Commit graph

23943 commits

Author SHA1 Message Date
Jonathan Druart
9ed3d83dcb Bug 10063: Remove outdated FIXME
Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-06-22 11:09:19 -03:00
Katrin Fischer
307f7a064c Bug 10063: Correct documentation of C4::Members::IsMemberBlocked
Rephrased documentation a bit, replacing fine days with the
more general term restriction. As IsDebarred checks for existing
active restrictions.

TEST PLAN
---------
1) apply patch
2) git diff origin/master
   -- do the changes make sense
3) perldoc C4::Members
   -- look for the IsMemberBlocked.
   -- Does it reflect current state
4) koha qa test tools

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-06-22 11:09:19 -03:00
Katrin Fischer
45c1b8f7b2 Bug 10119: Add note about CalculateFinesOnReturn to description of finesmode
This adds a note to the descrpition of the finesmode system
preference mentioning that CalculateFinesOnReturn is another
option for charging fines:

Note: Fines can also be charged by the CalculateFinesOnReturn system preference.

To test:
- Search for the finesmode system preference
- Verify the new text shows and is correct

NOTE: New text appears as expected. You can also just scroll for
      it on the Circulation preferences tab.

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-06-22 11:08:46 -03:00
Eivin Giske Skaaren
0cb82c8d02 Bug 14421: Corrected example in SMS.pm to working version with hashref.
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>

Test:
1) Apply patch
2) perldoc C4/SMS.pm
3) Check fixed argument in example

Argument is hashref, POD is now right
Added additional space on second arg
No errors

Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-06-22 11:08:29 -03:00
Mark Tompsett
2b255be22c Bug 14425: Typo in C4::Context IsSuperLibrarian perldoc
TEST PLAN
---------
1) git checkout -b bug_14425 origin/master
2) perldoc C4::Context
   /IsSuperlibr
   -- see it is bad.
3) apply patch
4) perldoc C4::Context
   /IsSuperLibr
   -- see it is fixed.
5) koha qa test tools.

Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Fix typo, no errors.

Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
% git grep -i IsSuperLibrarian|wc -l
55
% git grep IsSuperLibrarian|wc -l
55
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-06-22 11:07:36 -03:00
Nicole C. Engard
469275fef5 Bug 14424: Tools Help Files for 3.20
This patch updates and adds help files to 3.20+

To test:

* Visit batch record modification and note that there is a help file
 and confirm the text is right
* Visit export data, import borrowers, stage marc for import, and log viewer
  * Confirm updated text is right

Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>

Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-06-22 11:06:21 -03:00
Nicole C. Engard
d3983e563f Bug 14424: Admin Help Files for 3.20
This patch updates some of the help files for Admin areas in 3.20+

To test:

* Visit
  * Frameworks, add field, add subfield
  * Column settings
  * Patron attributes
  * Circ rules
* Confirm help loads up and is right

Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>

Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-06-22 11:06:20 -03:00
Katrin Fischer
6c94fe52f9 Bug 11458: Improve confusing description of syspref 'gist'
The description of "gist" was:

"Default tax rates are ... (enter in numeric form, 0.12 for 12%.
First is the default. If you want more than 1 value, please
separate with |) "

The doubled use of "default" is confusing here.

With the patch it reads:

Tax rates are ... Enter in numeric form, 0.12 for 12%.
The first item in the list will be selected by default.
For more than one value, separate with | (pipe)

To test:
- Verify that the gist system preference description is
  correct.

The use of "default" is confusing here.

Signed-off-by: Aleisha <aleishaamohia@hotmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-06-22 11:05:44 -03:00
Chris Cormack
57b01fb655 Bug 14412: SQL injection possible
There is a SQL Injection vulnerability in the
/cgi-bin/koha/opac-tags_subject.pl script.

By manipulating the variable 'number', the database can be accessed
via time-based blind injections.

