Koha/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-results-grouped.tt
Jonathan Druart bb4543f7db Bug 16599: Fix other potentials XSS for shelfname
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>
2016-05-30 11:12:15 +00:00

357 lines
25 KiB
Text

[% USE Koha %]
[% INCLUDE 'doc-head-open.inc' %]
<title>[% IF ( LibraryNameTitle ) %][% LibraryNameTitle %][% ELSE %]Koha online[% END %] catalog &rsaquo;
[% IF ( searchdesc ) %]
Results of search [% IF ( query_desc ) %]for '[% query_desc | html %]'[% END %][% IF ( limit_desc ) %]&nbsp;with limit(s):&nbsp;'[% limit_desc | html %]'[% END %]
[% ELSE %]
You did not specify any search criteria.
[% END %]</title>
[% INCLUDE 'doc-head-close.inc' %]
[% BLOCK cssinclude %][% END %]
<link rel="alternate" type="application/rss+xml" title="Koha - RSS"
href="/cgi-bin/koha/opac-rss.pl?[% query_cgi %][% limit_cgi |html %]" />
</head>
[% INCLUDE 'bodytag.inc' bodyid='results-grouped' %]
[% INCLUDE 'masthead.inc' %]
<div class="main">
<ul class="breadcrumb">
<li><a href="/cgi-bin/koha/opac-main.pl">Home</a> <span class="divider">&rsaquo;</span></li>
<li>
[% IF ( searchdesc ) %]
<a href="#">Results of search [% IF ( query_desc ) %]for '[% query_desc | html %]'[% END %][% IF ( limit_desc ) %]&nbsp;with limit(s):&nbsp;'[% limit_desc | html %]'[% END %]</a>
[% ELSE %]
<a href="#">You did not specify any search criteria.</a>
[% END %]
</li>
</ul>
[% IF ( query_error ) %]
<div class="container-fluid">
<div class="row-fluid">
<div class="span12">
<div class="alert">
<h4>Error:</h4>
<p>[% query_error %]</p>
</div>
</div> <!-- / .span12 -->
</div> <!-- / .row-fluid -->
</div> <!-- / .container-fluid -->
[% END %]
<div class="container-fluid">
<div class="row-fluid">
[% IF ( opacfacets && total ) %]
<div class="span2">
<div id="facetcontainer">
<!-- FACETS START -->
[% INCLUDE 'opac-facets.inc' %]
<!-- FACETS END -->
</div>
</div>
<div class="span10">
[% ELSE %]
<div class="span12">
[% END %]
<div id="grouped-results">
<!-- Search Results Table -->
[% IF ( total ) %]
[% IF ( scan ) %]
<h1>Scan index:</h1>
<form action="/cgi-bin/koha/opac-search.pl" method="get">
<table>
<tbody>
<tr>
<td>
Scan index for: <input type="text" name="q" id="scan-index" size="35" value="" />
</td>
</tr>
<tr>
<td>
<label for="scan-index">Indexed in:</label>
<select name="idx" id="scan-index">
<option value="">Any word</option>
<option value="kw,phr:">Any phrase</option>
<option value="ti:">Title</option>
<option value="ti,phr:">Title phrase</option>
<option value="au,phr:">Author</option>
<option value="su:">Subject</option>
<option value="su,phr:">Subject phrase</option>
<option value="se:">Series</option>
<option value="pb:">Publisher</option>
<option value="nt:">Notes</option>
<option value="se:">Series Title</option>
<option value="sn:">ISBN</option>
<option value="ss:">ISSN</option>
</select>
<input type="hidden" name="scan" value="1" />
</td>
</tr>
</tbody>
</table>
</form>
<form action="/cgi-bin/koha/opac-search.pl" method="get">
<table>
<thead>
<tr>
<th>Term/Phrase</th>
<th>Count</th>
</tr>
</thead>
<tbody>
[% FOREACH SEARCH_RESULT IN SEARCH_RESULTS %]
<tr>
<td>
<a href="/cgi-bin/koha/opac-search.pl?q=[% SEARCH_RESULT.scan_use |url %]&quot;[% SEARCH_RESULT.title |url %]&quot;">[% SEARCH_RESULT.title |html %]</a>
</td>
<td>
[% FOREACH subtitl IN SEARCH_RESULT.subtitle %]
[% subtitl.subfield %]
[% END %]
</td>
</tr>
[% END %]
</thead>
</table>
</form>
[% ELSE %]
<div class="searchresults">
<form action="/cgi-bin/koha/opac-search.pl" method="get" name="bookbag_form" id="bookbag_form">
