]> git.koha-community.org Git - koha.git/log
koha.git
6 years agoBug 19977: Open only .pref files in Local Use tab (sysprefs)
Julian Maurice [Tue, 16 Jan 2018 09:20:21 +0000 (10:20 +0100)]
Bug 19977: Open only .pref files in Local Use tab (sysprefs)

Test plan:
1. Open .../prog/en/modules/admin/preferences/circulation.pref
with vim (check that it creates a .circulation.pref.swp in the same
directory)
2. Go to the "Local Use" tab in admin/systempreferences.pl
3. Confirm that the page works normally

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit fe2560c06a6ae8c93291c99b5afd410b5f721f52)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19968: Add missing use Date::Calc statement
Jonathan Druart [Mon, 15 Jan 2018 13:10:41 +0000 (10:10 -0300)]
Bug 19968: Add missing use Date::Calc statement

It has been reported than the missing use statement can cause a
compilation error:
Undefined subroutine &Date::Calc::Today called at
/usr/share/koha/intranet/cgi-bin/cataloguing/value_builder/unimarc_field_100.pl
line 75.

Test plan:
Use this UNIMARC plugin and make sure it fixes the error or at least
does not break it

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 3f38b34445ada2bfb7c7dc48f340fd408b1a5b67)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19973: Fix SQL syntax error in uk-UA/mandatory/sample_notices.sql
Jonathan Druart [Mon, 15 Jan 2018 16:46:06 +0000 (13:46 -0300)]
Bug 19973: Fix SQL syntax error in uk-UA/mandatory/sample_notices.sql

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit a44804f015964ec95d997c9adfdaae4b3527fb50)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19937: Silence warnings t/db_dependent/www/batch.t
Mark Tompsett [Tue, 9 Jan 2018 14:37:08 +0000 (14:37 +0000)]
Bug 19937: Silence warnings t/db_dependent/www/batch.t

TEST PLAN
---------
1) Run the following on a kohadevbox:
    git checkout -b bug_19937 origin/master
    sudo koha-shell -c bash kohadev
    prove t/db_dependent/www/batch.t
    cat /var/log/koha/kohadev/plack-error.log

    The following errors are triggered at the end of the log file:
        Use of uninitialized value in array element at
        /home/vagrant/kohaclone/tools/batch_records_ajax.pl line 50.
        Use of uninitialized value $results_per_page in numeric eq (==) at
        /home/vagrant/kohaclone/tools/batch_records_ajax.pl line 53.
        Use of uninitialized value in uc at
        /home/vagrant/kohaclone/C4/ImportBatch.pm line 1120.

2) Run the following on a kohadevbox:
    exit
    git bz apply 19937
    restart_all
    sudo koha-shell -c bash kohadev
    prove t/db_dependent/www/batch.t
    cat /var/log/koha/kohadev/plack-error.log

    The log file will end with the restarting of plack, not the
    errors.

3) run koha qa test tools

Signed-off-by: Lee Jamison <ldjamison@marywood.edu>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Amended handling of $results_per_page.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 1107590df2a7fab465225c683a3ba62b7796584c)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19483: Fix test plan in t/db_dependent/www/*
Olli-Antti Kivilahti [Wed, 18 Oct 2017 11:33:22 +0000 (14:33 +0300)]
Bug 19483: Fix test plan in t/db_dependent/www/*

t/db_dependent/www/* crashes test harness due to misconfigured test plan

prove t/db_dependent/www/

without defining KOHA_INTRANET_URL
bails out and marks the whole test suite as failed.
Test suite should not be failed if this optional WWW::Mechanize test
suite is not activated.

After this patch, the tests are properly skipped without failing the
whole tests.

This is important when running all tests under t, as this needlessly
fails the test suite.

Also handling of 'skip_all' is inconsistent in t/db_dependent/www
-tests, so this normalizes it to skip_all instead of bail_out

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit f25d650a1ca4fd6bb927484586210b74e2c40eb6)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 18915: Add CHECKOUT_NOTE notice template for other languages
Jonathan Druart [Mon, 15 Jan 2018 16:41:41 +0000 (13:41 -0300)]
Bug 18915: Add CHECKOUT_NOTE notice template for other languages

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit ceeb92081a8dc67f8c685319eb461162b0ba7a19)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 18915: DBRev 17.05.08.001
Fridolin Somers [Tue, 30 Jan 2018 08:26:39 +0000 (09:26 +0100)]
Bug 18915: DBRev 17.05.08.001

Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 18915: (QA follow-up) Add note for installs after 17.05
Marcel de Rooy [Fri, 12 Jan 2018 10:31:42 +0000 (11:31 +0100)]
Bug 18915: (QA follow-up) Add note for installs after 17.05

Since the 17.05 upgrade adds the note and the sql file did not yet include
the note, we should add it when it is not there (for example new 17.11s).

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Tested by running the dbrev while there is a letter and while not.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit e7dd617de0e8eb1769c81cbfe85333ace701764d)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 18915: Renaming svc/patron_notes to svc/checkout_notes
Aleisha Amohia [Sun, 17 Dec 2017 23:42:36 +0000 (23:42 +0000)]
Bug 18915: Renaming svc/patron_notes to svc/checkout_notes

For consistency.

Signed-off-by: Marjorie Barry-Vila <marjorie.barry-vila@collecto.ca>
https://bugs.koha-community.org/show_bug.cgi?id=19801

Signed-off-by: Marjorie Vila <marjorie.barry-vila@collecto.ca>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 065d3de88c55d8ce9efd05ecf80b073fffef242a)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 18915: Giving CHECKOUT_NOTE access to issues table
Aleisha Amohia [Sun, 17 Dec 2017 23:33:18 +0000 (23:33 +0000)]
Bug 18915: Giving CHECKOUT_NOTE access to issues table

This patch allows the notice to reference the issues table so that the
checkout note itself can be added to the note if wanted, such as in
Comment 9.

Sponsored-by: Catalyst IT
Signed-off-by: Marjorie Barry-Vila <marjorie.barry-vila@collecto.ca>
https://bugs.koha-community.org/show_bug.cgi?id=19801

Signed-off-by: Marjorie Vila <marjorie.barry-vila@collecto.ca>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 92972fa3de205d736185e8a39b1e59309794f875)

6 years agoBug 18915: Fix checkout note email message
Aleisha Amohia [Sun, 27 Aug 2017 23:20:40 +0000 (23:20 +0000)]
Bug 18915: Fix checkout note email message

This patch replaces the <<biblio.item>> in the email with
<<biblio.title>> and uses CHECKOUT_NOTE instead of PATRON_NOTE.
This patch also adds the notice to
installer/data/mysql/en/mandatory/sample_notices.sql, and updates the
PATRON_NOTE entry in installer/data/mysql/updatedatabase.pl

To test:
1) Apply patch and update database
2) View the message_queue table in mysql
3) Check out an item if haven't already
4) Go to OPAC and set a checkout note for an item
5) View message_queue table and confirm it the title is included in the
email and all instances of 'patron note' have been replaced with
'checkout note'
6) Disable javascript in browser
7) repeat steps 4 and 5 and confirm all works as expected

Sponsored-by: Catalyst IT
Signed-off-by: Marjorie Vila <marjorie.barry-vila@collecto.ca>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit c199ced310abdef53379115ee285757df20ac335)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19911: Escape password value during self-registration confirmation
Jonathan Druart [Wed, 3 Jan 2018 19:15:18 +0000 (16:15 -0300)]
Bug 19911: Escape password value during self-registration confirmation

The password must be correctly escape, it can contains html character
and break the display.

