1 package C4::Reports::Guided;
3 # Copyright 2007 Liblime Ltd
5 # This file is part of Koha.
7 # Koha is free software; you can redistribute it and/or modify it under the
8 # terms of the GNU General Public License as published by the Free Software
9 # Foundation; either version 2 of the License, or (at your option) any later
12 # Koha is distributed in the hope that it will be useful, but WITHOUT ANY
13 # WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
14 # A PARTICULAR PURPOSE. See the GNU General Public License for more details.
16 # You should have received a copy of the GNU General Public License along
17 # with Koha; if not, write to the Free Software Foundation, Inc.,
18 # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
21 #use warnings; FIXME - Bug 2505 this module needs a lot of repair to run clean under warnings
25 use vars qw($VERSION @ISA @EXPORT @EXPORT_OK %EXPORT_TAGS);
27 use C4::Dates qw/format_date format_date_in_iso/;
28 use C4::Templates qw/themelanguage/;
34 # use Smart::Comments;
38 # set the version for version checking
39 $VERSION = 3.07.00.049;
43 get_report_types get_report_areas get_report_groups get_columns build_query get_criteria
44 save_report get_saved_reports execute_query get_saved_report create_compound run_compound
45 get_column_type get_distinct_values save_dictionary get_from_dictionary
46 delete_definition delete_report format_results get_sql
47 nb_rows update_sql build_authorised_value_list
48 GetReservedAuthorisedValues
50 IsAuthorisedValueValid
57 C4::Reports::Guided - Module for generating guided reports
61 use C4::Reports::Guided;
69 =head2 get_report_areas
71 This will return a list of all the available report areas
76 [CIRC => "Circulation"],
79 [ACQ => "Acquisition"],
82 my $AREA_NAME_SQL_SNIPPET
83 = "CASE report_area " .
84 join (" ", map "WHEN '$_->[0]' THEN '$_->[1]'", @REPORT_AREA) .
87 sub get_report_areas {
89 my $report_areas = [ 'CIRC', 'CAT', 'PAT', 'ACQ', 'ACC' ];
95 CIRC => [ 'borrowers', 'statistics', 'items', 'biblioitems' ],
96 CAT => [ 'items', 'biblioitems', 'biblio' ],
98 ACQ => [ 'aqorders', 'biblio', 'items' ],
99 ACC => [ 'borrowers', 'accountlines' ],
102 CIRC => [ 'statistics.borrowernumber=borrowers.borrowernumber',
103 'items.itemnumber = statistics.itemnumber',
104 'biblioitems.biblioitemnumber = items.biblioitemnumber' ],
105 CAT => [ 'items.biblioitemnumber=biblioitems.biblioitemnumber',
106 'biblioitems.biblionumber=biblio.biblionumber' ],
108 ACQ => [ 'aqorders.biblionumber=biblio.biblionumber',
109 'biblio.biblionumber=items.biblionumber' ],
110 ACC => ['borrowers.borrowernumber=accountlines.borrowernumber'],
113 # have to do someting here to know if its dropdown, free text, date etc
115 CIRC => [ 'statistics.type', 'borrowers.categorycode', 'statistics.branch',
116 'biblioitems.publicationyear|date', 'items.dateaccessioned|date' ],
117 CAT => [ 'items.itemnumber|textrange', 'items.biblionumber|textrange',
118 'items.barcode|textrange', 'biblio.frameworkcode',
119 'items.holdingbranch', 'items.homebranch',
120 'biblio.datecreated|daterange', 'biblio.timestamp|daterange',
