Commit graph

13320 commits

Author SHA1 Message Date
ee3707d0de Bug 4103 In Pro Adv Search, superlibrarian search always all libraries
Now, when 'independantbranches' syspref is activated, 'Individual Libraries'
combo list is set by default to the current user branch. It shouldn't be the
case for superlibrarian user who is supposed to manage all libraries.

Signed-off-by: Nicole C. Engard <nengard@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
2011-03-05 20:32:56 +13:00
Chris Cormack
de6b9fc534 Fixing license and copyright statement for updatedatabase.pl 2011-03-05 20:24:57 +13:00
Chris Cormack
f147958a35 Updating database version 2011-03-05 20:22:45 +13:00
fca88d102b Bug 5642: Item field serial enumeration (enumchron) should be longer
Field enumchron in items table is now varchar(80).
We have records that need a much longer field, even up to 400 or 500 chars.
I suggest to change its type to TEXT (variable length with max 64K; tinytext
goes up to 255 chars and is just too short).
Mediumtext or longtext are not needed; as a side note these types are used in
the items table for e.g. booksellerid and more_subfields_xml..

Revised original patch thanks to Ian Walls: update kohatructure.sql. Copied the change in deleteditems as well.

Signed-off-by: Nicole C. Engard <nengard@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
2011-03-05 20:20:02 +13:00
Paul Poulain
ca8ae9b8cc BZ5432 follow-up, removing test string
Signed-off-by: Nicole C. Engard <nengard@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
2011-03-04 13:22:55 +13:00
Stéphane Delaune
3cc0939622 Bug 5432 : (MT #4584b)Add duplicate support for borrowers
Signed-off-by: Nicole C. Engard <nengard@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
2011-03-04 13:22:54 +13:00
Jared Camins-Esakov
7660909ca8 Bug 5815: Double clicking submits patron selection
Double clicking on an item in the list of matching names now automatically
submits the form when checking out to a patron by name rather than barcode.

Signed-off-by: Nicole C. Engard <nengard@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
2011-03-04 13:17:54 +13:00
MJ Ray
f68386f749 bug 5813: Remove unnecessary empty file
Signed-off-by: Galen Charlton <gmcharlt@gmail.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
2011-03-04 13:14:11 +13:00
Robin Sheat
87ec412648 Bug 4852 - rewrite the query to include limits if using ccl=
Signed-off-by: Jared Camins-Esakov <jcamins@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
2011-03-04 12:58:52 +13:00
Chris Cormack
cb652af481 Merge remote branch 'kc/new/enh/bug_5792' into kcmaster 2011-03-04 12:54:59 +13:00
Nicole C. Engard
19adf162ca Bug 5792 - Add reference icon to Bridge icon set
Signed-off-by: D Ruth Bavousett <ruth@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
2011-03-04 12:54:20 +13:00
Nicole C. Engard
bbd08ffd09 Bug 5799 make language on circ history consistent
Signed-off-by: D Ruth Bavousett <ruth@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
2011-03-04 12:52:43 +13:00
Chris Cormack
24db3d4a44 Fixing the translatable tests to work in french locales 2011-03-04 12:31:48 +13:00
Chris Cormack
f81f7756fc Bug 5811 - Bumping database version 2011-03-04 09:48:21 +13:00
Jared Camins-Esakov
83ab549724 Bug 5811: Add sysprefs to control overriding fines
This patch adds two sysprefs to allow libraries more fine-grained control over
when fines can and can't be overridden. The two sysprefs are:
* AllFinesNeedOverride - when this syspref is set to "Require" (default) any
    fine will require a staffmember to override the fine in order to check out a
    book.  When set to "Don't require," fines below noissuescharge will not need
    any override.
* AllowFineOverride - when this syspref is set to "Allow," staff will be able to
    override fines that are above noissuescharge. When set to "Don't allow"
    (default), staff will not be able to check out items to patrons with fines
    greater than noissuescharge.

Signed-off-by: Nicole C. Engard <nengard@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
2011-03-04 09:33:18 +13:00
6ded7b9897 Fix for Bug 5814 - Style error message on manage staged records page according to standard
Signed-off-by: Nicole C. Engard <nengard@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
2011-03-04 09:23:15 +13:00
Chris Cormack
a8c0897643 Merge remote branch 'kc/new/bug_5804' into kcmaster 2011-03-03 12:16:11 +13:00
f8c85a6bc8 Follow-up fix for Bug 5804, acqui duplicate warning
Typo fix. Thanks for spotting it Marcel.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
2011-03-03 12:14:56 +13:00
Chris Cormack
f9f35b6984 Merge remote branch 'kc/new/bug_3319' into kcmaster
Conflicts:
	members/members-home.pl
2011-02-28 22:55:59 +13:00
Ian Walls
ac9fd0cff9 Bug 3319 Followup: Fix compatibility with fix for bug 4945
The fix for 3319 overwrote the @branchloop variable with output from GetBranchesLoop,
which forces a selected branch.  Removing the extra call, and just measuring the size of
@branchloop as it was build, plus some dereferencing, fixes the issue.