Test plan:
Apply first patch and confirm that the display is broken
Apply second patch (this one) and confirm that the display is fixed

Signed-off-by: Arturo <alongoria@sll.texas.gov>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit f6adfb4257d0326a101771246777b10965632bc8)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19911: Do not escape html characters when saving passwords
Jonathan Druart [Thu, 4 Jan 2018 14:00:35 +0000 (11:00 -0300)]
Bug 19911: Do not escape html characters when saving passwords

When the password is not generated automatically, we should not escape
the html characters. Otherwise it will be changed without any warnings.

Signed-off-by: Arturo <alongoria@sll.texas.gov>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 25b2cd2d72feda887d0d0f242972baa80f0d3463)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19921: Fix update child when only one adult patron category exist
Jonathan Druart [Fri, 5 Jan 2018 19:36:31 +0000 (16:36 -0300)]
Bug 19921: Fix update child when only one adult patron category exist

We are passing the Koha::Patron::Category object to the template instead
of the categorycode.

To reproduce this bug you must test in a system which has only one
patron category of the "adult" type. View the details of a patron with a
child-type patron category and choose More -> Update child to adult
patron.

This results in an error:

Can't call method "category_type" on an undefined value at
/home/vagrant/kohaclone/members/update-child.pl line 84.

The URL of the error page shows a problem with the parameters being
passed:

members/update-child.pl?op=update&borrowernumber=12345&catcode=Koha::Patron::Category=HASH(0xa168a18)&catcode_multi=

Test plan:
Make sure you have only 1 adult patron category
Update a child to adult
=> With this patch applied the error is gone and the patron has been
correctly updated

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit d735b4957b6073c6d8bf085cc81382dc4dc50d06)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19580: Exclude period as splitting character for autotrunction
Nick Clemens [Sat, 4 Nov 2017 01:01:42 +0000 (01:01 +0000)]
Bug 19580: Exclude period as splitting character for autotrunction

To test:
0 - Apply Unit test patch only
1 - prove t/db_dependent/Koha_SearchEngine_Elasticsearch_Search.t
2 - Should fail
3 - Apply this patch
4 - prove t/db_dependent/Koha_SearchEngine_Elasticsearch_Search.t
5 - should pass
6 - search for 'Local-number.raw:"4"' (or a vlid biblionumber)
7 - should get expected result

Signed-off-by: David Bourgault <david.bourgault@inlibro.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 4538e6c4981b096f8ddcf4b235a7f9e2860ffe9b)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19580: Unit tests
Nick Clemens [Sat, 4 Nov 2017 01:01:20 +0000 (01:01 +0000)]
Bug 19580: Unit tests

Signed-off-by: David Bourgault <david.bourgault@inlibro.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 57605308436cb0f60e2f45933126a61f17f88092)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19559: Add '-' to list of characters we don't split search terms on
Nick Clemens [Wed, 1 Nov 2017 15:47:39 +0000 (15:47 +0000)]
Bug 19559: Add '-' to list of characters we don't split search terms on

Test plan assumes
QueryAutoTruncate = automatically
SearchEngine = Elasticsearch

To test:
0 - Apply Unit test patch only
1 - prove t/db_dependent/Koha_SearchEngine_Elasticsearch_Search.t
2 - Should fail
3 - Apply this patch
4 - prove t/db_dependent/Koha_SearchEngine_Elasticsearch_Search.t
5 - should pass
6 - search for 'Local-number:"4"' (or a vlid biblionumber)
7 - should get expected result

Signed-off-by: David Bourgault <david.bourgault@inlibro.com>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit a081ed16c0c3295253408f999354e6bbfa5fe183)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19559: Add tests
Nick Clemens [Wed, 1 Nov 2017 15:46:59 +0000 (15:46 +0000)]
Bug 19559: Add tests

Signed-off-by: David Bourgault <david.bourgault@inlibro.com>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 26be355fe8c83a187a0cfbdae4f3a9e3b9ba8be9)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 18417: (follow-up) Document new shortcuts in dropdown
Nick Clemens [Tue, 24 Oct 2017 19:11:28 +0000 (19:11 +0000)]
Bug 18417: (follow-up) Document new shortcuts in dropdown

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit e1bfe98d856ca849a48c728118a9e05fcbe2b31c)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 18417: Advanced Editor (Rancor) add shortcuts for copyright symbols (C) (P)
Jesse Weaver [Tue, 10 Nov 2015 19:02:06 +0000 (12:02 -0700)]
Bug 18417: Advanced Editor (Rancor) add shortcuts for copyright symbols (C) (P)

To test:
1 - Apply patch
2 - Open advanced cataloging editor
3 - Try using Alt+P and Alt+C and note symbols are added
4 - Save record and ensure symbols are saved

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit ff374c3d3e9be828491821356c0b1790fa3d397f)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19914: Add an id to the Delete button on the library list view
Jonathan Druart [Thu, 4 Jan 2018 13:27:57 +0000 (10:27 -0300)]
Bug 19914: Add an id to the Delete button on the library list view

To ease selenium tests, see bug 19243.

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 564acdc4cd7e12885e4d470a929536fb25e442cd)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19560: Correctly escape branchcode in admin/branches.pl
Jonathan Druart [Wed, 29 Nov 2017 18:24:40 +0000 (15:24 -0300)]
Bug 19560: Correctly escape branchcode in admin/branches.pl

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit d9735ae0d8aff9ca405674df3d2b03183e0883b6)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19401: Add confirm message when deleting invoice
Aleisha Amohia [Tue, 3 Oct 2017 02:47:40 +0000 (02:47 +0000)]
Bug 19401: Add confirm message when deleting invoice

To test:
1) Go to Acquisitions
2) Go to Invoices (left nav menu)
3) Click Search (no need to filter results)
4) Click dropdown menu for an invoice, click Details
5) Click Delete
6) Notice invoice is deleted instantly
7) Apply patch and repeat steps 4 and 5
8) Confirm the confirm message shows and works as expected

Sponsored-by: Catalyst IT
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 128d163e1baf7d203373883e03980e3a5f1b2d6c)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19429: Rename .delete to .delete_invoice
Jonathan Druart [Thu, 21 Dec 2017 15:42:03 +0000 (12:42 -0300)]
Bug 19429: Rename .delete to .delete_invoice

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit ad99cd0f41f792dcd0f308cc31dde16f58bb1522)

6 years agoBug 19429: Add confirm message when deleting invoice from invoice search page
Aleisha Amohia [Tue, 10 Oct 2017 02:17:36 +0000 (02:17 +0000)]
Bug 19429: Add confirm message when deleting invoice from invoice search page

To test:
To test:
1) Go to Acquisitions
2) Go to Invoices (left nav menu)
3) Click Search (no need to filter results)
4) Click dropdown menu for an invoice, click Delete
5) Notice invoice is deleted instantly
6) Apply patch and repeat steps 3 and 4
7) Confirm the confirm message shows and works as expected

Sponsored-by: Catalyst IT
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 1a7c6c4b202da3246a20705e6a3e8c88340151cb)

6 years agod/control 17.05.08
Mirko Tietgen [Wed, 24 Jan 2018 15:02:26 +0000 (16:02 +0100)]
d/control 17.05.08

https://bugs.koha-community.org/show_bug.cgi?id=17111

Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 18696: Change debian/source/format to quilt
Mirko Tietgen [Fri, 19 Jan 2018 13:06:48 +0000 (14:06 +0100)]
Bug 18696: Change debian/source/format to quilt

debian/source/format uses 'native'. As Koha is not native Debian software,
and to allow Debian revision numbers like -2 in 16.05.13-2, it should be
changed to 'quilt'.