121 'items.onloan|daterange', 'items.ccode',
122 'items.itemcallnumber|textrange', 'items.itype', 'items.itemlost',
124 PAT => [ 'borrowers.branchcode', 'borrowers.categorycode' ],
125 ACQ => ['aqorders.datereceived|date'],
126 ACC => [ 'borrowers.branchcode', 'borrowers.categorycode' ],
129 # Adds itemtypes to criteria, according to the syspref
130 if ( C4::Context->preference('item-level_itypes') ) {
131 unshift @{ $criteria{'CIRC'} }, 'items.itype';
132 unshift @{ $criteria{'CAT'} }, 'items.itype';
134 unshift @{ $criteria{'CIRC'} }, 'biblioitems.itemtype';
135 unshift @{ $criteria{'CAT'} }, 'biblioitems.itemtype';
138 =head2 get_report_types
140 This will return a list of all the available report types
144 sub get_report_types {
145 my $dbh = C4::Context->dbh();
147 # FIXME these should be in the database perhaps
148 my @reports = ( 'Tabular', 'Summary', 'Matrix' );
150 for ( my $i = 0 ; $i < 3 ; $i++ ) {
152 $hashrep{id} = $i + 1;
153 $hashrep{name} = $reports[$i];
154 push @reports2, \%hashrep;
156 return ( \@reports2 );
160 =head2 get_report_groups
162 This will return a list of all the available report areas with groups
166 sub get_report_groups {
167 my $dbh = C4::Context->dbh();
169 my $groups = GetAuthorisedValues('REPORT_GROUP');
170 my $subgroups = GetAuthorisedValues('REPORT_SUBGROUP');
172 my %groups_with_subgroups = map { $_->{authorised_value} => {
176 foreach (@$subgroups) {
177 my $sg = $_->{authorised_value};
178 my $g = $_->{lib_opac}
179 or warn( qq{REPORT_SUBGROUP "$sg" without REPORT_GROUP (lib_opac)} ),
181 my $g_sg = $groups_with_subgroups{$g}
182 or warn( qq{REPORT_SUBGROUP "$sg" with invalid REPORT_GROUP "$g"} ),
184 $g_sg->{subgroups}{$sg} = $_->{lib};
186 return \%groups_with_subgroups
189 =head2 get_all_tables
191 This will return a list of all tables in the database
196 my $dbh = C4::Context->dbh();
197 my $query = "SHOW TABLES";
198 my $sth = $dbh->prepare($query);
201 while ( my $data = $sth->fetchrow_arrayref() ) {
202 push @tables, $data->[0];
209 =head2 get_columns($area)
211 This will return a list of all columns for a report area
217 # this calls the internal fucntion _get_columns
218 my ( $area, $cgi ) = @_;
219 my $tables = $table_areas{$area}
220 or die qq{Unsuported report area "$area"};
224 foreach my $table (@$tables) {
225 my @columns = _get_columns($table,$cgi, $first);
227 push @allcolumns, @columns;
229 return ( \@allcolumns );
233 my ($tablename,$cgi, $first) = @_;
234 my $dbh = C4::Context->dbh();
235 my $sth = $dbh->prepare("show columns from $tablename");
238 my $column_defs = _get_column_defs($cgi);
240 $tablehash{'table'}=$tablename;
241 $tablehash{'__first__'} = $first;
242 push @columns, \%tablehash;
243 while ( my $data = $sth->fetchrow_arrayref() ) {
245 $temphash{'name'} = "$tablename.$data->[0]";
246 $temphash{'description'} = $column_defs->{"$tablename.$data->[0]"};
247 push @columns, \%temphash;
253 =head2 build_query($columns,$criteria,$orderby,$area)
255 This will build the sql needed to return the results asked for,
256 $columns is expected to be of the format tablename.columnname.
