Owen Leonard [Fri, 10 Jan 2014 17:45:30 +0000 (12:45 -0500)]
Bug 11381: improve styling of IDreamBooks content in bootstrap theme
Styling of IDreamBooks elements is not correct in the bootstrap theme
because the relevant CSS was not transferred from the prog theme. This
patch adds it back.
To test, switch to the bootstrap theme and enable IDreamBooks system
preferences in the OPAC, particularly IDreamBooksReadometer. Find a book
in the OPAC which shows IDreamBooks review data and confirm that
everything looks correct.
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Works as described. Tested with "The help".
While adding the --help and -h switches I forgot to change to arguments
count validation so that one can actually use those parameters (i.e.
koha-create should accept being invoked with only one parameter).
This patch just changes the minimum parateres required from 2 to 1.
To reproduce:
- Run 'koha-create --help' from master
=> Usage information is printed BUT ALSO an "Error: wrong parameters"
message
- Apply the patch and
- Run 'koha-create --help'
=> Usage informatio it printed and no error message.
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
(cherry picked from commit 692c4f03b5adebec754c1a8db16e2db97c63f554) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Galen Charlton [Fri, 10 Jan 2014 16:49:01 +0000 (16:49 +0000)]
Bug 10952: (follow-up) clear seach history from session after saving it to DB
This patch makes sure that the search history from an
anonymous session is cleared from the session after a user
logs in (and the session history is saved to that user's
record in the database). This fixes a problem where the
search history from the session got repeatedly added to the
database each time the user did something while logged
into the OPAC.
Julian Maurice [Wed, 18 Dec 2013 09:58:36 +0000 (10:58 +0100)]
Bug 10952: (follow-up) comments fixes and unit tests
- Remove unit tests for ParseSearchHistoryCookie, which doesn't exist
anymore
- Add unit tests for ParseSearchHistorySession and
SetSearchHistorySession
- Remove/Modify comments about search history cookie
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Tests fixed and moved, and comments tidied up
Signed-off-by: Charlene Criton <charlene.criton@univ-lyon2.fr> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
(cherry picked from commit bbf7cd6876e94865492e3fd19e59c31b6b95b588) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Julian Maurice [Thu, 26 Sep 2013 09:22:26 +0000 (11:22 +0200)]
Bug 10952: Store anonymous search history in session
Storing search history into cookie can cause problems, due to the size
limitation of 4KB.
The solution here is to store search history into the CGI::Session
object, so there is no size limitation (but anonymous search history
still remember up to 15 requests max.)
Test plan:
- Go to OPAC in anonymous mode.
- Check that the "Search history" link is *not* shown in the top right
corner of the page
- Make some searches on /cgi-bin/koha/opac-search.pl
- The "Search history" link should appear. Click.
- Your search history should be displayed.
- Try to log in with invalid username/password
- Go back to search history, it's still there
- Now log in with valid username/password
- Your anonymous search history should be saved into your own search
history.
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Restoring original sign offs and comments below
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Work as described. No koha-qa errors
Well, search history saving is similar before and after patch.
i.e. anonmymous search is saved when user logs in, but cookie
KohaOpacRecentSearches is empty.
Shows current an previous session searches
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
All tests and QA script pass, works as described.
Signed-off-by: Charlene Criton <charlene.criton@univ-lyon2.fr> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
(cherry picked from commit d07df7d51250bb5a40bb556aab48afb18a67a396) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Jonathan Druart [Tue, 7 Jan 2014 14:14:01 +0000 (15:14 +0100)]
Bug 11475: fix return link after editing/deleting items in batch
Bug introduced by bug 9044.
Test plan:
1- First we search for records with multiple items (books or serials,
does not matter)
2- We open this record we found with multiple items for editing
3- We chose "Edit items in batch" option from the "Edit" menu
4- We make corrections on the fields under the "Edit item" (For example
we change the collection code as "fiction")
5- We save this using "Save button" at the bottom, after we are done.
6- Just after we save, there will be a button named "Done" available
just under the page, and when we click on "Done" we encounter the Error
screen.
Before the patch, the "Done" link points to
/cgi-bin/koha/tools/CATALOGUING.
After applying the patch, the "Done" link points to the biblio detail
page.
Signed-off-by: Nicole C. Engard <nengard@bywatersolutions.com>
All tests pass
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Passes koha-qa.pl, works as advertised
Robin Sheat [Tue, 19 Nov 2013 03:19:12 +0000 (16:19 +1300)]
Bug 10646 - warn if mod_rewrite is not enabled
Koha requires mod_rewrite. If it's not enabled in Apache, then
koha-create will now abort with a helpful error message. Also adds a
warning when not run as root to avoid confusing errors.
Test plan:
* apply the patch
* a2dismod rewrite
* run koha-create without sudo, note the error about being root
* run koha-create with sudo, note the error about rewrite
* a2enmod rewrute
* repeat test above, note that it works
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
Works as expected.
Bug 11499: UT: Make zebra_setup.pl correctly set indexing mode
By adding the relevant environment variables to the script the generated
koha-conf.xml file for the unit tests is correct now.
Test plan:
- Verify that tests pass now:
$ prove -v t/db_dependent/Search.t 2> /dev/null | grep 11499
Sponsored-by: Universidad Nacional de Cordoba Signed-off-by: Galen Charlton <gmc@esilibrary.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Passes unit test, koha-qa.pl
Bug 11499: (regression tests) indexing modes not properly set on generated koha-conf.xml
t/db_dependent/Search.t creates its own temporary koha-conf.xml and
related files, and it fails to properly set indexing modes for
bibliographic and authority records.
The test should fail unless the main page is applied.