This is only relevant to packaging and does not affect Koha itself.

Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoUpdate release notes for 17.05.08 release v17.05.08
Fridolin Somers [Wed, 24 Jan 2018 09:59:55 +0000 (10:59 +0100)]
Update release notes for 17.05.08 release

Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19738: Fix XSS on vendor name in serials module
Josef Moravec [Sun, 3 Dec 2017 22:21:57 +0000 (22:21 +0000)]
Bug 19738: Fix XSS on vendor name in serials module

Test plan:

1) do not apply this patch
2) Have at least one vendor which name does contain javascript, for
example: <i>Vendor 1</i><script>alert('Hi');</script>
3) go to serial module and create new subscription
4) use "Search for vendor"
5) Search for your vendor, when search results table is presented, the
javascript is executed
6) go through subscription creation and save the new subscription
7) On subscription detail page, the javascript is executed as well
8) apply this patch
9) Repeat 3-7, the script is not executed, the input is escaped

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19881: Remove authorities-list.pl
Jonathan Druart [Tue, 26 Dec 2017 21:05:56 +0000 (18:05 -0300)]
Bug 19881: Remove authorities-list.pl

For obvious reasons...

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19847: Track links within the records and 404 for others
Jonathan Druart [Wed, 20 Dec 2017 15:13:10 +0000 (12:13 -0300)]
Bug 19847: Track links within the records and 404 for others

Test plan:
Behave like a robot, you will get 404
Be a human, you will be tracked

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoMerge remote-tracking branch 'translate/17.05.08-translate-20180123' into 17.05.x
Fridolin Somers [Tue, 23 Jan 2018 08:02:23 +0000 (09:02 +0100)]
Merge remote-tracking branch 'translate/17.05.08-translate-20180123' into 17.05.x

6 years agoTranslation updates for Koha 17.05.08
Koha translators [Tue, 23 Jan 2018 07:59:44 +0000 (04:59 -0300)]
Translation updates for Koha 17.05.08

6 years agoIncrement version for 17.05.08 release
Fridolin Somers [Tue, 23 Jan 2018 07:58:37 +0000 (08:58 +0100)]
Increment version for 17.05.08 release

Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 20063: (bug 18811 follow-up) Allow hidden $9 subfields
Marcel de Rooy [Wed, 17 Jan 2018 13:26:38 +0000 (14:26 +0100)]
Bug 20063: (bug 18811 follow-up) Allow hidden $9 subfields

Although we could argue that the user should make all $9 subfields
visible, this might be a good compromise. It selectively reverts the
change from the first patch by accepting $9 subfields without checking
the hidden flag in the framework.

Test plan:
[1] Make a subfield $9 visible for some authority field.
[2] Put a value in it somewhere in authorities.pl
[3] Make subfield $9 invisible in the auth framework.
[4] Open and save the adjusted authority record.
[5] Check the marcxml of this record.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 9c3eb146fa8ff22452f87afb12cb6de25ac00b5d)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19913: Fix embedded HTML5 videos at the OPAC
Jonathan Druart [Wed, 3 Jan 2018 21:12:33 +0000 (18:12 -0300)]
Bug 19913: Fix embedded HTML5 videos at the OPAC

Caused by
commit 752aef4593f1aa2d64700bf9738e7e03907eb1cd
Bug 18754: Translatability: Get rid of exposed tt directives in opac-detail.tt

A space is missing between 'source' and 'src'

Test plan:
Set  HTML5MediaEnabled  to OPAC
Put a video link to 856$u
See the OPAC detail page, tab video, click the video
=> Should play with this patch applied

Note that this does not affect intranet

Signed-off-by: George Williams <george@nekls.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit d8080061a64726c3d466f187c223fe4c5234b806)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19918: Close span tag in opac-registration-confirmation.tt
Jonathan Druart [Fri, 5 Jan 2018 14:09:09 +0000 (11:09 -0300)]
Bug 19918: Close span tag in opac-registration-confirmation.tt

Introduced by:
commit 06f4950aa21ff889cff81f27b2f4e79788db193f
Bug 13599 - Add patron cardnumber to self registration confirmation

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 6e9a466a7a0fde6a7706ef80ae773ac53d9fc57e)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19807: Make IntranetCatalogSearchPulldown honor IntranetNumbersPreferPhrase
Victor Grousset [Wed, 13 Dec 2017 19:16:54 +0000 (20:16 +0100)]
Bug 19807: Make IntranetCatalogSearchPulldown honor IntranetNumbersPreferPhrase

This patch
- fixes callnum and sn
- Removes unecessary syspref transmission to the template.
  As the template directly reads the syspref

Test plan:
1. Set sysprefs IntranetCatalogSearchPulldown and
   IntranetNumbersPreferPhrase to true
2. Go to staff:/cgi-bin/koha/catalogue/search.pl
3. "search for" → "call number" and write anything that won't match a
   call number in the field
4. Then you should see
   «No results match your search for 'callnum,phr: [...]»
5. Go to the staff homepage
6. Click on "Search the catalog"
7. Do the same search as previouly
8. Then you should see
   «No results match your search for 'callnum,wrdl: [...]»
   This shows that IntranetNumbersPreferPhrase isn't honored
9. Apply this patch
10. Redo the same two searches and see that phr will now be always used.
    So IntranetNumbersPreferPhrase is honored

Signed-off-by: Jon Knight <J.P.Knight@lboro.ac.uk>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit df899212b25250cfac412f14478e481acdd6672a)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 18183: jQuery append error related to script tags in cloneItemBlock
Marcel de Rooy [Tue, 28 Feb 2017 13:26:22 +0000 (14:26 +0100)]
Bug 18183: jQuery append error related to script tags in cloneItemBlock

See the detailed explanation of the error on Bugzilla.
As a workaround, we move the append of clone to outeritemblock before the
append of data (long string with item fields and script tags) to clone.

This patch also moves two vars inside the success function, since they are
not used outside of it.

Test plan:
[1] Set AcqCreateItem to receiving.
[2] Receive an order. Verify that adding, updating or deleting an item block
    still works as expected.

