change in yuipath management 1/2 Noupdatedatabase.pl
now yuipath is added in C4::Output and uses themelang
In my opinion, all the general variables that are used in output should get in C4::Output (since there is theme lang computed.)
rather than in C4::Auth
Galen Charlton [Mon, 12 May 2008 16:41:56 +0000 (11:41 -0500)]
fixed installer test
Now handles cases where two SQL scripts in different
directories have the same name, e.g., fr-FR sample_itemtypes.sql.
Bug was masked by existing failure when attempting to load
both sample_itemtypes.sql.
Editing authorisedvalue now checks if OTHER value has the same authorised_value
before storing
id is now passed to the form so that it is used when editing authorised_value
when imageurl it is passed as '' not empty parameter
Owen Leonard [Mon, 12 May 2008 12:58:27 +0000 (07:58 -0500)]
Hiding empty results table when there are no results (prevents js error from tablesorter). Now links back to search form. Also includes minor CSS tweak for IE/Opera general layout problems.
Owen Leonard [Mon, 12 May 2008 12:58:00 +0000 (07:58 -0500)]
Adding checks for dateformat preference so that tablesorter script can be passed an extra parameter for proper sorting of metric dates (Bug 2089, dates & table ordering with jquery)
Bug Fixing : overduenotices wrote a file on disk before sending to browser
this script had quite serious issues :
- it would not use mindays and maxdays variables
- It would send latin1 where utf8 was expected
- It would send data without text delimiters (; was chosen if title contains ; it would have been a problem " used as delimiters now)
- It would write a file when it was not asked
Now stores the results in a string before printing it.
New option added to store result into a file : -o filename
Galen Charlton [Mon, 12 May 2008 15:01:10 +0000 (10:01 -0500)]
close security holes in patron search autocompletion
* Added authorization check - user must have a valid
session cookie to use this feature; before this change,
anybody could use circ/ysearch.pl to retrieve the entire
patron directory without authorization.
* (bug 1953) now uses SQL placeholders
Note: this does, unfortunately, noticeably slow down automcompletion;
this indicates a need for factoring of C4::Auth to make authentication
for AJAX scripts as fast as possible.
Adding a new routine GetBorrowercategoryList in C4/Member
Displaying categoryname when listing categories in memberentrygen.pl
using categorytype returned with GetMember wherever it is possible.
Galen Charlton [Mon, 12 May 2008 13:32:57 +0000 (08:32 -0500)]
patron attributes - batch import
When ExtendedPatronAttributes is ON, the batch
patron import tool's behavior changes as follows:
[1] A new (required) column is added to the input CSV
format. This column should contain a list of
attributes to set for the record, each value
preceded by its type code. For example, if
the superlibrarian has defined two types,
a unique identifier INSTID and a repeatable
BASEBALL, this field could contain:
"INSTID:12345,BASEBALL:Cubs"
This field must be wrapped in quotes if multiple
values are defined. Since values can contain
spaces, additional doubled-quotes may be required:
When replacing a patron record, any attributes specified
in the input file replace all of the attribute values
of any type that were previously assigned to the patron
record.
[2] It is possible to specify a field other than the
cardnumber to use for looking for matching patrons.
Specifically, any attribute marked as a unique ID
can be used. The operator is asked to specify
which ID type to use; if an input record has an
attribute value of that type, and exactly one patron
record in the database has that value, then the
record will be overlaid or ignored according to the
overlay setting.
Galen Charlton [Mon, 12 May 2008 13:32:56 +0000 (08:32 -0500)]
patron attributes - staff search and display
If ExtendedPatronAttributes is ON, patron attributes
can be displayed and edited by staff members.
The patron attributes are displayed and edited
in a new section (step 4) of the patron details page. Each
attribute is identified by its type (including type code
and type description) and value (included value description
if the attribute is controlled by an authorised value category).
Note: if, for a repeatable attribute type, the staff member
enters multiple copies of that type with the same value, duplicates
are removed when the patron record is saved. Also, if the type
is repeatable, a JavaScript link allows the staff member to
create new attributes of that type.
Galen Charlton [Mon, 12 May 2008 13:32:54 +0000 (08:32 -0500)]
patron attributes - OPAC display
If ExtendedPatronAttributes is ON, any patron attributes
whose type is marked as displayble in the OPAC are now
displayed in the 'my details' page in the OPAC (assuming
that the patron is logged in). These appear in the
'Library Use' section.
Currently, it is not possible for a patron to suggest
changes to any of their extended attributes using
opac-userupdate.
Galen Charlton [Mon, 12 May 2008 13:32:52 +0000 (08:32 -0500)]
C4::Members::SearchMember - support attributes
Modified SearchMember() so that if the patron attributes
feature is on (i.e., ExtendedPatronAttributes is ON), it
is possible to search for patrons on any attributes whose
type is set as staff searchable.
