From b36778ee098dc292e823e0e4b19271b539758269 Mon Sep 17 00:00:00 2001 From: Galen Charlton Date: Thu, 25 Jul 2013 16:50:30 +0000 Subject: [PATCH] use JSON rather than Storable for the OPAC search history cookie To test: Exercise the OPAC search history functionality, after turning on the EnableOpacSearchHistory syspref: - Clear the KohaOpacRecentSearches cookie - As an anonymous user, conduct a variety of searches, including ones that include non-ASCII characters - Check the search history and verified that all searches are listed - Log into the OPAC - Verify that current and past searches are listed in search history. Signed-off-by: Galen Charlton Signed-off-by: Tomas Cohen Arazi Signed-off-by: Bernardo Gonzalez Kriegel Signed-off-by: Galen Charlton --- C4/Auth.pm | 9 +++++---- opac/opac-search-history.pl | 8 ++++---- opac/opac-search.pl | 14 +++++++------- 3 files changed, 16 insertions(+), 15 deletions(-) diff --git a/C4/Auth.pm b/C4/Auth.pm index ff73bf3bf3..492c8b7635 100644 --- a/C4/Auth.pm +++ b/C4/Auth.pm @@ -20,7 +20,7 @@ package C4::Auth; use strict; #use warnings; FIXME - Bug 2505 use Digest::MD5 qw(md5_base64); -use Storable qw(thaw freeze); +use JSON qw/encode_json decode_json/; use URI::Escape; use CGI::Session; @@ -252,7 +252,7 @@ sub get_template_and_user { my $searchcookie = $in->{'query'}->cookie('KohaOpacRecentSearches'); if ($searchcookie){ $searchcookie = uri_unescape($searchcookie); - my @recentSearches = @{thaw($searchcookie) || []}; + my @recentSearches = @{decode_json($searchcookie) || []}; if (@recentSearches) { my $sth = $dbh->prepare($SEARCH_HISTORY_INSERT_SQL); $sth->execute( $borrowernumber, @@ -266,7 +266,8 @@ sub get_template_and_user { # And then, delete the cookie's content my $newsearchcookie = $in->{'query'}->cookie( -name => 'KohaOpacRecentSearches', - -value => freeze([]), + -value => encode_json([]), + -HttpOnly => 1, -expires => '' ); $cookie = [$cookie, $newsearchcookie]; @@ -290,7 +291,7 @@ sub get_template_and_user { my $searchcookie = $in->{'query'}->cookie('KohaOpacRecentSearches'); if ($searchcookie){ $searchcookie = uri_unescape($searchcookie); - my @recentSearches = @{thaw($searchcookie) || []}; + my @recentSearches = @{decode_json($searchcookie) || []}; # We show the link in opac if (@recentSearches) { $template->param(ShowOpacRecentSearchLink => 1); diff --git a/opac/opac-search-history.pl b/opac/opac-search-history.pl index 65141b9f7a..9331e6e8b7 100755 --- a/opac/opac-search-history.pl +++ b/opac/opac-search-history.pl @@ -22,7 +22,7 @@ use warnings; use C4::Auth qw(:DEFAULT get_session); use CGI; -use Storable qw(freeze thaw); +use JSON qw/decode_json encode_json/; use C4::Context; use C4::Output; use C4::Log; @@ -55,7 +55,7 @@ if (!$loggedinuser) { # Deleting cookie's content my $recentSearchesCookie = $cgi->cookie( -name => 'KohaOpacRecentSearches', - -value => freeze([]), + -value => encode_json([]), -expires => '' ); @@ -69,8 +69,8 @@ if (!$loggedinuser) { # Getting the cookie my $searchcookie = $cgi->cookie('KohaOpacRecentSearches'); - if ($searchcookie && thaw(uri_unescape($searchcookie))) { - my @recentSearches = @{thaw(uri_unescape($searchcookie))}; + if ($searchcookie && decode_json(uri_unescape($searchcookie))) { + my @recentSearches = @{decode_json(uri_unescape($searchcookie))}; if (@recentSearches) { # As the dates are stored as unix timestamps, let's do some formatting diff --git a/opac/opac-search.pl b/opac/opac-search.pl index 8cf4aeb2e8..6528e723c8 100755 --- a/opac/opac-search.pl +++ b/opac/opac-search.pl @@ -42,7 +42,7 @@ use C4::Ratings; use POSIX qw(ceil floor strftime); use URI::Escape; -use Storable qw(thaw freeze); +use JSON qw/decode_json encode_json/; use Business::ISBN; my $DisplayMultiPlaceHold = C4::Context->preference("DisplayMultiPlaceHold"); @@ -582,8 +582,8 @@ for (my $i=0;$i<@servers;$i++) { my $searchcookie = $cgi->cookie('KohaOpacRecentSearches'); if ($searchcookie){ $searchcookie = uri_unescape($searchcookie); - if (thaw($searchcookie)) { - @recentSearches = @{thaw($searchcookie)}; + if (decode_json($searchcookie)) { + @recentSearches = @{decode_json($searchcookie)}; } } @@ -592,8 +592,8 @@ for (my $i=0;$i<@servers;$i++) { # To a cookie (the user is not logged in) if (!$offset) { push @recentSearches, { - "query_desc" => $query_desc || "unknown", - "query_cgi" => $query_cgi || "unknown", + "query_desc" => Encode::decode_utf8($query_desc) || "unknown", + "query_cgi" => Encode::decode_utf8($query_cgi) || "unknown", "time" => time(), "total" => $total }; @@ -604,8 +604,8 @@ for (my $i=0;$i<@servers;$i++) { # Pushing the cookie back $newsearchcookie = $cgi->cookie( -name => 'KohaOpacRecentSearches', - # We uri_escape the whole freezed structure so we're sure we won't have any encoding problems - -value => uri_escape(freeze(\@recentSearches)), + # We uri_escape the whole serialized structure so we're sure we won't have any encoding problems + -value => uri_escape( encode_json(\@recentSearches) ), -expires => '' ); $cookie = [$cookie, $newsearchcookie]; -- 2.20.1