation, etc.
Signed-off-by: Claire Gravely <claire.gravely@bsz-bw.de>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch returns some CSS to the manage staged MARC records template
which was incorrectly removed by Gug 16538.
To test, apply the patch and go to Tools -> Staged MARC management.
Choose a staged MARC file.
Changing any of the <select> fields in the first section should cause a
label to appear showing that the selection has changed, along with a
link to reset the option to its original state. Clicking 'Reset' should
make the label and the link disappear.
Signed-off-by: Claire Gravely <claire.gravely@bsz-bw.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch modifies the template for staged MARC import management to
correct a problem with the style of pagination links.
To test you must have more than 25 staged imports. Go to Tools -> Staged
MARC management. The pagination links, both at the top and the bottom,
should look correct (use multi-page SQL report results for reference).
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Fixes the bug by correcting the variable names in the template.
To test:
1) Tools > Export > Export authority records
2) Authority Types dropdown is not empty
Signed-off-by: Claire Gravely <claire.gravely@bsz-bw.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Amended: Changing the export script and unblessing is not needed.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Fix error array (add '0' value)
Update errors on other places using upload.js
Eventually these should all be using the same code in a js file
upload.tt already dealt with these errors, but has diff code, made it
work with new error syntax
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Amended: Removed the added js comment in upload.tt
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
To test:
1 - sudo chown www-data:www-data /tmp/koha_kohadev_upload/ (or your
relevant dir and user)
2 - Attempt to stage a file
3 - Error message is: Upload status: Failed
4 - Apply patch
5 - Repeat upload
6 - Error is now: Failed - Directory is not writeable:
/tmp/koha_kohadev_upload
7 - Trigger the other errors if you can and note better responses
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
In inventory result page, items are shown in a JS DataTable.
For an inventory with barcode file second column is not sortable for no reason.
For an inventory without barcode file first column is not sortable but since it is the default sort order the sorting icon is still displayed.
This patch corrects by setting default sort order on callnumber column.
Test plan :
- perform inventory with barcode file
- look at result table
- table is sorted by callnumber
=> Without patch second column is not sortable
=> With patch all columns are sortable
- perform inventory without barcode file
- look at result table
=> Without patch first column show sort icon and table is not sorted by callnumber
=> With patch first column is not sortable and table is sorted by callnumber
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
In inventory result page :
Location is displayed after branch without any difference.
Author is displayed into a paragraph making row hight.
This patch adds for location a span with class like in catalogue detail page, and changes author to be on same line in order to have a more compact display for this table that may be huge.
Test plan :
- Perform inventory with a barcode file
- Look at result
=> you see localtion in a new line after library and in italic
=> you see author after title on same line with "by" separator
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Moves the location of the button in question to be below the framework selector
Test plan:
1. Go to Tools -> Stage MARC records for import
2. Upload a .mrc file and stage it for import
3. Click Manage staged records
4. Note that the import button appears above the framework selector
5. Apply patch
6. Refresh the window
7. Notice that the button has now moved to below the framework selector
Sponsored-By: CALYX information essentials
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Overdue rules do not save when a delay that is not an integer > 0,
without any warnings.
This patch forces the user to select a number > 0.
Test plan:
Without this patch applied, enter non-integer value or negative or 0
=> The rule will not be inserted without any warnings.
With this patch applied you will get an message from the browser and the
form will not save
Signed-off-by: David Bourgault <david.bourgault@inlibro.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
When created, batch_record_modification.tt has been based on
batch_delete_records.tt
These attributes are not used in the template and not set in the pl
script.
Since bug 18260, biblio is a Koha::Biblio and calling a non-existent
method will raise an error.
This patch get rid of the following error:
batch_record_modification.pl: Template process failed: undef error - The
method itemnumbers is not covered by tests!
Test plan:
Modify bibliographic records with the "Batch record modification" tool.
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
To Test
1. Hit the page /cgi-bin/koha/tools/csv-profiles.pl?op=add_form
2. Add a text in the field Profile name, Profile description
and Profile MARC fields that contains js
3. Save the page.
4. Notice js is execute
5. Apply patch and reload, the js is escaped
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Same change as the first patch, but for the batch record
modification tool.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Changes the label from 'list of record numbers...' to
'List of biblionumbers or authority ids...' to make it
more clear to the user which kind of input is expected.
To test:
- Go to Tools > Batch record deletion
- Check the new description
- Decide if it's more clear or not
Signed-off-by: Marc Veron <veron@veron.ch>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
In manage-marc-import.tt, we have an abbreviation:
<abbr title="Differences between the original biblio and the imported" lang="en">Diff</abbr>
In translations (e.g. German), the line appears as follows:
<abbr title="Unterschiede zwischen Originaltitelsatz und importiertem Titelsatz" lang="en">Diff</abbr>
The lang attribute is wrong here, it is still "en".
The text language is the same as defined at the top of the page - or with other
words, the lang tag is superfluous.
This patch removes it.
To test:
Verify that code change makes sense.
Passes QA test and the change is logical
Signed-off-by: Alex Buckley <alexbuckley@catalyst.net.nz>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
To Test
1. Hit the page /cgi-bin/koha/tools/holidays.pl
2. Select the date
3. Add a text in the field Title and Description that contains js
4. Save the page.
5. Notice js is execute
6. Apply patch and reload, the js is escaped
Fixed for all holidays
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
1. Hit /cgi-bin/koha/tools/batchMod.pl
2. Enter <IFRAME SRC="javascript:alert('XSS');"></IFRAME> in the Barcode list (one barcode per line) text area.
3. Notice the iframe is executed.
4. Apply patch.
5. Reload page, and enter iframe again on Barcode list (one barcode per line) text area.
6. Notice it is no longer executed.
7. Fixes for both barcode and itemnumber.
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
1. Hit /cgi-bin/koha/tools/batchMod.pl?del=1
2. Enter <IFRAME SRC="javascript:alert('XSS');"></IFRAME> in the Barcode list (one barcode per line) text area.
3. Notice the iframe is executed.
4. Apply patch.
5. Reload page, and enter iframe again on Barcode list (one barcode per line) text area.
6. Notice it is no longer executed.
7. Fixes for both barcode and itemnumber.
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
1. Hit /cgi-bin/koha/tools/batch_delete_records.pl
2. Enter <IFRAME SRC="javascript:alert('XSS');"></IFRAME> in the Record number list (one per line) text area.
3. Notice the iframe is executed.
4. Apply patch.
5. Reload page, and enter iframe again on Record number list (one per line) text area.
6. Notice it is no longer executed.
7. Fixes for both biblio and authority records.
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
