Jonathan Druart [Mon, 27 Apr 2015 08:39:14 +0000 (10:39 +0200)]
Bug 14060: Add OnClose event on missing datepicker
The "suspend until" inputs (hold list on circ/circulation.pl and
members/moremember.pl) were not set in the same way.
The minDate option should be set for both (bug 10703 removed it for
circ/circulation.pl).
This patch reintroduces the option and add the OnClose event on both.
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Jonathan Druart [Fri, 24 Apr 2015 13:36:34 +0000 (15:36 +0200)]
Bug 14060: Remove readonly attributes on date inputs
In order to remove accessibility issues due to the readonly attributes
on date inputs, this patch will remove them and introduce a javascript
validation on them.
This patch is not perfect for some reason:
I didn't manage to force the user to select a valid date. One solution
would be to reopen the datepicker plugin until a valid date is inserted.
But it could be annoying for users (and for me: I did not manage to
implement this solution).
You will note that input is emptied if the date is not valid. This is a
quick and efficient solution to prevent submitting invalid date and make
Koha explodes. A proper solution would be to implement the check server
side send a friendly message to the user.
Test plan:
For all inputs, try an invalid and a valid date.
1/ Debar a patron
2/ On the checkout tables (circulation and moremember), add a renewal
due date (at the bottom of the tables)
3/ On the checkout page, specify a due date
4/ On the return page, specify a return date
5/ On the invoice page (acquisition module), enter a shipment and
billing date
6/ On the invoice search page (invoices.pl) use filters shipment and
billing dates
7/ On the offline circ page, specify a due date
8/ On the edit patron page (memberentry), add a debarment
9/ On the reserve page (reserve/request.pl), use the date inputs to
suspend until a defined date
10/ Edit patrons in a batch (tools/modborrowers.pl) and use the
registration and expiry date inputs
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Hector Castro [Wed, 31 Aug 2016 19:33:53 +0000 (13:33 -0600)]
Bug 17152: Do not copy value when duplicating a subfield
When cataloguing, if you want to duplicate a subfield that is not
empty, the new subfield is created with a copy of data in it.
This is not the case when you duplicate an whole field. The new one is
created with subfields but without data in it.
Test plan:
Add or edit a bibliographic record
Fill a subfield
Duplicate the subfield
=> Without this patch the value of the input will be copied
=> With this patch the new input will be emptied
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Jacek Ablewicz [Thu, 1 Sep 2016 16:13:50 +0000 (18:13 +0200)]
Bug 17072: 006 not filling in with existing values
When you use the 006 builder to view the existing values in the 006
tag, Koha is not pulling these existing values into the builder
window. Instead, Koha appears to be using defaults.
To reproduce:
1. Open a record in the editor
2. Switch from BKS to another material type.
3. Change as many settings as possible.
4. Close plugin.
5. Reopen plugin - notice your selections are not shown.
Trivial patch, heavilly inspired by Bug 9093.
To test:
1. Apply patch
2. Ensure that issue described above is no longer reproductible
Signed-off-by: Hector Castro <hector.hecaxmmx@gmail.com>
Works as advertised
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This patch adds the frameworkcode option param, using each record's frameworkcode
as expected by the filter. Otherwise the ViewPolicy filter falls back to the
default framework.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Mark Tompsett <mtompset@hotmail.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Koha::RecordProcessor and the defined filters are supposed to bring us
joy and happiness. Let's keep the code compact, simple and clean.
This patch removes record cloning all over the place.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Mark Tompsett <mtompset@hotmail.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Mark Tompsett [Thu, 21 Apr 2016 01:49:41 +0000 (21:49 -0400)]
Bug 11592: MARCView and ISBD followup
There are still some leaks, but it is not as a result
of the filter, but rather a result of poorly written
template files.
Bug fixing template files is beyond the scope of this
set of patches.
TEST PLAN
---------
1) Backup your DB
2) run the following SQL on your DB.
> UPDATE marc_subfield_structure set hidden=-8;
-- this should set EVERYTHING to hidden across the board.
3) In staff client, set OPACXSLTDetailsDisplay to blank
4) In OPAC, view any detail.
-- Normal view may mostly leak values still.
-- MARC view may leak values.
-- ISBD view may leak values.
5) In staff client, set OPACXSLTDetailsDisplay to default
6) In OPAC, view any detail.
-- same issues as step 4
-- 'View Plain' may leak too.
7) 'Save record' -> 'Dublin Core'
8) Apply this patch
9) run koha qa test tools
-- should be fine
10) prove -v t/db_dependent/Filter_MARC_ViewPolicy.t
-- should pass
-- this proves Koha/Filter/MARC/ViewPolicy.pm tweaks too
11) In OPAC, view any detail.
