From 551fca629f53656bd8e9b1d36c17e6f45c230d05 Mon Sep 17 00:00:00 2001 From: Kyle M Hall Date: Fri, 20 Mar 2015 09:48:05 -0400 Subject: [PATCH] Bug 13880 - Allow svc/report to be passed sql parameters The same feature added to the opac svc/report in bug 9915 should be added to the staff side. Test Plan: 1) Apply this patch 2) Create this report: SELECT * FROM biblio WHERE biblionumber = <> 3) Note the id of the report 4) Go to the Staff URL /cgi-bin/koha/svc/report?id=YOUR_REPORT_ID&sql_params=SOME_VALID_BIBLIONUMBER 5) Note you recieve a json response NOTE: without applying the patch you get an empty JSON response. ALSO: running koha qa tools does not verify the changes. $ perlcritic -4 svc/report (my perlcritic rc points to the koha qa tool one) No issues. Signed-off-by: Mark Tompsett Signed-off-by: Jonathan Druart Signed-off-by: Tomas Cohen Arazi --- svc/report | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/svc/report b/svc/report index 8736acafb2..da1b9b3286 100755 --- a/svc/report +++ b/svc/report @@ -36,6 +36,8 @@ my $report_annotation = $query->param('annotated'); my $report_rec = get_saved_report( $report_name ? { 'name' => $report_name } : { 'id' => $report_id } ); if (!$report_rec) { die "There is no such report.\n"; } +my @sql_params = $query->param('sql_params'); + my ( $template, $loggedinuser, $cookie ) = get_template_and_user( { template_name => "intranet-main.tt", @@ -50,14 +52,20 @@ my $cache = Koha::Cache->get_instance(); my $cache_active = $cache->is_cache_active; my ($cache_key, $json_text); if ($cache_active) { - $cache_key = "intranet:report:".($report_name ? "name:$report_name" : "id:$report_id"); + $cache_key = "intranet:report:".($report_name ? "name:$report_name" : "id:$report_id") + . join( '-', @sql_params ); $json_text = $cache->get_from_cache($cache_key); } unless ($json_text) { my $offset = 0; my $limit = C4::Context->preference("SvcMaxReportRows") || 10; - my ( $sth, $errors ) = execute_query( $report_rec->{savedsql}, $offset, $limit ); + my $sql = $report_rec->{savedsql}; + + # convert SQL parameters to placeholders + $sql =~ s/(<<.*?>>)/\?/g; + + my ( $sth, $errors ) = execute_query( $sql, $offset, $limit, \@sql_params ); if ($sth) { my $lines; if ($report_annotation) { -- 2.39.5