From 6a9323ab343c4bb6ffbcf9a69d48947822f691db Mon Sep 17 00:00:00 2001 From: Julian Maurice Date: Mon, 4 Nov 2013 15:19:13 +0100 Subject: [PATCH] Bug 10857: (follow-up) encode 'limit' parameter values to allow facets with '&' character. Signed-off-by: sonia bouis Signed-off-by: Katrin Fischer Signed-off-by: Galen Charlton --- C4/Search.pm | 4 ++-- catalogue/search.pl | 4 +++- koha-tmpl/intranet-tmpl/prog/en/includes/facets.inc | 5 +++-- koha-tmpl/opac-tmpl/prog/en/includes/opac-facets.inc | 5 +++-- opac/opac-search.pl | 2 +- 5 files changed, 12 insertions(+), 8 deletions(-) diff --git a/C4/Search.pm b/C4/Search.pm index b34f152a11..748bb1ce3c 100644 --- a/C4/Search.pm +++ b/C4/Search.pm @@ -1557,7 +1557,7 @@ sub buildQuery { $group_OR_limits{$k} .= " or " if $group_OR_limits{$k}; $limit_desc .= " or " if $group_OR_limits{$k}; $group_OR_limits{$k} .= "$this_limit"; - $limit_cgi .= "&limit=$this_limit"; + $limit_cgi .= "&limit=" . uri_escape($this_limit); $limit_desc .= " $this_limit"; } @@ -1565,7 +1565,7 @@ sub buildQuery { else { $limit .= " and " if $limit || $query; $limit .= "$this_limit"; - $limit_cgi .= "&limit=$this_limit"; + $limit_cgi .= "&limit=" . uri_escape($this_limit); if ($this_limit =~ /^branch:(.+)/) { my $branchcode = $1; my $branchname = GetBranchName($branchcode); diff --git a/catalogue/search.pl b/catalogue/search.pl index 5ad44d5c8a..3d4efee868 100755 --- a/catalogue/search.pl +++ b/catalogue/search.pl @@ -154,6 +154,8 @@ use String::Random; use C4::Branch; # GetBranches use C4::Search::History; +use URI::Escape; + my $DisplayMultiPlaceHold = C4::Context->preference("DisplayMultiPlaceHold"); # create a new CGI object # FIXME: no_undef_params needs to be tested @@ -515,7 +517,7 @@ for my $this_cgi ( split('&',$limit_cgi) ) { my $input_name = $1; my $input_value = $2; $input_name =~ s/=$//; - push @limit_inputs, { input_name => $input_name, input_value => $input_value }; + push @limit_inputs, { input_name => $input_name, input_value => uri_unescape($input_value) }; } $template->param ( LIMIT_INPUTS => \@limit_inputs ); diff --git a/koha-tmpl/intranet-tmpl/prog/en/includes/facets.inc b/koha-tmpl/intranet-tmpl/prog/en/includes/facets.inc index e105e32680..97891eb5b8 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/includes/facets.inc +++ b/koha-tmpl/intranet-tmpl/prog/en/includes/facets.inc @@ -29,13 +29,14 @@ [% IF ( sort_by ) %] [% SET url = url _ "&sort_by=" _ sort_by %] [% END %] + [% facet.facet_link_value = BLOCK %][% facet.facet_link_value | uri %][% END %] [% IF facet.active %] [% SET url = url _ "&nolimit=" _ facet.type_link_value _ ":" _ facet.facet_link_value %] [% facet.facet_label_value %] - [x] + [x] [% ELSE %] [% SET url = url _ "&limit=" _ facet.type_link_value _ ":" _ facet.facet_link_value %] - [% facet.facet_label_value %] + [% facet.facet_label_value %] [% IF ( displayFacetCount ) %] ([% facet.facet_count %]) [% END %] diff --git a/koha-tmpl/opac-tmpl/prog/en/includes/opac-facets.inc b/koha-tmpl/opac-tmpl/prog/en/includes/opac-facets.inc index 1457e14ccc..8354ec140d 100644 --- a/koha-tmpl/opac-tmpl/prog/en/includes/opac-facets.inc +++ b/koha-tmpl/opac-tmpl/prog/en/includes/opac-facets.inc @@ -30,13 +30,14 @@ [% IF ( sort_by ) %] [% SET url = url _ "&sort_by=" _ sort_by |html %] [% END %] + [% facet.facet_link_value = BLOCK %][% facet.facet_link_value | uri %][% END %] [% IF facet.active %] [% SET url = url _ "&nolimit=" _ facet.type_link_value _ ":" _ facet.facet_link_value %] [% facet.facet_label_value %] - [x] + [x] [% ELSE %] [% SET url = url _ "&limit=" _ facet.type_link_value _ ":" _ facet.facet_link_value %] - [% facet.facet_label_value %] + [% facet.facet_label_value %] [% IF ( displayFacetCount ) %] ([% facet.facet_count %]) [% END %] diff --git a/opac/opac-search.pl b/opac/opac-search.pl index 2fe5303b84..5a8ccf2ce2 100755 --- a/opac/opac-search.pl +++ b/opac/opac-search.pl @@ -459,7 +459,7 @@ sub _input_cgi_parse { for my $this_cgi ( split('&',shift) ) { next unless $this_cgi; $this_cgi =~ /(.*?)=(.*)/; - push @elements, { input_name => $1, input_value => $2 }; + push @elements, { input_name => $1, input_value => uri_unescape($2) }; } return @elements; } -- 2.39.5