-- Normal view:
-- Material type comes from the LEADER field.
-- Lists this is on will still display
-- 'Tags from this library' will still display
-- Item information in table will still display
(THIS IS BEYOND SCOPE)
-- MARC view:
-- Record number is leaked
(THIS IS BEYOND SCOPE)
-- 'View plain' leaks LEADER field.
-- ISBD view may leak field headings, but not values.
(THIS IS BEYOND SCOPE)
12) In staff client, set OPACXSLTDetailsDisplay to blank
13) In OPAC, view any detail.
-- same kind of output as step 10
14) 'Save record' -> BIBTEXT
-- Should be next to nothing leaked.
15) 'Save record' -> Dublin Core
-- Should be the same or less leaked between the two versions.
-- (XML FILTERING IS BEYOND SCOPE)
16) In the staff client, go view the same record.
-- it should be mostly hidden in ISBD View.
17) run the following SQL on your DB.
> UPDATE marc_subfield_structure set hidden=1;
-- this should set EVERYTHING to hidden in OPAC, but not
the STAFF across the board.
18) Refresh the staff ISBD page
-- values should reappear.
19) View the ISBD details in the OPAC
-- values should still be hidden.
20) Check out the OPAC Cart and List
-- while the intermediate pages may still leak
the download links should leak very minimally.
-- (CARTS AND LISTS ARE BEYOND SCOPE, THOUGH
THE INTRANET ISBD AND SOME CART/LIST STUFF
WERE FIXED BECAUSE OF THE GetISBDView REFACTOR)
Expectations:
Before Patch - all the OPAC Detail pages will display things
After Patch - all the OPAC Detail pages will display much less,
and hopefully nothing (though there are known limits).
the ISBD detail page in the Staff client will be
filtered as well based on STAFF settings.
The saving/exporting should generate nearly empty
files.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Mark Tompsett [Wed, 16 Mar 2016 21:10:02 +0000 (17:10 -0400)]
Bug 11592: Add should_hide_marc method to filter
Add should_hide_marc to ViewPolicy filter
Add should_hide_marc tests to t/db_dependent/Filter_MARC_ViewPolicy.t
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Mark Tompsett [Fri, 24 Jan 2014 03:31:08 +0000 (22:31 -0500)]
Bug 11592: Updated License Text and use Modern::Perl
Why not clean up the License Agreement stuff while the files
are being changed? Used the current one found at:
http://wiki.koha-community.org/wiki/Coding_Guidelines#Licence
Changed the strict and warning lines into just a Modern::Perl.
Signed-off-by: Robin Sheat <robin@catalyst.net.nz> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Jonathan Druart [Tue, 6 Sep 2016 14:20:28 +0000 (15:20 +0100)]
Bug 11921: Fix logic in C4::Context->new to init the config
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Jonathan Druart [Tue, 6 Sep 2016 14:20:25 +0000 (15:20 +0100)]
Bug 11921: C4::Context->memcached does no longer exist
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Jonathan Druart [Thu, 23 Jun 2016 05:33:23 +0000 (06:33 +0100)]
Bug 11921: Update remaining occurrences of ->ismemcached
TODO: Would be better to provide a better way to know if memcache is correctly set Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Jonathan Druart [Thu, 23 Jun 2016 04:12:39 +0000 (05:12 +0100)]
Bug 11921: Restore memcached infos to koha-conf - Koha::Config
Move C4::Context->read_config_file to Koha::Config
That permits to reuse it from Koha::Cache without needing C4::Context
(and introduce a circular deps).
TODO: Add decent POD to Koha::Config Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Jonathan Druart [Wed, 7 Sep 2016 10:43:32 +0000 (11:43 +0100)]
Bug 17189: Use delete to flush a L1 cache namespace
Signed-off-by: Jacek Ablewicz <abl@biblos.pk.edu.pl> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
https://bugs.koha-community.org/show_bug.cgi?id=11921
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jacek Ablewicz <abl@biblos.pk.edu.pl> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
https://bugs.koha-community.org/show_bug.cgi?id=11921
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Jonathan Druart [Wed, 22 Jun 2016 15:01:46 +0000 (16:01 +0100)]
Bug 17189: Add the ability to define several memcached namespaces - Koha::Caches
We need to define several namespaces for our cache system.
For instance sysprefs, koha conf (koha-conf.xml) and unit tests
should be defined in a separate namespace.
This will permit to
- launch the tests without interfering with other cache values
- and flush the sysprefs cache without flushing all other values
To do so, we need to store different Koha::Cache objects at a package
level. That's why this patch adds a new Koha::Caches module.
