8534ca2780
Test 1. Hit the page /cgi-bin/koha/acqui/parcels.pl?booksellerid=xx xx is booksellerid 2. Add a text in the field Vendor invoice that contains java script 3. Save the page. 4. Notice js is execute 5. Apply patch and reload the js is escaped Fixed XSS for parcels.pl/parcel.pl/orderreceive.pl Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
549 lines
24 KiB
Text
549 lines
24 KiB
Text
[% USE Koha %]
|
||
[% USE KohaDates %]
|
||
[% USE Price %]
|
||
[% USE currency = format('%.2f') -%]
|
||
[% INCLUDE 'doc-head-open.inc' %]
|
||
<title>Koha › Acquisitions › [% IF ( date ) %]
|
||
Receipt summary for [% name %] [% IF ( invoice ) %]invoice [% invoice %][% END %] on [% datereceived | $KohaDates %][% ELSE %]Receive orders from [% name %][% END %]</title>
|
||
<link rel="stylesheet" type="text/css" href="[% interface %]/[% theme %]/css/datatables.css" />
|
||
[% INCLUDE 'doc-head-close.inc' %]
|
||
[% INCLUDE 'datatables.inc' %]
|
||
<script type="text/javascript" src="[% interface %]/lib/jquery/plugins/jquery.dataTables.columnFilter.js"></script>
|
||
<script type="text/javascript" src="[% interface %]/lib/jquery/plugins/jquery.cookie.min.js"></script>
|
||
<style type="text/css">#dataPreview { width : 80%; } @media (max-width: 767px) { #dataPreview { margin: 0; width : auto; } }</style>
|
||
<script type="text/javascript">
|
||
//<![CDATA[
|
||
|
||
dt_overwrite_html_sorting_localeCompare();
|
||
|
||
var sticky_filters = [% sticky_filters %];
|
||
|
||
$(document).ready(function(){
|
||
if ( $("#pendingt").length ) {
|
||
var pendingt = $("#pendingt").dataTable($.extend(true, {}, dataTablesDefaults, {
|
||
"bStateSave": true,
|
||
"iCookieDuration": 60*60*24*1000, // 1000 days
|
||
"iDisplayLength": 10,
|
||
"aLengthMenu": [[5, 10, 20, 50, 100, -1], [5, 10, 20, 50, 100, _("All")]],
|
||
"aoColumnDefs": [
|
||
{ "aTargets": [ 4, 9, 10 ], "bSortable": false, "bSearchable": false },
|
||
],
|
||
"aoColumns": [
|
||
{ "sType": "html" },
|
||
{ "sType": "html" },
|
||
{ "sType": "num-html" },
|
||
{ "sType": "anti-the" },
|
||
null,
|
||
null,
|
||
null,
|
||
null,
|
||
null,
|
||
null,
|
||
null,
|
||
],
|
||
'bAutoWidth': false,
|
||
"sPaginationType": "four_button"
|
||
} )
|
||
).columnFilter({
|
||
sPlaceHolder: "head:after",
|
||
aoColumns: [
|
||
{ type: "text" },
|
||
{ type: "text" },
|
||
{ type: "text" },
|
||
{ type: "text" },
|
||
null,
|
||
{ type: "text" },
|
||
{ type: "text" },
|
||
{ type: "text" },
|
||
{ type: "text" },
|
||
null,
|
||
null
|
||
]
|
||
});
|
||
}
|
||
|
||
if ( $("#receivedt").length ) {
|
||
var receivedt = $("#receivedt").dataTable($.extend(true, {}, dataTablesDefaults, {
|
||
"bStateSave": true,
|
||
"iCookieDuration": 60*60*24*1000, // 1000 days
|
||
"iDisplayLength": 10,
|
||
"aLengthMenu": [[5, 10, 20, 50, 100, -1], [5, 10, 20, 50, 100, _("All")]],
|
||
"aoColumnDefs": [
|
||
{ "aTargets": [ 5, -1 ], "bSortable": false, "bSearchable": false },
|
||
],
|
||
"aoColumns": [
|
||
{ "sType": "html" },
|
||
{ "sType": "html" },
|
||
{ "sType": "html" },
|
||
{ "sType": "num-html" },
|
||
{ "sType": "anti-the" },
|
||
null,
|
||
null,
|
||
null,
|
||
null,
|
||
