projects / koha.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
bug 2859: add index on bibioitems.issn (DB rev 006)
[koha.git] / C4 / Auth.pm
diff --git a/C4/Auth.pm b/C4/Auth.pm
old mode 100755 (executable)
new mode 100644 (file)
index f7ae6d9..eb7a464
--- a/C4/Auth.pm
+++ b/C4/Auth.pm
@@ -1,7 +1,3 @@
-
-# -*- tab-width: 8 -*-
-# NOTE: This file uses 8-character tabs; do not change the tab size!
-
 package C4::Auth;
 
 # Copyright 2000-2002 Katipo Communications
 package C4::Auth;
 
 # Copyright 2000-2002 Katipo Communications
@@ -31,7 +27,7 @@ use C4::Output;    # to get the template
 use C4::Members;
 use C4::Koha;
 use C4::Branch; # GetBranches
 use C4::Members;
 use C4::Koha;
 use C4::Branch; # GetBranches
-use C4::VirtualShelves 3.02 qw(GetShelvesSummary);
+use C4::VirtualShelves;
 
 # use utf8;
 use vars qw($VERSION @ISA @EXPORT @EXPORT_OK %EXPORT_TAGS $debug $ldap);
 
 # use utf8;
 use vars qw($VERSION @ISA @EXPORT @EXPORT_OK %EXPORT_TAGS $debug $ldap);
@@ -145,17 +141,22 @@ sub get_template_and_user {
         $template->param( loggedinusername => $user );
         $template->param( sessionID        => $sessionID );
 
         $template->param( loggedinusername => $user );
         $template->param( sessionID        => $sessionID );
 
-               my ($pubshelves, $barshelves);
-               if (($pubshelves, $barshelves) = C4::Context->get_shelves_userenv()) {
-               $template->param( barshelves     => scalar (@$barshelves));
-               $template->param( pubshelves     => scalar (@$pubshelves));
-               $template->param( barshelvesloop => $barshelves);
-               $template->param( pubshelvesloop => $pubshelves);
+               my ($total, $pubshelves, $barshelves) = C4::Context->get_shelves_userenv();
+               if (defined($pubshelves)) {
+               $template->param(       pubshelves      => scalar (@$pubshelves),
+                                                       pubshelvesloop  => $pubshelves,
+                                                       );
+                       $template->param(       pubtotal                => $total->{'pubtotal'}, ) if ($total->{'pubtotal'} > scalar (@$pubshelves));
+               }
+               if (defined($barshelves)) {
+               $template->param(       barshelves      => scalar (@$barshelves),
+                                                       barshelvesloop  => $barshelves,
+                                                       );
+                       $template->param(       bartotal                => $total->{'bartotal'}, ) if ($total->{'bartotal'} > scalar (@$barshelves));
                }
 
         $borrowernumber = getborrowernumber($user);
                }
 
         $borrowernumber = getborrowernumber($user);
-        my ( $borr, $alternativeflags ) =
-          GetMemberDetails( $borrowernumber );
+        my ( $borr ) = GetMemberDetails( $borrowernumber );
         my @bordat;
         $bordat[0] = $borr;
         $template->param( "USER_INFO" => \@bordat );
         my @bordat;
         $bordat[0] = $borr;
         $template->param( "USER_INFO" => \@bordat );
@@ -239,10 +240,12 @@ sub get_template_and_user {
 
         $template->param( sessionID        => $sessionID );
                
 
         $template->param( sessionID        => $sessionID );
                
-               my ($pubshelves);       # an anonymous user has no 'barshelves'...
-               if (($pubshelves) = C4::Context->get_shelves_userenv()) {
-               $template->param( pubshelves     => scalar (@$pubshelves));
-               $template->param( pubshelvesloop => $pubshelves);
+               my ($total, $pubshelves) = C4::Context->get_shelves_userenv();  # an anonymous user has no 'barshelves'...
+               if (defined(($pubshelves))) {
+               $template->param(       pubshelves      => scalar (@$pubshelves),
+                                                       pubshelvesloop  => $pubshelves,
+                                                       );
+                       $template->param(       pubtotal                => $total->{'pubtotal'}, ) if ($total->{'pubtotal'} > scalar (@$pubshelves));
                }
 
