From 18ee8398e17647bce0746efd5e2bb328f479834d Mon Sep 17 00:00:00 2001 From: slef Date: Wed, 17 Dec 2003 22:21:47 +0000 Subject: [PATCH] DBI call fix for bug 662 --- C4/Maintainance.pm | 1 - C4/Reserves.pm | 71 ++++++++++++++++++++-------------------------- sec/writeoff.pl | 21 ++++++-------- 3 files changed, 40 insertions(+), 53 deletions(-) diff --git a/C4/Maintainance.pm b/C4/Maintainance.pm index b87457746b..072cfc1c6c 100644 --- a/C4/Maintainance.pm +++ b/C4/Maintainance.pm @@ -135,7 +135,6 @@ sub shiftgroup{ my $sth=$dbh->prepare("update biblioitems set biblionumber=? where biblioitemnumber=?"); $sth->execute($bib,$bi); $sth->finish; - $query=""; $sth=$dbh->prepare("update items set biblionumber=? where biblioitemnumber=?"); $sth->execute($bib,$bi); $sth->finish; diff --git a/C4/Reserves.pm b/C4/Reserves.pm index c6a39c431b..3632640dea 100755 --- a/C4/Reserves.pm +++ b/C4/Reserves.pm @@ -28,8 +28,8 @@ use C4::Context; use C4::Format; use C4::Accounts; use C4::Stats; -use C4::InterfaceCDK; -use C4::Interface::ReserveentCDK; +#use C4::InterfaceCDK; +#use C4::Interface::ReserveentCDK; use C4::Circulation::Main; use C4::Circulation::Borrower; use C4::Search; @@ -116,14 +116,13 @@ sub EnterReserves{ my @items = GetItems($env,$biblionumber); my $cnt_it = @items; my $dbh = C4::Context->dbh; - my $query = "Select * from biblio where biblionumber = $biblionumber"; - my $sth = $dbh->prepare($query); - $sth->execute; + my $query = ""; + my $sth = $dbh->prepare("Select * from biblio where biblionumber = ?"); + $sth->execute($biblionumber); my $data=$sth->fetchrow_hashref; $sth->finish; my @branches; - my $query = "select * from branches where issuing=1 order by branchname"; - my $sth=$dbh->prepare($query); + my $sth=$dbh->prepare("select * from branches where issuing=1 order by branchname"); $sth->execute; while (my $branchrec=$sth->fetchrow_hashref) { my $branchdet = @@ -164,11 +163,10 @@ sub CalcReserveFee { #check for issues; my $dbh = C4::Context->dbh; my $const = lc substr($constraint,0,1); - my $query = "select * from borrowers,categories - where (borrowernumber = '$borrnum') - and (borrowers.categorycode = categories.categorycode)"; - my $sth = $dbh->prepare($query); - $sth->execute; + my $sth = $dbh->prepare("select * from borrowers,categories + where (borrowernumber = ?) + and (borrowers.categorycode = categories.categorycode)"); + $sth->execute($borrnum); my $data = $sth->fetchrow_hashref; $sth->finish(); my $fee = $data->{'reservefee'}; @@ -177,11 +175,10 @@ sub CalcReserveFee { # check for items on issue # first find biblioitem records my @biblioitems; - my $query1 = "select * from biblio,biblioitems - where (biblio.biblionumber = '$biblionumber') - and (biblio.biblionumber = biblioitems.biblionumber)"; - my $sth1 = $dbh->prepare($query1); - $sth1->execute(); + my $sth1 = $dbh->prepare("select * from biblio,biblioitems + where (biblio.biblionumber = ?) + and (biblio.biblionumber = biblioitems.biblionumber)"); + $sth1->execute($biblionumber); while (my $data1=$sth1->fetchrow_hashref) { if ($const eq "a") { push @biblioitems,$data1; @@ -205,24 +202,21 @@ sub CalcReserveFee { my $allissued = 1; while ($x < $cntitemsfound) { my $bitdata = @biblioitems[$x]; - my $query2 = "select * from items - where biblioitemnumber = '$bitdata->{'biblioitemnumber'}'"; - my $sth2 = $dbh->prepare($query2); - $sth2->execute; + my $sth2 = $dbh->prepare("select * from items + where biblioitemnumber = ?"); + $sth2->execute($bitdata->{'biblioitemnumber'}); while (my $itdata=$sth2->fetchrow_hashref) { - my $query3 = "select * from issues - where itemnumber = '$itdata->{'itemnumber'}' and returndate is null"; - my $sth3 = $dbh->prepare($query3); - $sth3->execute(); + my $sth3 = $dbh->prepare("select * from issues + where