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 8386f544b1bf68891b0ce2f68741e9d0115a0d49)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19338: Fix sorting by dates in opac-account.tt
Liz Rea [Tue, 19 Sep 2017 03:29:22 +0000 (15:29 +1200)]
Bug 19338: Fix sorting by dates in opac-account.tt

To test:
Find an account with lots of fines/payments
load up the borrower's account in the OPAC
note that the sort on the dates sorts by day, and not by date.
apply this patch
reload the page, note that the sort on the dates is now correct.

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Alex Arnaud <alex.arnaud@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit a0072fa491e8607a9aad54d8e07db5d20fefbbfe)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19857: Use BorrowerUnwantedField system preference for SMS provider selection
Lari Taskula [Thu, 21 Dec 2017 11:56:34 +0000 (13:56 +0200)]
Bug 19857: Use BorrowerUnwantedField system preference for SMS provider selection

Optionally hide SMS provider field in patron modification screen with
BorrowerUnwantedField system preference.

To test:
1. Apply patch
2. Append BorrowerUnwantedField with sms_provider_id and save changes
3. Go to patron modification screen in staff client
4. Observe the SMS provider selection is now hidden

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit f20d2f1ea37906c7bbc4be1935fb80295f771152)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19788: Preserve case sensitivity when creating Local preferences
Frédéric Demians [Mon, 11 Dec 2017 07:41:05 +0000 (08:41 +0100)]
Bug 19788: Preserve case sensitivity when creating Local preferences

Fix a bug tranforming new local preference variable name in lowercase.

TO TEST:

1. Admin > System preferences > Local use
2. Button New preference. Fill variable field with 'TESTfoo'. Click
   Save.
3. The new variable is named: 'testfoo'.
4. Apply the patch.
5. Button New preference. Fill variable field with 'TESTfoo2'. Click
   Save.
6. The new variable is properly named: 'TESTfoo2'.

Signed-off-by: Claire Gravely <claire.gravely@bsz-bw.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 5ff8eca26c8d42cbca1c1e8b6b4ee10f2c45a387)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19788: Add a test
Jonathan Druart [Tue, 19 Dec 2017 14:56:07 +0000 (11:56 -0300)]
Bug 19788: Add a test

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit ab7ea3ff3834e1429f1b3244ee45468c43e58684)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19702: Correct cookie path in Basket.js
David Bourgault [Mon, 27 Nov 2017 21:05:48 +0000 (16:05 -0500)]
Bug 19702: Correct cookie path in Basket.js

This corrects the cookie path in bootstrap/js/basket.js. It used to take
the default value (current page path), but will now be "/"

Test plan:
0) Visit the OPAC, add a book to your basket
1) Navigate to the OPAC's homepage (www.domain.com, without the
    /cgi-bin/koha)
    -> The basket will display as empty
    2) Apply patch
    3) Clear your cookies and your cache
    4) Redo step 1)
        -> Basket will display correctly

Patch applies without issue and functions as descibed.
Signed-off-by: Dilan Johnpullé <dilan@calyx.net.au>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 7934fea0c4c36f81b943de6c2016f8cedf53486c)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19621: Use Koha.Preference on template side to display/hide "Routing lists" tab
Nick Clemens [Mon, 13 Nov 2017 17:18:44 +0000 (17:18 +0000)]
Bug 19621: Use Koha.Preference on template side to display/hide "Routing lists" tab

Patch applies without issue and functions as described.

Signed-off-by: Dilan Johnpullé <dilan@calyx.net.au>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 1792ab3d813839b61b060967f4d4f174462eaaa7)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 18458: Fix subfields ordering when Merging authority records
Janusz Kaczmarek [Sat, 25 Nov 2017 01:28:02 +0000 (02:28 +0100)]
Bug 18458: Fix subfields ordering when Merging authority records

While doing a merge, if a subfield(s) precedes the controlled subfields
(like $i before $a in 7XX, which comes before $a -- rare but will
become more and more usual) after merging will be moved to the end.
This is not right.

The patch (with AuthorityMergeMode == loose) make merge consider the
subfields order: all subfields which originally were found before
the first controlled subfield (e.g. $i before $a in 7XX / MARC 21)
will remain in the front, the rest of not controlled subfields that
should remain in the field will come after the subfields copied
from authority rec.

As a bonus, $9 will be placed at the end.

To test:
0) Have AuthorityMergeMode == loose;
1) Have some field in bibliorecord, controlled by an authority, with
extra subfield(s) (i.e. not present in authority rec.) placed at the
beginning of the field;
2) Open (not necessarily edit) and save the connected authority;
3) See that the extra subfieds were moved to the end of the field
   (and $9 is in the front);
4) Apply the patch;
5) Reorder subfields in biblio field;
6) Open (not necessarily edit) and save the connected authority;
7) See that the order has been conserved, additionally $9 the last
   subfield in the field.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Amended:
Moved field creation to its original place. Changed $9 handling. Simplified the following add_subfields for loop. Edited comments.
Restored the append_fields_ordered call (see comment6).

With this patch, the Merge.t test now passes.

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 806ad212f5c5c765abd657de7891bc41ed24dfcf)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 18458: Add a subtest in Merge.t
Marcel de Rooy [Fri, 8 Dec 2017 12:45:55 +0000 (13:45 +0100)]
Bug 18458: Add a subtest in Merge.t

This test illustrates the problem we have if you run it without the
second patch. And it serves to demonstrate that we resolved the
situation if you run it after the second patch.

Test plan:
[1] Without the second patch: The last subtest should fail.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 809dc7c9c5557307e5ae4f3443a7529b28b02311)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19813: Make MarcItemFieldsToOrder handle non-existing tags
Kyle M Hall [Thu, 14 Dec 2017 15:31:17 +0000 (10:31 -0500)]
Bug 19813: Make MarcItemFieldsToOrder handle non-existing tags

MarcItemFieldsToOrder defines how Koha looks at tags in order records to generate item data.

Let's look at a simplified case:
homebranch: 955$a
holdingbranch: 956$a

So, here we are looking at 955 for the home branch, and 956 for the holding branch. So, it should make sense that Koha requires that these fields exist in equal number in the record. That is, for each 955, there should be a corresponding 956.

Let's look at a different case:
homebranch: 946$a|975$a
holdingbranch: 946$a|975$a

In this case, we are using the fallback behavior. VendorA stores the branch data in 946, and VendorB stores it in 975. This seems like it would work, but it won't! That's because Koha is expecting there to be the same number of 946's as there are 975's! In reality, the VendorA records will have a number of 946's, and *zero* 975's. The inverse will be true for VendorB.

Koha should be able to skip those tags that simply don't exist in the record.

Test Plan:
1) Set MarcItemFieldsToOrder to something like:
homebranch: 946$a|975$a
holdingbranch: 946$a|975$a
budget_code: 946$f|975$f
itype: 946$y|975$y
notforloan: 946$l|975$l
ccode: 946$t|975$c
quantity: 946$q|975$q
price: 946$p|975$p
itemcallnumber: 946$n|975$n
loc: 946$c|975$t
2) Create a record using only the 975 tag for item building data
3) Import the record into Koha
4) Create a basket
5) Attempt to add the record to the basket
6) Note the unequal fields error
7) Apply this patch
8) Reload the page
9) No error!

