Brendan Lawlor [Thu, 6 Jun 2024 13:14:43 +0000 (13:14 +0000)]
Bug 35294: Fix typos in catalogue code comments
Test plan:
1. git grep -n -E 'barocode|preproccess' to find the files and line # of typos
2. Apply the patch
3. git grep -E 'barocode|proccess'
4. See no results
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit e8ef0f9417588345d6c9f7e2e5986e4e53986f52) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit 96097d8058f6de34036fc4b26dec83c485ed08d9) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
David Nind [Tue, 4 Jun 2024 01:57:37 +0000 (01:57 +0000)]
Bug 25520: Fix the SMS number input hint on the OPAC messaging page
This makes the hint when entering an SMS number on the OPAC messaging
settings page the same as the staff interface hint: "Please enter
numbers only. Prefix the number with + or 00 if including the country
code." For some countries using either +XX or 00XX are accepted,
for example: +49 or 0049.
Test plan:
1. Set the SMSSendDriver system preference to Email
2. View the current hint for entering an SMS number in the staff
interface:
2.1 Go to Patrons > + New patron > Patron.
2.2 Scroll down to the 'Patron messaging preferences' section at the
end of the page.
2.3 Note that the hint is "Please enter numbers only. Prefix the
number with + or 00 if including the country code.".
3. View the current hint for entering an SMS number in the OPAC:
3.1 Go to the OPAC > Your account (log in if required).
3.2 Select the 'Messaging' tab/section.
3.3 Note that the hint is "Please enter numbers only. Prefix the
number with + if including the country code.".
3.4 The difference: "..or 00.." is missing.
4. Apply the patch.
5. Refresh the OPAC messaging page.
6. The hint text for the OPAC is now the same as the staff interface.
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Sam Lau <samalau@gmail.com> Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 313cf37a53b8ff97387a4bd630635d4784bb7a36) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit a0d5b813d5d623773a657f10367ee6ec94a5cb94) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
David Nind [Thu, 16 May 2024 03:59:42 +0000 (03:59 +0000)]
Bug 36338: Update onboarding error message when creating the Koha administrator patron
Update the error message for the web installer onboarding
section when creating the Koha administrator patron (where
the card number or username already exists):
- Fix capitalization
- Use the same label in the error message as used in
the form
Error message before: The patron has not been created!
Card number or Userid may already exist.
Error message after: The patron was not created! The
card number or username already exists.
Test plan:
1. Option 1:
1.1 Review the diff for the patch and make sure that
the updated text makes sense.
. Previous text: The patron has not been created!
Card number or Userid may already exist.
. Updated text: The patron was not created! The
card number or username already exists.
OR
2. Option 2:
2.1 Access the database server:
mysql -uroot -ppassword -hkoha-db-1
2.2 Drop the koha_kohadev database:
drop database koha_kohadev;
2.3 Create the database: create database koha_kohadev;
2.4 Add privileges (for a real installation this would
be limited):
grant all on koha_kohadev.* to koha_kohadev;
2.5 Restart everything (there may be some errors listed):
flush_memcached and then restart_all
2.6 Access the web installer: go to 127.0.0.1:8081
2.7 Use the database user name and password: get from
/etc/koha/sites/kohadev/koha-conf.xml
(default: koha_kohadev, password)
2.8 Continue through the installation process until you
reach 'Selecting default settings':
. Make appropriate selections to use all the sample
data options and settings
2.9 For the 'Onboarding' step - Create Koha
administrator patron:
. Surname: Acevedo
. First name: Henry
. Card number: make up a number that doesn't exist in
the sample date, for example: 741852963
. Library: Centerville
. Patron category: Staff
. Username: 23529000035676 (this is an existing
value already in the sample data)
. Password: a valid password, for example:
KohaCon2024
. Confirm password: repeat password used
. Submit
==> Error message before patch: The patron has not
been created! Card number or Userid may
already exist.
2.10 Apply the patch.
2.11 Repeat step 2.9
2.12 The error message is now: The patron was not created!
The card number or username already exists.
3. Sign off.
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Lucas Gass <lucas@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit bd195784a0a2d039e825d4dd86ff8b4734b4dd13) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit cbc0d4161bf9c813f0b84e395002d9471fa38134) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Janusz Kaczmarek [Wed, 22 May 2024 21:08:35 +0000 (21:08 +0000)]
Bug 36930: Item search gives irrelevant results when using 2+ added filter criteria
In the Item search the librarian is allowed, in the first step, to define
additional filters like Title, Author, Publisher, Publication date etc.
(in the third fieldset). This works fine but only for one criterion.
If one adds two or more criteria, the filter does not apply at all.
Test plan
=========
1. Make an Item search with the Pulblisher filter. Put
%University of California% as the value.
You should get 5 rows (with standard ktd test data set), three
from 1982, and two from 1988.
2. Edit search -> add the second criterion: AND Publication date is 1982.
You would expect three rows but you get 900+ rows.
3. Apply the patch; restart_all.
4. Repeat p. 2. You should get the expected three rows.
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit bdc7ac2c93f9af9ac196c77da47758a1078c47d7) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit dca760d5b24428143a0e0de7b52c131c813488fc) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Marcel de Rooy [Thu, 23 May 2024 08:47:50 +0000 (08:47 +0000)]
Bug 36940: Resolve two warnings on undefined branchip
If you enabled AutoLocation and have a branch without ip, this
triggers warnings.
Test plan:
Check logs in this situation with/without this patch by logging out
and in again on staff.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 2f1ffbc6ec088c6c18bad967086db1e51084403f) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit 2d4537ba124d40201a4a0d164e714479474749ce) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Owen Leonard [Tue, 21 Nov 2023 13:48:42 +0000 (13:48 +0000)]
Bug 34573: Fix inconsistencies in acquisitions modify vendor title tag
This patch updates the vendor details template so that the title tag
correctly reflects whether the user is viewing the vendor or modifying
it.
To test, apply the patch and go to Acquisitions.
- Locate a vendor and view the details (supplier.pl?booksellerid=X)
- The title should read "Vendor X > Acquisitions > Koha"
- Edit the vendor.