257 This is what get_columns returns.
262 my ( $columns, $criteria, $orderby, $area, $totals, $definition ) = @_;
264 my $keys = $keys{$area};
265 my $tables = $table_areas{$area};
268 _build_query( $tables, $columns, $criteria, $keys, $orderby, $totals, $definition );
273 my ( $tables, $columns, $criteria, $keys, $orderby, $totals, $definition) = @_;
275 # $keys is an array of joining constraints
276 my $dbh = C4::Context->dbh();
277 my $joinedtables = join( ',', @$tables );
278 my $joinedcolumns = join( ',', @$columns );
280 "SELECT $totals $joinedcolumns FROM $tables->[0] ";
281 for (my $i=1;$i<@$tables;$i++){
282 $query .= "LEFT JOIN $tables->[$i] on ($keys->[$i-1]) ";
286 $criteria =~ s/AND/WHERE/;
287 $query .= " $criteria";
290 my @definitions = split(',',$definition);
292 foreach my $def (@definitions){
293 my $defin=get_from_dictionary('',$def);
294 $deftext .=" ".$defin->[0]->{'saved_sql'};
296 if ($query =~ /WHERE/i){
300 $deftext =~ s/AND/WHERE/;
306 my @totcolumns = split( ',', $totals );
307 foreach my $total (@totcolumns) {
308 if ( $total =~ /\((.*)\)/ ) {
309 if ( $groupby eq '' ) {
310 $groupby = " GROUP BY $1";
325 =head2 get_criteria($area,$cgi);
327 Returns an arraref to hashrefs suitable for using in a tmpl_loop. With the criteria and available values.
332 my ($area,$cgi) = @_;
333 my $dbh = C4::Context->dbh();
334 my $crit = $criteria{$area};
335 my $column_defs = _get_column_defs($cgi);
337 foreach my $localcrit (@$crit) {
338 my ( $value, $type ) = split( /\|/, $localcrit );
339 my ( $table, $column ) = split( /\./, $value );
340 if ($type eq 'textrange') {
342 $temp{'name'} = $value;
343 $temp{'from'} = "from_" . $value;
344 $temp{'to'} = "to_" . $value;
345 $temp{'textrange'} = 1;
346 $temp{'description'} = $column_defs->{$value};
347 push @criteria_array, \%temp;
349 elsif ($type eq 'date') {
351 $temp{'name'} = $value;
353 $temp{'description'} = $column_defs->{$value};
354 push @criteria_array, \%temp;
356 elsif ($type eq 'daterange') {
358 $temp{'name'} = $value;
359 $temp{'from'} = "from_" . $value;
360 $temp{'to'} = "to_" . $value;
361 $temp{'daterange'} = 1;
362 $temp{'description'} = $column_defs->{$value};
363 push @criteria_array, \%temp;
367 "SELECT distinct($column) as availablevalues FROM $table";
368 my $sth = $dbh->prepare($query);
371 # push the runtime choosing option
373 $list='branches' if $column eq 'branchcode' or $column eq 'holdingbranch' or $column eq 'homebranch';
374 $list='categorycode' if $column eq 'categorycode';
375 $list='itemtype' if $column eq 'itype';
376 $list='ccode' if $column eq 'ccode';
377 # TODO : improve to let the librarian choose the description at runtime
378 push @values, { availablevalues => "<<$column".($list?"|$list":'').">>" };
379 while ( my $row = $sth->fetchrow_hashref() ) {
381 if ($row->{'availablevalues'} eq '') { $row->{'default'} = 1 };
386 $temp{'name'} = $value;
387 $temp{'description'} = $column_defs->{$value};
388 $temp{'values'} = \@values;
390 push @criteria_array, \%temp;
394 return ( \@criteria_array );
398 my $sql = shift or return;
399 my $sth = C4::Context->dbh->prepare($sql);
401 my $rows = $sth->fetchall_arrayref();
402 return scalar (@$rows);
407 ($sth, $error) = execute_query($sql, $offset, $limit[, \@sql_params])
410 This function returns a DBI statement handler from which the caller can
411 fetch the results of the SQL passed via C<$sql>.
413 If passed any query other than a SELECT, or if there is a DB error,
414 C<$errors> is returned, and is a hashref containing the error after this
417 C<$error->{'sqlerr'}> contains the offending SQL keyword.
418 C<$error->{'queryerr'}> contains the native db engine error returned
421 C<$offset>, and C<$limit> are required parameters.
423 C<\@sql_params> is an optional list of parameter values to paste in.
424 The caller is reponsible for making sure that C<$sql> has placeholders
425 and that the number placeholders matches the number of parameters.