Signed-off-by: Nicole C. Engard <nengard@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
2011-02-28 22:52:05 +13:00
Chris Cormack
8e3fdc6d6b Merge remote branch 'kc/new/bug_1953' into kcmaster 2011-02-28 21:37:10 +13:00
439d2224e1 Bug 1953 - Follow up fix on security patch
Fixing: Undefined subroutine prepare called on line 722.

Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
2011-02-28 21:34:40 +13:00
edafbd941d Fix for Bug 5812 - Tag Cloud - capitalized words come before lower-case words
Signed-off-by: Nicole C. Engard <nengard@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
2011-02-28 10:38:29 +13:00
Chris Cormack
b5ee2f201b Merge remote branch 'kc/new/bug_4885' into kcmaster
Conflicts:
	opac/opac-detail.pl
2011-02-28 10:11:09 +13:00
baec90aae9 Follow-up fix for Bug 4885 - Only 1 ISBN shows in non-XSL detail view
Fix for Bug 5551 overwrote the necessary changes to opac-detail.pl

Signed-off-by: Nicole C. Engard <nengard@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
2011-02-28 10:08:12 +13:00
Chris Cormack
aaa0cdb9e8 Merge remote branch 'kc/new/enh/bug_1883' into kcmaster 2011-02-28 09:50:14 +13:00
Paul Poulain
71121903a6 BZ1883 follow-up
solve comment 10 from nengard: This patch added these types only on upgrade.  We need them to be added to new
installs to.

Signed-off-by: Nicole C. Engard <nengard@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
2011-02-28 09:48:06 +13:00
07cef41c73 Fix for Bug 5804 - duplicate warning when ordering needs design work
Signed-off-by: Nicole C. Engard <nengard@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
2011-02-28 09:18:26 +13:00
Jared Camins-Esakov
02d15007df Bug 5723: Font for 780s on staff client shrinks
This patch fixes the bug that caused 780s in the staff client details XSLT to
display in progressively smaller fonts. This also corrects the semantics of the
780 ind1.

Signed-off-by: Nicole C. Engard <nengard@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
2011-02-28 09:12:55 +13:00
Chris Cormack
622f804ffd Merge remote branch 'kc/new/bug_2742' into kcmaster 2011-02-28 09:09:33 +13:00
575a690b4e 2742 Encoding problem
Small correction of e umlaut. [Something happened with encoding of signed patch; my original patch did not show a wrong character.]

Signed-off-by: Frédéric Demians <f.demians@tamil.fr>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
2011-02-28 09:07:02 +13:00
Chris Cormack
bf704ce989 Merge remote branch 'kc/new/bug_1953' into kcmaster 2011-02-28 08:45:05 +13:00
Frère Sébastien Marie
55af15be84 Use placeholders in sql
Signed-off-by: Frère Sébastien Marie <semarie-koha@latrappe.fr>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
2011-02-28 08:41:38 +13:00
ruth@bywatersolutions.com
0b961c0ae0 Bug 5805: Having items in-transit can cause derangement of the hold list
If you have a list of holds on a biblio, and one or more are in-transit, then the
array that is fed to modrequest.pl is not fully-populated, lacking the branch on the
in-transit rows.  If you then attempt to edit one of the remaining holds' pickup
location, it doesn't modify the one you expect, but ones *above* that.  Also, holds
at the bottom of the list get the first pickup library in the list, since they are
getting undef passed in.

Signed-off-by: Nicole C. Engard <nengard@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
2011-02-26 20:44:01 +13:00
MJ Ray
74cdd57ecb bug 1953: Reduce risk of possible tainted supplierid call to C4::Serials::GetLateIssues
Signed-off-by: Galen Charlton <gmcharlt@gmail.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
2011-02-26 20:02:25 +13:00
Katrin Fischer
38b59b7b53 Bug 1962: Add fine notification during check-in
Original patch submitted by dswhite42@yahoo.com

Reformatted to apply cleanly.
Changed alert message during check-in to message used
on borrower account checkout page.