- The title should read "Modify vendor X > Acquisitions > Koha"
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 3baaf5a3241bc78fb46c8b4844dcd21dd6516eef) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit e5600ea8dc067c787999a9bc32fb2bfcd381b24f) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Julian Maurice [Fri, 16 Feb 2024 08:23:13 +0000 (09:23 +0100)]
Bug 34077: Improve documentation and error messages of writeoff_debts.pl
* Change the SYNOPSIS to better describe the different ways to use the
script
* Only show the SYNOPSIS when options used are wrong (unknown option,
no filter options, or neither -c nor -v)
* Show the options details only with --help
* Clarify the fact that -v is required when -c is not supplied in the
description of both options
* Print a specific error message for the following cases:
* no filters options
* neither -c nor -v was supplied
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 215b29a737eff191477306581b8b3a1579adc9e3) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit 0061ffc6cedfb719db5fc3d38ad81da89018a6fe) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Matt Blenkinsop [Thu, 23 May 2024 09:23:10 +0000 (09:23 +0000)]
Bug 36937: Remove warning from unit tests
This patch fixes a warning in the unit tests
Test plan:
1) prove t/db_dependent/api/v1/password_validation.t
2) There will be a warning in the output - 'Use of uninitialized value $status in numeric eq (==)'
3) Apply patch
4) Re-run the test
5) The warning will disappear
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 5e7572ad7a86cb39d901088367f76b212d64989e) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit 227a5619a4097c8667a004d38b6e7e2eb2640221) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
David Nind [Mon, 3 Jun 2024 02:01:30 +0000 (02:01 +0000)]
Bug 30715: Terminology for the log viewer - use 'Staff interface' instead of 'Intranet'
The log viewer (Tools > Additional tools > Log viewer) uses
'Intranet' as:
- an option for filtering what log entries to display.
- a value in the log entries interface column, for log entries.
Koha's terminology guideline is to use 'Staff interface' instead of
'Interface' (https://wiki.koha-community.org/wiki/Terminology#I).
Test plan:
1. Perform some actions that will create log entries when using the
staff interface. For example:
1.1 Enable the UseRecalls system preference.
1.2 Edit the title for a record.
1.3 Add an item for a record.
2. Use the log viewer to view the logged changes:
2.1 Go to Tools > Additional tools > Log viewer.
2.2 Select Submit.
2.3 Log entries are displayed for the changes made.
3. Note that:
3.1 For the log viewer 'Interface' filter options, "All" is
selected by default, and other options are Intranet, OPAC,
SIP, Command-line, REST API, and Cron job.
3.2 For the changes viewed in step 2, the value displayed in
the 'Interface' column is 'Intranet'.
4. Apply the patch.
5. Refresh the page.
6. Note that:
5.1 For the interface filter options, 'Intranet' is now changed
to 'Staff interface'.
5.2 In the list of log entries, the value in the interface column
is now 'Staff interface'.
7. Sign off D:
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Lucas Gass <lucas@bywatersolutions.com> Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 540ec4f6dc1816f835ca0e3cdb3cbc169d370f5c) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit a4e598071062965589ecfc179ca871ab090b6d41) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Fridolin Somers [Fri, 31 May 2024 07:45:27 +0000 (09:45 +0200)]
Bug 36999: Fix 00-strict.t fails to find koha_perl_deps.pl
Since Bug 36323 moved koha_perl_deps.pl it is not needed anymore in 00-strict.t
It fails with :
koha_1 | Can't stat koha_perl_deps.pl: No such file or directory
koha_1 | at /usr/share/perl5/Test/Strict.pm line 151.
Patch remove koha_perl_deps.pl from @dirs.
It contains misc.
Test plan :
prove t/db_dependent/00-strict.t
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 325a96a4069759b1f66bd4eaaadcc098abfdd968) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit e8ab419a99eedc33827f9082c1f566281e8a5580) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Phil Ringnalda [Sat, 6 Jul 2024 22:34:06 +0000 (15:34 -0700)]
Bug 37031: Club enrollment from staff interface fails due to Entrollment typo
There is a typo in svc/club/enroll - it tries to call
Koha::Club::Entrollments->search when it should be
Koha::Club::Enrollments. This causes and error when
enrolling patrons in clubs.
Test plan:
1. Without the patch, Tools - Patron clubs - New club template - name it
and save
2. New club - (your template) - name it and save
3. Circulation - check out to a patron - Clubs tab - Enroll - Finish
enrollment, get alert() about failure to enroll
4. Apply patch, restart_all
5. Enroll - Finish enrollment, success
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit f02d90938dbe0ff8efd43cad23abb066d5642d51) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit 0aa348b665769f931a81c954afb07d9d44678453) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Brendan Lawlor [Mon, 24 Jun 2024 14:54:05 +0000 (14:54 +0000)]
Bug 37059: Fix insert button in notices and slips
This patch fixes the insert button in notices and slips. The container id needed to be appened with '_panel'
To Test:
1. Edit any notice or slip and try to use the insert button
2. Nothing happens
3. Apply patch and refresh the browser
4. Edit any notice or slip and use the insert button
5. Confirm the parameters are inserted into the tempalte as expected.
Signed-off-by: Eric Garcia <cubingguy714@gmail.com> Signed-off-by: Lucas Gass <lucas@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 5c5a7d42e6b0731d77dc215ae54b67ae3ec46768) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit 39860615722615073ce3703caa54ce79aa931ded) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Matt Blenkinsop [Tue, 28 May 2024 10:39:33 +0000 (10:39 +0000)]
Bug 36956: Allow all providers to be displayed in reports
This patch fixes an incorrect usage of the API which was only returning 20 results.
Test plan:
1) Go to ERM module and make sure you have more than 20 data providers stored in your database.