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Marci Chen <mchen@mckinneytexas.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Amended: Fix typo occurrance and theses.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 2e5f4af8390478953771656a4cec511503225386)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19760: Fix Config.t test
Jonathan Druart [Fri, 22 Dec 2017 17:04:52 +0000 (14:04 -0300)]
Bug 19760: Fix Config.t test

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 9924fa4bd287ac665eb6e0c2adc7e7cea165f3f7)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19760: Die if koha-conf is not accessible
Jonathan Druart [Wed, 6 Dec 2017 16:58:04 +0000 (13:58 -0300)]
Bug 19760: Die if koha-conf is not accessible

We got a lot of support questions because scripts are executed without
the correct environment/user.
We could die and provide more useful information

Tested on my kohadevbox VM by:

1) sudo chmod a-rx /etc/koha/sites/kohadev/koha-conf.xml
2) run help.pl from the command line to produce the desired die message
3) sudo chmod a+rx /etc/koha/sites/kohadev/koha-conf.xml
4) rerun help.pl successfully

Signed-off-by: Jon Knight <J.P.Knight@lboro.ac.uk>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Bug 19760: Change wording

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit be960cc0cda7bb8dbe9a55a3a6e5e1aa0812f006)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19867: Prevent HouseboundRoles.t to fail randomly
Jonathan Druart [Thu, 21 Dec 2017 17:45:51 +0000 (14:45 -0300)]
Bug 19867: Prevent HouseboundRoles.t to fail randomly

Here is just a guess but we need to tell TestBuilder the values of
housebound_deliverer and housebound_chooser to make sure it will not be
1

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
I manually tested setting to the opposite values in the tests, and
verified those values made the tests fail due to count problems.
The fix is valid.

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit d17e661d30ed614a0790b54cf385da3b539f4a34)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19756: Fix encoding issues during the update DB process
Jonathan Druart [Wed, 20 Dec 2017 21:59:39 +0000 (18:59 -0300)]
Bug 19756: Fix encoding issues during the update DB process

To display the output of the updatedatabase.pl under Plack, we redirect
the output to a temporary file, read it, then display it.
We need to open it specifying the correct encoding (utf-8).

Test plan:
1. MariaDB [koha_kohadev]> update systempreferences set value="17.1100000"
where variable="version";
2. restart plack
3. Login
4. Make the update from the interface
=> Without this patch you will see encoding issue:
Upgrade to 17.12.00.000 done (TÄ\93 tÅ\8dia, tÄ\93 haumatia)
=> With this patch applied you will see :
Upgrade to 17.12.00.000 done (Tē tōia, tē haumatia)

Signed-off-by: Liz Rea <liz@catalyst.net.nz>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit e52486eeba13987c926ecf0c952644e5bacdc2b0)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19573: Link to make a new list in masthead in OPAC only appears / works if no...
Owen Leonard [Thu, 9 Nov 2017 15:54:12 +0000 (15:54 +0000)]
Bug 19573: Link to make a new list in masthead in OPAC only appears / works if no other list already exists

This patch corrects the OPAC masthead include file so that the "New
list" link will appear whether or not the logged-in user has existing
private lists.

To test, apply the patch and log into the OPAC as both a user with
private lists and a user without private lists. The header's "Lists"
dropdown menu should include a "New list" link in both cases.

Signed-off-by: Simon Pouchol <simon.pouchol@biblibre.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit f4c1712f58b8e90704893fb501c5cfc9d12f02a2)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19725: OAI-PMH - Use biblio_metadata.timestamp
Julian Maurice [Fri, 1 Dec 2017 15:21:56 +0000 (15:21 +0000)]
Bug 19725: OAI-PMH - Use biblio_metadata.timestamp

Since bug 17196, biblioitems.timestamp is not always updated after a
change in the MARC record.
Filtering should be based on biblio_metadata.timestamp instead.

Test plan:
1. prove t/db_dependent/OAI/Server.t
2. Verify that it SUCCEEDS

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 4ea54b678256b164fe9a951a44889ab3502c63b5)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19725: Add failing test
Julian Maurice [Fri, 1 Dec 2017 15:18:04 +0000 (15:18 +0000)]
Bug 19725: Add failing test

Also fix tests for UNIMARC

Test plan:
1. prove t/db_dependent/OAI/Server.t
2. Verify that it FAILS

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 55824b09d63ee83a8358c6e6f7740f664d3b86e3)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoRevert "Bug 19514: Add client-side check"
Fridolin Somers [Tue, 16 Jan 2018 14:26:04 +0000 (15:26 +0100)]
Revert "Bug 19514: Add client-side check"

This reverts commit f74fc96595b2e98cbfdb9a93312e9aa4e3a1b38e.

6 years agoRevert "Bug 19514: Implement password restrictions into onboarding tool"
Fridolin Somers [Tue, 16 Jan 2018 14:26:02 +0000 (15:26 +0100)]
Revert "Bug 19514: Implement password restrictions into onboarding tool"

This reverts commit 1fdf1398bea79ca60caaea4ccd9b58e3e3f8aa67.

6 years agoBug 19599: Speed anonymise_issue_history up
Jonathan Druart [Thu, 9 Nov 2017 13:34:08 +0000 (10:34 -0300)]
Bug 19599: Speed anonymise_issue_history up

The query generated by anonymise_issue_history is unecessary complex and
can be very slow on large DB.
With this patch we will execute one query per patron instead.

See patch "Bug 19599: Simplify the query" on the bug report for an
alternative.

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 5be4704347610d269e7d3401f50af46b3202869a)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19830: Add the Koha::Patron->old_checkouts method
Jonathan Druart [Mon, 18 Dec 2017 17:27:52 +0000 (14:27 -0300)]
Bug 19830: Add the Koha::Patron->old_checkouts method

Test plan:
  prove t/db_dependent/Koha/Patrons.t
must return green

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 699340a398c3301eb74619c6dd1d18a4cee0951d)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19694: Force scalar context for output_pref called with billingdate
Jonathan Druart [Tue, 19 Dec 2017 18:04:13 +0000 (15:04 -0300)]
Bug 19694: Force scalar context for output_pref called with billingdate

If no string is passed to output_pref, it needs to be called in scalar
context (to avoid a shift in the hash elements).
Here we have billingdate that is not defined yet (NULL)

Test plan:
- Search for an existing invoice
- Show details
- Changing shipping cost
- Save
- Verify the new amount is shown

Signed-off-by: Jon Knight <J.P.Knight@lboro.ac.uk>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit ad550017ff7618e5e4bdb8686a88710480648864)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 18201: Unit tests
Nick Clemens [Wed, 4 Oct 2017 12:10:13 +0000 (12:10 +0000)]
Bug 18201: Unit tests

To test:
1. prove -v t/db_dependent/Exporter/Record.t
2. Tests should pass/be green/make the day a little brighter

Signed-off-by: Scott Kehoe <scott@masslibsystem.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 4075953c78cf044564c9215c3ea0ecc78789a9e0)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 18201: Export data -Fix "Remove non-local items" option and add "Removes non...
Nick Clemens [Thu, 13 Apr 2017 14:21:50 +0000 (10:21 -0400)]
Bug 18201: Export data -Fix "Remove non-local items" option and add "Removes non-local records" option for existing functionality

It turns out the modules had the option expected  built in, we just didn't call
it. This patch set expands the options for passing to the export.