Galen Charlton [Mon, 12 May 2008 13:32:51 +0000 (08:32 -0500)]
new editor for patron attribute types
Added new script under the Administration menu
to create, update, and delete patron attribute types.
Some things to note:
- once an attribute is created, its code cannot be changed
- the repeatibility and unique_id settings of an
attribute type cannot be changed after creation -
this is to avoid having to deal with changing
constraints if an attribute type is already in use
by patron records
- an attribute type cannot be deleted if it is
used by any patron records
- this administration page is always displayed regardless
of the value of the ExtendedPatronAttributes syspref. If
the syspref is off, the page will prompt the superlibrarian
to turn it on if desired.
Added two tables and system preference to support
a new patron alternate ID and attributes feature.
A patron attribute (or extended patron attribute) is an
additional piece of information associated with a patron
record. Each attribute has a type that specifies
whether the attribute is repeatable, can serve as
a unique identifier, can take a password, and
whether it can be used to search for patron records
in the staff interface.
The list of attribute types is controlled by the
superlibrarian. Once an attribute type is defined,
values for that attribute can be added to the patron record
via the staff interface or the batch patron import.
Two uses of extended attributes are:
- defining additional unique identifiers, such as
a campus student ID number, a library staff
HR number, and so on. These IDs can be used
for searching or matching and overlaying records
during a batch import.
- additional statistical categories. For example,
a library could define an attribute type for
tracking the academic major of a student patron.
Any number of attributes of this sort could be
defined.
The extended attributes feature is completely optional. If
the new syspref, ExtendPatronAttributes, is OFF, the patron
attributes tables will be ignored; it will not be possible
to display, edit, search for, or match on extended
attributes.
The tables are:
[1] borrower_attribute_types - store attribute types
defined by the administrator.
- code
- description
- repeatable (whether a patron record can have
more than value of a given attribute type)
- unique_id (whether values of this type
must be unique within the database)
- opac_display (whether values of this type
can display in the patron details page in the OPAC)
- staff_searchable (whether values of this type
can be used to retrieve patron records in circulation)
- password_allowed (if set, staff patron editor will
allow a password to be associated with a value; this
is mostly a hook for functionality to be implemented
in the future.
- authorised_value_category (code of an authorised_value
category. If one is specified, the staff patron
editor will use a dropdown for setting values of this type)
[2] borrower_attributes - the actual attributes.
- code (attribute type code, FK)
- borrowernumber (link to patron, FK)
- attribute (the value)
- password (password associated with value)
The 080 DB rev is specifically for syncing the schema
for users of 3.0-alpha, 3.0-beta, and 3.0-beta2, and should
be a no-op for anybody who has followed git HEAD for
the past few months:
Owen Leonard [Sat, 10 May 2008 15:18:02 +0000 (10:18 -0500)]
Finishing adding additional markup for increased flexibility in stylesheet customization. Patch also includes some markup corrections, but shouldn't result in any visual changes.
Galen Charlton [Fri, 9 May 2008 23:08:13 +0000 (18:08 -0500)]
test suite: new tests for installer
Added tests of loading the DB initialization and
sampple data SQL scripts for every language
and MARC flavour combination defined in
installer/data/{dbms}. Errors that the
new test class should catch include:
* SQL syntax errors in kohastructure.sql
* SQL errors in the sample data
For each language and MARC flavour combination,
all mandatory and optional scripts are loaded.
As of this commit, several errors are reported
by this test class; these will be fixed separately.
Galen Charlton [Fri, 9 May 2008 23:08:12 +0000 (18:08 -0500)]
test suite refactoring
Moved routines to clear and create database and manage
zebraqueue_daemon.pl to KohaTest.pm so that they're
available to test classes - needed for installation
and upgrade tests in particular.
Andrew Moore [Fri, 9 May 2008 20:06:26 +0000 (15:06 -0500)]
Bug 2094: fixing two bugs in lost items report
* I guess the limit by item type was never working. I made it look for the right database column
* I fixed the error that was returned with no items were returned.
Andrew Moore [Fri, 9 May 2008 19:03:28 +0000 (14:03 -0500)]
Bug 2094: cleanup of lost items report
Just some code cleanup of C4::Items::GetLostItems and reports/itemslist.pl.
Some whitespace changes, perltidy, and documentation improvements.
Also, I rewrote and SQL statement to try to reduce possibilities of SQL injection attacks.
No documentation or functional changes necessary with this patch.
Andrew Moore [Fri, 9 May 2008 19:03:27 +0000 (14:03 -0500)]
Bug 2094: implementing ability to select particular lost status in the lost items report
This patch adds a drop-down to the lost items report to let the user select a
particular lost status to display. Only items with that particluar lost status
will be dispolayed.
The documentation for the lost items report on the staff client will need to be slightly adjusted.
Andrew Moore [Fri, 9 May 2008 17:28:56 +0000 (12:28 -0500)]
Bug 2047: another fix for error during search when there is no MARC::Record
This is another fix for a bug that was introduced while adding this feature.