Sponsored-by: Universidad Nacional de Cordoba Signed-off-by: Galen Charlton <gmc@esilibrary.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
(cherry picked from commit 7b1d49f84b17ef779fac8ab6874bf2d34037aaba) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Chris Cormack [Fri, 27 Dec 2013 06:06:34 +0000 (19:06 +1300)]
Bug 7965: Silence warns in staff log
Silence warns in C4::Bookseller::GetBooksellersWithLateOrders()
to test
1/ run prove t/db_dependent/Bookseller.t
Notice lots of Use of uninitialized value $delay in numeric lt (<) at /var/lib/jenkins/jobs/Koha_master/workspace/C4/Bookseller.pm line 134 type lines
2/ apply patch
3/ run prove t/db_dependent/Bookseller.t
Notice warns are gone
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Tiny change, positive consequences.
Passes QA script and all tests.
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
(cherry picked from commit febd0312f8623c9861bd70dd61aa3fd47afb1b51) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Chris Cormack [Thu, 2 Jan 2014 04:15:56 +0000 (17:15 +1300)]
Bug 11457: avoid spurious test failure in t/db_dependent/Bookseller.t
This patch clears the subscription table so tests pass correctly if
there happens to have been a subscription with an end date before
2013-08-01.
To test
1/ Add a subscription in the serials module, with an end date before
2013-08-01
2/ run prove -v t/db_dependent/Bookseller.t
Notice tests 22 and 23 fail
3/ Apply patch
4/ run test again
5/ Notice tests succeed
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Tests now clean the subscription table before running
the tests, so that the will always pass.
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
(cherry picked from commit 8209bf10269c36c1bb8d4b2da23fe356ab7a3568) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Katrin Fischer [Sun, 17 Nov 2013 21:58:52 +0000 (22:58 +0100)]
Bug 11260: Follow up - normalizing frequencies in English sample file a bit
After some discussion in IRC I am throwing in some changes for the
English sample frequencies:
- Change Vol to Vol.
- Change No to No.
We had both forms in the file, now it should be consistent.
To test:
- Run English web installer installing all sample files, especially
frequencies
- Check installed frequencies
- Check available options creating a subscription
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
(cherry picked from commit 66bf3abf78a7537201fd54be7b58fbab4c716b40) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Katrin Fischer [Sun, 17 Nov 2013 21:56:45 +0000 (22:56 +0100)]
Bug 11260: Update German web installer - frequencies and numberpatterns
Translates the new files for frequencies and numberpatterns
To test:
- Run the German web installer with all sample files
- Check all files import without errors, especially frequencies and
numbering patterns
- Check frequencies in serials
- Check numbering patterns in serials
- Create a subscription, check possible choices
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
(cherry picked from commit fff04e59e785ce26f52da94730818c541476f7bb) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Katrin Fischer [Sun, 17 Nov 2013 20:05:45 +0000 (21:05 +0100)]
Bug 11260: Update German web installer for 3.14
Mandatory:
- adds auth_values.sql and .txt with YES_NO referenced in patron_attributes.sql
- updates sample notices with redone slip templates (ISSUESLIP, ISSUEQSLIP,
RESERVSLIP, TRANSFERSLIP)
- adds German translations to subtag_registry.sql and copies updated file
from en to de-DE
- adds translation for new course_reserves permission to userflags.sql
- adds translations for new permissions in userpermissions.sql
- Fixes typo IndependantBranches in English userpermissions.sql
Optional:
- adds csv_profiles.sql and translation of the serial claims profile
- adds z39.50 servers for authorities to sample_z3950_servers.sql
To test:
- Run web installer in English
- check all sample files, make sure they all install without SQL errors
- check language list on advanced search displays correctly still
- check area/language list on tools > news displays correctly still
- check permissions for correct spelling of IndependentBranches
- Run web installer in German
- repeat checks from above
- also check: authorised values, especially existence of YES_NO
- all permissions are translated now
- slip notices are all there and look right
- new z39.50 servers for authorities are available
- csv profile for serial claims is available and works as expected
... and anything else you can think of.
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
(cherry picked from commit bbe64974b02d78fc916f76408a995ac1bf7f6228) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Galen Charlton [Mon, 6 Jan 2014 16:27:17 +0000 (16:27 +0000)]
Bug 6886: (follow-up) remove redundant test for singleBranchMode
This patch removes an unnecessary check of the singleBranchMode
preference that occurred in an <xsl:otherwise> clause where
we already know that singleBranchMode != 1.
Kyle M Hall [Fri, 4 Jan 2013 18:40:33 +0000 (13:40 -0500)]
Bug 6886: ensure that singleBranchMode does not display library name for reference copies
Test plan: Enable singleBranchMode and OPACXSLTResultsDisplay. Perform
a search in the OPAC which returns results containing not-for-loan
items. Before the patch these items will show their library in search
results loan items. After the patch there will be not be a library
listed, matching other items in results.
Fridolyn SOMERS [Fri, 7 Jun 2013 12:55:18 +0000 (14:55 +0200)]
Bug 10429: improve display of library and library filter on serials claim page
In serial claims page, the library code is displayed in table instead
of library name and library filter does not work.
This patch adds the display of library name by using libraries template
plugin. It changes the Javascript library filter to make it work.
Also sets "all" filter in template (like status filter) to allow
translation and sets "all" as selected by default. The staff user's
library was selected by default, but the table was not filtered
with it.
Test plan :
- Go to serials claim of a vendor with serials of multiple libraries
=> You see branch filter with "(All)" and table shows library's names
- Check that library filter does its work
Signed-off-by: David Cook <dcook@prosentient.com.au>
Works as described.
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Table now shows the branch name instead of the branchcode.
First option was named (All), matching the status pull down.