To test:
1 - Go to Tools->Export data
2 - Perform an export and check 'Remove non-local items'
3 - Note that file contains only 'local' records, but includes all items
on those records
4 - Apply patch
5 - Note Tools->Export data has a new option to remove records not owned
by logged in branch
6 - Export as before checking records option, file should be as before
7 - Now check 'Remove items not owned by logged in branch'
8 - File should now only have local items (may have empty records)
9 - Check both boxes and recieve only 'local' records and items

Signed-off-by: Scott Kehoe <scott@masslibsystem.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 008920eaeb77ffbabece855682e157936bb89c8b)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19510: Add description for edi_manage in acquistion permissions
Chris Weeks [Mon, 18 Dec 2017 22:10:05 +0000 (22:10 +0000)]
Bug 19510: Add description for edi_manage in acquistion permissions

Test Plan:
1/ Login
2/ Select patrons
3/ Search for a patron by name or card number that exists in the system
4/ Click More -> Set permissions
5/ Expand 'acquistions' and notice that 'edi_manage' has no description
6/ Apply patch
7/ Refresh the permissions page or repeat steps 2 to 5.
8/ Notice that 'edi_manage' now has a description of 'Manage EDIFACT transmissions'

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 42f20997dfc126bfa1e8e64af70274b39693890a)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19444: (QA follow-up) Remove repeating condition
Julian Maurice [Fri, 15 Dec 2017 09:08:11 +0000 (10:08 +0100)]
Bug 19444: (QA follow-up) Remove repeating condition

Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 2b2a031b3adbb1994239cd4aae90665b597e8282)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19444: (QA follow-up) Fix tests for UNIMARC
Julian Maurice [Fri, 15 Dec 2017 08:46:54 +0000 (09:46 +0100)]
Bug 19444: (QA follow-up) Fix tests for UNIMARC

Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit e4aee4b799574736dfe62355e7d78bfa227e85a2)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19444: Display error message for auto_account_expired
Jonathan Druart [Tue, 5 Dec 2017 13:23:09 +0000 (10:23 -0300)]
Bug 19444: Display error message for auto_account_expired

Signed-off-by: Claire Gravely <claire.gravely@bsz-bw.de>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 439a3f43b67be872ace052d9d9aeb8f6ced1c053)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19444: Do not auto renew if patron is expired and BlockExpiredPatronOpacActions...
Jonathan Druart [Wed, 25 Oct 2017 19:51:28 +0000 (16:51 -0300)]
Bug 19444: Do not auto renew if patron is expired and BlockExpiredPatronOpacActions is set

If the patron's account has expired and BlockExpiredPatronOpacActions is set,
we expect auto renewal to be rejected.

Test plan:
Use the automatic_renewals.pl cronjob script to auto renew a checkout

Before this patch, if the patron's account has expired the auto renew was done.
With this patch, it will only be auto renewed if BlockExpiredPatronOpacActions is not set.

Signed-off-by: Claire Gravely <claire.gravely@bsz-bw.de>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Conflicts:
t/db_dependent/Circulation.t

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 87680805ddb7ebe8dab62cf709ad5e4eebf80726)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19514: Add client-side check
Jonathan Druart [Mon, 6 Nov 2017 15:22:59 +0000 (12:22 -0300)]
Bug 19514: Add client-side check

Signed-off-by: David Bourgault <david.bourgault@inlibro.com>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit d5fde992ef04faaa7bd3d32aec57cb76cc4672c7)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19514: Implement password restrictions into onboarding tool
Alex Buckley [Sat, 21 Oct 2017 00:54:23 +0000 (00:54 +0000)]
Bug 19514: Implement password restrictions into onboarding tool

Test plan:
1. Drop and recreate your database
2. Restart memcached
3. Go through the web installer
4. In the onboarding tool create a patron with a password of only 2 characters in length
5. Notice the patron is successfully created and no warning message is
displayed
6. Repeat step 1,2,3 and create a patron with a password of 3 characters
none of which are a uppercase letter or number and notice the patron is
successfully created and no warning message is displayed
7. Apply patch
8. Repeat steps 1,2,3 and create a patron with a password consisting of
2 characters, notice that after submitting the form the same form is
loaded again and there is a warning message at the top of the page
informing you the patron wasn't created
9. Repeat steps 1,2,3 and create a patron with a password consisting of
3 characters (all lower case) and submit the form, notice the same form
is reloaded and a warning message at the top of the page informs you
that the patron wasn't created because the password was weak
10. Repeat steps 1,2,3 and create a patron with a password consisting of
3 characters (one lower case letter, one upper case letter and one
number) and submit the form and notice this time the next form in the onboarding is displayed with the message at the top of the screen informing you that the patron was successfully created

Sponsored-By: Catalyst IT
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: David Bourgault <david.bourgault@inlibro.com>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit b59a2c4d1104add61daccbd40562a56e6ffa5a53)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 11210: Writeoff partial amounts
David Bourgault [Mon, 25 Sep 2017 17:05:01 +0000 (13:05 -0400)]
Bug 11210: Writeoff partial amounts

Minor changes to pay.pl and paycollect.tt to allow writing off a partial amount of a fine.

Test plan:
0) Go to the Fines tab of a test patron's profile
1) Create a fine if there are none (under the Manual invoice tab)
2) Go to the "Pay fines" tab
3) Press the write off button on the corresponding account line

Without patch, you'll be asked to confirm, but will not be able to edit the amount
With patch, you'll be able to edit the amount.

Followed test plan, patch worked as described. Also ran QA test tool and
modified files passed

Signed-off-by: Simon Pouchol <simon.pouchol@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Conflicts:
koha-tmpl/intranet-tmpl/prog/en/modules/members/paycollect.tt

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit ab2a92c6f585a964795ac376e8e8f00220e7a537)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19450: Fixed WebService::ILS bug upstream (0.17)
Srdjan [Thu, 12 Oct 2017 00:45:43 +0000 (13:45 +1300)]
Bug 19450: Fixed WebService::ILS bug upstream (0.17)

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 60fa198eab9dcda869ff4703c442c4fe5573c491)

6 years agoBug 17770: Perltidy
Mark Tompsett [Tue, 7 Nov 2017 03:25:52 +0000 (03:25 +0000)]
Bug 17770: Perltidy

Signed-off-by: Your Full Name <your_email>
Signed-off-by: Jon Knight <J.P.Knight@lboro.ac.uk>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 852d36d391f46fec0182716dd5d0f6834ae18fa4)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 17770: Improve perlcritic level
Mark Tompsett [Tue, 7 Nov 2017 03:21:36 +0000 (03:21 +0000)]
Bug 17770: Improve perlcritic level

before patch: perlcritic -4 noisy
after patch: perlcritic -4 ok

Signed-off-by: Your Full Name <your_email>
Signed-off-by: Jon Knight <J.P.Knight@lboro.ac.uk>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit cba47ec34769220a58e87cd801a25fabd774b720)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 17770: Fix Sitemapper.t if date changes during test run
Mark Tompsett [Mon, 6 Nov 2017 19:49:27 +0000 (19:49 +0000)]
Bug 17770: Fix Sitemapper.t if date changes during test run

To compensate, DateTime->now is mocked to the current date.