        }
                }
 
        }
@@ -258,6 +261,7 @@ sub get_template_and_user {
             LoginSurname                 => C4::Context->userenv?C4::Context->userenv->{"surname"}:"Inconnu",
             TagsEnabled                  => C4::Context->preference("TagsEnabled"),
             hide_marc                    => C4::Context->preference("hide_marc"),
             LoginSurname                 => C4::Context->userenv?C4::Context->userenv->{"surname"}:"Inconnu",
             TagsEnabled                  => C4::Context->preference("TagsEnabled"),
             hide_marc                    => C4::Context->preference("hide_marc"),
+            dateformat                   => C4::Context->preference("dateformat"),
             'item-level_itypes'          => C4::Context->preference('item-level_itypes'),
             patronimages                 => C4::Context->preference("patronimages"),
             singleBranchMode             => C4::Context->preference("singleBranchMode"),
             'item-level_itypes'          => C4::Context->preference('item-level_itypes'),
             patronimages                 => C4::Context->preference("patronimages"),
             singleBranchMode             => C4::Context->preference("singleBranchMode"),
@@ -294,7 +298,7 @@ sub get_template_and_user {
         $LibraryNameTitle =~ s/<(?:\/?)(?:br|p)\s*(?:\/?)>/ /sgi;
         $LibraryNameTitle =~ s/<(?:[^<>'"]|'(?:[^']*)'|"(?:[^"]*)")*>//sg;
         $template->param(
         $LibraryNameTitle =~ s/<(?:\/?)(?:br|p)\s*(?:\/?)>/ /sgi;
         $LibraryNameTitle =~ s/<(?:[^<>'"]|'(?:[^']*)'|"(?:[^"]*)")*>//sg;
         $template->param(
-            AmazonContent             => "" . C4::Context->preference("AmazonContent"),
+            OPACAmazonContent             => "" . C4::Context->preference("OPACAmazonContent"),
             AnonSuggestions           => "" . C4::Context->preference("AnonSuggestions"),
             AuthorisedValueImages     => C4::Context->preference("AuthorisedValueImages"),
             LibraryName               => "" . C4::Context->preference("LibraryName"),
             AnonSuggestions           => "" . C4::Context->preference("AnonSuggestions"),
             AuthorisedValueImages     => C4::Context->preference("AuthorisedValueImages"),
             LibraryName               => "" . C4::Context->preference("LibraryName"),
@@ -329,7 +333,6 @@ sub get_template_and_user {
             opaccredits               => "" . C4::Context->preference("opaccredits"),
             opacheader                => "" . C4::Context->preference("opacheader"),
             opaclanguagesdisplay      => "". C4::Context->preference("opaclanguagesdisplay"),
             opaccredits               => "" . C4::Context->preference("opaccredits"),
             opacheader                => "" . C4::Context->preference("opacheader"),
             opaclanguagesdisplay      => "". C4::Context->preference("opaclanguagesdisplay"),
-            opaclargeimage            => "" . C4::Context->preference("opaclargeimage"),
             opaclayoutstylesheet      => "". C4::Context->preference("opaclayoutstylesheet"),
             opacreadinghistory        => C4::Context->preference("opacreadinghistory"),
             opacsmallimage            => "" . C4::Context->preference("opacsmallimage"),
             opaclayoutstylesheet      => "". C4::Context->preference("opaclayoutstylesheet"),
             opacreadinghistory        => C4::Context->preference("opacreadinghistory"),
             opacsmallimage            => "" . C4::Context->preference("opacsmallimage"),
@@ -340,7 +343,6 @@ sub get_template_and_user {
             virtualshelves            => "" . C4::Context->preference("virtualshelves"),
         );
     }
             virtualshelves            => "" . C4::Context->preference("virtualshelves"),
         );
     }
-       $template->param(listloop=>[{shelfname=>"Freelist", shelfnumber=>110}]);
     return ( $template, $borrowernumber, $cookie, $flags);
 }
 
     return ( $template, $borrowernumber, $cookie, $flags);
 }
 
@@ -350,8 +352,8 @@ sub get_template_and_user {
 
 Verifies that the user is authorized to run this script.  If
 the user is authorized, a (userid, cookie, session-id, flags)
 
 Verifies that the user is authorized to run this script.  If
 the user is authorized, a (userid, cookie, session-id, flags)
-quadruple is returned.  If the user is not authorized but does
-not have the required privilege (see $flagsrequired below), it
+quadruple is returned.  If the user is not authorized due to
+insufficent privileges (see $flagsrequired below), it
 displays an error page and exits.  Otherwise, it displays the
 login page and exits.
 
 displays an error page and exits.  Otherwise, it displays the
 login page and exits.
 