When opening the claims page, (All) is preselected and the
result list matches with the selection. Before the patch
the library was preselected, but the result list did show
late issues from all branches.
This patch is an improvement, but there is still more work to do.
- Filters are not cumulative, but when another filter is selected
the first filter is not reset.
- It's not possible to combine
2 or more filters.
Kyle M Hall [Thu, 5 Dec 2013 14:13:35 +0000 (09:13 -0500)]
Bug 11342: fix error in OPAC self registration form if BorrowersTitles is empty
If BorrowersTitles is empty, it causes the library pulldown on the self
registration page to be empty, and to have the "Saluation" field have
the option "branches".
This patch also fixes a minor string capitalization issue.
Test Plan:
1) Enable OPAC self registration
2) Set the system preference BorrowersTitles to be empty
3) View the self registration page
4) Note the lack of branches in the home library pulldown
5) Apply this patch
6) Note the branches now display in the pulldown
Signed-off-by: Christopher Brannon <cbrannon@cdalibrary.org> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Tested in bootstrap and prog OPAC, with BorrowersTitle configured
and emptied.
Passes all tests and QA script.
Note: The titles pull down has 2 empty entries in master with
and without the patch.
Mark Tompsett [Wed, 27 Nov 2013 18:16:56 +0000 (13:16 -0500)]
Bug 11316 - plugin icon missing tooltip in addbiblio.pl
By adding:
title=\"Tag editor\"
into the HTML generated in addbiblio, a tooltip displaying
'Tag editor' appears when the mouse is hovered over the
plugin icon.
Test Plan:
1) Log into Staff client
2) Click the 'Search the catalog' tab
3) Type something which will generate results
4) Click the title of a result
5) Click the 'Edit' button
6) Scroll down and click the 'Edit Record'
7) Look through the various tabs and notice that all the plugin
icons have no tooltip.
8) Apply the patch
9) Refresh the page
10) All the plugin icons should have the tooltip text of
'Tag editor'.
Signed-off-by: Christopher Brannon <cbrannon@cdalibrary.org> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Adds a title attribute. Works as described.
Galen Charlton [Thu, 2 Jan 2014 18:02:17 +0000 (18:02 +0000)]
Bug 11470: fix occassional spurious test failure in Circulation_transfers.t
This patch makes Circulation_transfers.t no longer be sensitive to
the exact time it runs, avoiding spurious test failures due
to datesent being a second off between the creation of the test
transfer and the comparison.
To test:
[1] To simulate the failure, add a "sleep(2);" after the
"#Test GetTransfers" comment and run
prove -v t/db_dependent/Circulation_transfers.t
[2] Remove the sleep and apply the patch.
[3] Verify that prove -v t/db_dependent/Circulation_transfers.t passes.
Signed-off-by: Galen Charlton <gmc@esilibrary.com> Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Works as described.
Galen Charlton [Mon, 6 Jan 2014 16:16:22 +0000 (16:16 +0000)]
Bug 11336: (follow-up) fix typo in previous follow-up
This patch corrects a typo that broken ModReserveFill(). This
patch also adds a unit test that (via two levels of indirection)
exercises ModReserveFill().
Galen Charlton [Sat, 4 Jan 2014 23:25:25 +0000 (23:25 +0000)]
Bug 11336: (follow-up) improve POD for _FixPriority()
This patch improves the POD for C4::Reserves::_FixPriority()
to (hopefully) describe its function thoroughly. It also
adjusts the call of _FixPriority() by CancelReserve() to
omit passing reserve_id, since by that point no row in
the reserves table for that request still exists.
Jonathan Druart [Fri, 13 Dec 2013 16:42:55 +0000 (17:42 +0100)]
Bug 11336: update hold queue priorities correctly when deleting holds
In various places, deleting a hold request did not trigger recalculating
the priority of the other holds on the bib:
To reproduce the bug:
- select or create 2 users U1 and U2
- select or create an holdable item
- place on hold for both U1 and U2. U1 has priority 1 and U2 has
priority 2.
- delete the hold for U1
- go on circ/circulation.pl?borrowernumber=XXXX for U2 (or in the DB
directly) and verify the priority has not been set to 1
The issue is repeatable (at least) on these 2 pages:
* circ/circulation.pl?borrowernumber=XXXX (tab 'Holds', select "yes"
in the dropdown list and submit the form)
* reserve/request.pl?biblionumber=XXXX (click on the red cross)
Signed-off-by: Christopher Brannon <cbrannon@cdalibrary.org> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Reran my tests:
Preparations:
- Create holds for different patrons on a record:
* 1st - title level hold
* 2nd - item level hold
* 3rd - title level hold
* 4th - title level hold
- AllowOnShelfHolds = On/Allow (items were not checked out)
Tests:
Deleted holds from various pages, confirming bugs first,
then testing with applied patches. Reloading database
after each test.
1) Cancel holds from OPAC patron account
/cgi-bin/koha/opac-user.pl#opac-user-holds
- Cancel 4th - ok, before and after applying the patch
- Cancel 2nd - ok, after applying the patch
2) Cancel hold from holds tab on staff detail page
/cgi-bin/koha/reserve/request.pl?biblionumber=7
a) Setting priority to 'del', submitting with 'Update holds'
- Cancel first (1st) - ok, before and after
- Cancel hold in the middle (was 3rd) - ok, before and after
- Cancel last (was 4th) -ok, before and after
b) Using red X
- Repeating tests from a) - before the patch is applied holds
get totally 'out of order' - after applying the patch, it works
correctly
Additional tests done on this page:
- Change priority using up, down, to top, to bottom icons
- Change priority with 'toggle to lowest'
3) Cancel hold from the patron's account
a) Check out tab - Delete? Yes, 'Cancel marked holds'
/cgi-bin/koha/circ/circulation.pl?borrowernumber=X
- Cancel first (1st) - ok, after applying the patch
- Cancel hold in the middle (was 3rd) - ok, after applying the patch
- Cancel last (was 4th) - ok, after applying the patch
b) Details tab - Delete? yes, 'Cancel marked holds'
/cgi-bin/koha/members/moremember.pl?borrowernumber=X
- Cancel first (1st) - ok, after applying the patch
- Cancel hold in the middle (was 3rd) - ok, after applying the patch
- Cancel last (was 4th) - ok, after applying the patch
Without the patch, holds priorities get out of order.