429 # returns $sql, $offset, $limit
430 # $sql returned will be transformed to:
431 # ~ remove any LIMIT clause
432 # ~ repace SELECT clause w/ SELECT count(*)
434 sub select_2_select_count {
435 # Modify the query passed in to create a count query... (I think this covers all cases -crn)
436 my ($sql) = strip_limit(shift) or return;
437 $sql =~ s/\bSELECT\W+(?:\w+\W+){1,}?FROM\b|\bSELECT\W\*\WFROM\b/SELECT count(*) FROM /ig;
441 # This removes the LIMIT from the query so that a custom one can be specified.
443 # ($new_sql, $offset, $limit) = strip_limit($sql);
446 # $sql is the query to modify
447 # $new_sql is the resulting query
448 # $offset is the offset value, if the LIMIT was the two-argument form,
449 # 0 if it wasn't otherwise given.
450 # $limit is the limit value
453 # * This makes an effort to not break subqueries that have their own
454 # LIMIT specified. It does that by only removing a LIMIT if it comes after
455 # a WHERE clause (which isn't perfect, but at least should make more cases
456 # work - subqueries with a limit in the WHERE will still break.)
457 # * If your query doesn't have a WHERE clause then all LIMITs will be
458 # removed. This may break some subqueries, but is hopefully rare enough
459 # to not be a big issue.
464 return ($sql, 0, undef) unless $sql =~ /\bLIMIT\b/i;
466 # Two options: if there's no WHERE clause in the SQL, we simply capture
467 # any LIMIT that's there. If there is a WHERE, we make sure that we only
468 # capture a LIMIT after the last one. This prevents stomping on subqueries.
469 if ($sql !~ /\bWHERE\b/i) {
470 (my $res = $sql) =~ s/\bLIMIT\b\s*(\d+)(\s*\,\s*(\d+))?\s*/ /ig;
471 return ($res, (defined $2 ? $1 : 0), (defined $3 ? $3 : $1));
474 $res =~ m/.*\bWHERE\b/gsi;
475 $res =~ s/\G(.*)\bLIMIT\b\s*(\d+)(\s*\,\s*(\d+))?\s*/$1 /is;
476 return ($res, (defined $3 ? $2 : 0), (defined $4 ? $4 : $2));
482 my ( $sql, $offset, $limit, $sql_params ) = @_;
484 $sql_params = [] unless defined $sql_params;
488 carp "execute_query() called without SQL argument";
491 $offset = 0 unless $offset;
492 $limit = 999999 unless $limit;
493 $debug and print STDERR "execute_query($sql, $offset, $limit)\n";
494 if ($sql =~ /;?\W?(UPDATE|DELETE|DROP|INSERT|SHOW|CREATE)\W/i) {
495 return (undef, { sqlerr => $1} );
496 } elsif ($sql !~ /^\s*SELECT\b\s*/i) {
497 return (undef, { queryerr => 'Missing SELECT'} );
500 my ($useroffset, $userlimit);
502 # Grab offset/limit from user supplied LIMIT and drop the LIMIT so we can control pagination
503 ($sql, $useroffset, $userlimit) = strip_limit($sql);
504 $debug and warn sprintf "User has supplied (OFFSET,) LIMIT = %s, %s",
506 (defined($userlimit ) ? $userlimit : 'UNDEF');
507 $offset += $useroffset;
508 if (defined($userlimit)) {
509 if ($offset + $limit > $userlimit ) {
510 $limit = $userlimit - $offset;
511 } elsif ( ! $offset && $limit < $userlimit ) {
515 $sql .= " LIMIT ?, ?";
517 my $sth = C4::Context->dbh->prepare($sql);
518 $sth->execute(@$sql_params, $offset, $limit);
519 return ( $sth, { queryerr => $sth->errstr } ) if ($sth->err);
521 # my @xmlarray = ... ;
522 # my $url = "/cgi-bin/koha/reports/guided_reports.pl?phase=retrieve%20results&id=$id";
523 # my $xml = XML::Dumper->new()->pl2xml( \@xmlarray );
524 # store_results($id,$xml);
527 =head2 save_report($sql,$name,$type,$notes)
529 Given some sql and a name this will saved it so that it can reused
530 Returns id of the newly created report
536 my $borrowernumber = $fields->{borrowernumber};
537 my $sql = $fields->{sql};
538 my $name = $fields->{name};
539 my $type = $fields->{type};
540 my $notes = $fields->{notes};
