From f234d67ca6c9ddf882390c16cca40cc1255808d0 Mon Sep 17 00:00:00 2001 From: David Cook Date: Fri, 15 Dec 2023 00:14:05 +0000 Subject: [PATCH] Bug 35578: Validate "Where" in OPAC Authority search This patch adds validation to the "Where" field in OPAC Authority search. Test plan: 0. Apply the patch and koha-plack --reload kohadev 1. Go to http://localhost:8080/cgi-bin/koha/opac-authorities-home.pl 2. Type "test" into "Term(s)" field 3. Click "Submit" 4. Confirm a result is found 5. Repeat the above using "Where" values of "in the complete record", "in any heading", and "in main entry" 6. Using the HTML inspector in the browser, change the value of the selected option of the "marclist" select element to "this is broken" 7. Click "Submit" 8. Confirm a result is found (ie it's not throwing a fatal error anymore) Signed-off-by: David Nind Signed-off-by: Jonathan Druart Signed-off-by: Martin Renvoize Signed-off-by: Katrin Fischer (cherry picked from commit 0ecb02eff9564908aaed8eb76169e714568e7df1) Signed-off-by: Fridolin Somers --- opac/opac-authorities-home.pl | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/opac/opac-authorities-home.pl b/opac/opac-authorities-home.pl index 8b2145ab15..ba011bd014 100755 --- a/opac/opac-authorities-home.pl +++ b/opac/opac-authorities-home.pl @@ -47,7 +47,7 @@ my ( $template, $loggedinuser, $cookie ); my $authority_types = Koha::Authority::Types->search({}, { order_by => ['authtypetext']}); if ( $op eq "do_search" ) { - my @marclist = $query->multi_param('marclist'); + my @input_marclist = $query->multi_param('marclist'); my @and_or = $query->multi_param('and_or'); my @excluding = $query->multi_param('excluding'); my @operator = $query->multi_param('operator'); @@ -55,6 +55,21 @@ if ( $op eq "do_search" ) { my @value = $query->multi_param('value'); $value[0] ||= q||; + my $valid_marc_list = { + "all" => 1, + "match" => 1, + "mainentry" => 1, + }; + my @marclist = (); + foreach my $entry (@input_marclist) { + if ( $valid_marc_list->{$entry} ) { + push( @marclist, $entry ); + } + } + if ( !@marclist ) { + push( @marclist, 'all' ); + } + my $builder = Koha::SearchEngine::QueryBuilder->new( { index => $Koha::SearchEngine::AUTHORITIES_INDEX } ); my $searcher = Koha::SearchEngine::Search->new( -- 2.39.5