Jonathan Druart [Fri, 19 Jun 2015 08:25:30 +0000 (10:25 +0200)]
Bug 14408: Add tests to get_template_and_user
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Mason James <mtj@kohaaloha.com>
(cherry picked from commit e8a3febfe7050870116db0512e1a39690a72346c) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
To test:
1/ Hit /cgi-bin/koha/svc/members/search?template_path=members/tables/members_results.tt
Notice you get a valid JSON response
2/ Hit
/search?template_path=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd
(You may have add more ..%2f or remove them to get the correct path)
Notice you can see the contents of the /etc/passwd file
3/ Hit
/cgi-bin/koha/svc/members/search?template_path=test%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd
4/ Apply patch
5/ Hit the first url again, notice it still works
6/ Hit the second url notice it now errors with a file not found
7/ Hit the third url notice it now errors with a file not found
Repeat for the other script also
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Mason James <mtj@kohaaloha.com>
(cherry picked from commit 0b7647eff31c85d8f7e1e5a50fd82d3b94eec816) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Conflicts:
C4/Auth.pm
Chris [Sun, 21 Jun 2015 09:35:07 +0000 (09:35 +0000)]
Bug 14423 : Multiple XSS bugs in suggestion.pl
To test
1/ Hit a url like http://localhost:8081/cgi-bin/koha/suggestion/suggestion.pl?author=%22%3E%3Cscript%3Ealert%28%27oh%20noes%27%29%3C/script%3E&accepteddate_to=
2/ Notice alert box(es)
3/ Apply patch
4/ Reload and notice alert is gone
Repeat for
collection_title
copyrightdate
isbn
manageddate_from
manageddate_to
publishercode
suggesteddate_from
suggesteddate_to
Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
(cherry picked from commit a4310e870247cb57cb1cbca55fed749d63469dcf) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Chris [Sun, 21 Jun 2015 09:01:32 +0000 (09:01 +0000)]
Bug 14423 : XSS bugs in catalogue search
To test
1/ hit a url like http://localhost:8081/cgi-bin/koha/catalogue/search.pl?limit=%3Cscript%3Ealert%28%27oh%20noes%27%29%3C/script%3E
2/ Notice alert boxes
3/ Apply patch
4/ Reload url, no alerts
5/ Check search still works
Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
(cherry picked from commit 48af13bd1a0eff3162d5e8edb867a701e233e5da) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Chris [Sun, 21 Jun 2015 08:33:13 +0000 (08:33 +0000)]
Bug 14423 XSS bug in auth_subfields_structure
1/ Hit a url like http://localhost:8081/cgi-bin/koha/admin/auth_subfields_structure.pl?op=add_form&authtypecode=%27%3Cscript%3Ealert%28%27oh%20noes%27%29%3C/script%3E&tagfield=%22/%3E%3Cscript%3Ealert%28%27oh%20noes%27%29%3C/script%3E
2/ Notice a ton of alert boxes pop up
3/ Apply patch
4/ Reload url, no longer get any alerts
5/ Test fuctionality still works
Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
(cherry picked from commit d35384c039b8db00659d1cd0ee08cfb50c45481e) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Chris [Sun, 21 Jun 2015 08:18:20 +0000 (08:18 +0000)]
Bug 14423 : XSS bug in lateorders
1/ hit a url like http://localhost:8081/cgi-bin/koha/acqui/lateorders.pl?delay=<script>alert('oh noes')</script>&estimateddeliverydatefrom
2/ Not you get an alert box
3/ Apply patch notice it is fixed
4/ Test functionality still works
Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
(cherry picked from commit 66dc4a9e7d2f11b97f1a4b0f76b5c485c3873683) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Chris [Sun, 21 Jun 2015 08:10:20 +0000 (08:10 +0000)]
Bug 14423 : XSS in authorities-home
To test:
1/ Hit a url like http://localhost:8081/cgi-bin/koha/authorities/authorities-home.pl?op=do_search&type=intranet&marclist=mainentry&and_or=and&operator=contains&value=%22/%3E%3Cscript%3Ealert%28%27oh%20noes%27%29%3C/script%3E
2/ Notice you get 3 alert boxes
3/ Apply patch
4/ Hit the url again, no js
Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
(cherry picked from commit 4b5a87c7ec62cfb796ea7c24aec8a61039e25f5c) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Jonathan Druart [Mon, 22 Jun 2015 08:24:51 +0000 (10:24 +0200)]
Bug 14408: Allow integers in template paths
Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 64e47c63dc59669c3c651b93630c470e06107fd6) Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
(cherry picked from commit beedae80631f0f34be341274ee63c6b0aeeb75d6)
Jonathan Druart [Fri, 19 Jun 2015 08:25:30 +0000 (10:25 +0200)]
Bug 14408: Add tests to get_template_and_user
Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 5dd7c8f0d5fae67ea6177fdbac77a04f70661864) Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
(cherry picked from commit bb5f6b4bfa20800ab36fdf899838e8adb18089dd) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Conflicts:
t/db_dependent/Auth.t
Chris [Mon, 22 Jun 2015 05:23:52 +0000 (05:23 +0000)]
Bug 14408: Path Traversal error
Counter counter patch
Please test well, including with the null byte %00, this uses a whitelisting to only allow files ending with .tt
and not allowing ../etc
Note the previous patch tries to protect against /etc/passwd
but //etc/passwd is now vulnerable. I do think a whitelist is safer than trying to do a blacklist
To test:
1/ Hit /cgi-bin/koha/svc/members/search?template_path=members/tables/members_results.tt
Notice you get a valid JSON response
2/ Hit
/search?template_path=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd
(You may have add more ..%2f or remove them to get the correct path)
Notice you can see the contents of the /etc/passwd file
3/ Hit
/cgi-bin/koha/svc/members/search?template_path=test%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd
4/ Apply patch
5/ Hit the first url again, notice it still works
6/ Hit the second url notice it now errors with a file not found
7/ Hit the third url notice it now errors with a file not found
Repeat for the other script also
Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 5a7f459290326e1cea8460bb0817492340dd4150) Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
(cherry picked from commit 364de7531c7b0ac604d396e3af1c84f674e7221e)