null,
|
||
null,
|
||
null
|
||
],
|
||
"sPaginationType": "four_button"
|
||
} ) );
|
||
}
|
||
|
||
// Keep filters from finishreceive.pl to parcel.pl
|
||
$.cookie("filter_parcel_summary", $("#summaryfilter").val());
|
||
$.cookie("filter_parcel_basketname", $("#basketfilter").val());
|
||
$.cookie("filter_parcel_orderno", $("#orderfilter").val());
|
||
$.cookie("filter_parcel_basketgroupname", $("#basketgroupnamefilter").val());
|
||
$.cookie("filter_parcel_ean", $("#eanfilter").val());
|
||
|
||
$("#filterform").on('submit', function(){
|
||
$.cookie("filter_parcel_summary", $("#summaryfilter").val());
|
||
$.cookie("filter_parcel_basketname", $("#basketfilter").val());
|
||
$.cookie("filter_parcel_orderno", $("#orderfilter").val());
|
||
$.cookie("filter_parcel_basketgroupname", $("#basketgroupnamefilter").val());
|
||
$.cookie("filter_parcel_ean", $("#eanfilter").val());
|
||
});
|
||
|
||
$(".previewData").on("click", function(e){
|
||
e.preventDefault();
|
||
var ltitle = $(this).text();
|
||
var page = $(this).attr("href");
|
||
$("#dataPreviewLabel").text(ltitle);
|
||
$("#dataPreview .modal-body").load(page + " div");
|
||
$('#dataPreview').modal({show:true});
|
||
});
|
||
$("#dataPreview").on("hidden", function(){
|
||
$("#dataPreviewLabel").html("");
|
||
$("#dataPreview .modal-body").html("<div id=\"loading\"><img src=\"[% interface %]/[% theme %]/img/spinner-small.gif\" alt=\"\" /> "+_("Loading")+"</div>");
|
||
});
|
||
|
||
});
|
||
|
||
// Case-insensitive version of jquery's contains function
|
||
jQuery.extend(jQuery.expr[':'], {
|
||
icontains : "jQuery(a).text().toUpperCase().indexOf(m[3].toUpperCase())>=0"
|
||
});
|
||
|
||
// Contains exactly function
|
||
jQuery.extend(jQuery.expr[':'], {
|
||
containsExactly: "$(a).text() == m[3]"
|
||
});
|
||
|
||
//]]>
|
||
</script>
|
||
<script type="text/javascript">
|
||
//<![CDATA[
|
||
function transfer_order_popup(ordernumber) {
|
||
var url = "/cgi-bin/koha/acqui/transferorder.pl?"
|
||
+ "ordernumber=" + ordernumber
|
||
window.open(url, 'TransferOrder');
|
||
}
|
||
|
||
//]]>
|
||
</script>
|
||
</head>
|
||
<body id="acq_parcel" class="acq">
|
||
[% INCLUDE 'header.inc' %]
|
||
[% INCLUDE 'acquisitions-search.inc' %]
|
||
|
||
<div id="breadcrumbs"><a href="/cgi-bin/koha/mainpage.pl">Home</a> › <a href="/cgi-bin/koha/acqui/acqui-home.pl">Acquisitions</a> ›
|
||
[% IF datereceived %]
|
||
Receipt summary for <i>[% name %]</i>
|
||
[% IF ( invoice ) %]
|
||
<i>[ [% invoice |html %] ]</i>
|
||
[% END %]
|
||
on <i>[% datereceived | $KohaDates %]</i>
|
||
[% ELSE %]
|
||
Receive orders from [% name %]
|
||
[% END %]
|
||
</div>
|
||
|
||
<div id="doc3" class="yui-t2">
|
||
|
||
<div id="bd">
|
||
<div id="yui-main">
|
||
<div class="yui-b">
|
||
[% IF ( receive_error ) %]
|
||
<div class="dialog alert">
|
||
<h3>Error adding items:</h3>
|
||
<ul>
|
||
[% FOREACH error_loo IN error_loop %]
|
||
<li>[% error_loo.error_param %][% IF ( error_loo.error_duplicate_barcode ) %]Duplicate Barcode[% END %] <!-- todo: other error conditions come here. --></li>
|
||
[% END %]
|
||
</ul>
|
||
</div>
|
||
[% END %]
|
||
<h1>
|
||
[% IF datereceived %]