Additional tests done:
- Check in one item to trigger first hold
- Check in one item to trigger second hold
- Check out first item
Priorities are kept while the item is waiting, when it's
checked out, priorities of remaining holds get reset correctly.
Conclusion:
Big improvement, no regressions found.
Passes all tests in t, xt and QA script.
Also: t/db_dependent/Holds.t
t/db_dependent/HoldsQueue.t
t/db_dependent/Reserves.t
Mathieu Saby [Sun, 3 Nov 2013 18:04:44 +0000 (19:04 +0100)]
Bug 11192: Fix lf and ff07-02 definition in ccl.properties
ff7-02 1=87020 (position 2 of field 007 in MARC21) should be
ff7-02 1=8702
lf 1=8833
lf fiction
fic fiction
should be
lf 1=8833
fiction lf
fic lf
To test :
1. apply the patch
2. copy the modified ccl.properties into your active Zebra config
directory
3. reindex zebra (rebuild_zebra.pl -b -x -r -v)
4. make some searches using the fixed indexes
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
(cherry picked from commit a032b0a5cd73c9a67bab130c183751309fa95c6e) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Jonathan Druart [Wed, 6 Nov 2013 13:54:36 +0000 (14:54 +0100)]
Bug 11208: If no smsalertnumber is defined, the message is marked as failed
For DUE message (and PREDUE, etc.) there are no check before sending the
message to the message_queue table.
This check avoids to try to send again and again the same message. Now
it is marked as "failed".
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Without the patch a sms notice will remain as 'pending' forever.
With the patch applied, the status is set to 'failed'.
Galen Charlton [Mon, 30 Dec 2013 16:45:45 +0000 (16:45 +0000)]
Bug 11208: regression test for failing SMS messages
This patch adds a regression test for verifying that queued
SMS messages meant for patrons who have no SMS alert number
set are marked as failed after the first attempt to send them.
To test:
[1] Run prove -v t/db_dependent/Letters.t. The fourth
test should.
[2] Apply the main patch and run t/db_dependent/Letters.t
again. This time, all tests should pass.
Bug 10896: Add a --verbose option to koha-translate
The -v and --verbose option switches add the --verbose switch to the
misc/translator/translate script call in the packages' 'koha-translate'
command.
The docs are updated accordingly.
Sponsored-by: Universidad Nacional de Cordoba Signed-off-by: Magnus Enger <magnus@enger.priv.no>
Works as expected with and without -v. Man page looks good.
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
(cherry picked from commit cfc3ce6772b908bb73a38a3bb778b8f25bb4ac9e) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
The koha-translate's usage message has a couple of inconsistencies:
'--all' should be '--available'
and '--help' is missing from the usage examples.
Sponsored-by: Universidad Nacional de Cordoba Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Works as described, tested using instructions on
http://wiki.koha-community.org/wiki/Testing_man_pages
Bug 11509: improve usage information printed by koha-create
This patch makes koha-create print better and more descriptive usage
information. Also adds the --help and -h switches.
Sponsored-by: Universidad Nacional de Cordoba Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Removed trailing " from:
$scriptname [db usage mode] [options] instancename"
Galen Charlton [Thu, 30 Jan 2014 15:48:48 +0000 (15:48 +0000)]
Bug 11439: (follow-up) adjust for change in list returned by OCLC XISBN
The set of related ISBNs for the first Harry Potter book returned
by OCLC's XISBN service has changed recently, so this patch adjusts
the test to match.
Bug 9579: fix truncation of facets containing multi-byte characters
We seem to be relying on whatever Zoom::Results->render return, and
Perl doesn't explicitly consider it UNICODE data. That's why CORE::substr
(and probably CORE::length too) cut the bytes wrong.
This patch just decodes the UTF-8 data that render() returns and then
Perl behaves, heh.
It uses Encode::decode_utf8 which is already a dependency for the current
stable Koha releases.
REVISED TEST PLAN
-----------------
1) Import the attached sample records.
2) Rebuild your indexes
3) In OPAC search for يكيمكتبات : قبسي ، كرم
-- There will be ugly diamonds with question marks in the facets
4) apply the patch
5) Search again.
-- The names will be properly truncated.
NOTE: This test assumes FacetLabelTruncationLength = 20.
Sponsored-by: Universidad Nacional de Cordoba Signed-off-by: Mark Tompsett <mtompset@hotmail.com> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Passes all tests and QA script.
Works as described, tested with several German, English and
the Arabic test record. Arabic strings now display correctly
and no regression was found.
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
I've reviewed it and approve its inclusion in 3.14.x and earlier. I
will use the patches for bug 11096, once they pass QA, for the master
branch.
Galen Charlton [Tue, 4 Feb 2014 23:03:08 +0000 (23:03 +0000)]
Bug 11666: remove SQL as an option for MARC framework exports and imports
The SQL option for MARC framework imports was subject to a bug whereby
somebody could use it to gain access to arbitrary information in the
database by uploading an SQL file containing unexpected statements.
As it is difficult to securely sanitize SQL, this patch removes the
option to use SQL as an import or export format.
To test:
[1] Verify that SQL no longer appears as an import or export option
for the MARC frameworks.