@@ -427,7 +429,11 @@ sub _version_check ($$) {
     my $version;
     # If Version syspref is unavailable, it means Koha is beeing installed,
     # and so we must redirect to OPAC maintenance page or to the WebInstaller
     my $version;
     # If Version syspref is unavailable, it means Koha is beeing installed,
     # and so we must redirect to OPAC maintenance page or to the WebInstaller
-    #warn "about to check version";
+       # also, if OpacMaintenance is ON, OPAC should redirect to maintenance
+       if (C4::Context->preference('OpacMaintenance') && $type eq 'opac') {
+               warn "OPAC Install required, redirecting to maintenance";
+               print $query->redirect("/cgi-bin/koha/maintenance.pl");
+       }
     unless ($version = C4::Context->preference('Version')) {    # assignment, not comparison
       if ($type ne 'opac') {
         warn "Install required, redirecting to Installer";
     unless ($version = C4::Context->preference('Version')) {    # assignment, not comparison
       if ($type ne 'opac') {
         warn "Install required, redirecting to Installer";
@@ -515,6 +521,7 @@ sub checkauth {
             );
             C4::Context::set_shelves_userenv('bar',$session->param('barshelves'));
             C4::Context::set_shelves_userenv('pub',$session->param('pubshelves'));
             );
             C4::Context::set_shelves_userenv('bar',$session->param('barshelves'));
             C4::Context::set_shelves_userenv('pub',$session->param('pubshelves'));
+            C4::Context::set_shelves_userenv('tot',$session->param('totshelves'));
             $debug and printf STDERR "AUTH_SESSION: (%s)\t%s %s - %s\n", map {$session->param($_)} qw(cardnumber firstname surname branch) ;
             $ip       = $session->param('ip');
             $lasttime = $session->param('lasttime');
             $debug and printf STDERR "AUTH_SESSION: (%s)\t%s %s - %s\n", map {$session->param($_)} qw(cardnumber firstname surname branch) ;
             $ip       = $session->param('ip');
             $lasttime = $session->param('lasttime');
@@ -541,38 +548,38 @@ sub checkauth {
             $sessionID = undef;
             $userid    = undef;
         }
             $sessionID = undef;
             $userid    = undef;
         }
-               elsif ( $lasttime < time() - $timeout ) {
-                       # timed logout
-                       $info{'timed_out'} = 1;
-                       $session->delete();
-                       C4::Context->_unset_userenv($sessionID);
-                       _session_log(sprintf "%20s from %16s logged out at %30s (inactivity).\n", $userid,$ip,localtime);
-                       $userid    = undef;
-                       $sessionID = undef;
-               }
-               elsif ( $ip ne $ENV{'REMOTE_ADDR'} ) {
-                       # Different ip than originally logged in from
-                       $info{'oldip'}        = $ip;
-                       $info{'newip'}        = $ENV{'REMOTE_ADDR'};
-                       $info{'different_ip'} = 1;
-                       $session->delete();
-                       C4::Context->_unset_userenv($sessionID);
-                       _session_log(sprintf "%20s from %16s logged out at %30s (ip changed to %16s).\n", $userid,$ip,localtime, $info{'newip'});
-                       $sessionID = undef;
-                       $userid    = undef;
-               }
-               else {
-                       $cookie = $query->cookie( CGISESSID => $session->id );
-                       $session->param('lasttime',time());
-                       unless ( $sessiontype eq 'anon' ) {     #if this is an anonymous session, we want to update the session, but not behave as if they are logged in...
-                               $flags = haspermission( $dbh, $userid, $flagsrequired );
-                               if ($flags) {
-                                       $loggedin = 1;
-                               } else {
-                                       $info{'nopermission'} = 1;
-                               }
-                       }
-               }
+        elsif ( $lasttime < time() - $timeout ) {
+            # timed logout
+            $info{'timed_out'} = 1;
+            $session->delete();
+            C4::Context->_unset_userenv($sessionID);
+            _session_log(sprintf "%20s from %16s logged out at %30s (inactivity).\n", $userid,$ip,localtime);
+            $userid    = undef;
+            $sessionID = undef;
+        }
+        elsif ( $ip ne $ENV{'REMOTE_ADDR'} ) {
+            # Different ip than originally logged in from
+            $info{'oldip'}        = $ip;
+            $info{'newip'}        = $ENV{'REMOTE_ADDR'};
+            $info{'different_ip'} = 1;
+            $session->delete();
+            C4::Context->_unset_userenv($sessionID);
+            _session_log(sprintf "%20s from %16s logged out at %30s (ip changed to %16s).\n", $userid,$ip,localtime, $info{'newip'});
+            $sessionID = undef;
+            $userid    = undef;
+        }
+        else {
+            $cookie = $query->cookie( CGISESSID => $session->id );
+            $session->param('lasttime',time());
+            unless ( $sessiontype eq 'anon' ) { #if this is an anonymous session, we want to update the session, but not behave as if they are logged in...
+                $flags = haspermission($userid, $flagsrequired);
+                if ($flags) {
+                    $loggedin = 1;
+                } else {
+                    $info{'nopermission'} = 1;
+                }
+            }
+        }
     }
     unless ($userid || $sessionID) {
         #we initiate a session prior to checking for a username to allow for anonymous sessions...
     }
     unless ($userid || $sessionID) {
         #we initiate a session prior to checking for a username to allow for anonymous sessions...
@@ -580,54 +587,53 @@ sub checkauth {
         my $sessionID = $session->id;
                C4::Context->_new_userenv($sessionID);
         $cookie = $query->cookie(CGISESSID => $sessionID);
         my $sessionID = $session->id;
                C4::Context->_new_userenv($sessionID);
         $cookie = $query->cookie(CGISESSID => $sessionID);
-               if ( $userid    = $query->param('userid') ) {
-               my $password = $query->param('password');
-               my ( $return, $cardnumber ) = checkpw( $dbh, $userid, $password );
-               if ($return) {
-               _session_log(sprintf "%20s from %16s logged in  at %30s.\n", $userid,$ENV{'REMOTE_ADDR'},localtime);
-               if ( $flags = haspermission( $dbh, $userid, $flagsrequired ) ) {
-                                       $loggedin = 1;
-               }
-                       else {
-                       $info{'nopermission'} = 1;
-                       C4::Context->_unset_userenv($sessionID);
-               }
-
-                               my ($borrowernumber, $firstname, $surname, $userflags,
-                                       $branchcode, $branchname, $branchprinter, $emailaddress);
-
-               if ( $return == 1 ) {
-                       my $select = "
-                       SELECT borrowernumber, firstname, surname, flags, borrowers.branchcode, 
-                           branches.branchname    as branchname, 
-                               branches.branchprinter as branchprinter, 
-                               email 
-                       FROM borrowers 
-                       LEFT JOIN branches on borrowers.branchcode=branches.branchcode
-                       ";
-                       my $sth = $dbh->prepare("$select where userid=?");
-                       $sth->execute($userid);
-                                       unless ($sth->rows) {
-                               $debug and print STDERR "AUTH_1: no rows for userid='$userid'\n";
-                                               $sth = $dbh->prepare("$select where cardnumber=?");
-                               $sth->execute($cardnumber);
-                                               unless ($sth->rows) {
-                                       $debug and print STDERR "AUTH_2a: no rows for cardnumber='$cardnumber'\n";
-                               $sth->execute($userid);
-                                                       unless ($sth->rows) {
-                                               $debug and print STDERR "AUTH_2b: no rows for userid='$userid' AS cardnumber\n";
-                                                       }
-                                               }
-                                       }
-                       if ($sth->rows) {
-                       ($borrowernumber, $firstname, $surname, $userflags,
-                               $branchcode, $branchname, $branchprinter, $emailaddress) = $sth->fetchrow;
-                                               $debug and print STDERR "AUTH_3 results: " .
-                                                       "$cardnumber,$borrowernumber,$userid,$firstname,$surname,$userflags,$branchcode,$emailaddress\n";
-                                       } else {
-                                               print STDERR "AUTH_3: no results for userid='$userid', cardnumber='$cardnumber'.\n";
-                                       }
+        if ( $userid    = $query->param('userid') ) {
+            my $password = $query->param('password');
+            my ( $return, $cardnumber ) = checkpw( $dbh, $userid, $password );
+            if ($return) {
+                _session_log(sprintf "%20s from %16s logged in  at %30s.\n", $userid,$ENV{'REMOTE_ADDR'},localtime);
+                if ( $flags = haspermission($userid, $flagsrequired) ) {
+                    $loggedin = 1;
+                }
+                else {
+                    $info{'nopermission'} = 1;
+                    C4::Context->_unset_userenv($sessionID);
+                }
 