The following string serves as an example:

/cgi-bin/koha/opac-tags_subject.pl?number=1+PROCEDURE+ANALYSE+(EXTRACTVALUE(9743,CONCAT(0x5c,(BENCHMARK(5000000,MD5('evil'))))),1)

To exploit the vulnerability, no authentication is needed

To test
1/ Turn on mysql query logging
2/ Hit /cgi-bin/koha/opac-tags_subject.pl?number=1+PROCEDURE+ANALYSE+(EXTRACTVALUE(9743,CONCAT(0x5c,(BENCHMARK(5000000,MD5('evil'))))),1)
3/ Check the logs notice something like
  SELECT entry,weight FROM tags ORDER BY weight DESC LIMIT 1
  PROCEDURE ANALYSE
  (EXTRACTVALUE(9743,CONCAT(0x5c,(BENCHMARK(5000000,MD5('evil'))))),1)
4/ Apply patch
5/ Hit the url again
6/ Notice the log now only has
   SELECT entry,weight FROM tags ORDER BY weight DESC LIMIT 1

Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Confirmed the problem and the fix for it.
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-06-22 11:00:10 -03:00
Chris Cormack
cd4c959f72 Bug 14418: More XSS vulnerabilities in opac-shelves.pl
To test:
1/ Hit a url like
/cgi-bin/koha/opac-shelves.pl?viewshelf=7&op=modif&display="><script>alert('oh
noes')</script>  Where the id is a valid shelf id
2/ Notice the js is executed
3/ Apply patch
4/ Reload page
5/ Notice input is now escaped on display

Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Tested in Debian, couldn't reproduce the alert in Iceweasel, but in
Chromium. Patch fixes it.
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-06-22 11:00:10 -03:00
Chris Cormack
b6ca2b0cd2 Bug 14418: XSS flaw in opac-shelves.pl
To test:
1/ Create a list and add at least one item to it
2/ Hit a url like http://192.168.2.18/cgi-bin/koha/opac-shelves.pl?viewshelf=7&sort=author&direction=%22%3E%3Cscript%3Ealert%28%27oh%20noes%27%29%3C/script%3E
  Where the shelf id is the number of the list you created, notice the js is executed
3/ Apply the patch
4/ Reload the page notice the js is now escaped

Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-06-22 11:00:10 -03:00
Chris Cormack
45dd775401 Bug 14418: XSS Vulnerabilities in OPAC search
Fix for /cgi-bin/koha/opac-search.pl

To test

1/ Hit /cgi-bin/koha/opac-search.pl?tag="><script
src='http://cst.sba-research.org/x.js'/>&q=a
2/ Notice the js is executed
3/ Apply patch
4/ Reload page, notice it is no longer executed
5/ Test the rss links work still

Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Confirmed bug and that the patch fixes it.
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-06-22 11:00:10 -03:00
Jonathan Druart
542b06f065 Bug 14416: Stored XSS vulnerability - add biblio to shelf (intranet)
Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-06-22 11:00:09 -03:00
Jonathan Druart
abd2bc99e8 Bug 14416: (follow-up) opac addbybilionumber
Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-06-22 11:00:09 -03:00
Chris Cormack
fb51a4bb0f Bug 14416: Stored XSS vulnerability
opac-addbybiblionumber.pl is also vulnerable because it doesn't escape
list names.

To test
1/ Create a malicious list name
2/ Try to add a biblio to the lists
3/ Notice js is excuted
4/ Apply patch
5/ Test again

Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-06-22 11:00:09 -03:00
Chris Cormack
703a928b9d Bug 14416: Stored XSS vulnerability
The affected page in the OPAC client is:
http://testbox:9001/cgi-bin/koha/opac-shelves.pl
the vulnerable parameter: addshelf

The affected page in the STAFF client is:
http://testbox:9002/cgi-bin/koha/virtualshelves/shelves.pl

To test:
1/ Create a shelf in the opac that contains some malicious js
 eg Bad stuff <script>alert('oh noes');</script> as the name
2/ Go to /cgi-bin/koha/virtualshelves/shelves.pl in the staff client
  Note the js is executed
3/ View
http://192.168.2.18:8080/cgi-bin/koha/svc/virtualshelves/search?template_path=virtualshelves/tables/shelves_results.tt&type=1
  Notice the html is not escaped
4/ Apply patch
5/ View
http://192.168.2.18:8080/cgi-bin/koha/svc/virtualshelves/search?template_path=virtualshelves/tables/shelves_results.tt&type=1
  Notice the html is now escaped
6/ View /cgi-bin/koha/virtualshelves/shelves.pl - no more exploit

Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-06-22 10:59:59 -03:00
Tomas Cohen Arazi
a80d188c83 Bug 13993: DBRev 3.21.00.009
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-06-19 11:45:23 -03:00
Jonathan Druart
a712f5b7ba Bug 13993: Clarify test messages
Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-06-19 11:45:23 -03:00
Amit Gupta
a810b1cf59 Bug 13993: (3) Transfer order leaves incorrect orderstatus
11) Apply patch (3)
12) Log in to staff client
13) Acquisitions
14) Create a basket for two different vendors
15) Place an order in one vendor's basket.
16) Transfer the order to the other vendor's basket.
17) prove -v t/db_dependent/Acquisition/TransferOrder.t
    -- This should succeed without intervention.
18) Run koha qa test tools for the last 3 commits.

Signed-off-by: Indranil Das Gupta <indradg@gmail.com>

Signed-off-by: Indranil Das Gupta (L2C2 Technologies) <indradg@gmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-06-19 11:45:11 -03:00
Mark Tompsett
f668a46e23 Bug 13993: (2) Correct poorly transferred orders
Added Atomic Update to fix poorly transferred orders

TEST PLAN
---------
8) Apply patch (2)
9) Run the database updates
   $ ./installer/data/mysql/updatedatabase.pl
   -- This should run without error
10) prove -v t/db_dependent/Acquisition/TransferOrder.t
    -- This should fail, because the transfer function is still
       not fixed.

Signed-off-by: Indranil Das Gupta (L2C2 Technologies) <indradg@gmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-06-19 11:45:01 -03:00
Mark Tompsett
b335b72991 Bug 13993: (1) Add tests to confirm 'new' and 'cancelled'
This adds 2 tests to t/db_dependent/Acquisition/TransferOrder.t
in order to confirm the order's status is properly marked.

TEST PLAN
---------
1) Log into staff client
2) Acquisitions
3) Create a basket for two differing vendors.
4) Place an order in one of the baskets.
5) Transfer the order from one vendor's basket to the others.
6) Apply this patch (1) only
7) prove -v t/db_dependent/Acquisition/TransferOrder.t
   -- should fail one test: not marked as 'cancelled'.

Signed-off-by: Indranil Das Gupta (L2C2 Technologies) <indradg@gmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-06-19 11:44:45 -03:00
Katrin Fischer
2eaeb70879 Bug 14215: Change the 'delimiter' syspref description for its wider use
Patch changes 'report files' to 'CSV files' as there are more
options now for downloading and creating CSV files where this
preference is taken into account.

To test:
- Verify the changed system preference description for
  'delimiter' is correct.

Signed-off-by: Marc Véron <veron@veron.ch>

Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-06-19 11:36:40 -03:00
c76b6a148b Bug 13904: Make unimarc_field_4XX displays usefull 200 subfield data
When searching for multivolumes titles, UNIMARC 4xx field plugin
displays the title of the biblios (200$a), without giving info about
volumes (200 $h $i). It neither doesn't display $e (subtitle) info which
could greatly help to disambiguate search result.

The displayed title is supposed to link to a biblio record view (MARC /
normal). It doesn't work.

TO TEST:

- On a UNIMARC Koha, add a new biblio record
- Call the 4XX plugin from 461/463 field
- Search for a biblio record which contains 200$e, and/or 200$h and/or
  200$i subfields.
- You get a result list, with two issues:
  1. $a, $h & $i aren't displayed
  2. Biblio title is not a link
- Apply the patch, and repeat previous steps.

Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
I got a link on fulltitle, but in 'ahie' order (not aehi)
Fixed some tabs.

Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-06-19 11:35:57 -03:00
Jonathan Druart
be35039b55 Bug 4137: Fix the OPACViewOthersSuggestions behavior
This pref does not work at all, the interface let the user choose to
list all suggestions, but whatever he chooses the suggestion list is the
same.

This patch cleans a bit the suggestedby management.