[2] Verify that exports and imports in CSV, Excel XML, and ODS formats
still work.
Signed-off-by: Galen Charlton <gmc@esilibrary.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
Works as advertised. The UI doesn't offer exporting/importing in the SQL format.
Crafting the URL to export SQL fallbacks to a spreadsheet format (ODS).
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Works as described, passes all tests and QA script.
Galen Charlton [Tue, 4 Feb 2014 15:54:33 +0000 (15:54 +0000)]
Bug 11666: add permission check for MARC framework import/export
This patch makes the MARC framework import/export script require
that the staff user be logged in with appropriate permissions for
managing the MARC frameworks.
Signed-off-by: Galen Charlton <gmc@esilibrary.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
I can confirm the bug and the solution. After applying the patch
downloading the file without logging in first is no longer possible.
Also passes tests and QA script.
Galen Charlton [Sat, 1 Feb 2014 02:11:38 +0000 (02:11 +0000)]
Bug 11662: remove disused member-picupload.pl
This script is no longer used, and in addition has problematic
handling of its parameters that could lead to writing to
arbitrary files on the server.
To test:
[1] Verify that member-picupload.pl is no longer referred
to in the codebase after applying this patch.
[2] Verify that there are no regressions in patron
photo management.
Signed-off-by: Galen Charlton <gmc@esilibrary.com> Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Found no regressions in removing this script.
Chris Cormack [Sat, 1 Feb 2014 02:06:58 +0000 (15:06 +1300)]
Bug 11661: sanitize file names supplied to edithelp.pl
This patch corrects an issue whereby edithelp.pl could
be used to create or modify arbitrary files on the server
with the permissions of the Apache user.
Marcel de Rooy [Mon, 16 Dec 2013 11:01:21 +0000 (12:01 +0100)]
Bug 11398: A typo occurred with occured
This patch cures occured and makes occurred occur.
Note that I found them while testing bug 11170.
In a follow-up of 11170, I corrected this typo in parcels.tt.
This patch touches update22to30.pl and modborrowers.tt
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Fixes a typo in 2 files.
Jonathan Druart [Thu, 24 Oct 2013 13:28:42 +0000 (15:28 +0200)]
Bug 11131: display authority summary correctly when searching by all authority types
The summary is built using the authtypecode selected from the interface.
So when a search is launch on all auth types, the summary is not
correctly built by the BuildSummary routine.
It should get the authtypecode from the authority (call to
GetAuthTypeCode).
To test:
1/ go to authorities/authorities-home.pl
2/ search <something> by authtype personal name
3/ results are displayed with summary
4/ now select the default entry and search again the
results display but without the summary
5/ apply the patch
6/ search default again, now summary shows
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Tested with a UNIMARC database, works as described.
All tests and QA script pass.
Bug 11402: make Labels::_guide_box return undef if undefned data is passed
That's it. A guide box cannot be created if invalid data is passed.
Sponsored-by: Universidad Nacional de Cordoba Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Passes all tests and QA script, includes new unit tests.
Jonathan Druart [Thu, 21 Nov 2013 16:55:57 +0000 (17:55 +0100)]
Bug 11075: 'select all' for export no longer clears renew checkboxes
If circulation exports are enabled (by turning on ExportWithCsvProfile),
the table on the checkout page includes three columns of checkboxes --
'renew', 'checkin', and 'export'.
For each loan, the renew and checkout links should behave like radio
buttons, but the state of the export checkbox is meant to be independent
of the renew and checkin checkboxes.
However, if the 'select all' link in the export column is clicked,
active renew checkboxes are toggled off.
The desired behavior is that clicking the select all link in the export
column should only affect checkboxes in that column. This patch
implements this behavior.
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Passes all tests and QA script - one line JavaScript change.
Works as described.
Magnus Enger [Sat, 23 Nov 2013 21:57:03 +0000 (22:57 +0100)]
Bug 11188 - Make gather_print_notices.pl die on failed open()
Problem:
If you tell gather_print_notices.pl to write output to a location
you do not have write access to, it will silently fail to write the
data, but still mark unsent messages as sent.
Solution:
This patch adds two lines of defense:
1. Check that the location given for the output is writable
2. use "open() or die" instead of just "open()" when writing the
output
The first measure should catch most of the potential errors, but
I guess a directory can be writable, but the open() still can fail
because the disk is full or something similar.
To test:
- Make sure you have some unsent messages in the message_queue table,
that do not have an email adress
- Apply the patch
- Run the script, pointing at a location you do not have access to
write to. Check that the script exits with an appropriate error
message, and that the unsent messages are still unsent. Do this
both with and without the -s option.
- To fake passing the first line of defence, comment out line 62
and put this in instead:
if ( !$output_directory || !-d $output_directory ) {
- Run the script again as above, check you get an appropriate
error and that the message queue is not touched
- Reset line 62 to how it was
- Run the script against a directory you do have access to write to
and check that output is produced as expected and that messages
are marked as sent
- Sign off
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Passes all tests and QA script.
Works as described.
Galen Charlton [Wed, 25 Dec 2013 17:44:19 +0000 (17:44 +0000)]
Bug 11445: avoid sending duplicate hold waiting notifications
This patch fixes a problem where a patron could receive duplicate
hold waiting notifications. For example, this could happen if a
circ operator checked in an item more than once and confirmed the
same hold each time.
To test:
[1] Set up a test patron that received hold waiting notifications.
[2] Put an item on hold for the patron, then check the item in
and confirm the hold. Verify that a hold notification is
sent (or inspect the message_queue table).
[3] Check the item in again and confirm the hold again. A duplicate
hold notification will be generated.
[4] Apply the patch.