Signed-off-by: Jon Knight <J.P.Knight@lboro.ac.uk>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 1db2234423d56203e6ee1e7567b4437bc2d2c1bc)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19669: (QA follow-up) Remove itemstypes.plugin
Kyle M Hall [Thu, 21 Dec 2017 14:17:01 +0000 (09:17 -0500)]
Bug 19669: (QA follow-up) Remove itemstypes.plugin

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit cd56123068d63033dc07b680c196f78bc256e40b)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19669: Remove deprecated checkouts by patron category report
Owen Leonard [Tue, 21 Nov 2017 13:56:31 +0000 (13:56 +0000)]
Bug 19669: Remove deprecated checkouts by patron category report

Patch applies. Reports and general OPAC and staff client functionality is intact.
Signed-off-by: Dilan Johnpullé <dilan@calyx.net.au>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 5ca2b7fedfb13b80b6c453b184474240d4c46a3e)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 18923: Warning in Biblio::GetCOinSBiblio
Marcel de Rooy [Mon, 10 Jul 2017 12:54:56 +0000 (14:54 +0200)]
Bug 18923: Warning in Biblio::GetCOinSBiblio

Use of uninitialized value in concatenation (.) or string at C4/Biblio.pm line 1456.
Note: In current master this is now line 1370 (Oct 9, 2017).

Test plan:
Enable COinSinOPACResults.
Select a record with leader pos6==a and pos7==a. This triggers genre to be
journalArticle and titletype to be a.
Without this patch, do an opac search that includes this record.
Check the log. You should see the warning.
Apply this patch, search again and check the log. The warning should not be
repeated again.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit a82d54d4b4f5eb7aa7d45afc13dac0a80c86f9ce)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19496: [17.05.x] ReplytoDefault is a pref, not a C4::Context method
Jonathan Druart [Thu, 7 Dec 2017 13:52:28 +0000 (10:52 -0300)]
Bug 19496: [17.05.x] ReplytoDefault is a pref, not a C4::Context method

Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19496: [17.05.x] Fixing to_address for patron notes
Aleisha Amohia [Mon, 27 Nov 2017 21:33:58 +0000 (21:33 +0000)]
Bug 19496: [17.05.x] Fixing to_address for patron notes

This patch ensures the patron note to_address is the branch email or the
Koha Admin email, and the from_address is the patron's email.

To test:
1) Ensure syspref 'allowcheckoutnotes' is turned on
2) Go to OPAC, leave a note on a checkout
3) Confirm that the note is received (in mysql message_queue) but the
to_address is the patron's email - this is wrong
4) Apply patch and refresh OPAC
5) Leave a note on a checkout
6) Confirm that the note is received in message queue
7) Confirm that the to_address is one of:
- branch email
- branch reply to
- syspref ReplytoDefault
- syspref KohaAdminEmailAddress
8) Confirm that the from_address is one of:
- patron email
- patron emailpro
- patron B_email

Sponsored-by: Catalyst IT
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19602: Add usage statistics link to administration sidebar menu
Owen Leonard [Thu, 9 Nov 2017 16:47:42 +0000 (16:47 +0000)]
Bug 19602: Add usage statistics link to administration sidebar menu

This patch adds a link to the new usage statistics page in the
administration sidebar menu.

To test, apply the patch and view an administration page which includes
the admin sidebar. Confirm that the link to usage statistics is there.

Visit the usage statistics page and confirm that the usage statistics
link in the sidebar is display in bold.

Signed-off-by: Simon Pouchol <simon.pouchol@biblibre.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 9d79d463250c430678f724f265500776f541cd42)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoUpdate release notes for 17.05.07 release v17.05.07
Fridolin Somers [Sat, 23 Dec 2017 10:12:22 +0000 (11:12 +0100)]
Update release notes for 17.05.07 release

Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoMerge remote-tracking branch 'translate/17.05.07-translate-20171223' into 17.05.x
Fridolin Somers [Sat, 23 Dec 2017 09:59:44 +0000 (10:59 +0100)]
Merge remote-tracking branch 'translate/17.05.07-translate-20171223' into 17.05.x

6 years agoIncrement version for 17.05.07 release
Fridolin Somers [Sat, 23 Dec 2017 09:48:41 +0000 (10:48 +0100)]
Increment version for 17.05.07 release

Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19614: Fix XSS in members/pay.pl
Amit Gupta [Mon, 13 Nov 2017 03:57:44 +0000 (09:27 +0530)]
Bug 19614: Fix XSS in members/pay.pl

To Test
1. Hit the page /cgi-bin/koha/members/memberentry.pl
2. Add a text in the field firstname, surname that contains js
3. Save the page.
4. click on fine tab
5. Notice js is execute
6. Apply patch and reload, the js is escaped

Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit e576b89c461c87efc122816fca9f6c3ba08a1833)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19612: Fix XSS in members/memberentry.pl
Amit Gupta [Mon, 13 Nov 2017 03:35:14 +0000 (09:05 +0530)]
Bug 19612: Fix XSS in members/memberentry.pl

To Test
1. Hit the page /cgi-bin/koha/members/memberentry.pl
2. Add a text in the field address, address2, city, state, country,
   zipcode, B_streetnumber, B_city, B_country, B_zipcode that contains js
3. Save the page.
4. Notice js is execute
5. Apply patch and reload, the js is escaped

Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 4333617b1d33b2c7c0488de593c76ac79f4ebf70)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19611: Fix XSS Flaws in supplier.pl
Amit Gupta [Sun, 12 Nov 2017 15:44:41 +0000 (21:14 +0530)]
Bug 19611: Fix XSS Flaws in supplier.pl

Test
1. Hit the page /cgi-bin/koha/acqui/supplier.pl?op=enter
2. Add a text in the field Name that contains java script
3. Save the page.
4. Notice js is execute
5. Apply patch and reload the js is escaped

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 99d327a5ea039b98f2bb19a3ef29431b33437cb7)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19319: Only fetch the record if it exists
Jonathan Druart [Fri, 8 Dec 2017 17:57:15 +0000 (14:57 -0300)]
Bug 19319: Only fetch the record if it exists

We already know if the bibliographic record exists (404 redirect),
we can avoid unecessary fetches

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 33b0a26a5bf32de1ffead556269d8f8e27289521)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19319: (QA follow-up) Biblionumber leftovers in opac-detail.tt
Marcel de Rooy [Fri, 8 Dec 2017 08:46:02 +0000 (09:46 +0100)]
Bug 19319: (QA follow-up) Biblionumber leftovers in opac-detail.tt

Correcting a few biblionumber template var leftovers in opac-detail
template. They were combined with url filter instead of html.