Chris Cormack [Thu, 18 Jun 2015 23:41:45 +0000 (11:41 +1200)]
Bug 14418: More XSS vulnerabilities in opac-shelves.pl
To test:
1/ Hit a url like
/cgi-bin/koha/opac-shelves.pl?viewshelf=7&op=modif&display="><script>alert('oh
noes')</script> Where the id is a valid shelf id
2/ Notice the js is executed
3/ Apply patch
4/ Reload page
5/ Notice input is now escaped on display
Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Tested in Debian, couldn't reproduce the alert in Iceweasel, but in
Chromium. Patch fixes it. Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
(cherry picked from commit cd4c959f7226b060f683f5571f030cc2df7539ca)
(cherry picked from commit f9569612b65798dce457b5650a5b5162b80b12e8) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Chris Cormack [Thu, 18 Jun 2015 21:25:22 +0000 (09:25 +1200)]
Bug 14418: XSS Vulnerabilities in OPAC search
Fix for /cgi-bin/koha/opac-search.pl
To test
1/ Hit /cgi-bin/koha/opac-search.pl?tag="><script
src='http://cst.sba-research.org/x.js'/>&q=a
2/ Notice the js is executed
3/ Apply patch
4/ Reload page, notice it is no longer executed
5/ Test the rss links work still
Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Confirmed bug and that the patch fixes it. Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
(cherry picked from commit 45dd7754019e8f525c8d52bf33c41016e5ccbfab) Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
(cherry picked from commit 21cc992e7e5a35ccf1b7614cae638c9863e2a35f) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Conflicts:
koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-results.tt
Aleisha [Tue, 9 Jun 2015 02:02:55 +0000 (02:02 +0000)]
Bug 14360: Unescaped variable causes alert pop-up
To test:
1) Create a list in the OPAC, name it: <script>alert('Hello');</script>
2) Delete the list
3) Confirm deletion
4) See the alert say 'Hello'
5) Apply patch
6) Recreate list with same name
7) Delete list
8) Confirm deletion and alert no longer pops up
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
(cherry picked from commit 9bef8f8738492564af7da78cba841366c70ada3c) Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
(cherry picked from commit cab96a3c8c4cf1827bf3350107e82da75b8b8856)
Aleisha [Mon, 8 Jun 2015 02:30:23 +0000 (02:30 +0000)]
Bug 14360: Unescaped variable causes alert
Adding |html to [% resultsperpage %] to escape the variable and get rid of the alert.
To test:
1) Go to URL such as ... /cgi-bin/koha/opac-authorities-home.pl?op=do_search&resultsperpage=1%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E
2) Notice pop-up box with alert
3) Apply patch, refresh page
4) Notice alert is gone
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
(cherry picked from commit 9e920f7479df6d36db3e3450d6e6c2524fa9fe56) Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
(cherry picked from commit ff0281d40ad9bcff563a595082b051dd4304ffc2) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Conflicts:
koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-authoritiessearchresultlist.tt
To exploit the vulnerability, no authentication is needed
To test
1/ Turn on mysql query logging
2/ Hit /cgi-bin/koha/opac-tags_subject.pl?number=1+PROCEDURE+ANALYSE+(EXTRACTVALUE(9743,CONCAT(0x5c,(BENCHMARK(5000000,MD5('evil'))))),1)
3/ Check the logs notice something like
SELECT entry,weight FROM tags ORDER BY weight DESC LIMIT 1
PROCEDURE ANALYSE
(EXTRACTVALUE(9743,CONCAT(0x5c,(BENCHMARK(5000000,MD5('evil'))))),1)
4/ Apply patch
5/ Hit the url again
6/ Notice the log now only has
SELECT entry,weight FROM tags ORDER BY weight DESC LIMIT 1
Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Confirmed the problem and the fix for it. Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
(cherry picked from commit 57b01fb655955ac630d6018d03f4d134e7e3e25a) Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
(cherry picked from commit b414b22bf063d58e0e2255a648097cf9111ab445) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
(cherry picked from commit 542b06f065bf550a2a625bbfb34ce73bb65d01a1) Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
(cherry picked from commit afb00d13904052c71497834761e81996bc5f3d36) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Jonathan Druart [Fri, 19 Jun 2015 09:21:47 +0000 (11:21 +0200)]
Bug 14416: (follow-up) opac addbybilionumber
Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
(cherry picked from commit abd2bc99e886c11fa9abe15ef01c3298d00757cb) Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
(cherry picked from commit 1ba766f200fd693665e942d9bee86c327893a9bb) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Chris Cormack [Thu, 18 Jun 2015 23:26:02 +0000 (11:26 +1200)]
Bug 14416: Stored XSS vulnerability
opac-addbybiblionumber.pl is also vulnerable because it doesn't escape
list names.
To test
1/ Create a malicious list name
2/ Try to add a biblio to the lists
3/ Notice js is excuted
4/ Apply patch
5/ Test again
Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
(cherry picked from commit fb51a4bb0f3ac8b42b53579fe3d6d73d0b3438cd) Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
(cherry picked from commit 20910660a27f61307153afa05c13d67b1b5e91af) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Mason James [Thu, 9 Apr 2015 03:33:02 +0000 (15:33 +1200)]
Bug 12954: Failed login should retain anonymous session (3.16.x)
A failed login should not leave the user in a half logged authenticated
state, but rather return them to an anonymouse session as per the
pre-login attempt state.
To replicate error:
1. Try to log in with some nonexisting user id or wrong password in the
OPAC
2. Go directly to /opac-user.pl (e.g., enter it in the browser address
bar, or just click on the "Log in" link)
3. Observe a DBI error displayed on the screen
4. You are now in the "deadloop" of sorts (opac/opac-user.pl refuses to
display the login screen, no matter how many times you try to reload
it); to break the deadloop, one needs to:
- remove session cookie from the browser (or cause the session to
expire in some other way - closing browser window would be probably
enough for that)
- remove offending session on the server (from mysql sessions table,
..)