FIXME: There is an architecture problem here: the L1 cache should be
defined in Koha::Cache
Signed-off-by: Jacek Ablewicz <abl@biblos.pk.edu.pl> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
https://bugs.koha-community.org/show_bug.cgi?id=11921
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Jonathan Druart [Wed, 22 Jun 2016 15:10:23 +0000 (16:10 +0100)]
Bug 17189: Add the ability to define several memcached namespaces - tests
Signed-off-by: Jacek Ablewicz <abl@biblos.pk.edu.pl> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
https://bugs.koha-community.org/show_bug.cgi?id=11921
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Kyle M Hall [Fri, 22 Jan 2016 15:25:20 +0000 (15:25 +0000)]
Bug 14695 [QA Followup] - Fix clearing of all holds by patron at checkout
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jason M. Burds <JBurds@dubuque.lib.ia.us> Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>
Kyle M Hall [Tue, 19 Jan 2016 17:49:44 +0000 (17:49 +0000)]
Bug 14695 [QA Followup] - Make existing unit tests pass
* Removes tests no longer needed
* Updates rules to work with existing tests
* Fixes code issues revealed by unit tests
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jason M. Burds <JBurds@dubuque.lib.ia.us> Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>
Kyle M Hall [Tue, 19 Jan 2016 17:10:29 +0000 (17:10 +0000)]
Bug 14695 [QA Followup] - Filling one hold fills all of them
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jason M. Burds <JBurds@dubuque.lib.ia.us> Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>
Kyle M Hall [Tue, 29 Dec 2015 19:14:19 +0000 (19:14 +0000)]
Bug 14695 - Add ability to place multiple item holds on a given record per patron
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jason M. Burds <JBurds@dubuque.lib.ia.us> Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>
Kyle M Hall [Mon, 28 Dec 2015 17:11:46 +0000 (17:11 +0000)]
Bug 14695 - Tidy C4::Reserves::CanItemBeReserved
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jason M. Burds <JBurds@dubuque.lib.ia.us> Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>
Kyle M Hall [Tue, 29 Dec 2015 19:13:51 +0000 (19:13 +0000)]
Bug 14695 - Add new circulation rule
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jason M. Burds <JBurds@dubuque.lib.ia.us> Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>
Kyle M Hall [Tue, 29 Dec 2015 19:13:25 +0000 (19:13 +0000)]
Bug 14695 - Update DB Schema file
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jason M. Burds <JBurds@dubuque.lib.ia.us> Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>
Kyle M Hall [Tue, 29 Dec 2015 19:11:47 +0000 (19:11 +0000)]
Bug 14695 - Update database
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jason M. Burds <JBurds@dubuque.lib.ia.us> Signed-off-by: Benjamin Rokseth <benjamin.rokseth@kul.oslo.kommune.no>
Julian Maurice [Fri, 30 Oct 2015 12:49:56 +0000 (13:49 +0100)]
Bug 13501: Move "Required" and checkbox after input/select
Signed-off-by: Aleisha <aleishaamohia@hotmail.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Julian Maurice [Fri, 30 Oct 2015 12:45:13 +0000 (13:45 +0100)]
Bug 13501: Indentation fix (batchMod-edit.tt)
Signed-off-by: Aleisha <aleishaamohia@hotmail.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Julian Maurice [Tue, 30 Dec 2014 13:40:44 +0000 (14:40 +0100)]
Bug 13501: Add JS library select2 3.5.4
use it on cataloguing and batch items edit pages
Signed-off-by: Aleisha <aleishaamohia@hotmail.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Kyle M Hall [Wed, 18 Nov 2015 18:53:03 +0000 (18:53 +0000)]
Bug 11360 - Disable barcode field and submit button when a hold is found
At the moment when scanning in returns, it can be easy to miss a hold
trap due to the fact that the barcode and submit are still active and
the barcode field is focused on. A librarian who is focused on scanning
can easily scan another item and pass over the form, which is equivalent
to clicking the "ignore" button.
Test Plan:
1) Apply this patch
2) Trap a hold, note the new modal
3) Check the hold in a second time
4) Note the new modal
5) For each modal, test each button
Signed-off-by: Christopher Brannon <cbrannon@cdalibrary.org> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jacek Ablewicz [Fri, 12 Aug 2016 09:42:48 +0000 (11:42 +0200)]
Bug 10848 - [QA Followup] Add missing branch option and fix pattern for copyrightdate
- HTML5 input pattern for copyrightdate was not taking into an account
the database field type, which is smallint(5)
- added title="..." for the year field so the acceptable date format
should be displayed as a hint/tooltip in the browser
- added an missing option for configuring branch/library as mandatory
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Jacek Ablewicz [Fri, 5 Aug 2016 09:01:25 +0000 (11:01 +0200)]
Bug 10848 - Allow configuration of mandatory/required fields on the suggestion form in OPAC - part 2
Add 'OPACSuggestionMandatoryFields' syspref definition plus
an atomic DB update for the new preference.