itemnumber = ? and returndate is null"); + $sth3->execute($itdata->{'itemnumber'}); if (my $isdata=$sth3->fetchrow_hashref) { } else {$allissued = 0; } } $x++; } if ($allissued == 0) { - my $rquery = "select * from reserves - where biblionumber = '$biblionumber'"; - my $rsth = $dbh->prepare($rquery); - $rsth->execute(); + my $rsth = $dbh->prepare("select * from reserves + where biblionumber = ?"); + $rsth->execute($biblionumber); if (my $rdata = $rsth->fetchrow_hashref) { } else { $fee = 0; } @@ -245,26 +239,23 @@ sub CreateReserve { # updates take place here if ($fee > 0) { my $nextacctno = &getnextacctno($env,$borrnum,$dbh); - my $updquery = "insert into accountlines + my $usth = $dbh->prepare("insert into accountlines (borrowernumber,accountno,date,amount,description,accounttype,amountoutstanding) - values ($borrnum,$nextacctno,now(),$fee,'Reserve Charge','Res',$fee)"; - my $usth = $dbh->prepare($updquery); - $usth->execute; + values (?,?,now(),?,'Reserve Charge','Res',?)"); + $usth->execute($borrnum,$nextacctno,$fee,$fee); $usth->finish; } - my $query="insert into reserves (borrowernumber,biblionumber,reservedate,branchcode,constrainttype) values ('$borrnum','$biblionumber','$resdate','$branch','$const')"; - my $sth = $dbh->prepare($query); - $sth->execute(); + my $sth = $dbh->prepare("insert into reserves (borrowernumber,biblionumber,reservedate,branchcode,constrainttype) values (?,?,?,?,?)"); + $sth->execute($borrnum,$biblionumber,$resdate,$branch,$const); if (($const eq "o") || ($const eq "e")) { my $numitems = @$bibitems; my $i = 0; while ($i < $numitems) { my $biblioitem = @$bibitems[$i]; - my $query = "insert into reserveconstraints + my $sth = $dbh->prepare("insert into reserveconstraints (borrowernumber,biblionumber,reservedate,biblioitemnumber) - values ('$borrnum','$biblionumber','$resdate','$biblioitem')"; - my $sth = $dbh->prepare($query); - $sth->execute(); + values (?,?,?,?)"); + $sth->execute($borrnum,$biblionumber,$resdate,$biblioitem); $i++; } } diff --git a/sec/writeoff.pl b/sec/writeoff.pl index b930b3b7e6..75eb5775e6 100755 --- a/sec/writeoff.pl +++ b/sec/writeoff.pl @@ -68,26 +68,23 @@ sub writeoff{ $user=~ s/Shannon/S/; my $dbh = C4::Context->dbh; my $env; - my $query="Update accountlines set amountoutstanding=0 where "; + my $sth; if ($accounttype eq 'Res'){ - $query.="accounttype='Res' and accountno='$accountnum' and borrowernumber='$bornum'"; + $sth=$dbh->prepare("Update accountlines set amountoutstanding=0 where accounttype='Res' and accountno=? and borrowernumber=?"); + $sth->execute($accountnum,$bornum); } else { - $query.="accounttype='$accounttype' and itemnumber='$itemnum' and borrowernumber='$bornum'"; + $sth=$dbh->prepare("Update accountlines set amountoutstanding=0 where accounttype=? and itemnumber=? and borrowernumber=?"); + $sth->execute($accounttype,$itemnum,$bornum); } - my $sth=$dbh->prepare($query); -# print $query; - $sth->execute; $sth->finish; - $query="select max(accountno) from accountlines"; - $sth=$dbh->prepare($query); + $sth=$dbh->prepare("select max(accountno) from accountlines"); $sth->execute; my $account=$sth->fetchrow_hashref; $sth->finish; $account->{'max(accountno)'}++; - $query="insert into accountlines (borrowernumber,accountno,itemnumber,date,amount,description,accounttype) - values ('$bornum','$account->{'max(accountno)'}','$itemnum',now(),'$amount','Writeoff','W')"; - $sth=$dbh->prepare($query); - $sth->execute; + $sth=$dbh->prepare("insert into accountlines (borrowernumber,accountno,itemnumber,date,amount,description,accounttype) + values (?,?,?,now(),?,'Writeoff','W')"); + $sth->execute($bornum,$account->{'max(accountno)'},$itemnum,$amount); $sth->finish; # print $query; UpdateStats($env,$user,'writeoff',$amount,'','','',$bornum); -- 2.39.5