There are a lot of cases to test, because linked to 2 prefs:
 AnonSuggestions and OPACViewOthersSuggestions.
1/ AnonSuggestions = 0 and OPACViewOthersSuggestions = 0
  - A non logged in user is not able to make a suggestion.
  - A logged in user is not able to see suggestions made by someone else.
2/ AnonSuggestions = 0 and OPACViewOthersSuggestions = 1
  - A non logged in user is not able to make a suggestion.
  - A logged in user is able to see suggestions made by someone else.
3/ AnonSuggestions = 1 and OPACViewOthersSuggestions = 0
  - A non logged in user is able to make a suggestion.
  The suggestedby field will be filled with the AnonymousPatron pref value.
  He is not able to see suggestions, even the ones made by AnonymousPatron.
  - A logged in user is not able to see suggestions made by someone else.
4/ AnonSuggestions = 1 and OPACViewOthersSuggestions = 1
  - A non logged in user is able to make a suggestion.
  He is able to see all suggestions.
  - A logged in user is able to see suggestions made by someone else.

In all cases a logged in user should be able to search for suggestions
(except if he is not able to see them).

Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
All use cases tested, work as expected
No errors

Only comment is perhaps (in the future) a gracefull failure
when AnonymousPatron is not set, or has '0' value

Message is DBIx::Class::ResultSet::create(): Column 'suggestedby' cannot be null at ...

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-06-19 11:34:27 -03:00
Jonathan Druart
d847b1d92a Bug 10866: Hide patron's history if intranetreadinghistory is set to not allow
If set to "not allow", the intranetreadinghistory pref prevent staff
members to access patron's checkout history.
But:
1/ The page is still accessible if you know the url
2/ The history can be consulted on the item history page

Test plan:
0/ Don't apply this patch
1/ Set the intranetreadinghistory to allow
2/ Go on a patron's checkout history page
3/ Open a new tab and go on a item's checkout history page
4/ Set the intranetreadinghistory to not allow
5/ Refresh both pages => no change
6/ Apply this patch
7/ Refresh both page.
On the first page, you should see a warning
On the other one, you should see that the patron column is not displayed
anymore.

Followed test plan, results were as expected.
Signed-off-by: Marc Véron <veron@veron.ch>

http://bugs.koha-community.org/show_bug.cgi?id=10886
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Nice addition!
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-06-19 11:34:27 -03:00
Magnus Enger
b740b1b412 Bug 14403: Remove warn in Koha::NorwegianPatronDB
Line 99 has an unconditional warn, left over from development:

warn "$combined_username => $combined_password";

This patch deletes the line i question.

To test:
No testing needed, just have a look at the diff and see that
it makes sense to delete the warn.

Signed-off-by: Indranil Das Gupta (L2C2 Technologies) <indradg@gmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-06-19 11:34:16 -03:00
Katrin Fischer
688452ad7e Bug 13427: jQuery Timepicker is not translated on returns page
The returns page was missing an include with the translated strings.

To test:
- Install an additional language, like de-DE
- Confirm the bug on the returns page
  - Make sure SpecifyReturnDate is activated
  - Open the datepicker, look at the time settings
- Apply the patch
- Reinstall the language, no update of the po files is needed
- Retest
- Verify, that now the time settings are translated

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Works as expected

Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-06-19 11:30:15 -03:00
Katrin Fischer
7ab873aaea Bug 11467: Bug Untranslatable srings in opac-detail.tt (IDreamBooks*, OpacBrowseResults)
Patch marks several strings in the Javascript on the OPAC detail
and result page for translation.

1) IDreamBooks*
- Activate the 3 IDreamBooks* system preferences
- Check the 'cloud' and additional content shows up correctly on
  the detail and result pages
- Verify everything works as expected and the same as without the patch

2) OpacBrowseResults
- Activate OpacBrowseResults
- Do various searches
- Verify the nex, previous, browse result list features still
  work the same as without the patch

Bonus: Check new strings appear in the .po files by updating one
       language with the patch applied (perl translate update de-DE)

NOTE: Really should have read the test plan more closely.
      I couldn't find the 'Go to detail:' section, until I clicked
      'Browse results'.

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-06-19 11:09:43 -03:00
Aleisha
892d374b64 Bug 11011: Rephrasing 'in keyword' in OPAC authority search
Using 'in the complete record' rather than 'in keyword'. I think this fits well as it seems that this means the search looks anywhere in the record.