Signed-off-by: barbara johnson <barbara.johnson@bedfordtx.gov> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Jacek Ablewicz [Fri, 5 Aug 2016 08:47:11 +0000 (10:47 +0200)]
Bug 10848 - Allow configuration of mandatory/required fields on the suggestion form in OPAC
This patch adds a configuration option which allows to define which
fields should be mandatory for a patron purchase suggestion form in OPAC.
Test plan:
1/ Apply patch.
2/ Play with the new OPACSuggestionMandatoryFields system preference
(select some fields as manadatory, select all, deselect all, try to
submit some suggestions with mandatory fields filled and/or not
filled etc.) to ensure that required fields (and only required fields)
are enforced in the browser to be filled.
3/ With all options deselected, 'Title' field should still be
mandatory (by default).
Signed-off-by: barbara johnson <barbara.johnson@bedfordtx.gov> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
As requested by Mark Tompsett. Hope this guarantees a signoff now..
Note: For consistency four additional parameters were needed to no longer
use file level vars in this subroutine.
Test plan:
Import a file with stage_file.pl.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Imported a marc file and a marcxml file with stage_file.pl.
Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Creates a few simple tests for the two new subroutines in ImportBatch.pm.
Test plan:
Run t/ImportBatch.t.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
[1] Based on the groundwork of the former patch, add call to
RecordsFromMARCXMLFile in stage-marc-import. Use format param.
[2] Add format to the template. Use file extension to determine.
If you use .xml or .marcxml as extension, MARCXML is selected.
[3] In stage-marc-import.tt mark UTF-8 encoding as UTF-8 not as utf8.
[4] BatchStageMarcRecords: do not call plugin if you have no records.
[5] RecordsFromISO2709File: also return errors in an array.
[6] In misc/stage_file.pl also use UTF-8. Handling of errors from [5].
Test plan:
[1] Import an empty file as MARC or MARCXML (with Tools/Stage..import).
[2] Import an non-empty file with invalid contents as MARC or MARCXML.
[3] Export a few records with Tools/Export as MARC and MARCXML.
[4] Import these two files. Check selected format versus file extension.
[5] Import a MARCXML file with misc/stage_file.pl.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
After the staging job finishes, the child tries to print results to
STDOUT (which is closed). This creates warnings like:
stage-marc-import.pl: binmode() on closed filehandle STDOUT at C4/Templates.pm line 120.
stage-marc-import.pl: Filehandle STDOUT reopened as FH only for input at /usr/lib/perl5/Template/Provider.pm line 964.
Resolving it is simple: the child should exit after marking the job
as finished.
Test plan:
Import a marc file.
Observe that you do no longer have such warnings.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Bug 10407: Allow MARCXML records to be imported via GUI (groundwork)
Patch from Olli, manual rebase by Marcel (July 7, 2016).
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Needs follow-up. Test plan in the third patch.
Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Magnus Enger [Sat, 23 Jul 2016 18:31:11 +0000 (20:31 +0200)]
Bug 5456 - Create a link to opac-ics.pl
opac-ics.pl was added to Koha back in 2007, but there has not been a link to it
from anywhere. This patch adds the link from the main view on
/cgi-bin/koha/opac-user.pl, and makes some changes to opac-ics.pl itself.
Changes to opac-ics.pl:
- Update the code to use date and time for when a loan is due
- Use dt_from_string to turn a MySQL time and date into a DateTime
- Add a timestamp and a UID (these were reported as necessary by a couple of
iCal validators)
- Remove DTEND from events, since we now have time as well as date for when a
loan is due
- For loans that are overdue, set the DTSTART to now(), to avoid creating
calendar events in the past
- Use a template to generate text strings, to make them translatable
To test:
- Apply the patch
- Make sure you have at least a couple of loans, including one overdue
- Go to /cgi-bin/koha/opac-user.pl and click on the link labeled "Download as
iCal/.ics file"
- Inspect the file in a text editor and/or view the result in a calendar
appplication. Make sure the data makes sense.
- Sign off and go thee merrily on thine way.