|
||
Receipt summary for <i>[% name %]</i> [% IF ( invoice ) %] <i> [ [% invoice |html %] ] </i>[% END %] on <i>[% datereceived | $KohaDates %]</i>
|
||
[% ELSE %]
|
||
Receive orders from [% name %]
|
||
[% END %]
|
||
</h1>
|
||
|
||
[% IF ( success_delorder ) %]
|
||
<div class="dialog message">The order has been successfully canceled.</div>
|
||
[% ELSE %]
|
||
[% IF ( error_delitem ) %]
|
||
<div class="dialog alert">The order has been canceled, although one or more items could not have been deleted.</div>
|
||
[% END %]
|
||
[% IF ( error_delbiblio ) %]
|
||
<div class="dialog alert">The order has been canceled, although the record has not been deleted.</div>
|
||
[% END %]
|
||
[% END %]
|
||
|
||
[% IF (error_cancelling_receipt) %]
|
||
<div class="dialog error">
|
||
Cannot cancel receipt. Possible reasons :
|
||
<ul>
|
||
<li>
|
||
The order line you trying to cancel was created from a partial receipt
|
||
of another order line which is already received. Try to cancel this
|
||
one first and retry.
|
||
</li>
|
||
<li>
|
||
The order line you trying to cancel was created from a partial receipt
|
||
of another order line which has been deleted. Cancellation is not
|
||
possible.
|
||
</li>
|
||
</ul>
|
||
</div>
|
||
[% END %]
|
||
|
||
[% IF error_invoice_not_known %]
|
||
<div class="dialog error">
|
||
The invoice referenced by this invoiceid does not exist.
|
||
</div>
|
||
[% END %]
|
||
|
||
[% UNLESS no_orders_to_display %]
|
||
<div id="acqui_receive_summary">
|
||
<p><strong>Invoice number:</strong> [% invoice |html %] <strong>Received by:</strong> [% loggedinusername %] <strong>On:</strong> [% datereceived | $KohaDates %]</p>
|
||
</div>
|
||
[% UNLESS (invoiceclosedate) %]
|
||
<div id="acqui_receive_search">
|
||
<h3>Pending orders</h3>
|
||
|
||
[% IF ( loop_orders ) %]
|
||
<table id="pendingt">
|
||
<thead>
|
||
<tr>
|
||
<th>Basket search</th>
|
||
<th>Basket group search</th>
|
||
<th>Order line search</th>
|
||
<th>Summary search</th>
|
||
<th> </th>
|
||
<th>Quantity search</th>
|
||
<th>Unit cost search</th>
|
||
<th>Order cost search</th>
|
||
<th>Fund search</th>
|
||
<th> </th>
|
||
<th> </th>
|
||
</tr>
|
||
<tr>
|
||
<th>Basket</th>
|
||
<th>Basket group</th>
|
||
<th>Order line</th>
|
||
<th>Summary</th>
|
||
<th>View record</th>
|
||
<th>Quantity</th>
|
||
<th>Unit cost</th>
|
||
<th>Order cost</th>
|
||
<th>Fund</th>
|
||
<th> </th>
|
||
<th> </th>
|
||
</tr>
|
||
</thead>
|
||
<tbody class="filterclass">
|
||
[% FOREACH loop_order IN loop_orders %]
|
||
<tr>
|
||
<td class="basketfilterclass">[% loop_order.basketname %] (<a href="/cgi-bin/koha/acqui/basket.pl?basketno=[% loop_order.basketno %]">[% loop_order.basketno %]</a>)</td>
|
||
<td>
|
||
[% IF loop_order.basketgroupid %]
|
||
[% loop_order.basketgroupname %] (<a href="/cgi-bin/koha/acqui/basketgroup.pl?booksellerid=[% loop_order.booksellerid %]">[% loop_order.basketgroupid %]</a>)
|
||
[% ELSE %]
|
||
No basket group
|
||
[% END %]
|
||
</td>
|
||
<td class="orderfilterclass"><a href="neworderempty.pl?ordernumber=[% loop_order.ordernumber %]&booksellerid=[% loop_order.booksellerid %]">[% loop_order.ordernumber %]</a></td>