1) (Optional) Run the following command (k-t-d) to create 21 data providers:
perl -MKoha::Database -e '
my $schema = Koha::Database->schema;
$schema->resultset("ErmUsageDataProvider")->create({
name => "name ".$_
}) for (1..21)
'
2) Go to eUsage / reports and create new report (cgi-bin/koha/erm/eusage/reports)
3) Check that only the first 20 data providers are displayed in the drop down
4) Apply patch
5) yarn build or reset_all to rebuild the javascript
6) Repeat steps 1-3, all providers should now be displayed
PA amended patch: Updated commit message test plan
Signed-off-by: Michaela Sieber <michaela.sieber@kit.edu> Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 6afe1e14dc0e42b34ed57e9c29637ef8edbe24ab) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit 642acf7566fc53676d491db7a6ba604b5bdfe88b) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Lucas Gass [Wed, 12 Jun 2024 19:40:03 +0000 (19:40 +0000)]
Bug 36459: Do not duplicate duedatespec IDs
To test;
1. Go to circ/circulation.pl and check an item out to a patron.
2. Backdate it to sometime in the past using the "Specify due date
(MM/DD/YYYY) : " input
3. A modal appears to "Please confirm checkout". The date is no longer
populated in that field.
4. You must add the date again here.
5. APPLY PATCH
6. Try again and this time the confimration date should be set
correctly.
7. Follow the test plan from Bug 18885 to make sure on site checkouts
still work correctly.
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit e33714cd0dae87391f73e1f5db3ed3e2b2b9cda7) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit ad968a00d0dd8b7a030db37db55e10459ee340c5) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Laurae [Tue, 11 Jun 2024 14:04:38 +0000 (14:04 +0000)]
Bug 37071: Updated the purchase suggestions link
To test:
1. Go to a patron account and click on “New purchase suggestion” under the “Purchase Suggestions” tab.
1. Clicking on the button will take you to the suggestions management page.
2. Apply the patch.
3. Go back to the patron account and click on the “New purchase suggestion” link again. This time it will take you to the purchase suggestion form. You are now able to successfully submit a purchase suggestion.
4. Sign off and have an amazing day. :D
Signed-off-by: Sam Lau <samalau@gmail.com> Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com> Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov>
(cherry picked from commit a7484ed7598a6c1263dc5b205e3570f943bbcd60) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit dc92d3aebd0a7cde5c7c9ed7aa8df744e9e1066f) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Martin Renvoize [Thu, 13 Jun 2024 12:38:57 +0000 (13:38 +0100)]
Bug 37037: (RM follow-up) Add hint at end of script run
This patch adds a hint to the end of the script to notify the end user
that they may need to run the build_holds_queue cronjob if they are
using RealTimeHoldsQueue.
Kyle M Hall [Wed, 5 Jun 2024 15:04:31 +0000 (11:04 -0400)]
Bug 37037: touch_all_biblios.pl triggers rebuilding holds for all affected records when RealTimeHoldsQueue is enabled
If RealTimeHoldsQueue is on, touch_all_biblios triggers a update_holds_queue_for_biblios background job for each affected record. This will result in a as many background jobs being queued up as records! It makes far more sense for this script to not do that which gives the administrator the option for running the holds queue builder if the changes would affect holdability, or to not run it at all.
Test Plan:
1) Run touch_all_biblios.pl
3) Note a update_holds_queue_for_biblios background job is queued for each record touched
4) Apply this patch
5) Merge touch_all_biblios.pl again
6) Note that no update_holds_queue_for_biblios jobs were queued
Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com> Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 45bfbd0e2d7622eeac913682e95163a3f4489641) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit 690ee4483b2d1a083d606b3aed6e8d072152d520) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Sam Lau [Wed, 5 Jun 2024 17:57:10 +0000 (17:57 +0000)]
Bug 35869: Removes the dismiss button from messages on OPAC SCO module
This removes the "Dismiss" button from the SCO module. Currently, the
"Dismiss" button is present, however it does not function properly and
logs the user out if they press it. As noted on previous chats, keeping
the button would require serious changes, thus it's easier just to remove
the functionallity.
To test:
1) Enable WebBasedSelfCheck
2) Add an OPAC mesaage to a patron account
3) Login to self check ( http://localhost:8080/cgi-bin/koha/sco/sco-main.pl )
4) See the OPAC message, click dismiss.
5) Notice you are logged out at redirected to:
( http://localhost:8080/cgi-bin/koha/opac-dismiss-message.pl )
6) Apply patch
7) Log back into the self checkout module
8) Notice that there is no longer a "Dismiss" button for the message.
9) Log into OPAC into the same user's account
10) On the summary page, note that there is still a dismiss button.
11) Ensure this still works properly
12) sign-off
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com> Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 2313bc310373778338bcbf7ab38a415f10bfbda1) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit 4056c1e0c2cd0ba654e459bd755564230a8e15ef) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Emmi Takkinen [Tue, 4 Jun 2024 10:00:05 +0000 (13:00 +0300)]
Bug 37021: Change item_id type as integer in holds endpoint
When one makes a GET call to holds endpoint and hold has
item attached to it, item_id is handled as string not integer
as it should.
To reproduce:
1. Make sure you have hold waiting in your database.
2. Call endpoint api/v1/holds/?q=[{"me.status":"W"}].
=> Note that holds item_id is displayed as item_id: "12345".
3. Apply this patch.
4. Call endpoint again.
=> item_id should now be displayed as 12345.
Also prove t/db_dependent/api/v1/holds.t.
Signed-off-by: Jan Kissig <jkissig@th-wildau.de> Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 20e0c056c6faed4252e1718f97f36d15027e93fc) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit 310d19e6b3b34ebfb5826e202f5678dbd5e34890) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Lucas Gass [Tue, 4 Jun 2024 14:29:40 +0000 (14:29 +0000)]
Bug 37026: Fix JS error on sco-main.tt
To test:
1. Have a patron with some checkouts, holds, and charges that can login into the SCO module.
2. To go sco-main.pl and login
3. Try changing tabs and notice the console error:
dataTables is not defined
4. APPLY PATCH
5. Try again, there should be no error.
6. Make sure you can switch the tabs without any issues.
Signed-off-by: Sam Lau <samalau@gmail.com> Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit b9ca6b4a36c4e211a8ded1cc2be29ce8defbd7e9) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit 710e002b32a879a6064f103b2caeaf646b2b5ab3) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Lari Strand [Mon, 3 Jun 2024 11:34:10 +0000 (14:34 +0300)]
Bug 34718: Input field in fund list (Select2) on receive is inactive
Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com> Signed-off-by: Lucas Gass <lucas@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit cbae44105555c3f54e0b83b1795a76ec33256ba6) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit 7102672032b37dc5d06a898dfb4eb099644499d5) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Matt Blenkinsop [Wed, 29 May 2024 11:06:31 +0000 (11:06 +0000)]
Bug 36983: Fix incorrect required class
This patch fixes an error on the B_address2 field which sets it to be
required incorrectly
Test plan:
1) In PatronSelfRegistrationBorrowerMandatoryField, set B_address to be
required.