- log in with proper credentials using some other page (like
opac/opac-main.pl right-side panel), which does not involve
opac/opac-user.pl being called without "userid" CGI parameter.
To test:
1. Test as above, the DBI error should no longer be present
2. Check that search history works across failed and sucessful login
attempts
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz> Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com> Signed-off-by: Mason James <mtj@kohaaloha.com>
(cherry picked from commit 7f504acc13a361ba93504917498ae955b82ed430) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Martin Renvoize [Tue, 6 Jan 2015 06:54:00 +0000 (06:54 +0000)]
Bug 13521: Add missing semicolon
Add a missing semicolon to the end of a template variable assignment
line. This patch should not affect operation.
Note: With Bug 13499 we did a non-destructive perltidy, as such we only
affected indenting and whitespace to maintain blame history. However, a
number of minor code issues were also highlighted, in this series of
patches I hope to correct other minor style issues.
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz> Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com> Signed-off-by: Mason James <mtj@kohaaloha.com>
(cherry picked from commit e27969c5028211298bc4006013c0ae184d80ff5d) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Martin Renvoize [Tue, 6 Jan 2015 06:48:29 +0000 (06:48 +0000)]
Bug 13521: Removed superflous semicolon
Removed an uneeded semicolon from the end of an 'if' block. This should
not affect operation of the script.
Note: With Bug 13499 we did a non-destructive perltidy, as such we only
affected indenting and whitespace to maintain blame history. However, a
number of minor code issues were also highlighted, in this series of
patches I hope to correct other minor style issues.
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz> Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com> Signed-off-by: Mason James <mtj@kohaaloha.com>
(cherry picked from commit c9d12187da005391b4cb8358e7adbcbab105e9ff) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Jonathan Druart [Fri, 6 Mar 2015 09:55:12 +0000 (10:55 +0100)]
Bug 13801: svc/bib - Set charset to utf-8 on printing header
Test plan:
0/ Add unicode characters on the record biblionumber=X
1/ go on http://<staff-interface>/cgi-bin/koha/svc/bib/X
2/ Confirm you have encoding issues
3/ Apply the patch
4/ Repeat 2
5/ Confirm that all is correctly encoded
Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Mason James <mtj@kohaaloha.com>
(cherry picked from commit ede633b71435976d49bc8323d1ea5446d189868e) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Benjamin Rokseth [Thu, 22 Jan 2015 11:21:47 +0000 (12:21 +0100)]
Bug 13523 - AddBiblio fails on mysql with STRICT_TRANS_TABLES
This patch removes the NOT NULL restriction on biblioitems.marcxml and
deletedbiblioitems.marcxml due to STRICT_TRANS_TABLES default in
Mysql 5.6.22 and onwards.
Test:
1. check mysql global settings:
mysql > SELECT @@GLOBAL.sql_mode;
verify that STRICT_TRANS_TABLES is not set
2. set STRICT_TRANS_TABLES (or upgrade mysql to > 5.6.21)
mysql > SET @@GLOBAL.sql_mode = 'STRICT_TRANS_TABLES';
3. try to add biblio in Cataloguing module
verify that it fails with a "software error"
4. apply patch
5. repeat 3 and verify that there is no "software error" any more
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
I confirm with the problem with mariadb and STRICT_TRANS_TABLES enabled.
On adding a biblio (C4::Biblio::AddBiblio), biblioitems is populate in
_koha_add_biblioitem but marxcml is not generated yet. It's in
ModBiblioMarc, few lines later.
The NOT NULL condition is not valid here.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Mason James <mtj@kohaaloha.com>
(cherry picked from commit 4eaa86acffde08b7fcdf16ae8cf8a73c35bf0d10)
Bug 12631: Inventory: fix "wrong place" and "item not scanned"
"item not scanned": when calling GetItemsForInventory, datelastseen should
be used when "compare barcodes list to result" is checked.
Otherwise, when loading multiple barcodes files for the same inventory, many
items will be marked as "item not scanned" when loading the last barcode file
("compare barcodes list to result" checked) even though they were scanned.
"wrong place": when searching for wrongly placed items, we should only check
for the location (callnumbers, location and branch). To fix this, A new call
to GetItemsForInventory has been made with location filters only.
Otherwise, any item with a different itemtype for instance will be marked as
wrong place even if the location is correct.
Test plan:
"item not scanned" status:
1) Split a barcode file in two.
2) Load the first barcode file without checking "compare barcodes list to result".
3) Load the second barcode file with "compare barcodes list to result" checked.
4) Check in the csv report that you have a lot of scanned items with the "item
not scanned" status.
Then apply the patch, do the same, and check that the false "item not scanned"
statuses are gone.
"wrong place" status:
1) Load a barcode file with barcode matching an item that has a correct
location, but a different itemtype than what you're looking for.
2) Check in the results that this item will be marked as "change item status"
and "wrong place".
Then apply the patch, do the same, and check that the only status for this item is "change item status", which is correct.
Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Mason James <mtj@kohaaloha.com>
(cherry picked from commit 7d20f176ce76784d7c81399e5555f436656fd25f) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Fridolin Somers [Fri, 5 Dec 2014 14:50:05 +0000 (15:50 +0100)]
Bug 13401 - sort branches alphabetically in admin/authorised_values.pl
This patch adds a sort of branches alphabetically by name in authorised values administration, like in many other pages.
Also replaces var $branch (too ambigus) by $branchcode.