To test:

1) In the OPAC, click on Authority Search
2) Notice that in the drop-down menu for the 'Where:' field, there is an 'in keyword' option.
3) Apply patch
4) Now says 'in the complete record'

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-06-19 11:08:50 -03:00
Katrin Fischer
7c0c92807f Bug 8686: Raise required version of URI::Escape to 3.31
Raises the minimum required version of URI::Escape from
1.36 to 3.31.

TEST PLAN
---------
1) git branch -b bug_8686 origin/master
2) ./koha_perl_deps.pl -a | grep URI
   -- it will list 1.36 required
3) git bz apply 8686
4) ./koha_perl_deps.pl -a | grep URI
   -- it will list 3.31 required
5) koha qa test tools

NOTE: Also default in Ubuntu 14.04 LTS,
      not just Wheezy as noted in comment #15.

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signoff based on Nicole's comment (bug 9990 comment 6):
"This stops happening if you upgrade URI::Escape to
3.31.  We should make it clear in the Perl Modules page that an upgrade
is needed."
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-06-18 12:18:33 -03:00
Jonathan Druart
d56a275c0d Bug 14070: Prevent to save a letter if an error occurred
On saving a letter, if the title or the content of a template is not
defined, a JS alert is raised. But the form is submitted anyway.
This patch prevent the form to be submitted.

Test plan:
- Create or edit a letter
- Fill the title for a template, not the content
- Save
- Confirm you get the alert and that the form is not submitted

http://bugs.koha-community.org/show_bug.cgi?id=14070

Signed-off-by: Indranil Das Gupta <indradg@gmail.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2015-06-17 09:55:40 -03:00
Katrin Fischer
38048bc420 Bug 14351: Remove given-when from opac-search.pl
Reformats given-when to if-elsif-else in opac-search.pl
to remove the experimental feature and with it a lot
of warnings from the logs.

To test:
- Do several different advanced searches with and
  without expanded search options
- Verify the link back to the search appears above
  the results list and works correctly

See also: test plan on bug 13307

NOTE: Even installed firefox plug in to edit cookies to
      trigger else case. :)

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2015-06-17 09:53:47 -03:00
Katrin Fischer
2fe241cc0f Bug 14350: Missing statement in kohastructure.sql - DROP TABLE IF EXISTS borrower_sync
Reported by Jonathan on bug 11401:

DROP TABLE IF EXISTS borrower_sync;
is missing in installer/data/mysql/kohastructure.sql

To test:
- Run the web installer and confirm all tables are
  created correctly

Signed-off-by: Indranil Das Gupta (L2C2 Technologies) <indradg@gmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2015-06-17 09:52:40 -03:00
Matthias Meusburger
cc7b795f84 Bug 14280: Add branches fields to discharges letters
Currently, when generating a discharge letter, branches fields are not translated in the letter (<<branches.branchname>>, <<branches.branchaddress1>>, etc.)
This patch fixes that.

How I tested:
- Set syspref 'useDischarge' to 'allow'
- Go to Home > Tools > Notices & Slips
- Edit DISCHARGE, add to 'Email message':
<p><<branches.branchname>><br />
<<branches.branchaddress1>><br />
<<branches.branchaddress2>><br />
<<branches.branchaddress3>><br />
<<branches.zip>> <<branches.city>><br />
</p>
- Go to detail page of a patron > discharge
- Click 'Generate discharge'
- Verify that the PDF contains the information above.

Signed-off-by: Marc Véron <veron@veron.ch>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-06-11 13:12:32 -03:00
Jonathan Druart
83da81e0ce Bug 14029: Provide 'clear' link to empty reports search filters
Patch adds a 'clear' link next to the 'Apply filters' button to
empty out the form fields.

To test:
- go to the reports module
- make sure you have some saved reports
- search your saved reports using the author, keyword and date filters
- verify searching works as expected
- verify the new 'clear' link works as expected

Tested couner patch, followed test plan, works as expected. QA tools ok.
Signed-off-by: Marc Véron <veron@veron.ch>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-06-11 13:08:53 -03:00
bba78196d3 Bug 13336 - Add time to date column for patron circulation history
Some librarians have expressed that it would be very helpful to have the
hours displayed in the date column for a patron's circulation history.
The time an action took place can be vital to tracking down which
librarians were working at the time a given circulation action took
place.