541 my $area = $fields->{area};
542 my $group = $fields->{group};
543 my $subgroup = $fields->{subgroup};
544 my $cache_expiry = $fields->{cache_expiry} || 300;
545 my $public = $fields->{public};
547 my $dbh = C4::Context->dbh();
548 $sql =~ s/(\s*\;\s*)$//; # removes trailing whitespace and /;/
549 my $query = "INSERT INTO saved_sql (borrowernumber,date_created,last_modified,savedsql,report_name,report_area,report_group,report_subgroup,type,notes,cache_expiry,public) VALUES (?,now(),now(),?,?,?,?,?,?,?,?,?)";
550 $dbh->do($query, undef, $borrowernumber, $sql, $name, $area, $group, $subgroup, $type, $notes, $cache_expiry, $public);
552 my $id = $dbh->selectrow_array("SELECT max(id) FROM saved_sql WHERE borrowernumber=? AND report_name=?", undef,
553 $borrowernumber, $name);
558 my $id = shift || croak "No Id given";
560 my $sql = $fields->{sql};
561 my $name = $fields->{name};
562 my $notes = $fields->{notes};
563 my $group = $fields->{group};
564 my $subgroup = $fields->{subgroup};
565 my $cache_expiry = $fields->{cache_expiry};
566 my $public = $fields->{public};
568 if( $cache_expiry >= 2592000 ){
569 die "Please specify a cache expiry less than 30 days\n";
572 my $dbh = C4::Context->dbh();
573 $sql =~ s/(\s*\;\s*)$//; # removes trailing whitespace and /;/
574 my $query = "UPDATE saved_sql SET savedsql = ?, last_modified = now(), report_name = ?, report_group = ?, report_subgroup = ?, notes = ?, cache_expiry = ?, public = ? WHERE id = ? ";
575 $dbh->do($query, undef, $sql, $name, $group, $subgroup, $notes, $cache_expiry, $public, $id );
580 my $dbh = C4::Context->dbh();
581 my $query = "SELECT * FROM saved_reports WHERE report_id=?";
582 my $sth = $dbh->prepare($query);
584 if (my $data=$sth->fetchrow_hashref()){
585 my $query2 = "UPDATE saved_reports SET report=?,date_run=now() WHERE report_id=?";
586 my $sth2 = $dbh->prepare($query2);
587 $sth2->execute($xml,$id);
590 my $query2 = "INSERT INTO saved_reports (report_id,report,date_run) VALUES (?,?,now())";
591 my $sth2 = $dbh->prepare($query2);
592 $sth2->execute($id,$xml);
598 my $dbh = C4::Context->dbh();
599 my $query = "SELECT * FROM saved_reports WHERE report_id = ?";
600 my $sth = $dbh->prepare($query);
602 my $data = $sth->fetchrow_hashref();
603 my $dump = new XML::Dumper;
604 my $perl = $dump->xml2pl( $data->{'report'} );
605 foreach my $row (@$perl) {
607 foreach my $key (keys %$row){
608 $htmlrow .= "<td>$row->{$key}</td>";
611 $row->{'row'} = $htmlrow;
614 $query = "SELECT * FROM saved_sql WHERE id = ?";
615 $sth = $dbh->prepare($query);
617 $data = $sth->fetchrow_hashref();
618 return ($perl,$data->{'report_name'},$data->{'notes'});
624 my $dbh = C4::Context->dbh;
625 my $query = 'DELETE FROM saved_sql WHERE id IN (' . join( ',', ('?') x @ids ) . ')';
626 my $sth = $dbh->prepare($query);
627 return $sth->execute(@ids);
630 my $SAVED_REPORTS_BASE_QRY = <<EOQ;
631 SELECT s.*, r.report, r.date_run, $AREA_NAME_SQL_SNIPPET, av_g.lib AS groupname, av_sg.lib AS subgroupname,
632 b.firstname AS borrowerfirstname, b.surname AS borrowersurname
634 LEFT JOIN saved_reports r ON r.report_id = s.id
635 LEFT OUTER JOIN authorised_values av_g ON (av_g.category = 'REPORT_GROUP' AND av_g.authorised_value = s.report_group)
636 LEFT OUTER JOIN authorised_values av_sg ON (av_sg.category = 'REPORT_SUBGROUP' AND av_sg.lib_opac = s.report_group AND av_sg.authorised_value = s.report_subgroup)
637 LEFT OUTER JOIN borrowers b USING (borrowernumber)
639 my $DATE_FORMAT = "%d/%m/%Y";
640 sub get_saved_reports {
641 # $filter is either { date => $d, author => $a, keyword => $kw, }
642 # or $keyword. Optional.