Test plan :
- Create 2 branches : code=AAA,name=Zbranch and code=ZZZ,name=Abranch
- Create a new authorized value : admin/authorised_values.pl
- Look at "Libraries limitation" :
=> Without patch branches are sorted by code : Zbranch then Abranch
=> Without patch branches are sorted by name : Abranch then Zbranch
- Select a branch and save
- Re-edit
=> Check the same branch is selected
Followed test plan. Patch behaves as expected. Signed-off-by: Marc Veron <veron@veron.ch> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Mason James <mtj@kohaaloha.com>
(cherry picked from commit 771c294c7419818e47009e0af1335ba0410ad80a) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Kyle M Hall [Fri, 20 Feb 2015 12:23:15 +0000 (07:23 -0500)]
Bug 12858 [QA Followup] - Don't call webservice if we have no data
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Mason James <mtj@kohaaloha.com>
(cherry picked from commit 4c8c1e1cd0b2894404d3147e1f480dcdb6def330) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Martin Renvoize [Tue, 2 Sep 2014 09:14:03 +0000 (09:14 +0000)]
Bug 12858: Add error handling to Syndetics Index
* Syndetics routines include a statement to check that the returned
content from Syndetics is xml. The get_syndetics_index routine was
missing this check and so when a 'not found' html page was returned
the opac-detail page would take a long time to load whilst xml::simple
attempted to parse the large html document.
Test Plan
1. Enable Syndetics indexes on opac.
2. Head over to an opac-detail page on the opac.
3. Remove the ISBN from the same item in the staff client.
4. Reload the opac-detail page for the item noticeing a much slower
page load.
5. Apply the patch
6. Reload the opac-detail page for the item and note that it now laods
in a reasonable timescale again.
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Mason James <mtj@kohaaloha.com>
(cherry picked from commit 8ac1c243fe86fc9a77f54f1d21d3448491d27da0) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Rafal Kopaczka [Fri, 14 Nov 2014 13:06:22 +0000 (14:06 +0100)]
Bug 13254 - Delete record don't wait for confirmation
In some cases (eg. when Staf Client Search is active), when user choose
Edit->Delete record on record tool bar, browser don't wait for
confirmation and goes immediately to delete record.
To reproduce:
1. Search for some biblio records and choose one without items attached.
2. Note that there, must be "Return to search results" box on left side,
bug works in that case, when in normal view everything work fine.
3. Click Edit->Delete record, watch that confirmation box shows, but
don't wait for OK and runs immediately. If you are fast enough to
click OK, then you get error as below, because record was deleted
earlier.
To test:
1. Apply patch.
2. Follow reproduce steps.
3. Check if waits for confirmation in all cases.
4. Check if deletes record after confirm.
Followed test plan. Patch behaves as expected. Signed-off-by: Marc Véron <veron@veron.ch> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Confirmed the problem and that the patch fixes it.
Good catch! Signed-off-by: Mason James <mtj@kohaaloha.com>
(cherry picked from commit 94636a8a196357171bf6b01cb45c5d97530bb40b)
Kyle M Hall [Tue, 21 Oct 2014 10:18:29 +0000 (06:18 -0400)]
Bug 13124 - Record titles with parentheses causing label weirdness
Test Plan ( using sample data included with Koha )
1) Catalog a record and item with the title "Oh no! or, (How my
science project destroyed the world) /"
2) Edit the DEFAULT template
a) Set layout type to Biblio
b) Set data fields to "title, author, isbn, issn, itemtype,
barcode, itemcallnumber"
c) Set font size to 10
3) Create a batch with just the one item you created
4) Export the PDF with the Avery template and the DEFAULT layout
5) Note the weirdness
6) Apply this patch
7) Re-export the PDF, note it's no longer weird ; )
Signed-off-by: Nick Clemens <nick@quecheelibrary.org> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Mason James <mtj@kohaaloha.com>
(cherry picked from commit b26f9140e96d730db2c114aa60d47c4aa3af6481) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Kyle M Hall [Tue, 29 Jul 2014 16:39:15 +0000 (12:39 -0400)]
Bug 11872 - Lost overdue items should not generate fines
An item can be marked as lost by longoverdue.pl, but left checked out to
the patron. In this case, the item will continue to accrue fines.
Test Plan:
1) Check out an item and back date it so it is overdue and should
generate fines.
2) Mark the item as lost by either using longoverdue.pl, or just
by setting itemlost to 1 by directly accessing the database
3) Run fines.pl
4) Note the overdue generated a fine
5) Repeat steps 1-2
6) Apply this patch
7) Run fines.pl
8) Note a fine was not generated
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Mason James <mtj@kohaaloha.com>
(cherry picked from commit e920b9a6813d677d86e327ea11c7ed571570f3b2)
Owen Leonard [Wed, 3 Dec 2014 14:22:11 +0000 (09:22 -0500)]
Bug 12428 [3.16.x] "OPAC info" is not displayed in the OPAC
This patch changes the footer include, adding an alias for the jQueryUI
tooltip function to prevent conflict with Bootstrap's function of the
same name.
To test, you must have at least two libraries configured with "OPAC
info" for display in the OPAC.
Modify the holdings of a title so that there is at least one item which
has different holding and home branches matching your library configured
above.
View the detail page for that record. Hovering your cursor over the
library name in the "Location" column should display the branch
information you configured for that library in a tooltip.
Signed-off-by: Nick Clemens <nick@quecheelibrary.org> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Mason James <mtj@kohaaloha.com>
(cherry picked from commit 6d5e964168c597cf7abd844586afcce6cecc95be) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Jacek Ablewicz [Wed, 11 Jun 2014 06:51:34 +0000 (08:51 +0200)]
Bug 10519: Suggestions: 'Organize by' and correct display of tab descriptions broken
The tabbed display in suggestions offers different options to organize
the tabs. The descriptions on the tabs and some of the search options were
not working correctly, displaying as "Unknown".
To test:
- Add several suggestions to your installation, make sure you have:
- suggestions from different users
- suggestions managed by different users
- suggestions with different statuses
- suggestions with different selected item types
Test all the 'organize by' options (except "Organize by: Library"
- see note below), make sure that the tabs and search options
have correct descriptions and do no longer display as "Unknown".
- Add 1 or 2 custom status to SUGGEST_STATUS authorized value.
- Verify display is still correct and your new status are displayed.