I believe that either this patch or the one at:
http://lists.koha.org/pipermail/koha-patches/2008-May/000309.html
should be applied.
In the case that GetMarcBiblio or GetMarcStructure does not return a true value,
this returns without further processing.
Andrew Moore [Thu, 8 May 2008 13:10:37 +0000 (08:10 -0500)]
bug 2088: test suite refactoring to deal with t/override_context_prefs.pm
Some minor changes to get the test suite working a bit better:
I removed a superfluous method from t/lib/KohaTest.pm.
I made each barcode for the items added in KohaTest.pm unique so that they would actually get inserted.
Then, I removed t/override_context_prefs.pm. If you need that functionality, you're a database
dependent test and should be a module in t/lib.
So, I deleted all of the trivial .t tests that just 'use'd their modules and had no other
tests and replaced them with lib/KohaTest/*pm modules that do a little bit more checking
on those modules.
I removed the references to override_context_prefs.pm in all of the other .t modules.
They all pass now with no override_context_prefs.pm module.
The database_depenedent.pl test script still does not pass entirely. There's a problem with the zebra index
not being reset each time that the tables are truncated. I'll get to that.
Andrew Moore [Wed, 7 May 2008 20:23:25 +0000 (15:23 -0500)]
bug 2083: requiring that the test database have a different name from the production database
This patch requires that the test database name be different from the production database name.
The object here is to prevent people from specifying the same database for both, and then
losing all of their data in the production database.
This may cause problems for people who want to do that, though I consider that bad practice.
It may also cause problems for people if they have two different servers, each with identically
named database, and they want to use one for testing and the other for production. If we ever
find that someone like that exists, we can deal with that case.
I don't think there are any necessary documentation changes here yet since we're recommending
that users answer "no" to the question about setting up a test database.
Andrew Moore [Wed, 7 May 2008 18:50:37 +0000 (13:50 -0500)]
bug 2087: test cases for misc/cronjobs/longoverdue.pl
I'm adding some functional tests that demonstrate that long_overdue.pl does what we think it does.
These tests don't actually work since override_context_prefs.pm gets in the way of C4::Context::preference. I opened up bug 2088 to address that.
There are no functional or documentation changes due to this patch.
The 080 DB rev is specifically for syncing the schema
for users of 3.0-alpha, 3.0-beta, and 3.0-beta2, and should
be a no-op for anybody who has followed git HEAD for
the past few months:
Adding New Systempreference AddPatronLists
This systempreference allow administrator to choose if patrons are created on categorycode lists or category_type ones.
Overloading GetBorrowerCategory so that if no parameter provided, it returns the list of category records
Changing memberentry.pl in order to use the categorycode when provided.
Bug Fixing Circulation.pl so that doesnot come up with Error 500
with no category selected for GetBorrowerCategory
Galen Charlton [Mon, 5 May 2008 15:04:28 +0000 (10:04 -0500)]
kohabug 2076: updated 2.2 -> 3.0 upgrade
Numerous changes to update22to30.pl to help ensure
that a database upgraded from 2.2.9 to 3.0 will have
a DB schema identical to that of a new installation.
These changes were testing by starting from an empty database,
loading koha.mysql from the 2.2.9 package, then running
The 080 DB rev is specifically for syncing the schema
for users of 3.0-alpha, 3.0-beta, and 3.0-beta2, and should
be a no-op for anybody who has followed git HEAD for
the past few months:
Galen Charlton [Thu, 1 May 2008 16:41:33 +0000 (11:41 -0500)]
kohabug 2076 - remove three tables (DB rev 077)
Removed the categorytable, mediatypetable, and subcategorytable
tables. These three tables appear to be from an incomplete
patch from pre-git that defined these tables to implement
additional search limits, and are not present in the 2.2.9
package. In 3.0, these tables did nothing - the only code that
referred to them are incomplete admin editors that lack HTML
templates and are not referred to anywhere.
The updatedatabase.pl logic to remove these tables is conservative;
the tables are dropped only if they exist and are all empty. Effectively,
this means that they'll be dropped if you've been running a fresh install
of 3.0 from git or the alphas or betas; if you've upgraded your database
from 2.2.9, these tables likely weren't in your database to begin with.
Galen Charlton [Thu, 1 May 2008 16:41:32 +0000 (11:41 -0500)]
added three tables to kohastructure.sql
tags_all, tags_approval, tags_index; for those tracking
git HEAD, these were already added via updatedatabase.pl
DB rev 073, so there's no DB bump for this patch.
This is a partial, perhaps temporary fix. "<", ">",
and "&" characters in patron comments (AKA reviews)
are converted to "<", ">", and "&" to avoid
certain attacks, e.g., a user entering a <script> tag
in a comment.
A more permanent fix should scrub all (or perhaps just
unsafe) tags from submitted comments entirely.