[5] Repeat steps 2 and 3. This time, only one notification should be
generated.
[6] Verify that prove -v t/db_dependent/Reserves.t passes.
Signed-off-by: Galen Charlton <gmc@esilibrary.com> Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Passes all tests and QA script.
Works as described.
Galen Charlton [Wed, 25 Dec 2013 17:38:39 +0000 (17:38 +0000)]
Bug 11445: regression test for duplicate hold notifications
This patch implements a regression test for verifying that
duplicate hold notifications aren't sent if ModReserveAffect() is
called repeatedly (as might happen if a circ operator accidentally
checks in an item and confirms its hold more than once).
Note that the test depends on the fact that _koha_notify_reserve()
defaults to sending a HOLD_PRINT letter if the borrower has not
specified an email or SMS hold notification.
To test:
[1] Run prove -v t/db_dependent/Reserves.t
[2] The 'patron not notified a second time (bug 11445)' test
should fail.
[3] Apply the main patch and run prove -v t/db_dependent/Reserves.t
again. This time all tests should pass.
Signed-off-by: Galen Charlton <gmc@esilibrary.com> Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
(cherry picked from commit 2b6a20c509801b9eeb562aa6fd404546d6ba84df) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Bug 8921: make koha-common*.deb depend on cron-daemon
Trivial patch to add 'cron-daemon' as dependency for the koha-common
package. 'cron' is usually pulled in any minimal Ubuntu/Debian
install, but in some circumstances (using debootstrap) it might be
absent.
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
No entry in debian/control yet, but
according to comments in the file this file is generated
from control.in - so this should be ok.
Owen Leonard [Thu, 14 Nov 2013 20:41:02 +0000 (15:41 -0500)]
Bug 11179: (follow-up) apply fix to Boostrap theme
This follow-up applies the same fix to the Bootstrap theme. This patch
also includes the changes to item-status.inc in the Bootstrap theme
which were made to the prog theme in Bug 10820: display item status as
lost if item is both lost and on loan.
Signed-off-by: Liz Rea <liz@catalyst.net.nz>
Bootstrap theme looking so nice. Also the patch works.
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
(cherry picked from commit 78b73c3fffc6f5125a688e91582da92287fbbef2) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Conflicts:
koha-tmpl/opac-tmpl/bootstrap/en/includes/item-status.inc
Kyle M Hall [Thu, 31 Oct 2013 18:27:30 +0000 (14:27 -0400)]
Bug 11179: make OPAC course details page display status of checked out items correctly
If an item is listed for a course and is checked out, the item will
still show as being available from the course details page which lists
all the items that are part of a course. This is due to the way the
course reserves system handles items and issues separately, while
item-status.inc assumes the due date has been embedded in items.datedue
Test Plan:
1) Create a course
2) Add an item to that course
3) Check the item out to a patron
4) View the course details from the opac
5) Note the status says "Available"
6) Apply this patch
7) Repeat step 4
8) Note the status no longer says "Available"
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
(cherry picked from commit dc5e4e5b631116ce7ce16143ba56c5eb0385d986) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Katrin Fischer [Thu, 5 Dec 2013 20:47:25 +0000 (21:47 +0100)]
Bug 11228: Improve hint on patron notification when adding/editing subscriptions
The hint was not quite correct, as it said patrons on the routing list
would be informed, but it's only the patrons that have subscribed to
email notifications in the OPAC who will receive the email when a
new serial issue is received.
To test:
- Add a new subscription, find the hint about patron notification on the form
- Apply patch
- Refresh page
- Verify the new hint text makes sense and is correct
Gaetan Boisson [Wed, 18 Dec 2013 14:19:50 +0000 (15:19 +0100)]
Bug 11417: make sure remove_unused_authorities.pl accepts --test
This patches adds support for the --test option, as well as a
short message telling the user the script is running in test mode.
Test plan :
- Launch the script with -h to see the help
- Launch the script with --test and --aut with an authtypecode
that is used in your instance
- Make sure it does the same thing as launching it with -t
- Launch the script for real and make sure it still works as
expected, deleting unused authorities.
Katrin Fischer [Wed, 11 Dec 2013 23:54:08 +0000 (00:54 +0100)]
Bug 11279: Improve how a new quote of the day is selected
If there is a gap in the id sequence for the quotes table, it
is possible that no new quote will be selected. This will happen
particularly when a lot of the older quotes with low ids have been
deleted.
This patch improves the selection of a new quote.
To test:
- Load sample quotes
- Delete the first half of the quotes.
Note: With 34 quotes, delete the quotes with ids from 1-17
- Activate the QuoteOfTheDay system preference
- Check if a quote is displayed in OPAC
- Reload the page a few times, no quote should be displayed
Note: make sure you don't have a quote with the current
date in your quotes table before running those tests
- Run 'perl t/db_dependent/Koha.t'
Note: requires sample quotes!
- Apply patch
- Reload the OPAC start page
- Verify a quote was now picked
- Run 'perl t/db/dependent/Koha.t' again - all tests should still pass
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Patch modified to use "LIMIT 1 OFFSET ?" rather than "LIMIT ?, 1"; the
latter construction does not work in PostgreSQL.
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
(cherry picked from commit 5a3db23362eb076a2f6d5a87f87b29f4a436a14f) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Fridolyn SOMERS [Thu, 7 Mar 2013 15:02:55 +0000 (16:02 +0100)]
Bug 7518: certain searches with quotation marks don't work
Under certain circumstance, a search term without quotation marks
returns the expected results while the same search with a
double quote embedded in it would fail.
Koha should ignore the quotation marks and return results anyway.
This appears when QueryWeightFields syspref is activated (and
QueryAutoTruncate is off), as field weighting builds a complex CCL
query using double quotes around search words. This patch simply
replaces double quotes in search words by a space.