Note: "Organize by: Library" option is currently severely broken
(and not easily fixable, especially for 'IndependentBranches'
enabled). But this turns out to be a separate issue, with a different
underlaying causes, and it's outside the scope of this patch.
This should be dealt with later, in it's own bug report.
Signed-off-by: Christopher Brannon <cbrannon@cdalibrary.org> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
(cherry picked from commit 17c0c5f9a507d0b34d98e66540f40ebc9de42845) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Kyle M Hall [Fri, 15 Aug 2014 16:45:44 +0000 (12:45 -0400)]
Bug 12371 - Links in every patron self-registration email points to a single borrower
If multiple registrations are submitted, the first patron to register
will be used for the first patron to click the registration confirmation
link!
Test Plan:
1) Submit 2 new patron registrations
2) Use the confirm link from the 2nd registration
3) Note you end up registering as the first submitted registration
4) Apply the patch
5) Repeat steps 1 and 2
6) Note you are now confirmed correctly
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Test plan appears to work fine, I have a feeling the sql could be
written better but can't come up with it on a Sunday morning
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Works as described and fixes a critical bug.
Passes tests and QA script.
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
(cherry picked from commit 37fae3408b66d5b94f9fa4f4c2e5c02f360a8041) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Chris Cormack [Thu, 22 Jan 2015 19:43:14 +0000 (08:43 +1300)]
Bug 13609: Patch for 3.16.x and 3.14.x (3.16.x needs both, 3.14.x just this)
To Test:
- Use an installation a reasonable amount of authorities, so that you
can have a search result list with more than one page
- Activate OpacAuthorities
- Create an OPAC link like shown below, verify that an alert is shown
- Apply patch
- Refresh the page and no alert should appear
- Verify the paging still works correctly for 'numbers' and 'arrows'
Kyle M Hall [Thu, 17 Jul 2014 14:57:06 +0000 (10:57 -0400)]
Bug 12596 - Backdating returns with SpecifiyReturnDate causes fines for items not overdue!
When using the backdating of returns feature, an item that is not
overdue is treated as being as many days overdue as it is *not* overdue.
This is due to the fact that _get_chargeable_units appears to return the
difference between the return date and the due date without
consideration the return date being earlier than the due date.
Test Plan:
1) Apply the unit test patch
2) prove t/db_dependent/Circulation.t
3) Note the failure
4) Apply the second patch
5) prove t/db_dependent/Circulation.t
6) Note there are no failures
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Fixes some badly named variables also
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
In order to test this, you need to activate SpecifyReturnDate.
I confirmed the problem and verified that the bug fixes it
by running the tests, but also by testing in staff.
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
(cherry picked from commit 462c33aeb6a71eb8c5d9afa98d05b7f48b7d742f) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Fridolin Somers [Wed, 19 Nov 2014 10:56:54 +0000 (11:56 +0100)]
Bug 13296 - error when using z3950 with UNIMARC authorities
When using a z3950 connexion with UNIMARC authorities, you get an error :
Unsupported UNIMARC character encoding [ ] for XML output for UNIMARCAUTH; 100$a -> 20141119
I've seen thant Bug 2060 when adds authorities import adds a special behavior for UNIMARC : marc flavor must be UNIMARCAUTH instead of just UNIMARC.
This patch adds the same behavior when using z3950 connexion and import.
Test plan :
- Use a UNIMARC install
- Define a z3950 connexion for UNIMARC authorities
- Go to Authorities module
- Click on "New from Z39.50"
- Perform a search
=> Without patch : you get the error
=> With patch : you get results
- Import one result
=> You get the authoritie creation form with all datas
You may check same plan with MARC21 install
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
NOTE: depending on the target, the syntax in the configuration
might not be UNIMARC, but MARC21/USMARC instead! Signed-off-by: Mason James <mtj@kohaaloha.com>
(cherry picked from commit 08a938597e3649d80eea63347787d7bbbe6d0086) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Robin Sheat [Fri, 29 Aug 2014 04:19:22 +0000 (16:19 +1200)]
Bug 12849 - fix URLs in sent lists
This brings back the http(s) to the URLs in sent lists.
Test plan:
* make a list
* send it to yourself
* see that the URLs aren't clickable
* apply the patch
* repeat, except now the URLs are better
Signed-off-by: Nick Clemens <nick@quecheelibrary.org> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
By removing this bit of code, the code in Auth.pm is used
instead. The code there is not perfect, but the solution
works and both list and cart use the same code.
Passes tests and QA script.
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
(cherry picked from commit 6073d8943c74dcb2319fbd8415f819521d5b1092) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Kyle M Hall [Wed, 21 May 2014 11:14:50 +0000 (07:14 -0400)]
Bug 12025 - Inventory tool fails with "Could not reads headers", or sometimes a timeout
For libraries with large numbers of records, using a file of barcodes in
the inventory tool without selecting filters to limit the catalog
selection to compare against can result in an error of "could not read
headers" or a page timeout.
When you upload a file of barcodes, and do not specify any filters on
the rest of the form, it effectively runs GetItemsForInventory() such
that *every* item in the database is returned. On a large enough
database, this takes so long that the script times out.
The current documentation in the manual implies that if you upload a
file of barcodes, the *only* thing it does is set the date-last-seen
field. This is not entirely true; it also tries to compare the list of
scanned items to what is expected to be seen in the list of items.
The work-around for libraries with a large number of item records is to,
when uploading a file of barcodes, to also set the filters (e.g.,
library, shelving location, call number range, etc.) to
specify the range of items that the file of barcodes corresponds to.
This patch adds a warning when a librarian attempts to upload a
barcode list file for comparison without selecting any filters
to limit the catalog selection.
Test Plan:
1) Apply this patch
2) Browse to the inventory tool
3) Click the "Choose File" button, select a file
4) Click the "Submit" button
5) You should see a warning message
6) Click "Cancel"
7) Select one of more filters
8) Click the "Submit" button
9) This time the script should proceed without triggering the warning.
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Work as described following test plan.