|
||
<td class="summaryfilterclass">
|
||
<a href="/cgi-bin/koha/catalogue/detail.pl?biblionumber=[% loop_order.biblionumber %]">[% loop_order.title |html %]</a>
|
||
[% IF ( loop_order.author ) %] by [% loop_order.author %][% END %]
|
||
[% IF ( loop_order.isbn ) %] – [% loop_order.isbn %][% END %]
|
||
[% IF ( loop_order.publishercode ) %]
|
||
<br />Publisher: [% loop_order.publishercode %]
|
||
[%- IF ( loop_order.publicationyear > 0) -%], [% loop_order.publicationyear %]
|
||
[%- ELSIF ( loop_order.copyrightdate > 0) -%] [% loop_order.copyrightdate %]
|
||
[% END %]
|
||
[% END %]
|
||
[% IF ( loop_order.suggestionid ) %]
|
||
<br/>
|
||
Suggested by: [% loop_order.surnamesuggestedby %][% IF ( loop_order.firstnamesuggestedby ) %], [% loop_order.firstnamesuggestedby %] [% END %]
|
||
(<a href="/cgi-bin/koha/suggestion/suggestion.pl?suggestionid=[% loop_order.suggestionid %]&op=show">suggestion #[% loop_order.suggestionid %]</a>)
|
||
[% END %]
|
||
<br />
|
||
[% IF ( loop_order.order_internalnote ) %]
|
||
<p class="ordernote"><strong>Internal note: </strong>[% loop_order.order_internalnote|html %] [<a href="/cgi-bin/koha/acqui/modordernotes.pl?ordernumber=[% loop_order.ordernumber %]&referrer=/cgi-bin/koha/acqui/parcel.pl%3Finvoiceid=[% invoiceid %]&type=internal">Change internal note</a>]</p>
|
||
[% ELSE %]
|
||
[<a href="/cgi-bin/koha/acqui/modordernotes.pl?ordernumber=[% loop_order.ordernumber %]&referrer=/cgi-bin/koha/acqui/parcel.pl%3Finvoiceid=[% invoiceid %]&type=internal">Add internal note</a>]
|
||
[% END %]
|
||
[% IF ( loop_order.order_vendornote ) %]
|
||
<p class="ordernote"><strong>Vendor note: </strong>[% loop_order.order_vendornote|html %]</p>
|
||
[% ELSE %]
|
||
[<a href="/cgi-bin/koha/acqui/modordernotes.pl?ordernumber=[% loop_order.ordernumber %]&referrer=/cgi-bin/koha/acqui/parcel.pl%3Finvoiceid=[% invoiceid %]&type=vendor">Add vendor note</a>]
|
||
[% END %]
|
||
</td>
|
||
<td><a href="/cgi-bin/koha/catalogue/showmarc.pl?id=[% loop_order.biblionumber %]" class="previewData">MARC</a> | <a href="/cgi-bin/koha/catalogue/showmarc.pl?viewas=card&id=[% loop_order.biblionumber %]" class="previewData">Card</a></td>
|
||
<td>[% loop_order.quantity %]</td>
|
||
<td>[% loop_order.ecost | $Price %]</td>
|
||
<td>[% loop_order.total | $Price %]</td>
|
||
<td>[% loop_order.budget_name %]</td>
|
||
<td>
|
||
<a href="orderreceive.pl?ordernumber=[% loop_order.ordernumber %]&invoiceid=[% invoiceid %]">Receive</a>
|
||
<br />
|
||
<a href="#" onclick="transfer_order_popup([% loop_order.ordernumber %]); return false;">Transfer</a>
|
||
</td>
|
||
<td>
|
||
[% IF ( loop_order.left_holds_on_order ) %]
|
||
<span class="button" title="Can't cancel order, ([% loop_order.holds_on_order %]) holds are linked with this order cancel holds first">Can't cancel order</span><br>
|
||
[% ELSE %]
|
||
<a href="/cgi-bin/koha/acqui/cancelorder.pl?ordernumber=[% loop_order.ordernumber %]&biblionumber=[% loop_order.biblionumber %]&referrer=[% "/cgi-bin/koha/acqui/parcel.pl?invoiceid=$invoiceid" | uri %]">Cancel order</a><br />
|
||
[% END %]
|
||
[% IF ( loop_order.can_del_bib ) %]
|
||