644 $filter = { keyword => $filter } if $filter && !ref( $filter );
645 my ($group, $subgroup) = @_;
647 my $dbh = C4::Context->dbh();
648 my $query = $SAVED_REPORTS_BASE_QRY;
651 if (my $date = $filter->{date}) {
652 $date = format_date_in_iso($date);
653 push @cond, "DATE(date_run) = ? OR
654 DATE(date_created) = ? OR
655 DATE(last_modified) = ? OR
657 push @args, $date, $date, $date, $date;
659 if (my $author = $filter->{author}) {
660 $author = "%$author%";
661 push @cond, "surname LIKE ? OR
663 push @args, $author, $author;
665 if (my $keyword = $filter->{keyword}) {
666 $keyword = "%$keyword%";
667 push @cond, "report LIKE ? OR
668 report_name LIKE ? OR
671 push @args, $keyword, $keyword, $keyword, $keyword;
673 if ($filter->{group}) {
674 push @cond, "report_group = ?";
675 push @args, $filter->{group};
677 if ($filter->{subgroup}) {
678 push @cond, "report_subgroup = ?";
679 push @args, $filter->{subgroup};
682 $query .= " WHERE ".join( " AND ", map "($_)", @cond ) if @cond;
683 $query .= " ORDER by date_created";
685 my $result = $dbh->selectall_arrayref($query, {Slice => {}}, @args);
690 sub get_saved_report {
691 my $dbh = C4::Context->dbh();
694 if ($#_ == 0 && ref $_[0] ne 'HASH') {
696 $query = " SELECT * FROM saved_sql WHERE id = ?";
697 } elsif (ref $_[0] eq 'HASH') {
699 if ($selector->{name}) {
700 $query = " SELECT * FROM saved_sql WHERE report_name = ?";
701 $report_arg = $selector->{name};
702 } elsif ($selector->{id} || $selector->{id} eq '0') {
703 $query = " SELECT * FROM saved_sql WHERE id = ?";
704 $report_arg = $selector->{id};
711 return $dbh->selectrow_hashref($query, undef, $report_arg);
714 =head2 create_compound($masterID,$subreportID)
716 This will take 2 reports and create a compound report using both of them
720 sub create_compound {
721 my ( $masterID, $subreportID ) = @_;
722 my $dbh = C4::Context->dbh();
725 my $master = get_saved_report($masterID);
726 my $mastersql = $master->{savedsql};
727 my $mastertype = $master->{type};
728 my $sub = get_saved_report($subreportID);
729 my $subsql = $master->{savedsql};
730 my $subtype = $master->{type};
732 # now we have to do some checking to see how these two will fit together
734 my ( $mastertables, $subtables );
735 if ( $mastersql =~ / from (.*) where /i ) {
738 if ( $subsql =~ / from (.*) where /i ) {
741 return ( $mastertables, $subtables );
744 =head2 get_column_type($column)
746 This takes a column name of the format table.column and will return what type it is
747 (free text, set values, date)
751 sub get_column_type {
752 my ($tablecolumn) = @_;
753 my ($table,$column) = split(/\./,$tablecolumn);
754 my $dbh = C4::Context->dbh();
758 # mysql doesnt support a column selection, set column to %
760 my $sth = $dbh->column_info( $catalog, $schema, $table, $tempcolumn ) || die $dbh->errstr;
761 while (my $info = $sth->fetchrow_hashref()){
762 if ($info->{'COLUMN_NAME'} eq $column){