2) In the OPAC, navigate to the self registration form.
3) In the Alternate address section, fill in the Address field that you
have just set to be required. Ensure that you leave the Address 2
field blank.
4) Fill in all other required fields and submit the form, it should show
you that the Address 2 field is required, even though it shouldn't be
5) Apply patch
6) Refresh the page and repeat steps 1-5, it should allow youto submit
the form
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 009d83648c277bd8b351606c52f50fb3563bd7bb) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit 18a186969eba5250475984bfc159832797e90e18) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch fixes the ILL request table to display authors for journal article request types
Test plan:
1) Create an ILL request with the type of Journal Article and add an author in the Article author field
2) Click on the List requests button to see the table
3) The Author field should be blank for the request you created
4) Apply patch
5) Hard refresh the browser to reload the javascript
6) The author field should now be visible
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 11eb0d1da7c538486812ab14449f1ab8b1004d09) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit b12f880c9380b1dd56a630748d4076feab5cf0ab) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Nick Clemens [Thu, 23 May 2024 13:56:51 +0000 (13:56 +0000)]
Bug 36948: Resolve SIP issues in D12
My Koha testing docker SIP started dying repeatedly after launch. After investigation, I
found it was a problem with logging and default ports.
In D12 there is no syslog anymore, everythign uses journal. Four our purposes, lets log SIP issues
to sip.log by default
Attaching a patch to clear things up.
To test:
1 - Open KTD/D12
2 - tail -f /var/log/koha/kohadev/*.log
3 - On another terminal 'restart_all'
4 - Wait a bit, notice SIP dying
5 - Apply patch
6 - Update SIPconfig:
server-params:
log_file='/var/log/koha/kohadev/sip.log'
service with port 8023:
port="127.0.0.1:8023/tcp"
7 - Restart all
8 - Confirm SIP no longer dies
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 5dc1ec387ddf0fb258a184daddca39d6854272e2) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit 7076762bbaaeaac760475b1157d3048b5785af10) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Lucas Gass [Wed, 24 Apr 2024 20:00:53 +0000 (20:00 +0000)]
Bug 36679: Prevent SCO login for the AnonymousPatron
1. Make sure AutoSelfCheckAllowed is Allowed and AutoSelfCheckID and AutoSelfCheckPass are in use.
2. Make sure AnonymousPatron is pointed to an account.
3. Set SelfCheckoutByLogin to cardnumber.
4. Verify that if you go to the anonymous patron account in the staff interface, you cannot checkout items.
5. Go to the selfcheck path of the library. It should auto login. Put in the cardnumber for the anonymous user.
6. Proceed to check out items!
7. APPLY PATCH, restart_all
8. Try step 5 again, you should not be able to log in as the AnonymousPatron. Instead you should be redirected to OPAC home page
9. Switch SelfCheckoutByLogin to 'username and pasword'.
10. Again try to log in as the AnonymousPatron, you should not be able to.
11. Make sure you can login as a regular patron when SelfCheckoutByLogin is set to 'cardnumber' and when it is set to 'username and pasword'.
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 76075976ea655f6a9811cbc129fe7799d04b505b) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit 58b5228af0159ab94111e789b6bc9e492321289d) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
George Veranis [Thu, 14 Sep 2023 06:24:07 +0000 (08:24 +0200)]
Bug 29539: UNIMARC: authority number in $9 displays for thesaurus controlled fields instead of content of $a
When you try to dislpay a bibliographic record on unimarc that has subjects
linked with authorities then only the $9 is displayed as link instead of the
content of $a and it's subdivisions, if any.
To test:
1) You will need to have a bibliographic record with at least one subject
autority connected in unimarc framework.
2) View that record on OPAC on detail display. The subject will display as
a number ( $9 ) and you cannot see the text/term of the subject ( $a )
3) Apply patch
4) Repeat step 2
5) The subject display in a normal way based on content $a - or more subfields
Sponsored-by: National Library of Greece Signed-off-by: David Nind <david@davidnind.com>
Bug 29539: (follow-up) remove tag_onesubject template
Also:
Restores the <span class="value">
Replaces "not(position()=last())" with the more used "position() != last()"
Removes unecessary change in <xsl:param name="spanclass" />
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit a7fbe80af10cee2cbe892c095be0f5689edbf1a6) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit dda63ffc37567b545ae08c7eb380de270dd923ea) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Bug 34838: Use ->set to avoid method redefinition warnings
This patch silences more warnings. To test
1. Be on 23.11.x
2. Apply the patches before this one
3. Run:
$ ktd --shell
k$ prove t/db_dependent/Illrequests.t
=> FAIL: Lots of warnings like this:
Subroutine Koha::Illrequest::SUPER::status redefined at /kohadevbox/koha/Koha/Object.pm line 955.
Subroutine Koha::Illrequest::SUPER::status_alias redefined at /kohadevbox/koha/Koha/Object.pm line 955.
illrequestattributes is DEPRECATED in favor of extended_attributes at t/db_dependent/Illrequests.t line 1071.
4. Apply this patch
5. Repeat 3
=> SUCCESS: No more warnings!
6. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Pedro Amorim [Tue, 26 Sep 2023 09:35:01 +0000 (09:35 +0000)]
Bug 34838: Only check for status in status graph if request has a status
This check is required because when the existing_statuses method checks for the existing status_alias, it'll leave out the status from the query, so the status will be NULL for those particular query results when calling strings_map, throwing a warning
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Pedro Amorim [Tue, 26 Sep 2023 09:33:08 +0000 (09:33 +0000)]
Bug 34838: Only call strings_map if status_alias is not undef in status_alias cycle
Because its highly likely that at least one request will have status_alias null in the database, the select MAX query will always return at least one result with NULL status_alias, throwing a warning, so we skip that
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Pedro Amorim [Mon, 25 Sep 2023 15:07:37 +0000 (15:07 +0000)]
Bug 34838: Replace SUPER::AUTOLOAD with get_column
I'm not 100% happy with this but I'm out of ideas.