 
+                my ($borrowernumber, $firstname, $surname, $userflags,
+                    $branchcode, $branchname, $branchprinter, $emailaddress);
+
+                if ( $return == 1 ) {
+                    my $select = "
+                    SELECT borrowernumber, firstname, surname, flags, borrowers.branchcode, 
+                            branches.branchname    as branchname, 
+                            branches.branchprinter as branchprinter, 
+                            email 
+                    FROM borrowers 
+                    LEFT JOIN branches on borrowers.branchcode=branches.branchcode
+                    ";
+                    my $sth = $dbh->prepare("$select where userid=?");
+                    $sth->execute($userid);
+                    unless ($sth->rows) {
+                        $debug and print STDERR "AUTH_1: no rows for userid='$userid'\n";
+                        $sth = $dbh->prepare("$select where cardnumber=?");
+                        $sth->execute($cardnumber);
+                        unless ($sth->rows) {
+                            $debug and print STDERR "AUTH_2a: no rows for cardnumber='$cardnumber'\n";
+                            $sth->execute($userid);
+                            unless ($sth->rows) {
+                                $debug and print STDERR "AUTH_2b: no rows for userid='$userid' AS cardnumber\n";
+                            }
+                        }
+                    }
+                    if ($sth->rows) {
+                        ($borrowernumber, $firstname, $surname, $userflags,
+                            $branchcode, $branchname, $branchprinter, $emailaddress) = $sth->fetchrow;
+                        $debug and print STDERR "AUTH_3 results: " .
+                            "$cardnumber,$borrowernumber,$userid,$firstname,$surname,$userflags,$branchcode,$emailaddress\n";
+                    } else {
+                        print STDERR "AUTH_3: no results for userid='$userid', cardnumber='$cardnumber'.\n";
+                    }
 # launch a sequence to check if we have a ip for the branch, i
 # if we have one we replace the branchcode of the userenv by the branch bound in the ip.
 