[% IF ( searchdesc ) %]
[% FOREACH QUERY_INPUT IN QUERY_INPUTS %]
<input type="hidden" name="[% QUERY_INPUT.input_name |html %]" value="[% QUERY_INPUT.input_value |html %]"/>
[% END %]
[% FOREACH LIMIT_INPUT IN LIMIT_INPUTS %]
<input type="hidden" name="[% LIMIT_INPUT.input_name |html %]" value="[% LIMIT_INPUT.input_value |html %]"/>
[% END %]
[% END %]
<!-- TABLE RESULTS START -->
<table class="table table-striped">
<tr>
<td colspan="3" class="resultscontrol">
<div class="resort">
<select id="sort_by" name="sort_by"> [% INCLUDE 'resort_form.inc' %] </select>
<input type="submit" class="submit clearfix" id="sortsubmit" value="Go" />
</div>
[% IF ( ( Koha.Preference( 'opacbookbag' ) == 1 ) || ( Koha.Preference( 'virtualshelves' ) == 1 ) ) %]
<div class="cartlist"><span class="checkall"></span>
<span class="clearall"></span>
<a href="#" class="highlight_toggle" id="highlight_toggle_off">Unhighlight</a>
<a href="#" class="highlight_toggle" id="highlight_toggle_on">Highlight</a>
<span class="addto"></span></div>
[% END %]
</td>
</tr>
<!-- Actual Search Results -->
[% FOREACH SEARCH_RESULT IN SEARCH_RESULTS %]
<tr class="grouplabel"><td colspan="3">[% SEARCH_RESULT.group_label %]</td></tr>
[% FOREACH GROUP_RESULT IN SEARCH_RESULT.GROUP_RESULTS %]
[% IF ( GROUP_RESULT.even ) %]
<tr class="highlight">
[% ELSE %]
<tr>
[% END %]
<td>
[% IF ( OPACAmazonCoverImages ) %]
<a class="p1" href="/cgi-bin/koha/opac-detail.pl?biblionumber=[% GROUP_RESULT.biblionumber |url %]">[% IF ( GROUP_RESULT.isbn ) %]<img src="https://images-na.ssl-images-amazon.com/images/P/[% GROUP_RESULT.isbn %].01.TZZZZZZZ.jpg" alt="" class="thumbnail" />[% ELSE %]<img src="http://g-images.amazon.com/images/G/01/x-site/icons/no-img-sm.gif" alt="" class="thumbnail" />[% END %]
</a>
[% ELSE %]
[% UNLESS ( noItemTypeImages ) %]
[% IF ( GROUP_RESULT.imageurl ) %]
<img src="[% GROUP_RESULT.imageurl %]" title="[% GROUP_RESULT.description %]" />
[% END %]
[% END %]
[% GROUP_RESULT.description %]
[% END %]
</td>
<td>
[% GROUP_RESULT.result_number %].
[% IF ( GROUP_RESULT.BiblioDefaultViewmarc ) %]
<a class="title" href="/cgi-bin/koha/opac-MARCdetail.pl?biblionumber=[% GROUP_RESULT.biblionumber |url %]" title="View details for this title">[% GROUP_RESULT.title %]
[% ELSE %]
[% IF ( GROUP_RESULT.BiblioDefaultViewisbd ) %]
<a class="title" href="/cgi-bin/koha/opac-ISBDdetail.pl?biblionumber=[% GROUP_RESULT.biblionumber |url %]" title="View details for this title">[% GROUP_RESULT.title %]
[% ELSE %]
<a class="title" href="/cgi-bin/koha/opac-detail.pl?biblionumber=[% GROUP_RESULT.biblionumber |url %]" title="View details for this title">[% GROUP_RESULT.title %]
[% END %]
[% FOREACH subtitl IN GROUP_RESULT.subtitle %]
[% subtitl.subfield %]
[% END %]
</a>
[% END # / IF GROUP_RESULT.BiblioDefaultViewmarc %]
[% IF ( GROUP_RESULT.author ) %]
by <a href="/cgi-bin/koha/opac-search.pl?q=au:[% GROUP_RESULT.author |url %]" title="Search for works by this author">[% GROUP_RESULT.author %]</a>
[% ELSE %]
&nbsp;
[% END %]
<p>
[% IF ( GROUP_RESULT.publicationyear ) %] - [% GROUP_RESULT.publicationyear %][% END %]
[% IF ( GROUP_RESULT.publishercode ) %]- [% GROUP_RESULT.publishercode %][% END %]
[% IF ( GROUP_RESULT.place ) %] ; [% GROUP_RESULT.place %][% END %]
[% IF ( GROUP_RESULT.pages ) %] - [% GROUP_RESULT.pages %][% END %]
[% IF ( GROUP_RESULT.notes ) %] : [% GROUP_RESULT.notes %][% END %]
[% IF ( GROUP_RESULT.size ) %] ; [% GROUP_RESULT.size %][% END %]
[% IF ( GROUP_RESULT.timestamp ) %] <i>(modified on [% GROUP_RESULT.timestamp %])</i>[% END %]