I think the problem warning happens because there is no method status or status_alias directly defined in Object.pm so it tries to define it, but it has already been defined by AUTOLOAD previously.
Test plan:
prove t/db_dependent/Koha/Illbackend.t
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Nick Clemens [Wed, 8 May 2024 13:22:58 +0000 (13:22 +0000)]
Bug 34444: Correct handling of sort1 and sort2 values
Removed extraneous sort_1 data elements
Update selectors to use field names for statistics field
Updated code to set the value after finding the correct selector
To test:
* Make sure you have at least 2 funds with different stat settings, using AV and not
* Create a basket with an order line
* Close it and receive shipment
* Create an invoice and receive the order line
* Finish receiving
* Click "Modify fund"
* Switch fund, verify the stat fields are updated accordingly
* Change values for statistical values
* Update fund
* Edit fund again, pull downs are correct
* Change values in form and close, do not update
* Click 'Modify fund' - confrim form is filled with the saved values
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 596d6b74eaa38e2adb6f6540f0d5b7b26d000c11) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit 572ce3af4aaad54036297e67d659a74900c36131) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Nick Clemens [Wed, 29 May 2024 13:54:52 +0000 (13:54 +0000)]
Bug 35989: (QA follow-up) Add test and limit variable scope
Before this patch if a record had a 751 and a 781 you could have fields repeated.
This patch reduces the scope of the fields to subdivision variable as it is only used in processing 7xx
fields and should not be shared between fields.
I also add unit tests
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 95f2aecc1b57b7c4bb8326f9f2fc9366a042a9c1) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit 4ca639a5f64347db02416c881d15ff0e53ee4cb7) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Currently when searching for a geographic authority record the search will fail if the record has a heading in a 78X field. The system tries to do a regex match against an undefined variable causing an error. This patch makes that regex match conditional on the variable being defined to allow the search to succeed.
Test plan:
1) Navigate to Authorities
2) In the search bar at the top of the page, click on the dropdown options and in the 'Authority type' field, select 'Geographic Name'
3) Click search
4) You should have a list of authorities
5) Click on any authority record and then click edit and select to edit the record
6) Click on the "7" button
7) Click on the green text next to the '781' field to get the list of fields
8) In field 'v' enter any string you like
9) Click save
10) Repeat steps 1-3, this time it should display an error message for an Unmatched [ in regex
11) Apply patch
12) restart_all
13) Refresh the page, the results should show and the string you entered in the 'v' field should display on the record you edited
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 6c9482f213ba7f65de490f49b1ddf3425a4ab478) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit 6dfb1dd9317ff916b8e7aa13aeb1601252118dea) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Andrii Nugged [Mon, 3 Jun 2024 00:50:24 +0000 (03:50 +0300)]
Bug 37014: Fix after-modal-POST to transmit "not_returned" message
The bug report addresses an issue where the message "Item was not checked in" erroneously appears during the second POST after a manual or modal check-in process.
1. In circ/returns.pl:
- Introduced a new hash `%rinot_returned` to track items not returned across pages.
- Updated the logic to capture the "not returned" status from the query parameters.
- Adjusted the input processing loop to include `not_returned` status.
- Modified the section handling barcode check-ins to appropriately initialize and update the `not_returned` status.
2. returns.tt:
- Added hidden input fields in the template to include `not_returned` status in the form submissions.
The changes ensure that the "not_returned" status is correctly tracked and displayed, preventing the erroneous message from appearing on subsequent POST requests.
1. Perform a manual check-in of an item, but make some warning modal appear: for ex., transfer: check-in the item in not home library.
2. Press OK on the modal. There will be a POST transition again to redraw the checked-in items list.
3. Verify that the "Item was not checked in" message appears erroneously near the item's row.
4. Apply the patch.
5. Repeat steps 1-3 and check that there will be no erroneous "Item was not checked in" message.
Signed-off-by: Tadeusz „tadzik” Sośnierz <tadeusz@sosnierz.com> Signed-off-by: Lucas Gass <lucas@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit f567d41b91092711278a1e00accb1ebdee59f4c2) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit 12edba3773ae2a47384134a04790ec519b262d43) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Martin Renvoize [Wed, 24 Apr 2024 15:39:52 +0000 (16:39 +0100)]
Bug 33237: Move and simplify language selection logic
This patch moves the language selection into GetPreparedLetter, drops
the interface check step and ensures the default template always uses
the default include language as per the OPACLanguages settings.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit c50bb140a872e67e07426fc3fc20bceb88c7d1e3) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Martin Renvoize [Wed, 24 Apr 2024 13:44:05 +0000 (14:44 +0100)]
Bug 33237: Add display of which language default language is expected
This patch adds the display of 'Default language' to the 'Default'
language in the notices editor tool.
This is so that librarians know which language they are expected to be
writing the notice in so we can remain consistent in both template and
include language used.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit dc554790439658e5a7b5e1bda62a8d0aa9e2dc3a) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Martin Renvoize [Tue, 23 Apr 2024 12:42:46 +0000 (13:42 +0100)]
Bug 33237: (QA follow-up) Clarify tests and Mock
This patch tries to clarify the tests a little and expand their
coverage whilst also adding some defualt translated includes to the test
area and mocking the config to allow the tests to run without installing
translations.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit a773770f738fe1b23d6c5b7cbafade636000374f) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Nick Clemens [Tue, 26 Mar 2024 17:54:19 +0000 (17:54 +0000)]
Bug 33237: (follow-up) Tidy
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit ef558f072f95ed6bfa05fe132da5503f8d402dbd) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Hammat Wele [Mon, 27 Mar 2023 21:05:29 +0000 (21:05 +0000)]
Bug 33237: If TranslateNotices is off, use the interface language includes in slips
This patch set the language used in slips folloinw this logic:
--> uses patron's preferred language
--> if patron's preferred language is 'default', use the interface language
--> if there is no interface (for overdue_notices for example), use the first language in 'language' system preference
To Test:
1. Install the other language (i used fr-CA here)
1.1.