 # launch a sequence to check if we have a ip for the branch, i
 # if we have one we replace the branchcode of the userenv by the branch bound in the ip.
 
@@ -695,15 +701,22 @@ sub checkauth {
                                        $session->param('emailaddress'), $session->param('branchprinter')
                                );
 
                                        $session->param('emailaddress'), $session->param('branchprinter')
                                );
 
-                               # Grab borrower's shelves and add to the session...
-                               $barshelves = GetShelvesSummary($borrowernumber,2,10);
-                               $session->param('barshelves', $barshelves);
-                               C4::Context::set_shelves_userenv('bar',$barshelves);
-
-                               # Grab the public shelves and add to the session...
-                               $pubshelves = GetShelvesSummary(0,2,10);
-                               $session->param('pubshelves', $pubshelves);
-                               C4::Context::set_shelves_userenv('pub',$pubshelves);
+                               # Grab borrower's shelves and public shelves and add them to the session
+                               # $row_count determines how many records are returned from the db query
+                               # and the number of lists to be displayed of each type in the 'Lists' button drop down
+                               my $row_count = 10; # FIXME:This probably should be a syspref
+                               my ($total, $totshelves, $barshelves, $pubshelves);
+                               ($barshelves, $totshelves) = C4::VirtualShelves::GetRecentShelves(1, $row_count, $borrowernumber);
+                               $total->{'bartotal'} = $totshelves;
+                               ($pubshelves, $totshelves) = C4::VirtualShelves::GetRecentShelves(2, $row_count, undef);
+                               $total->{'pubtotal'} = $totshelves;
+                               $session->param('barshelves', $barshelves->[0]);
+                               $session->param('pubshelves', $pubshelves->[0]);
+                               $session->param('totshelves', $total);
+                               
+                               C4::Context::set_shelves_userenv('bar',$barshelves->[0]);
+                               C4::Context::set_shelves_userenv('pub',$pubshelves->[0]);
+                               C4::Context::set_shelves_userenv('tot',$total);
                        }
                else {
                if ($userid) {
                        }
                else {
                if ($userid) {
@@ -718,9 +731,14 @@ sub checkauth {
                        $debug and warn "Initiating an anonymous session...";
 