Test plan :
- Set QueryAutoTruncate off (you may also need to set QueryFuzzy to off)
- Set QueryWeightFields off
- Perform a serch on two words where you have results, like : centre "ville
=> you get results
- Set QueryWeightFields on
- Perform same serch
=> you get the same results
Signed-off-by: Leila <koha.aixmarseille@gmail.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
(cherry picked from commit 868855df4b674b495966c022392068c2fdd3a35f) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Galen Charlton [Tue, 17 Dec 2013 16:32:09 +0000 (16:32 +0000)]
Bug 7518: regression test double-quote in search operand
Under certain circumstances, namely where QueryParser is off,
QueryWeightFields is on, and QueryFuzzy and QueryAutoTruncate are
off, a search with a double-quote embedded in it can fail: for
example
web application
would return results where
web "application
does not.
This patch adds an automated regression test.
To test:
[1] Apply this patch and run prove -v t/db_dependent/Search.t;
two tests should fail.
[2] After applying the main patch that fixes the bug, the
prove -v t/db_dependent/Search.t should succeed.
Fridolyn SOMERS [Thu, 14 Nov 2013 13:29:51 +0000 (14:29 +0100)]
Bug 11249: Add Db indexes on borrowers names
The borrowers search is by default on columns surname, firstname,
othernames and cardnumber.
(See C4::Members::_express_member_find).
Adding DB indexes will really increase the query speed.
This patch adds DB indexes on surname, firstname, othernames (cardnumber
has already an index).
Those indexes must be defined with a size because columns are mediumtext.
Test plan :
Test with mysql client :
mysql> explain select * from borrowers where surname like 'A%';
+----+-------------+-----------+-------+---------------+-------------+---------+------+------+-------------+
| id | select_type | table | type | possible_keys | key | key_len | ref | rows | Extra |
+----+-------------+-----------+-------+---------------+-------------+---------+------+------+-------------+
| 1 | SIMPLE | borrowers | range | surname_idx | surname_idx | 767 | NULL | 395 | Using where |
+----+-------------+-----------+-------+---------------+-------------+---------+------+------+-------------+
=> key show the index is used
Signed-off-by: Mathieu Saby <mathieu.saby@univ-rennes2.fr> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Works as described, changes from updatedatabase and in kohastructure match.
I think deletedborrowers can be left out, as it's not queried when doing
patron searches. Patron deletes still work as expected.
Frédéric Demians [Tue, 26 Nov 2013 09:16:41 +0000 (10:16 +0100)]
Bug 11277: fix errors with search facet links in Bootstrap theme
This patch fixes the following rwo errors:
1. When selecting 'show more' above a facet, the advanced search page
is displayed.
2. When restricting search on a library facet, all the biblio records
of this library are returned.
The patch fixes the way URL are encoded with TT filter. See:
Signed-off-by: Liz Rea <liz@catalyst.net.nz> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Patch works nicely. Tests done:
- 'More' link on facets redirects to advanced search before applying
the patch. After appyling the link works correctly.
- In my tests, the facet links themselves worked nicely, limiting the
search as expected.
- Availability search works ok for me with patch applied.
- Also made sure to click on some links containing diacritcts (German
umlauts).
Bug 8018: (followup) make the default more explicit
This patch:
- Makes the new subfield tab show maxlength=9999 as default (instead of
empty-then-zero).
- Updates the help to make exlpicit that 0 or empty defaults to 9999.
- Assumes all the subfields created with maxlength=0 inadvertedly are
meant to mean "no limit" and hence update the database to reflect
that.
To test (this patch and Pablo's):
- Edit a MARC framework, edit some field's subfields.
- Use the 'New' tab to create a new subfield (choose an unused letter).
- See in "More constrains" that the "Max length" field is empty. Leave
it as-is.
- Save the changes (the new subfield).
- Edit the field again, verify that "Max length" is 0.
- Try tu use the framework and the the field/subfield just created
> FAIL
- Apply the patches, upgrade
- Try to use the framework/field/subfield > SUCCESS (0 was converted to
9999)
- Repeat from the begining, "Max length" should show 9999 on the new
subfield tab.
- Leave it empty, it is saved as 9999.
Edit: small typo
Sponsored-by: Universidad Nacionald de Cordoba Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Passes QA script and tests in t and xt.
Tested:
- deleting an existing subfield
- adding a new subfield with new default 9999
- editing the new subfield, changing value to 8888
- deleting new subfield
- adding new subfield, using 8888 as length
Pablo Bianchi [Wed, 11 Dec 2013 18:54:54 +0000 (15:54 -0300)]
Bug 8018: MARC framework max subfield length should default to 9999
The default value for the marc_subfield_structure.maxlenght is 9999
in the DB. Currently the template passes an empty value which is casted to
0 by the CGI.
This simple patch validates the input and converts to the default (9999)
if not defined or 0.
Another approach could be changing the 9999 default and/or treating 0 as
'no-limit'.
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
Works by defaulting 0 or "" to 9999.
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
(cherry picked from commit 1ebbf40ecc07b9474e81e20ec1598659ab027d7a) Signed-off-by: Fridolin SOMERS <fridolin.somers@biblibre.com>
Kyle M Hall [Wed, 18 Dec 2013 19:44:53 +0000 (14:44 -0500)]
Bug 11419: display Z39.50 search errors more completely
When a z39.50 server isn't able to be searched successfully, the yellow
error box came up empty. This patch fixes the problem.
Test Plan:
1) Go to Administration/z39.50 servers
2) Create a fake z39.50 server with a made up address
3) Go to cataloging, search only that server
4) Note the empty yellow alert box
5) Apply this patch
6) Re-run the search, not the alert box has a message in it now
Signed-off-by: Nora Blake <nblake@masslibsystem.org> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Passes all tests and QA script.