Update 2016-07-25
- Force date_due to UTC to avoid problematic timezone info like this:
DTSTART:TZID=Europe/Zurich:20160724T235900
- Remove quotes from summary and description
Followed test plan, koha.ics file successfully imported to Thunderbird calendar Signed-off-by: Marc <veron@veron.ch> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Marc Véron [Thu, 18 Aug 2016 18:42:44 +0000 (20:42 +0200)]
Bug 17149 - EDI accounts: Add missing '>' to breadcrumb
To verify:
Breadcrumb on "EDI accounts" pages reads
Home > Administration EDI accounts > Modify account
instead of:
Home > Administration > EDI accounts > Modify account
To test:
- Apply patch
- Add, edit and delete an EDI account
- Verify that breadcrumb displays properly
Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Aleisha Amohia [Wed, 24 Aug 2016 00:16:43 +0000 (00:16 +0000)]
Bug 17175: Typo in patron card images error message
To test:
1) Go to Tools -> Patron Card Creator -> New Image
2) Click Upload without attaching anything
3) Notice typo
4) Apply patch and refresh page (resend information if prompted)
5) Notice typo fixed
Sponsored-by: Catalyst IT Signed-off-by: Claire Gravely <claire_gravely@hotmail.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Andreas Roussos [Wed, 24 Aug 2016 14:10:29 +0000 (17:10 +0300)]
Bug 17185: Staff client shows "Lists that include this title:" even if item is not in a list
In the staff client, the text "Lists that include this title:"
is always shown, regardless of whether the item is in a list
or not. This patch fixes that.
Test plan:
1) Log in to staff client.
2) Go to biblio details view:
/cgi-bin/koha/catalogue/detail.pl?biblionumber=X
Confirm that "Lists that include this title:" is
shown even if the item is not in a list.
3) Apply the patch.
4) Repeat step 2. Confirm that the patch works, i.e.
"Lists that include this title:" is only shown
for biblios that are actually in a list.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Only applies to non-XSLT view.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Marcel de Rooy [Wed, 17 Aug 2016 13:14:12 +0000 (15:14 +0200)]
Bug 16809: Follow-up for scalarizing biblionumber
Still resolves another multi_param warning.
Test plan:
Look at your logs before and after this patch when saving a biblio
record (you may have to start plack again).
If your biblionumber is mapped to 999c, you should no longer have a warn
about line 2563 (disclaimer: line numbers are subject to change).
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Most of the floodiness is caused by accessing the cgi parameters
in a context which is hard to determine. By purposefully saving
the value to a scalar variable and using the variable, the issue
disappears, and it will likely be a tiny tad faster as variable
access is faster than multiple function calls.
TEST PLAN
---------
1) Back up your intranet error log
-- for example:
cp ~/koha-dev/var/log/koha-error-log ~/koha-error-log.backup
2) Blank your intranet error log
-- for example:
echo > ~/koha-dev/var/log/koha-error-log
3) Log into your staff client
4) Click 'Authorities'
5) Click 'New from Z39.50'
5) Type 'Seuss' into 'Name (any):' and press enter
6) Click 'Import' beside the first link
7) Click 'Save'
8) Check your koha-error-log
-- floody!
9) Apply patch
10) repeat steps 2-8
-- blank!
11) restore your intranet error log
-- for example:
mv ~/koha-error-log.backup ~/koha-dev/var/log/koha-error-log
12) run koha qa test tools
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Tested with addbiblio.pl. I would have preferred the scalar option in terms
of simpler code, but this works too.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Owen Leonard [Thu, 18 Aug 2016 17:08:33 +0000 (13:08 -0400)]
Bug 14612 - Overdue notice triggers should show branchname instead of branchcode
This patch adds the Branches template plugin to the overdue notice
triggers template so that the library name can be shown instead of the
branchcode.
Also changed: Updated page title to match the name used in tools menus.
To test, apply the patch and go to Tools -> Overdue notice/status
triggers.
- Select a library.
- When the page reloads, the 'Defining overdue actions for...' and
'Rules for overdue actions: ' headings should show the library name
instead of the branchcode.
Signed-off-by: Marc Véron <veron@veron.ch> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Owen Leonard [Tue, 9 Aug 2016 13:49:33 +0000 (09:49 -0400)]
Bug 16464 - If a patron has been discharged, show a message in the OPAC
This patch adds a message to the patron home page in the OPAC to be
shown if the user is restricted because of a discharge.
To test, apply the patch and log into the OPAC as a patron who has been
discharged.
- You should see a message which says so, including a link to
the discharge notice.
- Log in to the OPAC as a patron with a manual restriction and confirm
that the correct notice is displayed.