gulp po:update fr-CA
./misc/translator/translate install fr-CA
1.2. In Administration > Global system preferences, search for language and check the added language
2. Create a manual invoice in a patron's account and pay it
3. From the Transactions tab, click 'Print' next to the payment line
--> On the printed slip, there's the word 'Payment' in English (OK)
4. Switch interface to other language
5. Redo step 3
--> On the printed slip, the word 'Payment' is still in English (not ok)
6. In Administration > Global system preferences, enable TranslateNotices
7. Go to Tools > Notices and slips > ACCOUNT_CREDIT and copy the content of the letter into all the languages
8. Redo step 3 (you should still be in the other language interface)
--> On the printed slip, the word 'Payment' is still in English (not ok)
9. Edit the patron's account and change the preferred language to the other language
10. Redo step 3
--> On the printed slip, the word 'Payment' is in the other language (Paiement) (OK)
11. Apply the patch
12. Reset config
12.1. Edit the patron's account and change back the preferred language to 'default'
12.2. In Administration > Global system preferences, disable TranslateNotices
13. Redo step 3 (you should still be in the other language interface)
--> On the printed slip, the word 'Payment' is in the other language (Paiement)
14. Switch interface to the english language
15. Redo step 3
--> On the printed slip, the word 'Payment' is in English
16. In Administration > Global system preferences, enable TranslateNotices
17. Edit the patron's account and change the preferred language to the other language
18. Redo step 3
--> On the printed slip, the word 'Payment' is in the other language (Paiement)
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 4f7ae9c1c4a4158976749b97a515731778708479) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Marcel de Rooy [Thu, 16 May 2024 09:25:34 +0000 (09:25 +0000)]
Bug 36875: (follow-up) Modify query in translated_content
This removes the MySQLism for FIELD(..).
In this case we just want to get the non-default records in
the front. So we can just test lang=default. And prevent inserting
$lang in the expression. And so prevent execution in ORDER BY.
No longer needing the ->quote call too.
Test plan:
Run Koha/AdditionalContents.t again.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit c16f5c61849460489992977812f020ec7fa5c9f3) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Marcel de Rooy [Thu, 16 May 2024 07:19:30 +0000 (07:19 +0000)]
Bug 36875: Do not pass unsanitized language to $page->translated_content
Test plan:
Try to access opac-page.pl with a language not in OPACLanguages.
Verify that this 'language' was not passed to sql. Simplest perhaps
by debugging AdditionalContent.pm. Something like:
sub translated_content {
my ( $self, $lang ) = @_;
+warn "L137: $lang";
Now have a public additional_contents page and hit it:
/cgi-bin/koha/opac-page.pl?page_id=5&language=badsql
Check your log and find:
[2024/05/16 07:25:53] [WARN] L137: en at [etc] line 137.
So badsql was caught.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 1a9e3647095eaf9563db59bd8b3a759a0875cc39) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Chris Cormack [Wed, 8 May 2024 22:41:43 +0000 (22:41 +0000)]
Bug 36818: Escape characters in file names uploaded
To test:
1/ create a file named something like 'execute`curl blog.bigballofwax.co.nz`.zip'
Where the domain is one you can watch the logs from
2/ Upload this file as a cover image
3/ Check /var/lib/koha/sitename/tmp/koha_sitename/ and see unescaped filenames
4/ Choose process, check the logs of the webserver see the connection has been made
5/ Apply the patch
5/ Repeat 2 & 3 and see the filename is now escaped
6/ Choose process and check no errors but no no remote execution occurs
7/ Test uploading actual zip file and images still works
Signed-off-by: Amit Gupta <amit.gupta@informaticsglobal.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 14bdaae3f257a321f8ec0d32c6b1e9bc6ed6033d) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Chris Cormack [Mon, 13 May 2024 02:26:13 +0000 (02:26 +0000)]
Bug 36520: Sanitize input in opac-sendbasket.pl
To test
1/ Add some items to your cart in the opac
2/ Choose send cart
3/ Open firefox developer tools and switch to the network tab
4/ Send cart
5/ In the network tab, find the post request and choose copy as curl
6/ Edit the curl command to add )+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))x)--+- to the bib_list parameter
7/ Run the curl notice it takes a long time to respond, if you want to check run the curl without the above part added
8/ Apply the patch and restart plack
9/ Run the modified curl and notice no longer the slow down
10/ Test in browser and make sure the basket is still sent
Signed-off-by: Amit Gupta <amit.gupta@informaticsglobal.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
(cherry picked from commit 2f3f42ba98b698871bc473d65a14b5e89d0ae86c) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Jonathan Druart [Mon, 13 May 2024 12:47:28 +0000 (14:47 +0200)]
Bug 36520: Prevent SQL injection in GetPreparedLetter
Actually in _get_tt_params
The following query will delay the response
SELECT `me`.`biblionumber`, `me`.`frameworkcode`, `me`.`author`, `me`.`title`, `me`.`medium`, `me`.`subtitle`, `me`.`part_number`, `me`.`part_name`, `me`.`unititle`, `me`.`notes`, `me`.`serial`, `me`.`seriestitle`
, `me`.`copyrightdate`, `me`.`timestamp`, `me`.`datecreated`, `me`.`abstract`
FROM `biblio` `me`
WHERE `biblionumber` = '1) AND (SELECT 1 FROM (SELECT(SLEEP(6)))x)-- -'
ORDER BY field( biblionumber, 1 ) AND (
SELECT 1
FROM
SELECT SLEEP( 6 ) x
) -- - )
To test
1/ Add some items to your cart in the opac
2/ Choose send cart
3/ Open firefox developer tools and switch to the network tab
4/ Send cart
5/ In the network tab, find the post request and choose copy as curl
6/ Edit the curl command to add )+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))x)--+- to the bib_list parameter
7/ Run the curl notice it takes a long time to respond, if you want to check run the curl without the above part added
8/ Apply the patch and restart plack
9/ Run the modified curl and notice no longer the slow down
10/ Test in browser and make sure the basket is still sent
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz> Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