No errors
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
(cherry picked from commit 4b9409863eab03072212308e386b3dd622eb9b46) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
David Cook [Wed, 21 May 2014 03:22:10 +0000 (13:22 +1000)]
Bug 11014 - Slip Print Problem in Chrome
Currently, slips cannot be printed in circulation, members, or the
self check out when using Chrome.
This patch adds a timer of 1ms which allows Chrome's custom code to
prevent "window.close" occuring before the user has dealt with the
print window.
This patch also allows admins to use the 'IntranetSlipPrinterJS'
system preference to override the slip printing code by centralizing
all the slip printing code in slip-print.inc, and including this JS
anywhere it's needed in the staff client.
I haven't used this include in the OPAC SCO but perhaps it would make
sense to do so as well (even if it isn't referred to in the syspref's
name).
_TEST PLAN_
1) Using Chrome on Windows (not sure if this is an issue on other OSes),
try to print a slip in the following locations:
Fines Tab -> Print button
koha-tmpl/intranet-tmpl/prog/en/modules/members/printfeercpt.tt:
2) Note that each time you try to print, a new print page is created
but closed before you have a chance to print.
3) Apply the patch
4) Repeat Step 1
5) Note that the print page now doesn't close until after you've
chosen to print or cancel.
Signed-off-by: Christopher Brannon <cbrannon@cdalibrary.org> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
(cherry picked from commit dc38bf4f6ccaaef36ebc098949170e0d8d55ba3c) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Conflicts:
koha-tmpl/intranet-tmpl/prog/en/modules/members/moremember-print.tt
Jonathan Druart [Mon, 23 Jun 2014 09:43:48 +0000 (11:43 +0200)]
Bug 12086: qa-followup: remove warning on launching unit tests
Without this patch, the following warning appears:
t/db_dependent/Holds/RevertWaitingStatus.t .. Subroutine
C4::Context::userenv redefined at
t/db_dependent/Holds/RevertWaitingStatus.t line 25.
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
(cherry picked from commit 8e1b6f76d60efd4b7806788ec44c73348dcbdd51) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Kyle M Hall [Thu, 17 Apr 2014 16:10:21 +0000 (12:10 -0400)]
Bug 12086 - Hold priorities incorrect, when waiting status was reversed
1) Test record has 1 single item, checked out to patron X
2) Place 3 holds for patrons A, B and C, all title level hold this time
A, B, C, item branches and staff branch are the same.
3) Return item, confirm hold
4) Confirm item is now waiting for patron A
Priorities are: A = Waiting, B = 1, C = 2
5) Open patron account of user B, checkout book
Koha asks: Item X has been waiting for patron A... Revert
waiting status
Confirm.
6) Check priorities:
Hold list shows: A = 1, C = 1
Database says: A = 1, C = 3
7) Apply this patch
8) Repeat steps 1-6
9) Note the priorities are correct
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Test plan correctly predicts the error and the correction made by the
patch.
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
(cherry picked from commit de89021646c4eda33703af9516541bd69758573e) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Fridolin Somers [Wed, 11 Jun 2014 10:25:19 +0000 (12:25 +0200)]
Bug 12405 - Search links on callnumber fails on intranet results page
On intranet results page, the callnumber of items is a search like :
/cgi-bin/koha/catalogue/search.pl?idx=callnum&q=[% result.itemcallnumber |url %]
The callnumber should be URI-escaped to avoid special URI characters like & , ? ...
If the callnumber contains some CCL words or parenthesis, the search will fail, it should be wrapped with double-quotes.
This patch adds this to catalogue/results.pl and catalogue/shelves.pl :
- uri TT filter instead of url
- adds double-quotes using there URI code %22 since its in a HTML attribute using double-quotes
Test plan :
- Edit an item callnumber with : & ABC 123
- Index zebraqueue
- Perform a search returning this item
- Click on the callnumber
=> Without this patch you get no result, because URL parameters are : idx=callnum&q=& ABC 123
=> With this patch you get results
- Set syspref QueryWeightFields off (because this is no bug if on)
- Edit an item callnumber with : AB(C) AND OR
- Index zebraqueue
- Perform a search returning this item
- Click on the callnumber
=> Without this patch you get no result, because the search contains CCL words "OR" and "AND"
=> With this patch you get results
Signed-off-by: Liz Rea <liz@catalyst.net.nz>
Tested all with and without queryweightfields -
all searches from clicked call numbers for given callnumbers fail without the patch, all are successful with the patch.
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Works as described - no problems found.
Passes tests and QA script.
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
(cherry picked from commit 05ace0b38085a11fbdd7c031a8a251243544b564)
Fridolin Somers [Thu, 19 Jun 2014 08:17:53 +0000 (10:17 +0200)]
Bug 12451 - circulation rule cant be edited if itemtype contains a space character
When an itemtype description contains a space character like " Book"
(often used to set this itemtype as first in sorted lists), the edition
of an existing circulation rule does not work, it selects the default
itemtype. Same for patron category.
It's because the JavaScript code performs a trim on value existing in
table itm = itm.replace(/^\s*|\s*$/g,''); This patch adds trim on select
options in editing line.
Test plan :
- Create an itemtype with a leading or trailling space in description :
ie " Book"
- Go to cgi-bin/koha/admin/smart-rules.pl
- Create a rule with this itemtype, Unit=hours and Hard due date=Exactly
on 31/12/2015 (any date)
- Click on Edit on this rule line
=> Without this patch, the default itemtype is selected in edition
line
=> With this patch, the correct itemtype is selected in edition line
Check others selects are ok :
- Create a rule with Unit=hours and Hard due date=Exactly on
31/12/2015 (any date)
- Click on Edit on this rule line
=> The correct options are selected
Same tests with a patron category containing a leading or trailling space in description
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
(cherry picked from commit 4b316bf85681fca76b45463b7152f2e34a018c55)
Fridolin Somers [Wed, 7 May 2014 15:58:45 +0000 (17:58 +0200)]
Bug 12211: fix wrong home link in bootstrap public catalog login page
In bootstrap opac-auth.tt, the link to "Home" in breadcrumbs leads
to #, it should lead to opac-main.pl like in all other pages.