Signed-off-by: Claire Gravely <c.gravely@arts.ac.uk> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Colin Campbell [Wed, 17 Aug 2016 16:30:55 +0000 (17:30 +0100)]
Bug 17141: Call config method to retrieve logdir
Incorrect method call is causing runtime error and not
retrieving the correct logdir value
Change retrieves the value correctly
To test:
1) Run edi_cron.pl, notice error
2) Apply patch and run edi_cron.pl again, should work as expected
Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Note: I did not test but changes make sense.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Magnus Enger [Wed, 31 Aug 2016 08:47:43 +0000 (10:47 +0200)]
Bug 17228 - Make two versions of SIPconfig.xml identical
Several bugs have made changes to etc/SIPconfig.xml but not
updated debian/templates/SIPconfig.xml. This means that an admin
using the Debian packages who enables SIP2 for a site and looks at
/etc/koha/sites/<instance>/SIPconfig.xml will not see an up-to-date
version of that file, with the risk of missing possible config
opportunities.
Since debian/templates/SIPconfig.xml contains no placeholders or
other magic stuff related to the Debian packaging, this patch simply
copies etc/SIPconfig.xml to debian/templates/SIPconfig.xml
To test: diff etc/SIPconfig.xml debian/templates/SIPconfig.xml
There should be no difference between the files
Signed-off-by: Claire Gravely <claire_gravely@hotmail.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Magnus Enger [Wed, 31 Aug 2016 08:45:32 +0000 (10:45 +0200)]
Bug 17228 - Fix whitespace in etc/SIPconfig.xml
Remove trailing whitespace and replace tabs with 4 spaces.
Signed-off-by: Claire Gravely <claire_gravely@hotmail.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Holger Meißner [Thu, 11 Aug 2016 09:22:00 +0000 (11:22 +0200)]
Bug 14434: Display "Not renewable (on hold)" in OPAC
This patch makes the OPAC display "Not renewable (on hold)" when
a hold is placed.
Test plan:
1) Do not apply patch.
2) Issue an item with automatic renewal.
3) Issue an item with manual renewal.
4) Place a hold on both items.
5) Log in as patron and note that the column "Renew" says "Automatic
renewal (x of y renewals remaining)" for the auto renewed item
and "(On hold) for the other item.
6) Apply patch.
7) Refresh OPAC and note that now "Not renewable (on hold)" is displayed
for both items.
8) Cancel the holds, then log in as patron again and confirm that the
correct renewal conditions are displayed.
Sponsored-by: Hochschule für Gesundheit (hsg), Germany Signed-off-by: Hector Castro <hector.hecaxmmx@gmail.com>
Works as advertised
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Jonathan Druart [Fri, 19 Aug 2016 11:43:24 +0000 (12:43 +0100)]
Bug 16990: Display branch names instead of code in patron mod requests
To test:
- change your homebranch in the OPAC, submit
- change patron modification request in the staff client
- Verify that it shows the old and new branch name instead of the
code
Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Jonathan Druart [Mon, 15 Aug 2016 14:45:38 +0000 (15:45 +0100)]
Bug 17128: Make summary-print.pl plack safe
$borrowernumber is used in build_issue_data but not correctly defined
(Variable "$borrowernumber" is not available)
That may cause wrong charge displayed in the summary slip.
Test plan:
- Set rental charge for an item type
- Define a rental discount for that item type in the circ rules
- check in an item matching this rule
Without this patch the charge displayed in the summary slip won't be
calculated with the discount
With this patch applied, the warning in the logs will no longer appear
and the values will be correctly calculated.
Signed-off-by: Marc Véron <veron@veron.ch> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Jonathan Druart [Sat, 9 Jul 2016 12:13:35 +0000 (13:13 +0100)]
Bug 16886: Make the 'Upload patron images' tool plack safe
Some vars are accessed from subroutine, but defined with my.
It causes at least the 2 followings errors:
Variable "$filetype" is not available at
/home/koha/src/tools/picture-upload.pl line 240.
Variable "$uploadfilename" is not available at
/home/koha/src/tools/picture-upload.pl line 241.
To avoid that, they are now declared with our.
Test plan:
Upload image for a patron and confirm that you get a "Result" table and
the errors do not longer appear in the logs.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Jonathan Druart [Tue, 16 Aug 2016 08:18:19 +0000 (09:18 +0100)]
Bug 7045: Update default value placeholders for existing installs
Signed-off-by: Marc Véron <veron@veron.ch> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Jonathan Druart [Tue, 16 Aug 2016 08:09:53 +0000 (09:09 +0100)]
Bug 7045: Use <<tag>> for default value placeholders
When adding a biblio, the default value of a MARC subfield defined in
the frameworks can be used as placeholders to set the current date or
the surname of the logged in user (use cases?).
The different placeholders are 'YYYY', 'MM', 'DD', 'user'.
When adding an item, same behavior except that 'user' is not replaced.
This patch makes behaviors consistent between the 2 editors and
surrounds placeholders with << >>
We will now have: <<YYYY>>, <<MM>>, <<DD>> and <<USER>>
Test plan:
Define default values for biblio and item subfields.