(cherry picked from commit 0b3c98b0ba01ea5c886ecfe8eef174b5b7c6ec25) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Nick Clemens [Wed, 24 Apr 2024 15:06:22 +0000 (15:06 +0000)]
Bug 36575: Adjust checkpw_internal to return patron
This patch refactors checkpw_internal to remove the SQL code, use patron ojbects, and return the
patron that correctly matches the userid/caerdnumber when auth is successful
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
(cherry picked from commit fe78f06a50c41a7dbac24206e31bc5b1189ee185) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Martin Renvoize [Thu, 11 Apr 2024 10:18:30 +0000 (12:18 +0200)]
Bug 36575: (QA follow-up)
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
(cherry picked from commit fffc5600cad077e8b4d8d5211263f1935c5b07cd) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Nick Clemens [Thu, 11 Apr 2024 09:39:03 +0000 (09:39 +0000)]
Bug 36575: Return correct patron when there is a shared userid / cardnumber
This patch moves some patron fetching code in C4/Auth to use to patron returned from the validation
methods and only try to fetch the patron (to check if locked, update attempts, etc) if we didn't authenticate
To test:
1 - Set a user to have userid = BANANA password = Password1
2 - Set a user to have cardnumber = BANANA password = Password2
3 - Hit the patron authentication API:
http://localhost:8080/api/v1/auth/password/validation
with data:
{ "identifier": "BANANA", "password":"Password1" }
and:
{ "identifier": "BANANA", "password":"Password2" }
4 - Note you receive the same response for both
5 - Apply patch, restart all
6 - Repeat the API and confirm you get the correct patron for the password submitted
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
(cherry picked from commit ff4e0c4293486d2db31d2f48d9f6f31d6470965a) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Martin Renvoize [Thu, 6 Jun 2024 06:30:37 +0000 (07:30 +0100)]
Bug 36986: (follow-up) Ensure idempotency
MySQL/MariaDB checks the primary key/unique constraint before WHERE
clause when performing an UPDATE. As such, the lack of AutoLocation
existing will not prevent a failure on a second run of the update.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 73634e93fd044d68e6415601ebeab7dbcca5286e) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Martin Renvoize [Wed, 5 Jun 2024 17:10:33 +0000 (18:10 +0100)]
Bug 36986L (follow-up) Ensure idempotency
MySQL/MariaDB checks the primary key/unique constraint before WHERE
clause when performing an UPDATE. As such, the lack of AutoLocation
existing will not prevent a failure on a second run of the update.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit dc2388281c8e0e9c11ee5829cf09b7737a2f1c6c) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Fridolin Somers [Wed, 29 May 2024 15:29:21 +0000 (17:29 +0200)]
Bug 36986: (Bug 26176 follow-up) Fix rename StaffLoginBranchBasedOnIP in BDRev
Test by running upgrade from 23.11.00 to main
Check you see :
Upgrade to 23.12.00.061 [15:34:36]: Bug 26176 - Rename AutoLocation and StaffLoginBranchBasedOnIP system preferences
Renamed system preference 'AutoLocation' to 'StaffLoginRestrictLibraryByIP'
Renamed system preference 'StaffLoginBranchBasedOnIP' to 'StaffLoginLibraryBasedOnIP'
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit ebd4aa682796b8ac4666e948e7c55fde4d91ad2d) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Nick Clemens [Tue, 21 May 2024 13:44:47 +0000 (13:44 +0000)]
Bug 26176: Rename AutoLocation to StaffLoginRestrictBranchByIP
This patch sets AutoLocation to be called StaffLoginRestrictBranchByIP.
The new name is chosen to reflect the new pref StaffLoginBranchBasedOnIP.
Also this patch corrects the order of sysprefs in installer file.
To test:
Follow test plans on bug 36665 and bug 35890 and confirm that the preferences
continue to work as expected
Confirm the descriptions of the prefs in the staff interface match the behaviors expected
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 8b2bdf6ee5a18e247e98d67d7e81605cc45542c6) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Pedro Amorim [Fri, 3 May 2024 14:22:13 +0000 (14:22 +0000)]
Bug 34263: (QA follow-up): Use flatpickr .clear instead
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 1137793e44ce6b5d2a4e7759e46218f6ddeb9e8b) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Katariina Pohto [Thu, 2 May 2024 13:09:39 +0000 (16:09 +0300)]
Bug 34263: Suspending holds consecutively populates previously used date falsely
Suspending a hold doesn't clear the date from the date picker. When another hold is suspended
the previously used date will show on the date picker but the value is not set on the hold.
Suspending the hold will suspend it indefinitely. Also the link "Clear date to suspend indefinitely"
will not clear the date picker. This patch will make both the Suspend button and the Clear date link
clear the dates from both the date picker and the variable passed on, making the suspending consistent
with what is seen on the date picker.
Test plan:
1) Place 3 holds on a patron.
2) Suspend a hold and set a date for it.
3) Suspend a second hold and notice the previously used date is shown on the date picker.
Note that the hold will be suspended indefinitely.
4) Open the suspending window for the third hold and pick a date. Click "Clear date to suspend indefinitely"
and note the date picker doesn't get cleared. The hold will be suspended indefinitely.
5) Apply patch.
6) Suspend a hold and set a date for it.
7) Suspend a second hold and notice the date picker does not have a preset date.
8) Pick a date and clear it with the "Clear date to suspend indefinitely link".
See that the date picker also gets cleared.
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 0f0479e87aaa324b455fbbf40674f15e2fa862c0) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Jonathan Druart [Wed, 22 May 2024 12:01:28 +0000 (14:01 +0200)]
Bug 36923: Remove warnings from Holds/LocalHoldsPriority.t
t/db_dependent/Holds/LocalHoldsPriority.t .. 1/7 Use of uninitialized value in numeric gt (>) at /kohadevbox/koha/C4/Reserves.pm line 866.
t/db_dependent/Holds/LocalHoldsPriority.t .. 2/7 Use of uninitialized value in numeric gt (>) at /kohadevbox/koha/C4/Reserves.pm line 866.
Use of uninitialized value in numeric gt (>) at /kohadevbox/koha/C4/Reserves.pm line 866.