<a href="/cgi-bin/koha/acqui/cancelorder.pl?ordernumber=[% loop_order.ordernumber %]&biblionumber=[% loop_order.biblionumber %]&del_biblio=1&referrer=[% "/cgi-bin/koha/acqui/parcel.pl?invoiceid=$invoiceid" | uri %]">Cancel order and catalog record</a><br />
|
||
[% ELSE %]
|
||
<span class="button" title="Can't delete catalog record, see constraints below">Can't cancel order and delete catalog record</span><br>
|
||
[% END %]
|
||
[% IF ( loop_order.left_item ) %]
|
||
<b title="Can't delete catalog record, because of [% loop_order.items %] existing item(s)" >[% loop_order.items %] item(s) left</b><br>
|
||
[% END %]
|
||
[% IF ( loop_order.left_biblio ) %]
|
||
<b title="Can't delete catalog record, delete other orders linked to it first">[% loop_order.biblios %] order(s) left</b><br>
|
||
[% END %]
|
||
[% IF ( loop_order.left_subscription ) %]
|
||
<b title="Can't delete catalog record, delete subscriptions first">[% loop_order.subscriptions %] subscription(s) left</b><br>
|
||
[% END %]
|
||
[% IF ( loop_order.left_holds ) %]
|
||
<b title="Can't delete catalog record or order, cancel holds first">[% loop_order.holds %] hold(s) left</b>
|
||
[% END %]
|
||
</td>
|
||
</tr>
|
||
[% END %]
|
||
</tbody>
|
||
</table>
|
||
[% ELSE %]There are no pending orders.[% END %]
|
||
</div>
|
||
[% ELSE %]
|
||
<p>
|
||
Invoice is closed, so you can't receive orders anymore.
|
||
<a href="/cgi-bin/koha/acqui/invoice.pl?op=reopen&invoiceid=[% invoiceid %]&referer=/cgi-bin/koha/acqui/parcel.pl%3Finvoiceid=[% invoiceid %]">Reopen it</a>.
|
||
</p>
|
||
[% END %]
|
||
|
||
<div id="acqui_receive_receivelist">
|
||
<h3>Already received</h3>
|
||
|
||
[% IF ( loop_received ) %]
|
||
<form action="/cgi-bin/koha/acqui/parcel.pl" method="get" name="orderform">
|
||
<table id="receivedt">
|
||
<thead>
|
||
<tr>
|
||
<th>Basket</th>
|
||
<th>Basket group</th>
|
||
<th>Order line</th>
|
||
<th>Holds</th>
|
||
<th>Summary</th>
|
||
<th>View record</th>
|
||
<th>Quantity</th>
|
||
<th>Fund</th>
|
||
<th>Est cost</th>
|
||
<th>Actual cost</th>
|
||
<th>TOTAL</th>
|
||
<th></th>
|
||
</tr>
|
||
</thead>
|
||
<tfoot>
|
||
[% FOREACH key IN subtotal_for_funds.keys.sort %]
|
||
<tr>
|
||
[% IF invoiceincgst %]
|
||
<td colspan="6" class="total">(Tax inc.)</td>
|
||
[% ELSE %]
|
||
<td colspan="6" class="total">(Tax exc.)</td>
|
||
[% END %]
|
||
<td colspan="2"><i>Subtotal for</i> [% key %]</td>
|
||
<td>[% subtotal_for_funds.$key.ecost | $Price %]</td>
|
||
<td>[% subtotal_for_funds.$key.unitprice | $Price %]</td>
|
||
<td> </td>
|
||
<td> </td>
|
||
</tr>
|
||
[% END %]
|
||
<tr>
|
||
<th colspan="10" class="total">Total tax exc.</th>
|
||
<th>[% total_tax_excluded | $Price %]</th>
|
||
<th></th>
|
||
</tr>
|
||
[% FOREACH book_foot IN book_foot_loop %]
|
||
<tr>
|
||
<th colspan="10">Total (GST [% book_foot.tax_rate * 100 %]%)</th>
|
||
<th>[% book_foot.tax_value | $Price %]</th>
|
||
<th></th>
|
||
</tr>
|
||
[% END %]
|
||
<tr>
|
||
<th colspan="10" class="total">Total tax inc.</th>
|
||
<th>[% total_tax_included | $Price %]</th>
|
||
<th></th>
|
||
</tr>
|
||
</tfoot>
|
||
<tbody class="filterclass">
|
||
[% FOREACH order IN loop_received %]