Create a bibliographic record and attach it an item.
The default values should be used and replaced if you used placeholders.
Signed-off-by: Marc Véron <veron@veron.ch> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Jacek Ablewicz [Wed, 17 Aug 2016 16:42:37 +0000 (18:42 +0200)]
Bug 17142 - Don't show library group selection in advanced search if groups are not defined
Even if library groups/search domains are not defined in the system,
(empty) select for "Groups of libraries" under "Location and
availability" section in OPAC advanced search is still visible; it
shouldn't. Side effect of Bug 15295 - 'searchdomainloop' variable
in the template is now an object, it needs a different kind of statement
(.count) for checking if it's empty or not.
To test:
1) apply patch
2) when there are no groups of libraries defined in Administration ->
Libraries and Groups, "Groups of libraries" selection should be
no longer visible in OPAC adavanced search page
3) add library group or two: "Groups of libraries" selection should
reappear.
Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Owen Leonard [Thu, 25 Aug 2016 18:06:11 +0000 (14:06 -0400)]
Bug 17200 - Badly formatted "hold for" patron name on catalog detail page
This patch adds a space between first name and surname on the
bibliographic detail page when there is "hold for" information in the
status column of the holdings table.
To test, apply the patch locate a title in the staff client catalog
which has one or more confirmed holds on it. Verify that the patron's
name in the "status" column of the holdings table looks correct, with a
space between first and last name.
Signed-off-by: Claire Gravely <claire_gravely@hotmail.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Owen Leonard [Thu, 18 Aug 2016 15:58:42 +0000 (11:58 -0400)]
Bug 11019 - Require some fields when adding authorized value category
This patch modifies the form for adding an authorized value so that
the category is a required fields.
Previously a new authorized value category could be saved with no data.
To test, apply the patch and go to Administration -> Authorized values.
- Click the "New category" button.
- Click the save button without filling in the category.
You should be prevented from submitting the form.
- Verify that filling in the required field allows the form to be
submitted.
- Perform the same test when editing an existing authorized value.
Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Follow-up for QA: Allow a blank authorised value to be created.
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Amended test plan.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Owen Leonard [Fri, 19 Aug 2016 14:08:38 +0000 (10:08 -0400)]
Bug 13921 - XSLT Literary Formats Not Showing
This patch adds some missing literary formats to the staff client and
OPAC's search results XSLT display.
To test you must have DisplayOPACiconsXSLT and DisplayIconsXSLT system
preferences enabled. XSLTResultsDisplay and OPACXSLTResultsDisplay
should be set to 'default.'
Perform searches in the staff client and the OPAC and confirm that the
following literary forms (defined in 008 position 33) display correctly:
Not fiction; Fiction; Dramas; Essays; Novels; Humor, satires, etc.;
Letters; Short stories; Mixed forms; Poetry; Speeches.
Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Jonathan Druart [Mon, 22 Aug 2016 12:48:59 +0000 (13:48 +0100)]
Bug 17157: Same for "More"
Here I decided to redirect to the mainpage.
Works as dexcribed. Signed-off-by: Marc Véron <veron@veron.ch> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Jonathan Druart [Mon, 22 Aug 2016 12:36:39 +0000 (13:36 +0100)]
Bug 17157: Fix middle click on "Search" drowndown menu
If you save an item and right click on "Search" or "More" you will get
a software error:
Can't call method "fields" on an undefined value at
/usr/share/koha/intranet/cgi-bin/cataloguing/additem.pl line 742
You will now be redirected to the adv search form.
Wors as described. Signed-off-by: Marc Véron <veron@veron.ch> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Owen Leonard [Tue, 12 Jul 2016 13:24:59 +0000 (09:24 -0400)]
Bug 16903 - Multiple class attributes on catalog search tab
cat-search.inc contains an element with two class attributes, which is
invalid. This patch corrects it.
To test, apply the patch and view any page which uses the cat-search
include file to display the header search boxes. For instance, the
bibliographic detail page.
In the header, the "Search the catalog" box should be selected, and any
text you type in the box should be carried over when you switch to
different search tabs.
Signed-off-by: Marc Véron <veron@veron.ch> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Jonathan Druart [Fri, 19 Aug 2016 15:09:55 +0000 (16:09 +0100)]
Bug 17118: (follow-up 15381) Fix regression when clearing a linked authority
Changes made on bug 15381 assumed that the authid was always set.
But if the user wants to clear the field of the authority, the script is
called with authid=0 (FIXME...)
To fix this issue, it's better to move the new calls to
Koha::Authorities->find($authid)->authtypecode
and
Koha::Authority::Types->find($authtypecode);
at the correct place
Test plan:
1. Edit a record which has a field linked to an
authority record (100a for instance).