Use of uninitialized value in numeric gt (>) at /kohadevbox/koha/C4/Reserves.pm line 866.
t/db_dependent/Holds/LocalHoldsPriority.t .. 5/7 Use of uninitialized value in numeric gt (>) at /kohadevbox/koha/C4/Reserves.pm line 866.
t/db_dependent/Holds/LocalHoldsPriority.t .. ok
All tests successful.
We didn't have the default values generated by the DBMS
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 6827c9061ffc57c2e1f7087aced8ce2e65196558) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
1) Add a new patron attribute type, visit:
<staff_url>/cgi-bin/koha/admin/patron-attr-types.pl?op=add_attribute_type
2) Add a code and a description (whatever) - Make it 'Display in OPAC' and 'Editable in OPAC'
3) Access OPAC patron personal details page, visit:
<opac_url>/cgi-bin/koha/opac-memberentry.pl
4) Scroll down and add some info to 'whatever'. Click 'Submit update request'.
5) Visit the INTRA 'update patron requests from opac' page:
<staff_url>/cgi-bin/koha/members/members-update.pl
6) Notice the entry is there. Select 'approve' and click "Submit"
7) Repeat 3)
8) Scroll down and notice the approved value is there. Clear that data and "Submit update request" (as if you're requesting for that data to be removed/cleared)
9) Repeat 5)
10) Notice there's an entry, and it is not empty. Select 'approve' and click "Submit"
11) Repeat 3)
12) Scroll down and notice the request to update (clear) that field did go through, i.e. the data is not there anymore.
Also test self-registration and mandatory attributes
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit f4e999bb9f9a714eedc5bac22dd6902abe288af1) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Jonathan Druart [Wed, 22 May 2024 08:31:29 +0000 (10:31 +0200)]
Bug 36916: Do not generate invalid JS or CSS from TestBuilder
TestBuilder generates random strings for branches.opacuserjs and branches.opacusercss which produces invalid JS and CSS.
Selenium has several warnings related to this:
koha-selenium-1 | JavaScript error: http://koha:8080/cgi-bin/koha/opac-user.pl, line 1744: ReferenceError: CLYxPjQ152 is not defined
koha-selenium-1 | JavaScript error: http://koha:8080/cgi-bin/koha/opac-search.pl, line 2069: ReferenceError: CLYxPjQ152 is not defined
koha-selenium-1 | JavaScript error: http://koha:8080/cgi-bin/koha/opac-reserve.pl, line 1351: ReferenceError: CLYxPjQ152 is not defined
Because of the following in the DOM
<script>
CLYxPjQ152
</script>
This patch suggests to set to an empty string by default, to prevent random failure or inconsistent behaviours when testing the UI.
Test plan:
Run t/db_dependent/selenium/authentication.t and watch the selenium
output.
With this patch applied you will not see the "JavaScript error" lines
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit a51b46d4bab2989486ea0be05e130066c666fa50) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Phil Ringnalda [Thu, 16 May 2024 20:54:41 +0000 (13:54 -0700)]
Bug 36589: Advanced cataloging - restore the correct height of the clipboard
A simple direct fix for the height of the advanced editor's clipboard,
which is a <select size="10"> that's currently cut down to the height of
one thick line by CSS intended for non-multiple, non-sized selects with
dropdown menus.
Test plan:
1. Set the pref EnableAdvancedCatalogingEditor to Enable
2. Cataloging -> Advanced editor
3. Note the Clipboard is a single line tall
4. Apply patch, shift+reload Advanced editor
5. Note the Clipboard is ten lines tall
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 10a8dc5108dc58d91786ead95f5130a7a147d5b1) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Pedro Amorim [Tue, 21 May 2024 09:13:49 +0000 (09:13 +0000)]
Bug 36904: Fix batch->ill_batch
This was missed when renaming follow-ups were added to bug 30719
1) Enable ILL, install FreeForm and checkout the current compatible branch with main
bash <(curl -s https://raw.githubusercontent.com/ammopt/koha-ill-dev/master/start-ill-dev.sh)
cd /kohadevbox/koha/Koha/Illbackends/FreeForm
git checkout reorganize_ILL
2) Visit ILL module:
http://localhost:8081/cgi-bin/koha/ill/ill-requests.pl
3) Type whatever search in the tiny 'Search' input box directly above the table
4) Notice you get an error. Apply patch. Repeat.
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 5f031219ba0f242cab75cd07d4fcdf30af91d177) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
A Marcel's QA patch to Bug 36552 added use POSIX; in two spots.
In https://metacpan.org/pod/POSIX we read:
CAVEATS
Everything is exported by default (with a handful of exceptions). This is
an unfortunate backwards compatibility feature and its use is strongly
discouraged. You should either prevent the exporting (by saying use
POSIX ();, as usual) and then use fully qualified names (e.g.
POSIX::SEEK_END), or give an explicit import list. If you
do neither and opt for the default (as in use POSIX;), you will
import hundreds and hundreds of symbols into your namespace.
This patch fixes this.
No test plan.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 8d9ccd6fc371877fbd4d016ee3bc1de54721787e) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Martin Renvoize [Thu, 23 May 2024 09:36:55 +0000 (10:36 +0100)]
Bug 36908: (QA follow-up) Proposed improvement to prefernce description
I found the initial addition of 'or the branch chosen at login' to the
system preference description more misleading than the original. After
discussion on mattermost and with training staff here at PTFS the best
alternative we could come up with is proposed here.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 85735e86f4f927d8e455aec08ef90a1381694059) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Nick Clemens [Tue, 21 May 2024 12:26:34 +0000 (12:26 +0000)]
Bug 36908: Additional unit tests to identify flaw when two branches have same IP
This could be considered a configuration flaw, but when:
StaffLoginBranchBasedOnIP enabled and not AutoLocation
or
AutoLocation enabledand no IP set in user's branch
AND
two branches have the same IP set
the user can be logged in randomly to one of the matching branches.
These test often pass, but will also randomly fail
Easier to verify with a one liner demonstrating current code:
perl -e 'use Koha::Libraries; use List::MoreUtils qw(uniq); my $branches = { map { $_->branchcode => $_->unblessed } Koha::Libraries->search->as_list }; my $branchcode="CPL"; warn Data::Dumper::Dumper( uniq( $branchcode, keys %$branches ));'
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 7e8803537254ec950c64327bece8091e6cf49499) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>