Test plan:
[1] Look for [^.;?]biblionumber in opac-detail.tt and verify that these
    occurrences are fine.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 102456b27388dad8e6043c36e773a5a005bd451e)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19319: Reflected XSS Vulnerability in opac-MARCdetail.pl
Kyle M Hall [Thu, 14 Sep 2017 15:52:08 +0000 (11:52 -0400)]
Bug 19319: Reflected XSS Vulnerability in opac-MARCdetail.pl

Try going to this URL on your site: /cgi-bin/koha/opac-MARCdetail.pl?biblionumber=2"><TEST>

Test Plan:
1) Go to /cgi-bin/koha/opac-MARCdetail.pl?biblionumber=2"><TEST>
2) Note <TEST> is embedded all over the html
3) Apply this patch
4) Refresh the page, note the injection is gone!
5) run koha qa test tools

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 617e87c59d0b270d424aa4f1977e3e95c019e0b5)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19570: Add autocomplete to opac-main as well
Mark Tompsett [Mon, 6 Nov 2017 15:10:45 +0000 (15:10 +0000)]
Bug 19570: Add autocomplete to opac-main as well

To confirm all the files were modified for opac, typed
this:
$ git grep -i password | grep opac | grep -v "[.]po:" | grep
"opac[^/]*[.]tt:" | cut -f1 -d: | sort -u

The follow output was handled as follows:
    koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-auth.tt
    koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-memberentry.tt
    koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-passwd.tt
    koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-registration-confirmation.tt
These were already done in the first patch.

    koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-password-recovery.tt
This already had the autocomplete modification.

    koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-detail.tt
This was a false-find. There was no modification necessary.

    koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-main.tt
This is the modal login in. This patch amends it.

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 9b141bcd3dbeebd91d4df20205f57bbc564cbb32)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19570: Add autocomplete='off' for login forms at the opac
Jonathan Druart [Thu, 2 Nov 2017 19:24:00 +0000 (16:24 -0300)]
Bug 19570: Add autocomplete='off' for login forms at the opac

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 541603db17ea08b44bab50219f3634946a13e64a)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19569: Set X-Frame-Options=SAMEORIGIN - opac-showmarc.ok
Jonathan Druart [Thu, 2 Nov 2017 19:14:12 +0000 (16:14 -0300)]
Bug 19569: Set X-Frame-Options=SAMEORIGIN - opac-showmarc.ok

Before and after:
wget 'http://catalogue.kohadev.org/cgi-bin/koha/opac-showmarc.pl?id=1&viewas=html'
must be the same

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 727f915c1b2e2ee7869d14d852b48eeaa67735ae)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19568: Escape url params with url filter - opac-opensearch.tt
Jonathan Druart [Thu, 2 Nov 2017 19:13:32 +0000 (16:13 -0300)]
Bug 19568: Escape url params with url filter - opac-opensearch.tt

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit a33cfa4506711f83abaa3f6de049ebbe76e13931)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoTranslation updates for Koha 17.05.07
root [Sat, 23 Dec 2017 09:52:01 +0000 (06:52 -0300)]
Translation updates for Koha 17.05.07

6 years agoBug 19751: Holds awaiting pickup report should not be fixed-width
Owen Leonard [Tue, 5 Dec 2017 15:26:58 +0000 (15:26 +0000)]
Bug 19751: Holds awaiting pickup report should not be fixed-width

This patch changes the grid used for the holds awaiting pickup report so
that the results are full page and fluid instead of fixed-width.

To test, apply this patch and the patch for Bug 19700 if necessary.

View the holds awaiting pickup report. The report should fluidly fill
the page width.

Test with the CircSidebar system preference enabled and disabled.

Signed-off-by: George Williams <george@nekls.org>
Signed-off-by: BWS Sandboxes <ByWaterSandboxes@gmail.com>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 232b3cf25374f07ee2966231c5e5294ef16965a4)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19775: Try & prevent Search/History.t to fail randomly
Jonathan Druart [Thu, 7 Dec 2017 16:41:06 +0000 (13:41 -0300)]
Bug 19775: Try & prevent Search/History.t to fail randomly

 #   Failed test 'There are still 8 searches after calling delete with an interval = 6 days'
 #   at t/db_dependent/Search/History.t line 185.
 #          got: '6'
 #     expected: '8'

 #   Failed test 'There are still 2 searches after calling delete with an interval = 2 days'
 #   at t/db_dependent/Search/History.t line 191.
 #          got: '0'
 #     expected: '2'
 # Looks like you failed 2 tests of 27.
[15:04:12] t/db_dependent/Search/History.t

It looks like it does not longer fail with this change (date comparaison wrongly rounded to second in mysql?)

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 68a6d049869789618af1ddba9802b6d593593d09)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 19724: DBIC Schema changes
Jonathan Druart [Thu, 7 Dec 2017 13:26:32 +0000 (10:26 -0300)]
Bug 19724: DBIC Schema changes

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 7e691bc6d8695377e12896be085039c81115e4d0)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 18907: Build has deprecating message
Mark Tompsett [Thu, 6 Jul 2017 15:42:43 +0000 (15:42 +0000)]
Bug 18907: Build has deprecating message

Following the instructions at:
https://wiki.koha-community.org/wiki/Building_Debian_Packages_-_The_Easy_Way
Receiving the following message in the build:
dpkg-source: warning: relation < is deprecated: use << or <=

This patch tweaks the list-deps.
git diff origin/master -- debian/list-deps shows just the one line
changed from < to << as per the messages suggestion and eythian's
suggestion on IRC:
http://irc.koha-community.org/koha/2017-07-06#i_1950698

The control file can be regenerated from the command-line:
./debian/update-control
However, it will be attached separately.

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit d8a16dd89a2853837e87eec1b1ec0d419ede1b55)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 12497: Fix OPAC search history reachable by URL even when disabled
Victor Grousset [Fri, 24 Nov 2017 11:02:47 +0000 (12:02 +0100)]
Bug 12497: Fix OPAC search history reachable by URL even when disabled

Test plan:
1. Set EnableOpacSearchHistory syspref to "Keep"
2. Make a search in the OPAC
3. Go to /cgi-bin/koha/opac-search-history.pl
4. Set the EnableOpacSearchHistory syspref to "Don't keep"
5. Refresh the OPAC page to show that history is still accessible
6. Apply the patch
7. Refresh the OPAC page, you should end on the 404 page
8. Set EnableOpacSearchHistory syspref to "Keep"
9. Go to /cgi-bin/koha/opac-search-history.pl which should be reachable

Signed-off-by: David Bourgault <david.bourgault@inlibro.com>
Signed-off-by: Charles Farmer <charles.farmer@inLibro.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit b90824527b47e78e56e2f602199481325beeec15)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
6 years agoBug 12497: Fix search history non-accessible when OPAC was private
Victor Grousset [Thu, 23 Nov 2017 15:03:14 +0000 (16:03 +0100)]
Bug 12497: Fix search history non-accessible when OPAC was private

(when the user didn't have the "borrowers" permission)

Test plan:
1. Set syspref "OpacPublic" to false (Disable)
2. Log in as a user without any permission
3. Try to access the search history. The link is next to "Log out"
4. Then you should see "Access denied"
5. Apply this patch
6. Refresh the page
7. Then you should see the search history

Signed-off-by: David Bourgault <david.bourgault@inlibro.com>
Signed-off-by: Charles Farmer <charles.farmer@inLibro.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit adb37ce8cf10fee1c81ee35d703ec3a81c82697d)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>