Test plan :
- Use boostrap opac theme
- Go to cgi-bin/koha/opac-user.pl when not logged
=> without patch, clicking on Home does not change the page
=> with patch, clicking on Home leads to opac-main.pl
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Link ok, no errors.
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Works as described.
Location facet in UNIMARC is void. In the code, it is build
on 995$c, while location is store in 995$e (see record.abs).
This patch replace 995$c with 995$e in Koha.pm
To test :
1. Use a UNIMARC Koha instance with ONE branch, and SEVERAL
locations
2. Make a search in opac and staff interface : no location
facet on the left side of the screen
3. apply the patch
4. Make the same search : location facets will be displayed
NOTE: I, Mark Tompsett, rebased this. I confirmed that 995$c
should be 995$e (wiki, Holdings_data_fields_(9xx) page)
Also note that the code relocated based on bug 10078,
causing the patch to not apply.
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
NOTE: The location facet did not appear in master, but after
applying the patch, it did appear.
Because of the code being moved, it is no longer affected
by the branch count or singleBranchMode.
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Fixes wrong subfield code for UNIMARC.
Kyle M Hall [Mon, 28 Jul 2014 15:18:59 +0000 (10:18 -0500)]
Bug 12432 - Saved reports tabs not working
In release 3.14.05.000 the tabs on the Saved Reports page worked
correctly but after upgrading to 3.16.00.000 the tabs stop working.
Visually the tabs change but the table of reports is not filtered. There
are no errors reported in the browser console.
Test Plan:
1) Attempt to filter saved reports by group tabs
2) Note no matter the tab you select, all reports appear
3) Apply this patch
4) Repeat step 1
5) Note the reports are now filtered correctly
Signed-off-by: Christopher Brannon <cbrannon@cdalibrary.org> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Passes all tests and QA script, works as described with the
second patch applied as well.
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
(cherry picked from commit 273e86c045ad7e34a3eedeee0c5d3328af8a7605) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Galen Charlton [Mon, 5 May 2014 01:27:33 +0000 (01:27 +0000)]
Bug 7442: (follow-up) restore display of heading type for non-UNIMARC
This patch restores the display of the authority type summary for
MARC21, where at present the heading type (i.e., "Topical Term",
"Personal Names") come over for display in the template.
Bug 7442 (follow-up) ensuring that summary is display when searching on all types of authorities
This patch corrects a small bug :
Authorities search on all types does not show summary because it is computed
with selected type (which is empty) instead of using found authority type.
Test plan :
- Go to intranet autorities search
- Perform a search on all authorities types
- Look at results
=> Without this patch, results rows do not display the autority summary, only
authorized headings
Bug 7442: fix crash when selecting an authority with 200$x or 200$y (UNIMARC)
From a biblio record, if one wants to add a 600$a information, a pop-up
appears. On this new window, on search terms typed and validated, a table
result is displayed, with a column "Get It!" allowing the selection of an
authority. From here, different cases:
1) If we have a simple authority with 200$a and 200$b subfields, a link
"choose" is displayed, working correctly.
2) If the authority has different occurences of 200$a/200$b, numeric links (1 2
and so on) are displayed, one for each occurence. In the example of my
screenshot, the line with a "Paul, Korky -- Pauline, Korkette" summary
possesses two links : "1" will add "Paul, Korky" whereas "2" will add
"Pauline, Korkette" (couldn't come up with a better name ;)).
3) If the authority has 200$x or 200$y subfields defined, several links are
also created, when it should not be the case. In our example, "Niclausse,
Paul -- Expositions" will create a link "1" for "Niclausse, Paul" and a link
"2" for "Expositions". Clicking on the 2nd link leads to the following
error: Software error: Can't call method "subfields" on an undefined value
at
/home/asaurat/workspace/versions/community/authorities/blinddetail-biblio-search.pl
line 86. Only the cases 1 and 2 should be handled. The creation of links
for subfields like 200$x or 200$y should be removed.
This problem is caused by the use of " -- " has separator of authorities with
several headings, but also in some heading between main part and subdivisions.
This patch corrects this by using an array in authorities summary so that
presentation is computed in template. I've choosen to use the pipe separator
between authorities with several headings. This may be changed to be
configurable.
Test plan :
- Edit an authority type summary : for example subject (heading on 250) :
summary "[250a][ -- 250x]"
- Create an authority A1 with one heading and a subdivision : for example a
subject : 250$a "History" 250$x "20th century"
- Create an authority A2 with several headings. for example a subject : 250$a
"History" 250$a "Legends"
- Rebuild Zebra queue
- Go to OPAC and click on "Authority search" and search on "History"
=> You will find A1 and A2 :
History -- 20th century
History | Legends
- Go to intranet autorities search and search on "History"
=> You will find A1 and A2 :
History -- 20th century
History | Legends
- Edit a record using this autorities type as thesaurus : for example on 606$a
- Click on thesaurus link and search on "History"
=> You will find A1 and A2 :
History -- 20th century ; 0 times ; choose ; Edit authority
History | Legends ; 0 times ; 1 2 ; Edit authority
- Click on link "2" to chosse "Legends"
=> You get "Legends" in heading field : for example 606$a
Signed-off-by: Frédéric Demians <f.demians@tamil.fr>
I can confirm the problem and the solution. I have tested the patch on a large
DB with authorities having multiples headings. There is no regression on bug
4838.
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Passes all tests and QA script.
Without the patch I couldn't choose between multiple headings
in the authority plugin, but with the patch it works as described.
Stéphane Delaune [Mon, 12 May 2014 14:58:14 +0000 (16:58 +0200)]
Bug 12229: when exporting MARC records (as ISO2709), refuse to output records that would be longer than the MARC limit
Test:
1. Edit a bib record, add 100.000 chars text to 500a
2. Go to Tools -> Export data (or run tools/export.pl on
the command line)
3. Verify that exporting as XML includes the record
4. Verify that exporting as MARC does not include the record,
and that you get the following warning:
export.pl: record (number 2025) length 102668 is larger than the MARC spec allows (99999 bytes) at...