Test Plan:
1) View a patron's circulation history
2) Note the Date column has no hour/minute
3) Apply this patch
4) Reload the page
5) Note the hour and minutes now display

Signed-off-by: David Roberts <david.roberts@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-06-11 12:19:55 -03:00
Tomas Cohen Arazi
4d417b9a2e Bug 7981: DBRev 3.21.00.008
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-06-11 10:41:57 -03:00
Jonathan Druart
1f3e11c5bd Bug 7981: Reintroduce dropboxdate
The parameter was lost in previous commit.

Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-06-11 10:41:50 -03:00
99df63b4b0 Bug 7981: (QA followup) Rename TT vars
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net>

Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-06-11 10:41:49 -03:00
Katrin Fischer
ca17301881 Bug 7981: Follow-up - Fix qa script complaints
- Fix updatedatabase, moving the update entry into the right spot
- Fix some tabs

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net>

Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-06-11 10:41:44 -03:00
Jonathan Druart
074f8637e8 Bug 7981: Use The Branches TT plugin instead of GetBranchName
Note that homebranchname is never used in the template.

Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net>

Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-06-11 10:41:37 -03:00
Jonathan Druart
0405287538 Bug 7981: Remove HomeOrHoldingBranchReturn syspref from C4::UsageStats
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net>

Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-06-11 10:41:27 -03:00
Benjamin Rokseth
57608fdecb Bug 7981: Remove HomeOrHoldingBranchReturn syspref
This patch removes HomeOrHoldingBranchReturn syspref and makes circ/returns.pl respect branch
circulation rules from C4::Circulation::GetBranchItemRule. Also transfer slip notice should reflect this.

Default should always be to return item to home branch.

Test plan:
- make sure syspref 'AutomaticItemReturn' is set to 'false'
- unset 'Default checkout, hold and return policy' or set 'Return policy' to 'Item returns home'
- checkout an item and do a checkin from different branch than items homebranch
- verify that you're prompted with a transfer message to item's home branch and that print slip matches

- set 'Return policy' to 'Item returns to issuing library'
- do a checkout and a checkin from branch different than item's home branch
- verify that you're not prompted with a transfer message and that holding library is your current branch

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Follow-up:
- Added 3 tests in t/db_dependent/Circulation_Branches.t to test AddReturn
  policies
- Removed HomeOrHoldingBranchReturn from sysprefs.sql
- Added notice on removing syspref in updatedatabase

QA edits:
- removed trailing whitespace in tests
- moved branchname lookup from returns.pl to template

Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>

Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net>

Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
2015-06-11 10:24:22 -03:00
Jonathan Druart
27ef1410a7 Bug 11941: Add link to patron lists from the patron home page
The patron lists are only accessible from the tools module, which is not
easily accessible when you are in the patron module.

Test plan:
Go on the patron home page.
In the toolbar, you should see a link to the patron lists.

NOTE: Tweaked button to a to get the click to work.

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Liz Rea <liz@catalyst.net.nz>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
2015-06-11 10:15:46 -03:00
Indranil Das Gupta
c07f83f643 Bug 14206: Adds test for getletter() call from overdue_notices.pl
Adds missing test for getletter() when called from overdue_notices.pl

Test plan
=========

1/ apply this patch
2/ run prove -v t/db_dependent/Letters.t
   all tests should pass, especially test #40 which tests call from
   overdue_notices.pl

Signed-off-by: Marc Véron <veron@veron.ch>

Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
2015-06-11 10:14:35 -03:00
Indranil Das Gupta
8895caa339 Bug 14206: Adds delete function for non email templates
C4::Letters::getletter() is called in tools/letter.pl by the function
delete_confirm() to display the selected notice for deletion. Due to
current implementation of getletter(), a notice that does not use
the 'email' template (but uses any/all of the other templates - sms,
print or phone) can't be deleted from the staff client.

This patch adds deletion capability for notices that do not use email
template, but uses any/all of the other templates i.e. sms, print or
phone. This also adds 2 tests to t/db_dependent/Letters.t for testing
both conditions - a) when message_transport_type is specified b) when
it is not.