764 if ($info->{'TYPE_NAME'} eq 'CHAR' || $info->{'TYPE_NAME'} eq 'VARCHAR'){
765 $info->{'TYPE_NAME'} = 'distinct';
767 return $info->{'TYPE_NAME'};
772 =head2 get_distinct_values($column)
774 Given a column name, return an arrary ref of hashrefs suitable for use as a tmpl_loop
775 with the distinct values of the column
779 sub get_distinct_values {
780 my ($tablecolumn) = @_;
781 my ($table,$column) = split(/\./,$tablecolumn);
782 my $dbh = C4::Context->dbh();
784 "SELECT distinct($column) as availablevalues FROM $table";
785 my $sth = $dbh->prepare($query);
787 return $sth->fetchall_arrayref({});
790 sub save_dictionary {
791 my ( $name, $description, $sql, $area ) = @_;
792 my $dbh = C4::Context->dbh();
793 my $query = "INSERT INTO reports_dictionary (name,description,saved_sql,report_area,date_created,date_modified)
794 VALUES (?,?,?,?,now(),now())";
795 my $sth = $dbh->prepare($query);
796 $sth->execute($name,$description,$sql,$area) || return 0;
800 my $DICTIONARY_BASE_QRY = <<EOQ;
801 SELECT d.*, $AREA_NAME_SQL_SNIPPET
802 FROM reports_dictionary d
804 sub get_from_dictionary {
805 my ( $area, $id ) = @_;
806 my $dbh = C4::Context->dbh();
807 my $query = $DICTIONARY_BASE_QRY;
809 $query .= " WHERE report_area = ?";
811 $query .= " WHERE id = ?";
813 my $sth = $dbh->prepare($query);
817 $sth->execute($area);
822 while ( my $data = $sth->fetchrow_hashref() ) {
828 sub delete_definition {
829 my ($id) = @_ or return;
830 my $dbh = C4::Context->dbh();
831 my $query = "DELETE FROM reports_dictionary WHERE id = ?";
832 my $sth = $dbh->prepare($query);
837 my ($id) = @_ or return;
838 my $dbh = C4::Context->dbh();
839 my $query = "SELECT * FROM saved_sql WHERE id = ?";
840 my $sth = $dbh->prepare($query);
842 my $data=$sth->fetchrow_hashref();
843 return $data->{'savedsql'};
846 sub _get_column_defs {
849 my $columns_def_file = "columns.def";
850 my $htdocs = C4::Context->config('intrahtdocs');
851 my $section = 'intranet';
853 # We need the theme and the lang
854 # Since columns.def is not in the modules directory, we cannot sent it for the $tmpl var
855 my ($theme, $lang, $availablethemes) = C4::Templates::themelanguage($htdocs, 'about.tt', $section, $cgi);
857 my $full_path_to_columns_def_file="$htdocs/$theme/$lang/$columns_def_file";
858 open (my $fh, $full_path_to_columns_def_file);
859 while ( my $input = <$fh> ){
861 if ( $input =~ m|<field name="(.*)">(.*)</field>| ) {
862 my ( $field, $translation ) = ( $1, $2 );
863 $columns{$field} = $translation;
870 =head2 build_authorised_value_list($authorised_value)
872 Returns an arrayref - hashref pair. The hashref consists of
873 various code => name lists depending on the $authorised_value.
874 The arrayref is the hashref keys, in appropriate order
878 sub build_authorised_value_list {
879 my ( $authorised_value ) = @_;
881 my $dbh = C4::Context->dbh;
882 my @authorised_values;
885 # builds list, depending on authorised value...
