Koha/koha-tmpl/intranet-tmpl/prog/en/modules/admin/audio_alerts.tt
Kyle M Hall f300914147 Bug 15735: Audio Alerts editor broken by use of of single quotes in editor
Single quotes audio selector break ability to edit an alert

Test Plan:
1) Enable audio alerts
2) Add new a alert with a select containing single quotes such as: input[name*='test']
3) Note you cannot edit the alert
4) Apply this patch
5) Reload the page
6) You should now be able to edit the alert

Signed-off-by: Hector Castro <hector.hecaxmmx@gmail.com>
Bug 15734 applied on top. Works as advertised

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
2016-03-07 19:56:49 +00:00

175 lines
8 KiB
Text

[% INCLUDE 'doc-head-open.inc' %]
<title>Koha &rsaquo; Administration &rsaquo; Audio alerts</title>
[% INCLUDE 'doc-head-close.inc' %]
<script type="text/javascript">
$( document ).ready(function() {
$(".edit-alert").hide();
$('#koha-sounds').on('change', function() {
$('#sound').val( this.value );
});
$('#koha-sounds').on('change', function() {
$('#sound').val( this.value );
});
$('#play-sound').on('click', function() {
playSound( $('#sound').val() );
return false;
});
$('#cancel-edit').on('click', function() {
$("#id").val("");
$("#selector").val("");
$("#sound").val("");
$(".edit-alert").hide();
$(".create-alert").show();
$("#audio-alerts-table").find("td").each(function (i) {
$(this).removeClass('highlighted-row');
});
return false;
});
$('#new-alert-form').on('submit', function() {
if ( ! $('#selector').val() ) {
alert(_("You must enter a selector!"));
return false;
} else if ( ! $('#sound').val() ) {
alert(_("You must choose a sound!"));
return false;
} else {
return true;
}
});
$('#delete-alert-form').on('submit', function() {
return confirm(_("Are you sure you want to delete the selected audio alerts?"));
});
});
function EditAlert( elt, id, precedence, selector, sound ) {
$("#audio-alerts-table").find("td").each(function (i) {
$(this).removeClass('highlighted-row');
});
$(".create-alert").hide();
$(".edit-alert").show();
$(elt).parent().parent().find("td").each(function (i) {
$(this).addClass('highlighted-row');
});
$("#id").val(id);
$("#selector").val(selector);
$("#sound").val(sound);
}
</script>
</head>
<body id="admin_audio_alerts" class="admin">
[% INCLUDE 'header.inc' %]
[% INCLUDE 'patrons-admin-search.inc' %]
<div id="breadcrumbs"><a href="/cgi-bin/koha/mainpage.pl">Home</a> &rsaquo; <a href="/cgi-bin/koha/admin/admin-home.pl">Administration</a> &rsaquo; Audio alerts</div>
<div id="doc3" class="yui-t2">
<div id="bd">
<div id="yui-main">
<div class="yui-b">
<form id="new-alert-form" action="audio_alerts.pl" method="post">
<fieldset class="form-inline">
<legend><span class="create-alert">Add new alert</span><span class="edit-alert">Edit alert</span></legend>
<input id="id" name="id" type="hidden" value="" />
<input id="selector" name="selector" type="text" class="input-large" placeholder="selector" />
<input id="sound" name="sound" type="text" class="input-large" placeholder="sound" />
<button id="play-sound" class="btn"><i class="icon-play"></i> Play sound</button>
<br/>
<select id="koha-sounds">
<option value="">Select built-in sound</option>
<option value="beep.ogg">beep.ogg</option>
<option value="call.ogg">call.ogg</option>
<option value="critical.ogg">critical.ogg</option>
<option value="device_connect.ogg">device_connect.ogg</option>
<option value="device_disconnect.ogg">device_disconnect.ogg</option>
<option value="ending.ogg">ending.ogg</option>
<option value="fail.ogg">fail.ogg</option>
<option value="IM_notification.ogg">IM_notification.ogg</option>
<option value="incoming_call.ogg">incoming_call.ogg</option>
<option value="loading.ogg">loading.ogg</option>
<option value="loading_2.ogg">loading_2.ogg</option>
<option value="maximize.ogg">maximize.ogg</option>
<option value="minimize.ogg">minimize.ogg</option>
<option value="new_mail_notification.ogg">new_mail_notification.ogg</option>
<option value="opening.ogg">opening.ogg</option>
<option value="panic.ogg">panic.ogg</option>
<option value="popup.ogg">popup.ogg</option>
<option value="warning.ogg">warning.ogg</option>
</select>
<p>
<button id="save-alert" type="submit" class="btn create-alert"><i class="icon-hdd"></i> Save alert</button>
<button id="save-edit" type="submit" class="btn edit-alert save-edit"><i class="icon-hdd"></i> Update alert</button>
<a id="cancel-edit" class="btn edit-alert cancel-edit"><i class="icon icon-remove-circle"></i> Cancel edit</a>
</p>
</fieldset>
</form>
<form id="delete-alert-form" action="audio_alerts.pl" method="post">
<table id="audio-alerts-table">
<thead id="audio-alerts-table-head">
<tr>
<th>&nbsp;</th>
<th>Precedence</th>
<th>&nbsp;</th>
<th>Selector</th>
<th>Sound</th>
<th>&nbsp;</th>
</tr>
</thead>
<tbody id="audio-alerts-table-body">
[% FOREACH a IN audio_alerts %]
<tr>
<td><input type="checkbox" name="delete" value="[% a.id %]" /></td>
<td>[% a.precedence %]</td>
<td style="white-space:nowrap;">
<a title="Move alert up" href="audio_alerts.pl?action=move&amp;where=up&amp;id=[% a.id %]">
<img src="[% interface %]/[% theme %]/img/go-up.png" border="0" alt="Go up" />
</a>
<a title="Move alert to top" href="audio_alerts.pl?action=move&amp;where=top&amp;id=[% a.id %]">
<img src="[% interface %]/[% theme %]/img/go-top.png" border="0" alt="Go top" />
</a>
<a title="Move alert to bottom" href="audio_alerts.pl?action=move&amp;where=bottom&amp;id=[% a.id %]">
<img src="[% interface %]/[% theme %]/img/go-bottom.png" border="0" alt="Go bottom" />
</a>
<a title="Move alert down" href="audio_alerts.pl?action=move&amp;where=down&amp;id=[% a.id %]">
<img src="[% interface %]/[% theme %]/img/go-down.png" border="0" alt="Go down" />
</a>
</td>
<td>[% a.selector %]</td>
<td>[% a.sound %]</td>
<td><a class="btn btn-small" onclick="EditAlert( this, '[% a.id %]','[% a.precedence %]', '[% a.selector | replace( "'", "\\'" ) | html %]', '[% a.sound %]' )" ><i class="icon-pencil"></i> Edit</a></td>
</tr>
[% END %]
</tbody>
</table>
<p/>
<button id="delete-alerts" type="submit" class="btn"><i class="icon-trash"></i> Delete selected alerts</button>
</form>
</div>
</div>
<div class="yui-b">
[% INCLUDE 'admin-menu.inc' %]
</div>
</div>
[% INCLUDE 'intranet-bottom.inc' %]