#!/usr/bin/perl # Copyright 2012 Foundations Bible College Inc. # # This file is part of Koha. # # Koha is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 3 of the License, or # (at your option) any later version. # # Koha is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with Koha; if not, see . use strict; use warnings; use CGI qw ( -utf8 ); use JSON; use autouse 'Data::Dumper' => qw(Dumper); use C4::Auth; use C4::Context; my $cgi = CGI->new; my $dbh = C4::Context->dbh; my $sort_columns = ["id", "source", "text", "timestamp"]; my ( $status, $cookie, $sessionID ) = C4::Auth::check_api_auth( $cgi, { tools => 'edit_quotes' } ); unless ($status eq "ok") { print $cgi->header(-type => 'application/json', -status => '403 Forbidden'); print to_json({ auth_status => $status }); exit 0; } # NOTE: This is a collection of ajax functions for use with tools/quotes.pl my $params = $cgi->Vars; # NOTE: Multivalue parameters NOT allowed!! print $cgi->header('application/json; charset=utf-8'); my $action = $params->{'action'} || 'get'; if ($action eq 'add') { my $sth = $dbh->prepare('INSERT INTO quotes (source, text) VALUES (?, ?);'); $sth->execute($params->{'source'}, $params->{'text'}); if ($sth->err) { warn sprintf('Database returned the following error: %s', $sth->errstr); exit 0; } my $new_quote_id = $dbh->{q{mysql_insertid}}; # ALERT: mysqlism here $sth = $dbh->prepare('SELECT * FROM quotes WHERE id = ?;'); $sth->execute($new_quote_id); print to_json($sth->fetchall_arrayref, {utf8 =>1}); exit 0; } elsif ($action eq 'edit') { my $aaData = []; my $editable_columns = [qw(source text)]; # pay attention to element order; these columns match the quotes table columns my $sth = $dbh->prepare("UPDATE quotes SET $editable_columns->[$params->{'column'}-1] = ? WHERE id = ?;"); $sth->execute($params->{'value'}, $params->{'id'}); if ($sth->err) { warn sprintf('Database returned the following error: %s', $sth->errstr); exit 1; } $sth = $dbh->prepare("SELECT $editable_columns->[$params->{'column'}-1] FROM quotes WHERE id = ?;"); $sth->execute($params->{'id'}); $aaData = $sth->fetchrow_array(); print Encode::encode('utf8', $aaData); exit 0; } elsif ($action eq 'delete') { my $sth = $dbh->prepare("DELETE FROM quotes WHERE id = ?;"); $sth->execute($params->{'id'}); if ($sth->err) { warn sprintf('Database returned the following error: %s', $sth->errstr); exit 1; } exit 0; } else { my $aaData = []; my $iTotalRecords = ''; my $sth = ''; $iTotalRecords = $dbh->selectrow_array('SELECT count(*) FROM quotes;'); $sth = $dbh->prepare("SELECT * FROM quotes;"); $sth->execute(); if ($sth->err) { warn sprintf('Database returned the following error: %s', $sth->errstr); exit 1; } $aaData = $sth->fetchall_arrayref; my $iTotalDisplayRecords = $iTotalRecords; # no filtering happening here print to_json({ iTotalRecords => $iTotalRecords, iTotalDisplayRecords=> $iTotalDisplayRecords, sEcho => $params->{'sEcho'}, aaData => $aaData, }, {utf8 =>1}); }