|
||
<tr>
|
||
<td>[% order.basketname %] (<a href="/cgi-bin/koha/acqui/basket.pl?basketno=[% order.basketno %]">[% order.basketno %]</a>)</td>
|
||
<td>
|
||
[% IF order.basketgroupid %]
|
||
[% order.basketgroupname %] (<a href="/cgi-bin/koha/acqui/basketgroup.pl?booksellerid=[% order.booksellerid %]">[% order.basketgroupid %]</a>)
|
||
[% ELSE %]
|
||
No basket group
|
||
[% END %]
|
||
</td>
|
||
<td>
|
||
<a href="neworderempty.pl?ordernumber=[% order.ordernumber %]&booksellerid=[% booksellerid %]">[% order.ordernumber %]</a>
|
||
[% IF (order.parent_ordernumber && (order.parent_ordernumber != order.ordernumber)) %]
|
||
(<a href="neworderempty.pl?ordernumber=[% order.parent_ordernumber %]&booksellerid=[% booksellerid %]" title="Original order line">[% order.parent_ordernumber %]</a>)
|
||
[% END %]
|
||
</td>
|
||
<td>
|
||
[% IF order.holds > 0 %]
|
||
<span class="error"><a href="/cgi-bin/koha/reserve/request.pl?biblionumber=[% order.biblionumber %]">[% order.holds %]</a></span>
|
||
[% ELSE %]
|
||
0
|
||
[% END %]
|
||
</td>
|
||
<td><a href="/cgi-bin/koha/catalogue/detail.pl?biblionumber=[% order.biblionumber %]">[% order.title |html %]</a>
|
||
[% IF ( order.author ) %] / [% order.author %][% END %]
|
||
[% IF ( order.isbn ) %] - [% order.isbn %][% END %]
|
||
[% IF ( order.publishercode ) %]
|
||
<br />Publisher: [% order.publishercode %]
|
||
[%- IF ( order.publicationyear > 0) -%], [% order.publicationyear %]
|
||
[%- ELSIF ( order.copyrightdate > 0) -%] [% order.copyrightdate %]
|
||
[% END %]
|
||
[% END %]
|
||
[% IF ( order.suggestionid ) %]
|
||
<br/>
|
||
Suggested by: [% order.surnamesuggestedby %][% IF ( order.firstnamesuggestedby ) %], [% order.firstnamesuggestedby %] [% END %]
|
||
(<a href="/cgi-bin/koha/suggestion/suggestion.pl?suggestionid=[% order.suggestionid %]&op=show">suggestion #[% order.suggestionid %]</a>)
|
||
[% END %]
|
||
</td>
|
||
<td><a href="/cgi-bin/koha/catalogue/showmarc.pl?id=[% order.biblionumber %]" class="previewData">MARC</a> | <a href="/cgi-bin/koha/catalogue/showmarc.pl?viewas=card&id=[% order.biblionumber %]" class="previewData">Card</a></td>
|
||
<td>[% order.quantityreceived %]</td>
|
||
<td>[% order.budget.budget_name %]</td>
|
||
<td>[% order.ecost | $Price %]</td>
|
||
<td>[% order.unitprice | $Price %]</td>
|
||
<td>[% order.total | $Price %]</td>
|
||
<td>
|
||
[% IF loop_receive.cannot_cancel or ( Koha.Preference("AcqCreateItem") == "receiving" and loop_receive.holds > 0 ) %]
|
||
[% IF loop_receive.cannot_cancel %]
|
||
[% span_title = BLOCK %]
|
||
Cannot cancel receipt of this order line because it
|
||
was created from a partial receipt of order line no.
|
||
[% order.parent_ordernumber %], which is
|
||
already received. Try cancelling this one first and
|
||
retry.
|
||
[% END %]
|
||
[% ELSE %]
|
||
[%# FIXME Here we block the cancellation if holds exist. Actually it could be possible if items will be exist after the deletion %]
|
||
[%# Some additional checks should be added in the pl file %]
|
||
[% span_title = BLOCK %]
|
||
Cannot cancel receipt of this order line because at least one reservation exists on the records.