</p>
[% IF ( GROUP_RESULT.searchhighlightblob ) %]
<p class="searchhighlightblob">[% GROUP_RESULT.searchhighlightblob %]</p>
[% END %]
<p class="availability">
[% IF ( GROUP_RESULT.available_items_loop ) %]
<span class="available"><strong>Items available at:</strong>
[% FOREACH available_items_loo IN GROUP_RESULT.available_items_loop %]
[% IF ( available_items_loo.branchname ) %][% available_items_loo.branchname %][% END %]
[% IF ( OPACItemsResultsDisplay ) %]
[% IF ( available_items_loo.location ) %][% available_items_loo.location %][% END %]
[% IF ( available_items_loo.itemcallnumber ) %][<a href="/cgi-bin/koha/opac-search.pl?q=callnum:[% available_items_loo.itemcallnumber |url %]">[% available_items_loo.itemcallnumber %]</a>][% END %]
[% END %]
([% available_items_loo.count %]),
[% END # / FOREACH available_items_loo %]
</span>
[% ELSE %]
<span class="unavailable">No items available:</span>
[% END # / IF GROUP_RESULT.available_items_loop %]
<span class="unavailable">
[% IF ( GROUP_RESULT.onloancount ) %] Checked out ([% GROUP_RESULT.onloancount %]), [% END %]
[% IF ( GROUP_RESULT.withdrawncount ) %] Withdrawn ([% GROUP_RESULT.withdrawncount %]), [% END %]
[% IF ( GROUP_RESULT.itemlostcount ) %] Lost ([% GROUP_RESULT.itemlostcount %]),[% END %]
[% IF ( GROUP_RESULT.damagedcount ) %] Damaged ([% GROUP_RESULT.damagedcount %]),[% END %]
[% IF ( GROUP_RESULT.orderedcount ) %] On order ([% GROUP_RESULT.orderedcount %]),[% END %]
[% IF ( GROUP_RESULT.intransitcount ) %] In transit ([% GROUP_RESULT.intransitcount %]),[% END %]
</span>
</p>
<p>
[% IF Koha.Preference( 'RequestOnOpac' ) == 1 %]
[% UNLESS ( GROUP_RESULT.norequests ) %]
[% IF Koha.Preference( 'opacuserlogin' ) == 1 && GROUP_RESULT.holdable %]
<a class="hold" href="/cgi-bin/koha/opac-reserve.pl?biblionumber=[% GROUP_RESULT.biblionumber %]">Place hold</a><!-- add back when available 0 holds in queue-->
[% END %]
[% END %]
[% END %]
[% IF ( ( Koha.Preference( 'opacbookbag' ) == 1 ) || ( Koha.Preference( 'virtualshelves' ) == 1 ) ) %]
<input type="checkbox" name="biblionumber" value="[% GROUP_RESULT.biblionumber %]" title="Click to add to cart" /> <label for="bib[% GROUP_RESULT.biblionumber %]">
[% END %]
<img src="[% themelang %]/images/[% GROUP_RESULT.itemtype %].gif" alt="[% GROUP_RESULT.ccode %]" title="[% GROUP_RESULT.ccode %]" />
[% IF ( ( Koha.Preference( 'opacbookbag' ) = 1 ) || ( Koha.Preference( 'virtualshelves' ) == 1 ) ) %]</label>[% END %]
[% IF ( GROUP_RESULT.classification ) %]
<a href="/cgi-bin/koha/opac-search.pl?q=callnum:[% GROUP_RESULT.classification |url %]"> [% GROUP_RESULT.classification %] </a>
[% END %]
</p>
</td>
</tr>
[% END # / FOREACH GROUP_RESULT %]
[% END # / FOREACH SEARCH_RESULTS %]
</table>
</form>
</div> <!-- / .searchresults -->
[% END # / IF scan %]
[% INCLUDE 'page-numbers.inc' %]
[% END # / IF total %]
[% IF Koha.Preference( 'suggestion' ) == 1 %]
[% IF Koha.Preference( 'AnonSuggestions' ) == 1 %]
<div class="suggestion">Not finding what you're looking for?<br /> Make a <a href="/cgi-bin/koha/opac-suggestions.pl?op=add">purchase suggestion</a></div>
[% ELSE %]
[% IF ( loggedinusername ) %]<div class="suggestion">Not finding what you're looking for?<br /> Make a <a href="/cgi-bin/koha/opac-suggestions.pl?op=add">purchase suggestion</a></div>[% END %]
[% END %]
[% END %]
</div> <!-- / #grouped-results -->
</div> <!-- /.span10/12 -->
</div> <!-- / .row-fluid -->
</div> <!-- / .container-fluid -->
</div><!-- / .main -->
[% INCLUDE 'opac-bottom.inc' %]
[% BLOCK jsinclude %]