Works according to test plan.
When one of the selected servers gives result no dialog
box is shown before and after applying the patch.
This UT got wrapped inside a transaction with autocommit=0 but
the rollback call was inadvertedly ommited. Adding it.
[RM note: an explicit rollback is not required, as the
transaction will roll back automatically at the end of
the DB session. Nonetheless, it hurts nothing to have
it be explicit.]
Sponsored-by: Universidad Nacional de Cordoba Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
(cherry picked from commit d6979f71a3f0d8ba2dc82d378ca903527f0d6ab9) Signed-off-by: Fridolin SOMERS <fridolin.somers@biblibre.com>
Bug 11412: fix potential bulkmarcimport crash when searching for duplicates in authorities
bulkmarcimport.pl can crash when searching for duplicates if the 005
field from the incoming or local record is not defined. This patch
fixes it.
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Test plan
1/ Create a record with no 005 field
2/ Try to import it checking for duplicates, notice it crashes
3/ Try with a record with a 005 field, but the one in Koha missing
one, still crashes
4/ Apply patch
5/ No more crash
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Passes all tests and QA script.
Patch fixes the problem described for importing authorities
with the bulkmarcimport.pl when trying to match with existing
records.
Kyle M Hall [Fri, 22 Nov 2013 13:31:31 +0000 (08:31 -0500)]
Bug 11282: fix overwriting of existing restrictions when adding new one
This patch fixes a bug where using the patron editor to add a new
restriction overwrote the first existing one.
Test Plan:
1) Edit a patron, add a restriction
2) Edit the patron again, add a second restriction
3) Note the first restriction has disappeared!
4) Apply this patch
5) Edit the patron again, add another restriction
6) Note the previous restriction is not longer removed
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Tested:
- Adding and removing multiple restrictions from
- the details tab
- the checkouts tab
- the edit patron form
All works as expected.
Patch passes all tests in t, xt, and QA script.
Galen Charlton [Mon, 13 Jan 2014 21:51:56 +0000 (21:51 +0000)]
Bug 11535: sanitize input from patron self-registration form
This patch adds the use of C4::Scrubber to the processing of input
from the patron self-registration form, thereby closing off one
avenue for Javascript injection.
To test:
[1] Use the OPAC self-registration form to enter a new patron,
and set its address to something like:
<span style="color: red;">BAD</span>
[2] In the staff interface, bring up the new patron record. The
address will show up in red, indicating a successful HTML
injection.
[3] Apply the patch and use self-registration to enter a new
patron with a similar case of unwanted HTML coding.
[4] Bring up the second patron in the staff interface. This time,
the undesirable HTML tag should not be present.
Signed-off-by: Galen Charlton <gmc@esilibrary.com> Signed-off-by: Liz Rea <liz@catalyst.net.nz>
Tags are not present on testing.
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Confirmed bug and that the patch fixes it.
Passes all tests and QA script.
Jonathan Druart [Tue, 24 Dec 2013 13:35:36 +0000 (14:35 +0100)]
Bug 10453: fix unintended password reset when updating child to adult
ModMember supposes the password given in parameter is the
password string, so if it receives the encrypted password,
it will encrypt it again! By simply deleting the password key
from the hash, ModMember leaves the password unchanged.
Test plan:
1/ Create or choose a child patron
2/ Update it to an adult category using the
"Update child to adult patron" link
3/ Try to log in at the OPAC with this patron: It is not
possible, the password has changed
4/ Apply the patch and try again previous steps
Signed-off-by: Mark Tompsett <mtompset@hotmail.com> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Confirmed the problem and tested the patch fixes it.
Passes all tests and QA script.
Galen Charlton [Thu, 14 Nov 2013 18:48:07 +0000 (18:48 +0000)]
Bug 11252: remove deprecated -munge-config switch from rebuild_zebra.pl
The -munge-config switch has been deprecated for years, and
trying to use it would either not work at all or, if it did "work",
almost certainly damage one's Zebra configuration for Koha.
This patch removes this switch.
To test:
[1] Run rebuild_zebra.pl and verify that no mention is made
of -munge-config.
[2] Run rebuild_zebra.pl to index records in one's test database
and verify that there are no regressions.
Signed-off-by: Galen Charlton <gmc@esilibrary.com> Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Removing a really dangerous option
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Passes all tests and QA script.
Ran rebuild_zebra.pl with various options and confirmed
that data was reindexed successfully.
No regressions found.
Fridolyn SOMERS [Wed, 4 Dec 2013 16:05:32 +0000 (17:05 +0100)]
Bug 11338: prevent deletion of items that are captured for holds
In C4::Items::DelItemCheck, there are two SQL queries: one to check
if item is on loan, the other if item is reserved.
Those two queries use "SELECT * FROM table", fetch the data with
"$var = $sth->fetchrow", and use "$var" as a boolean condition.
This is not correct, SQL query should be "SELECT COUNT(*) FROM table".
As a consequence, it was possible to delete an item without warning to
the operator even if it was waiting on the hold shelf or in transit to
fill a hold.
This patch corrects the SQL queries and sets my ($var) to show that
fetchrow returns an array.
Test plan :
- Set an item A onloan
- Set an item B reserved and the reserve waiting
- Go to items cataloguing : cgi-bin/koha/cataloguing/additem.pl?biblionumber=XXX
- Try to delete item A
=> You get an alert and item is not deleted
- Try to delete item B
=> You get an alert and item is not deleted
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Works, and has the added bonus of being a tiny bit faster.
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Passes t, xt and QA script tests.
Also tried deleting via batch delete - correct warnings are displayed.