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Work as described. No errors
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
(cherry picked from commit 1f72a1c2dd45c3a570746dd575b0fcfb38d13dc4) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Jonathan Druart [Fri, 5 Sep 2014 15:40:05 +0000 (17:40 +0200)]
Bug 12876: Improve unit tests for CanReserveBeCanceledFromOpac
This patch fix the subroutine name and add a restriction on the
arguments: both argument are mandatory!
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com> Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Conflicts:
t/db_dependent/Reserves.t
Bug 12876 - Reserve in waiting/transfer status may be cancelled by user
User may cancel his own reservation at waiting or in transit status
through calling opac-modrequest.pl. Cancel button is disabled in
interface but possibility to cancel should be checked also in
opac-moderequest.pl, before calling CancelReserve().
Similar situation is with opac-modrequest-suspend.pl
This patch provides new soubroutine to chceck if user can cancel given
reserve. It's possible only when he's owner of hold and hold isn't in
transfer or waiting status.
Additionaly there are new test for this function in Reserves.t
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Passes all tests, QA script and new tests.
Works as described, tested with:
.../cgi-bin/koha/opac-modrequest.pl?reserve_id=XXX
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com> Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Conflicts:
t/db_dependent/Reserves.t
Bug 12873 - Reserve can be cancelled by any logged in user
It is possible to cancel reservations through simply running opac-modreserve.pl with existing reserve_id number. This may provide remove even all reservations from system. The only limitation is that user have to be logged in. Simplest solution is to check whether reserve belongs to user or not.
Test plan:
1. Create reserves by 2 different users, and get their ID's
2. Before patch, hold may by cancelled by anyone who run site:
http://example.com/cgi-bin/koha/opac-modrequest.pl?reserve_id=XXX
3. After patch hold may by cancelled only by user whose reserve is.
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
(cherry picked from commit 60875757c761a9ad59734e968cf34a831c65e9a6) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch removes the ImportBreeding() routine, which lost its
last caller as of the patch for bug 10462.
To test:
[1] Verify that prove -v t/Breeding.t passes.
[2] Perform a Z39.50 search in the staff interface.
[3] Perform a cataloguing reservoir search in the staff
interface; verifying that cached records from the search
done in step 2 are retrieved.
Signed-off-by: Galen Charlton <gmc@esilibrary.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
(cherry picked from commit 990bb17e14efb8a2c16236c89ef5869dcfc48ad4) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch removes a redundant copy of the DataTables plugin
jquery.dataTables.columnFilter.js and corrects two templates.
The path to the plugin has been modified in acqui/parcel.tt:
- Go to Acquisitions and search for a vendor.
- Open the detail page for that vendor.
- Click the "Receive shipments" button.
- Select an invoice to view.
- In the table of titles, confirm that the column header search forms
work to filter column data.
In the template for the Staged MARC management page the plugin has been
removed as it is unused. A couple of markup corrects have been made.
Confirm that table sorting is unaffected by going to Administration ->
Staged MARC management, clicking a staged MARC file, and viewing the
table of items in that batch.
There should be no more remaining instances of this path in the
templates:
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
NOTE: I believe the sort order of the Order Line column is
strange, but unrelated to this patch. The search area
functions (filtering, paging, page size, etc.) worked
fine.
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
(cherry picked from commit 45ce7431d42cd470d7f7326d8935333014b1f62c)
Magnus Enger [Mon, 14 Oct 2013 19:10:31 +0000 (21:10 +0200)]
Bug 10782 - Add a koha-mysqlcheck script
This patch adds the koha-mysqlcheck script, as a "frontend" for
the mysqlcheck command. It can be used to check the integrity of
database tables, as well as to repair them. See "man mysqlcheck"
for more information.
The script takes a Koha instance name as its only required
parameter. Any other parameters provided before the instance
name are passed directly to mysqlcheck, which means that all
the functionality of mysqlcheck is available through this script.
To test the script:
- Apply the patch, build your own packages and install them, or
- copy koha-mysqlcheck to a server already running off packages
- Run some variations of the command, with and without arguments,
and check that the output makes sense. E.g.:
sudo koha-mysqlcheck myinstance
sudo koha-mysqlcheck -e myinstance # Extended checks
sudo koha-mysqlcheck -e -v myinstance # Extended checks and verbose
- See "man mysqlcheck" for other relevant options
To test the man page:
- Run these commands and look at the formatted man page:
$ xsltproc /usr/share/xml/docbook/stylesheet/docbook-xsl/manpages/docbook.xsl \
debian/docs/koha-mysqlcheck.xml
$ man -l koha-mysqlcheck.8
- Make sure this test passes:
$ prove -v xt/verify-debian-docbook.t
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
(cherry picked from commit 25c932967f9def41b689b07f4536f398b612944b)
Bug 11646: fix untranslatable confirm popup in field 006 and 008 builders
This patch MARC21 modifies value builders 006 and 008 to make
confirm popup translatable
To test:
1) Update po files for your preferred language, xx-YY
cd misc/translator; perl translate update xx-YY
2) Check that confirm string is NOT present
egrep -B3 "Show values for|material type\?" po/xx-YY*po
3) Apply the patch
4) Repeat 1)
5) Repeat 2), now the strings are present
Also check that english or translated popup is right
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Works as described.
Bug 11639: fix untranslatable strings in 007 builder
This patch modifies marc21_field_007.tt to make
some missing strings translatable
To test:
1) Using your preferred language, xx-YY, updatepo files
cd misc/translator
perl translate update xx-YY
2) Check that missing strings are NOT present
egrep -i "exact bit depth|pad with zero|use up to 6" po/xx-YY-i-staff-t-prog-v-3006000.po
3) Apply the patch
4) repeat 1)
5) Repeat 2), check that missing strings are present
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Template change, works as described.