Signed-off-by: Nicole C. Engard <nengard@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
2011-02-26 19:52:56 +13:00
Chris Nighswonger
b0f60221f4 Security Bugfix: Bug 1953 Adding Placeholders to SQL To Avoid Potential Injection Attacks
This patch addresses both security issues mentioned in the summary of the report
submitted by Frère Sébastien Marie included below.

---------------------------
The problem is here: 'C4/AuthoritiesMarc.pm' in the function 'DelAuthority':
The argument $authid is included directly (not via statement) in the SQL.

For the exploit of this problem, you can use 'authorities/authorities-home.pl'
with authid on the URL and op=delete (something like
"authorities/authorities-home.pl?op=delete&authid=xxx").

This should successfully call DelAuthority, without authentification...
(DelAuthority is call BEFORE get_template_and_user, so before authentification
[This should be an issue also...]).

Please note that the problem isn't only that anyone can delete an authority of
this choose, it is more general: with "authid=1%20or%1=1" (after inclusion sql
will be like: "delete from auth_header where authid=1 or 1=1") you delete all
authorities ; with "authid=1;delete%20from%xxx" it is "delete from auth_header
where authid=1;delete from xxx" and so delete what you want...

SQL-INJECTION is very permissive: you can redirect the output in a file (with
some MySQL function), so write thea file of you choose in the server, in order
to create a backdoor, and compromise the server.

Signed-off-by: Frère Sébastien Marie <semarie-koha@latrappe.fr>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
2011-02-25 07:08:39 +13:00
Chris Cormack
2a3f7c1417 Merge remote branch 'kc/new/enh/bug_3550' into kcmaster 2011-02-22 08:37:34 +13:00
Chris Cormack
f75f964ba4 Merge remote branch 'kc/new/bug_2742' into kcmaster 2011-02-22 08:37:25 +13:00
Colin Campbell
bf1939798f Bug 3550 : Display changes needed in opac-results-grouped too
Change to how subfield is derived had not been implemented in
opac-results-grouped causing ARRAY(hexnumber) to follow all titles
Replace template ref to scalar with an array

Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
2011-02-22 08:36:13 +13:00
marcel@libdevelop.rijksmuseum.nl
fc1b7201c5 2742: Wrong language name in the preferences
Follow up patch. Improvement suggested by Belgian translators (Hans Supply).

Signed-off-by: Frédéric Demians <f.demians@tamil.fr>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
2011-02-22 08:33:11 +13:00
febba50ba8 Bug 5782: Add warning when ordering a duplicate record from external source
Enhancement for Acquisitions/ordering from external source.
Koha already checked for duplicates, but this patch warns the user. Offers the choice to use existing record, use new record or return without making an order.
The new template is added for this interaction with the user.

Signed-off-by: Nicole C. Engard <nengard@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
2011-02-22 08:24:01 +13:00
a0367aa973 Fix for Bug 5776 - menu on funds wraps when only 1 fund
Signed-off-by: Nicole C. Engard <nengard@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
2011-02-21 16:24:46 +13:00
Reed Wade
1f0e0c5de1 Bug 5741 - Extra comma causes JavaScript error in Internet Explorer
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
2011-02-20 20:29:07 +13:00
eaf4cfe6b8 Bug 5777 Update and install syspref tab titles
This allow also Save button label translation

[3.2] It applies

Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
2011-02-20 20:26:50 +13:00
Chris Cormack
c43aac22a2 Merge remote branch 'kc/new/bug_5769' into kcmaster 2011-02-18 10:43:42 +13:00
Chris Cormack
92f52dc850 Merge remote branch 'kc/new/bug_5682' into kcmaster 2011-02-18 10:42:28 +13:00
Paul Poulain
4117b293f6 NormalizeString POD Fixing and variable renaming
POD was mistakenly telling that NFD was supposed to be the default
    encoding.  In fact, it is not, it is NFC.
    So the variable $nfc to change to the not default encoding was misleading.
    Renaming it into $nfd

(written by hdl)

Refactored by Chris Cormack

Signed-off-by: Davi <davi@gnu.org>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
2011-02-18 10:39:56 +13:00
ed2b583eb1 Fix for Bug 5769 - notice tab disappearing on edit patron
Signed-off-by: Nicole Engard <nengard@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
2011-02-18 10:10:10 +13:00
fb5ede8b59 Fix for Bug 5140 - In Chrome, drop-down menus disappear after using pop-up calendar
Disabling that part of the calendar JavaScript which hides
<select> form fields when the calendar is displayed. This is at
the expense of IE6.

Signed-off-by: Nicole Engard <nengard@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
2011-02-18 09:47:41 +13:00