2. Click the link which triggers the tag editor.
A pop-up window should be displayed.
3. In the pop-up window, click the "Clear field"
button.
=> Without this patch A second pop-up window opens and displays an error:
Can't call method "authtypecode" on an undefined value at /authorities/blinddetail-biblio-search.pl line 61.
=> With this patch applied the field is correctly cleared.
Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Jonathan Druart [Fri, 26 Aug 2016 12:33:32 +0000 (12:33 +0000)]
Bug 17201: (bug 16431 follow-up2) Remove occurrence of marcfromkohafield
I really don't know how these tests passed before 16431, the mapping was not complete.
Test plan:
prove t/db_dependent/Search.t
should return green
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Jonathan Druart [Fri, 26 Aug 2016 12:32:00 +0000 (13:32 +0100)]
Bug 17201: (bug 16431 follow-up) Remove occurrence of marcfromkohafield
I am not sure this code is called so I don't know how to test it.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Jonathan Druart [Thu, 5 May 2016 14:25:50 +0000 (15:25 +0100)]
Bug 16449: Remove "no method selected" warning from unimarc_field_4XX
Because of bug 14828, the unimarc_field_4XX now raises a warning:
"No method selected!"
There are no need to select an item type on this page, the default (all)
is always selected.
Test plan:
Link the unimarc_field_4XX value builder with on of the subfield
Edit a record, click on the value builder icon
Note the warning without the patch and that it's gone with the patch
applied
NOTE: Code fix that I derived was identical. Ran
prove t/db_dependent/FrameworkPlugin.t
to confirm it works.
Signed-off-by: Mark Tompsett <mtompset@hotmail.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Jonathan Druart [Sun, 3 Jul 2016 14:32:47 +0000 (15:32 +0100)]
Bug 16686: Fix "Item in transit from since" in Holds tab
POC, tests needed.
Alternative patch works for me. Signed-off-by: Marc Véron <veron@veron.ch> Signed-off-by: Marc <veron@veron.ch> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Kyle M Hall [Fri, 24 Jun 2016 15:18:04 +0000 (15:18 +0000)]
Bug 11144 [QA Followup] - Let each script run in sequence even if one fails
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Tested the A;B;C variant here. If A fails, B will run. Since we can safely
assume that A (or B) will not fail on a daily basis, this seems to be better
than running them in the wrong order every day.
As the comments on Bugzilla show, several people support this improved
(reordered) scheme and look forward to improved error handling on another
report (obviously not that simple).
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Katrin Fischer [Tue, 9 Jun 2015 21:13:15 +0000 (23:13 +0200)]
Bug 11144: Fix sequence of cronjobs: automatic renewal - fines - overdue notices
The patch changes the sequence of cronjobs in the crontab example
file and in the cron.daily file of the packages.
This is why:
1) Renew automatically
... only when we can't renew, we want to
2) Calculate fines
... once the fine are calculated and charged
we can print the amount into the
3) Overdue notices
Before the change it could happen that you'd charge for an item,
that would then be renewed. Or that you'd try to print fine
amounts into the overdue notices, when they would only be
charged moments later.
To test:
- configure your system so you have items that should
- be charged with fines
- renew automatically
- configure your crontabs according to the example file
or switch the cron.daily in your package installation with
the new one
- configure your overdue notices so that one should be generated
<<items.fine>>
- Wait for the cronjobs or schedule them to run earlier
- Verify all is well and as it should be
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Jonathan Druart [Fri, 19 Aug 2016 13:36:23 +0000 (14:36 +0100)]
Bug 17048: Fix pagination offset for authority searches
At the intranet, the pagination has been broken by bug 12478 (Elastic
Search). There was a confusion between the offset and the page number.
At the OPAC, it is broken since bug 2735 which has mimicked the intranet
script.
Test plan:
Search for a term which will return more than 1 page of results.
Click on the second page
=> Without this patch, the first result of the second page is the second
result of the first page
=> With this patch applied, the offset will be corrected
Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Jonathan Druart [Fri, 12 Aug 2016 10:36:06 +0000 (11:36 +0100)]
Bug 17116: Fix CSRF in import_borrowers.pl
If an attacker can get an authenticated Koha user to visit their page
with the url below, they can change patrons' information
The exploit can be simulated triggering
/tools/import_borrowers.pl?uploadborrowers=42
In that case it won't do anything wrong, but it you POST a valid file,
it could.
Test plan:
Trigger the url above
=> Without this patch, you will the result page
=> With this patch, you will get the "Wrong CSRF token" error.
Regression test:
Import a valid file from the import patron form, everything should go
fine.
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>