<script type="text/javascript" src="[% interface %]/[% theme %]/lib/jquery/plugins/jquery.checkboxes.min.js"></script>
<script type="text/javascript">
//<![CDATA[
var q_array = new Array(); // will hold the search terms, if possible
$(document).ready(function(){
[% IF ( OpacHighlightedWords ) %]
$('a.title').each(function() {
$(this).attr("href", $(this).attr("href") + "&query_desc=[% query_desc | uri %]");
});
[% END %]
$('#sortsubmit').hide();
$('#sort_by').change(function() {
$('#bookbag_form').submit();
});
$("span.clearall").html("<a id=\"CheckNone\" href=\"#\">Clear all</a>");
$("span.checkall").html("<a id=\"CheckAll\" href=\"#\">Select all</a>");
$("span.addto").html("<label for=\"addto\">Add to: </label><select name=\"addto\" id=\"addto\"><option value=\"\"></option>[% IF Koha.Preference( 'opacbookbag' ) == 1 %]<option value=\"addtocart\">Cart</option>[% END %][% IF Koha.Preference( 'virtualshelves' ) == 1 %][% IF ( loggedinusername ) %]<optgroup label=\"Lists:\">[% IF ( barshelves ) %][% FOREACH barshelvesloo IN barshelvesloop %][% IF ( category == 1 ) %]<option id=\"s[% barshelvesloo.shelfnumber %]\" value=\"addtolist\">[% barshelvesloo.shelfname | html %]</option>[% END %][% END %][% END %]<option value=\"newlist\">[ New list ]</option></optgroup>[% ELSE %]<option value=\"newlist\">List</option>[% END %][% END %]</select> <input type=\"submit\" class=\"submit\" value=\"Save\" />");
$("#addto").change(function(){
cartList();
});
$(".addto").find("input:submit").click(function(){
cartList();
return false;
});
function cartList(){
if($("#addto").find("option:selected").attr("value") == "addtolist"){
var shelfnumber = $("#addto").find("option:selected").attr("id").replace("s","");
[% IF ( loggedinusername ) %]if (vShelfAdd()) {
Dopop('/cgi-bin/koha/opac-addbybiblionumber.pl?selectedshelf='+shelfnumber+'&' + vShelfAdd());
}[% ELSE %] alert(_("You must be logged in to create or add to Lists")); [% END %]
return false;
} else if($("#addto").find("option:selected").attr("value") == "newlist"){
[% IF ( loggedinusername ) %]if (vShelfAdd()) {
Dopop('/cgi-bin/koha/opac-addbybiblionumber.pl?newshelf=1&' + vShelfAdd());
}[% ELSE %] alert(_("You must be logged in to create or add to Lists")); [% END %]
return false;
}
if($("#addto").find("option:selected").attr("value") == "addtocart"){
addMultiple();
return false;
}
}
$("#CheckAll").click(function(){
$("#bookbag_form").checkCheckboxes();
return false;
});
$("#CheckNone").click(function(){
$("#bookbag_form").unCheckCheckboxes();
return false;
});
[% IF ( query_desc ) %]
var query_desc = "[% query_desc |replace("'", "\'") |replace('\n', '\\n') |replace('\r', '\\r') |html %]";
q_array = query_desc.split(" ");
// ensure that we don't have "" at the end of the array, which can
// break the highlighter
while (q_array.length > 0 && q_array[q_array.length-1] == "") {
q_array = q_array.splice(0,-1);
}
highlightOn();
$("#highlight_toggle_on" ).hide().click(function() {highlightOn() ;});
$("#highlight_toggle_off").show().click(function() {highlightOff();});
[% END %]
});
function highlightOff() {
$("td").removeHighlight();
$(".highlight_toggle").toggle();
}
function highlightOn() {
var x;
for (x in q_array) {
q_array[x] = q_array[x].replace(/\w*:([\w])/, "$1");
q_array[x] = q_array[x].toLowerCase();
var myStopwords = "[% Koha.Preference('NotHighlightedWords') %]".toLowerCase().split('|');
if ( (q_array[x].length > 0) && ($.inArray(q_array[x], myStopwords) == -1) ) {
$("td").highlight(q_array[x]);
}
}
$(".highlight_toggle").toggle();
}
//]]>
</script>
[% END %]