886 if ( $authorised_value eq "branches" ) {
887 my $branches = GetBranchesLoop();
888 foreach my $thisbranch (@$branches) {
889 push @authorised_values, $thisbranch->{value};
890 $authorised_lib{ $thisbranch->{value} } = $thisbranch->{branchname};
892 } elsif ( $authorised_value eq "itemtypes" ) {
893 my $sth = $dbh->prepare("SELECT itemtype,description FROM itemtypes ORDER BY description");
895 while ( my ( $itemtype, $description ) = $sth->fetchrow_array ) {
896 push @authorised_values, $itemtype;
897 $authorised_lib{$itemtype} = $description;
899 } elsif ( $authorised_value eq "cn_source" ) {
900 my $class_sources = GetClassSources();
901 my $default_source = C4::Context->preference("DefaultClassificationSource");
902 foreach my $class_source ( sort keys %$class_sources ) {
904 unless $class_sources->{$class_source}->{'used'}
905 or ( $class_source eq $default_source );
906 push @authorised_values, $class_source;
907 $authorised_lib{$class_source} = $class_sources->{$class_source}->{'description'};
909 } elsif ( $authorised_value eq "categorycode" ) {
910 my $sth = $dbh->prepare("SELECT categorycode, description FROM categories ORDER BY description");
912 while ( my ( $categorycode, $description ) = $sth->fetchrow_array ) {
913 push @authorised_values, $categorycode;
914 $authorised_lib{$categorycode} = $description;
917 #---- "true" authorised value
919 my $authorised_values_sth = $dbh->prepare("SELECT authorised_value,lib FROM authorised_values WHERE category=? ORDER BY lib");
921 $authorised_values_sth->execute($authorised_value);
923 while ( my ( $value, $lib ) = $authorised_values_sth->fetchrow_array ) {
924 push @authorised_values, $value;
925 $authorised_lib{$value} = $lib;
927 # For item location, we show the code and the libelle
928 $authorised_lib{$value} = $lib;
932 return (\@authorised_values, \%authorised_lib);
935 =head2 GetReservedAuthorisedValues
937 my %reserved_authorised_values = GetReservedAuthorisedValues();
939 Returns a hash containig all reserved words
943 sub GetReservedAuthorisedValues {
944 my %reserved_authorised_values =
945 map { $_ => 1 } ( 'date',
951 return \%reserved_authorised_values;
955 =head2 IsAuthorisedValueValid
957 my $is_valid_ath_value = IsAuthorisedValueValid($authorised_value)
959 Returns 1 if $authorised_value is on the reserved authorised values list or
960 in the authorised value categories defined in
964 sub IsAuthorisedValueValid {
966 my $authorised_value = shift;
967 my $reserved_authorised_values = GetReservedAuthorisedValues();
969 if ( exists $reserved_authorised_values->{$authorised_value} ||
970 IsAuthorisedValueCategory($authorised_value) ) {
977 =head2 GetParametersFromSQL
979 my @sql_parameters = GetParametersFromSQL($sql)
981 Returns an arrayref of hashes containing the keys name and authval
985 sub GetParametersFromSQL {
988 my @split = split(/<<|>>/,$sql);
989 my @sql_parameters = ();
991 for ( my $i = 0; $i < ($#split/2) ; $i++ ) {
992 my ($name,$authval) = split(/\|/,$split[$i*2+1]);
993 push @sql_parameters, { 'name' => $name, 'authval' => $authval };
996 return \@sql_parameters;
999 =head2 ValidateSQLParameters
1001 my @problematic_parameters = ValidateSQLParameters($sql)
1003 Returns an arrayref of hashes containing the keys name and authval of
1004 those SQL parameters that do not correspond to valid authorised names
1008 sub ValidateSQLParameters {
1011 my @problematic_parameters = ();
1012 my $sql_parameters = GetParametersFromSQL($sql);
1014 foreach my $sql_parameter (@$sql_parameters) {
1015 if ( defined $sql_parameter->{'authval'} ) {
1016 push @problematic_parameters, $sql_parameter unless
1017 IsAuthorisedValueValid($sql_parameter->{'authval'});
1021 return \@problematic_parameters;
1029 Chris Cormack <crc@liblime.com>
projects / koha.git / blob