Test plan
=========

1/ Go to Tools -> Notices & Slips. Add a new notice only for print,
   leave 'Library' and 'Koha module' options as default selections.
   Enter 'KOHA_14206' and 'Koha Test 14206' against Code and Name
   respectively, and 'Test' and 'Test Message' for subject and body.
   Leave the Email, Phone and SMS tabs blank. Save the notice.
2/ On the notices listing page the new notice will be listed. Try to
   delete it. It will load the 'Delete notice' dialog form, but the
   table will not show any data under <th>s - 'Library', 'Module',
   'Code' or 'Name'.
3/ Click the "Yes, delete" button. The page will be submitted and the
   Notices listing reloaded. The print-only KOHA_14206 notice should
   continue to exist. This is *wrong*.
4/ Apply this patch
5/ Reload the listings page and click on the 'Delete' link for Notice
   KOHA_14206. This time, it should show the data under 'Module',
   'Code' or 'Name' at least.
6/ Click on 'Yes, delete'. The page should submit and the listing page
   reload. This time KOHA_14206 will be gone.
7/ Run prove -v t/db_dependent/Letters.t
   All tests should PASS without any error.

Followed test plan. Works as expected.
Signed-off-by: Marc Véron <veron@veron.ch>

Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
2015-06-11 10:14:22 -03:00
Jonathan Druart
c345694808 Bug 13970: Remove category_type related code
Working on bug 13497 and bug 9314, I run into some Koha vestiges.
The category_type parameter should not be passed to memberentry.
On creating a new patron, the categorycode should be passed, and on
editing, it's useless. We can work with the borrowernumber and retrieve
these values.

Details of the changes:
- members-toolbar.inc: Remove the category_type parameter passed to
memberentry.pl
- memberentrygen.tt: Just remove the useless category_type parameter on
  editing a patron. Also remove the unused one passed to
  guarantor_search.pl.
- tables/members_results.tt: the borrowernumber is enough to edit a
  patron.
- memberentry.pl: check_categorytype is never used in the template, all
  the process to calculate/retrieve it is unnecessary.
- members/nl-search.tt: The borrowernumber is enough to edit a patron.

Test plan:
Try to create and edit patrons and verify that
- the guarantor search still work
- the form (memberentry) behave as before

Edit a patron from the nl-search.pl script (Magnus?)

Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>

On top of 9314 (13497 already pushed)

No evident regressions found, add/edit patron works,
search/set guarantor works.

Cant test nl-patron.pl save for exec it.
prove -v t/NorwegianPatronDB.t runs

No koha-qa errors

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
2015-06-11 10:11:01 -03:00
Jonathan Druart
9d793b2f7e Bug 9314: Remove useless code related to the type_only parameter
Since the pref AddPatronLists has been removed in bug 13497, the code
related to type_only and category_type in memberentry.pl is useless.

Test plan:
Confirm you don't the information message.
You can also confirm that the message was wrong and nothing was saved.

Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Dead code removed, no errors

Think that bug description can be updated to commit message

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
2015-06-11 10:09:55 -03:00
721a77e669 Bug 14338: Unable to delete patron images
The call to RmPatronImage is still passing cardnumber as its parameter
instead of borrowernumber.

Test Plan:
1) Upload a patron image
2) Ensure the card number is not the same as the borrower number
3) Attempt to delete patron image
   -- Image will remain
4) Apply this patch
5) Attempt to delete patron image
   -- Image will be removed
6) run koha qa test tools

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
2015-06-11 10:08:59 -03:00
Jonathan Druart
41b9687d97 Bug 13265: Use sessionStorage to store searches instead of cookies
This is a counter patch.
The idea is to provide a permanent solution for the cookie length issue
we occurred on storing the searches (intranet side).

Test plan:
Launch as many searches as you can (don't forget to sleep).
You should not get any error.
Confirm there is no regression using the results browser.

Tested with 6 parralel searches in different tabs (with alternatively browising up and down). No problems found.
Signed-off-by: Marc Véron <veron@veron.ch>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
2015-06-11 10:06:45 -03:00