|
||
[% END %]
|
||
[% END %]
|
||
<span title="[% span_title | collapse %]">
|
||
Can't cancel receipt
|
||
</span>
|
||
[% ELSE %]
|
||
<a href="/cgi-bin/koha/acqui/parcel.pl?invoiceid=[% invoiceid %]&op=cancelreceipt&ordernumber=[% order.ordernumber %]">Cancel receipt</a>
|
||
[% END %]
|
||
</td>
|
||
</tr>
|
||
[% END %]
|
||
</tbody>
|
||
</table>
|
||
</form>
|
||
|
||
[% ELSE %]There are no received orders.[% END %]
|
||
</div>
|
||
|
||
<div id="dataPreview" class="modal fade" tabindex="-1" role="dialog" aria-labelledby="dataPreviewLabel" aria-hidden="true">
|
||
<div class="modal-dialog">
|
||
<div class="modal-content">
|
||
<div class="modal-header">
|
||
<button type="button" class="closebtn" data-dismiss="modal" aria-hidden="true">×</button>
|
||
<h3 id="dataPreviewLabel">MARC preview</h3>
|
||
</div>
|
||
<div class="modal-body">
|
||
<div id="loading"> <img src="[% interface %]/[% theme %]/img/spinner-small.gif" alt="" /> Loading </div>
|
||
</div>
|
||
<div class="modal-footer">
|
||
<button class="btn btn-default" data-dismiss="modal" aria-hidden="true">Close</button>
|
||
</div>
|
||
</div>
|
||
</div>
|
||
</div>
|
||
|
||
[% IF (invoiceclosedate) %]
|
||
<a href="/cgi-bin/koha/acqui/invoice.pl?invoiceid=[% invoiceid %]">View invoice</a>
|
||
[% ELSE %]
|
||
<form action="/cgi-bin/koha/acqui/invoice.pl" method="get">
|
||
<input type="hidden" name="invoiceid" value="[% invoiceid %]" />
|
||
<fieldset class="action">
|
||
<input type="submit" value="Finish receiving" />
|
||
</fieldset>
|
||
</form>
|
||
[% END %]
|
||
|
||
[% END %]
|
||
|
||
</div>
|
||
</div>
|
||
|
||
|
||
<div class="yui-b">
|
||
<form action="/cgi-bin/koha/acqui/parcel.pl" id="filterform" method="post">
|
||
<fieldset class="brief">
|
||
<h4>Filter</h4>
|
||
<ol>
|
||
<li>
|
||
<label for="summaryfilter">ISBN, author or title :</label>
|
||
<input type="text" name="summaryfilter" id="summaryfilter" value="[% summaryfilter %]"/>
|
||
</li>
|
||
<li>
|
||
<label for="basketfilter">Basket :</label>
|
||
<input type="text" name="basketfilter" id="basketfilter" value="[% basketfilter %]"/>
|
||
</li>
|
||
<li>
|
||
<label for="basketgroupnamefilter">Basket group name :</label>
|
||
<input type="text" name="basketgroupnamefilter" id="basketgroupnamefilter" value="[% basketgroupnamefilter %]" />
|
||
</li>
|
||
<li>
|
||
<label for="orderfilter">Order line :</label>
|
||
<input type="text" name="orderfilter" id="orderfilter" value="[% orderfilter %]"/>
|
||
</li>
|
||
[% IF (UNIMARC) %]
|
||
<li>
|
||
<label for="eanfilter">EAN :</label>
|
||
<input type="text" name="eanfilter" id="eanfilter" value="[% eanfilter %]"/>
|
||
</li>
|
||
[% END %]
|
||
</ol>
|
||
<fieldset class="action">
|
||
<input type="hidden" value="search" name="op" />
|
||
<input type="hidden" value="[% invoiceid %]" name="invoiceid" />
|
||
<input type="submit" value="Filter" />
|
||
<a href="/cgi-bin/koha/acqui/parcel.pl?invoiceid=[% invoiceid %]">Clear</a>
|
||
</fieldset>
|
||
</fieldset>
|
||
</form>
|
||
[% INCLUDE 'acquisitions-menu.inc' %]
|
||
</div>
|
||
</div>
|
||
[% INCLUDE 'intranet-bottom.inc' %]
|