Koha-community/Koha
13
7
Fork 0
Code Issues Releases Wiki Activity
Koha/koha-tmpl/intranet-tmpl/prog/en/modules/members/files.tt
Jonathan Druart 5825026448 Bug 21526: uri escape TT variables when used in 'a href' 
This patch has been generated with the script provided on bug 21576.
It only affects variable used in the href attribute of a link *when*
href it the first attribute of the node (grep "a href")

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-10-26 17:09:57 +00:00

107 lines
4.3 KiB
Text
Raw Blame History

[% USE raw %]
[% USE Asset %]
[% USE KohaDates %]
[% USE Branches %]
[% USE AuthorisedValues %]
[% SET footerjs = 1 %]
[% INCLUDE 'doc-head-open.inc' %]
<title>Files for [% INCLUDE 'patron-title.inc' no_html = 1 %]</title>
[% INCLUDE 'doc-head-close.inc' %]
</head>
<body id="pat_files" class="pat">
[% INCLUDE 'header.inc' %]
[% INCLUDE 'patron-search.inc' %]
<div id="breadcrumbs"><a href="/cgi-bin/koha/mainpage.pl">Home</a> &rsaquo; <a href="/cgi-bin/koha/members/members-home.pl">Patrons</a> &rsaquo; Files for [% INCLUDE 'patron-title.inc' %]</div>
<div id="doc3" class="yui-t2">
<div id="bd">
<div id="yui-main">
<div class="yui-b">
[% INCLUDE 'members-toolbar.inc' %]
<h1>Files</h1>
[% IF errors %]
<div class="dialog alert">
[% IF errors.empty_upload %]The file you are attempting to upload has no contents.[% END %]
[% IF errors.no_file %]You did not select a file to upload.[% END %]
</div>
[% END %]
[% IF ( files ) %]
<table>
<thead>
<tr>
<th>Name</th>
<th>Type</th>
<th>Description</th>
<th>Uploaded</th>
[% IF CAN_user_borrowers_edit_borrowers %]<th>&nbsp;</th>[% END %]
</tr>
</thead>
<tbody>
[% FOREACH f IN files %]
<tr>
<td><a href="?borrowernumber=[% patron.borrowernumber | uri %]&amp;op=download&amp;file_id=[% f.file_id | uri %]">[% f.file_name | html %]</a></td>
<td>[% f.file_type | html %]</td>
<td>[% f.file_description | html %]</td>
<td>[% f.date_uploaded | $KohaDates %]</td>
[% IF CAN_user_borrowers_edit_borrowers %]<td><a class="btn btn-default btn-xs confirmdelete" href="?borrowernumber=[% patron.borrowernumber | html %]&amp;op=delete&amp;file_id=[% f.file_id | html %]"><i class="fa fa-trash"></i> Delete</a></td>[% END %]
</tr>
[% END %]
</tbody>
</table>
[% ELSE %]
<div class="dialog message">
<p>This patron has no files attached.</p>
</div>
[% END %]
<form method="post" action="/cgi-bin/koha/members/files.pl" enctype="multipart/form-data">
<fieldset class="rows">
<legend>Upload new file</legend>
<ol>
<li><input type="hidden" name="op" value="upload" />
<input type="hidden" name="borrowernumber" value="[% patron.borrowernumber | html %]" />
<input type="hidden" name="MAX_FILE_SIZE" value="2000000" />
<label for="description">Description:</label>
<input name="description" id="description" type="text" /></li>
<li><label for="uploadfile">File:</label><input name="uploadfile" type="file" id="uploadfile" /></li>
</ol>
<fieldset class="action"><input name="upload" type="submit" id="upload" value="Upload file" /></fieldset>
</fieldset>
</form>
</div>
</div>
<div class="yui-b">
[% INCLUDE 'circ-menu.inc' %]
</div>
</div>
[% MACRO jsinclude BLOCK %]
[% INCLUDE 'str/members-menu.inc' %]
[% Asset.js("js/members-menu.js") | $raw %]
<script type="text/javascript">
$(document).ready(function(){
$(".confirmdelete").on("click", function(){
$(this).parents('tr').addClass("warn");
if(confirm(_("Are you sure you want to delete this file?"))){
return true;
} else {
$(this).parents('tr').removeClass("warn");
return false;
}
});
});
</script>
[% END %]
[% INCLUDE 'intranet-bottom.inc' %]
View git blame Copy permalink