                        # Grab the public shelves and add to the session...
                        $debug and warn "Initiating an anonymous session...";
 
                        # Grab the public shelves and add to the session...
-                       $pubshelves = GetShelvesSummary(0,2,10);
-                       $session->param('pubshelves', $pubshelves);
-                       C4::Context::set_shelves_userenv('pub',$pubshelves);
+                       my $row_count = 20; # FIXME:This probably should be a syspref
+                       my ($total, $totshelves, $pubshelves);
+                       ($pubshelves, $totshelves) = C4::VirtualShelves::GetRecentShelves(2, $row_count, undef);
+                       $total->{'pubtotal'} = $totshelves;
+                       $session->param('pubshelves', $pubshelves->[0]);
+                       $session->param('totshelves', $total);
+                       C4::Context::set_shelves_userenv('pub',$pubshelves->[0]);
+                       C4::Context::set_shelves_userenv('tot',$total);
                        
                        # setting a couple of other session vars...
                        $session->param('ip',$session->remote_addr());
                        
                        # setting a couple of other session vars...
                        $session->param('ip',$session->remote_addr());
@@ -768,7 +786,6 @@ sub checkauth {
         INPUTS               => \@inputs,
         suggestion           => C4::Context->preference("suggestion"),
         virtualshelves       => C4::Context->preference("virtualshelves"),
         INPUTS               => \@inputs,
         suggestion           => C4::Context->preference("suggestion"),
         virtualshelves       => C4::Context->preference("virtualshelves"),
-        opaclargeimage       => C4::Context->preference("opaclargeimage"),
         LibraryName          => C4::Context->preference("LibraryName"),
         opacuserlogin        => C4::Context->preference("opacuserlogin"),
         OpacNav              => C4::Context->preference("OpacNav"),
         LibraryName          => C4::Context->preference("LibraryName"),
         opacuserlogin        => C4::Context->preference("opacuserlogin"),
         OpacNav              => C4::Context->preference("OpacNav"),
@@ -785,6 +802,7 @@ sub checkauth {
         OpacAuthorities      => C4::Context->preference("OpacAuthorities"),
         OpacBrowser          => C4::Context->preference("OpacBrowser"),
         opacheader           => C4::Context->preference("opacheader"),
         OpacAuthorities      => C4::Context->preference("OpacAuthorities"),
         OpacBrowser          => C4::Context->preference("OpacBrowser"),
         opacheader           => C4::Context->preference("opacheader"),
+        TagsEnabled                  => C4::Context->preference("TagsEnabled"),
         OPACUserCSS           => C4::Context->preference("OPACUserCSS"),
         intranetcolorstylesheet =>
                                                                C4::Context->preference("intranetcolorstylesheet"),
         OPACUserCSS           => C4::Context->preference("OPACUserCSS"),
         intranetcolorstylesheet =>
                                                                C4::Context->preference("intranetcolorstylesheet"),
@@ -918,7 +936,7 @@ sub check_api_auth {
             } else {
                 my $cookie = $query->cookie( CGISESSID => $session->id );
                 $session->param('lasttime',time());
             } else {
                 my $cookie = $query->cookie( CGISESSID => $session->id );
                 $session->param('lasttime',time());
-                my $flags = haspermission( $dbh, $userid, $flagsrequired );
+                my $flags = haspermission($userid, $flagsrequired);
                 if ($flags) {
                     return ("ok", $cookie, $sessionID);
                 } else {
                 if ($flags) {
                     return ("ok", $cookie, $sessionID);
                 } else {
@@ -941,7 +959,7 @@ sub check_api_auth {
             return ("failed", undef, undef);
         }
         my ( $return, $cardnumber ) = checkpw( $dbh, $userid, $password );
             return ("failed", undef, undef);
         }
         my ( $return, $cardnumber ) = checkpw( $dbh, $userid, $password );
-        if ($return and haspermission( $dbh, $userid, $flagsrequired)) {
+        if ($return and haspermission($userid, $flagsrequired)) {
             my $session = get_session("");
             return ("failed", undef, undef) unless $session;
 
             my $session = get_session("");
             return ("failed", undef, undef) unless $session;
 
@@ -1136,7 +1154,7 @@ sub check_cookie_auth {
             return ("expired", undef);
         } else {
             $session->param('lasttime',time());
             return ("expired", undef);
         } else {
             $session->param('lasttime',time());
-            my $flags = haspermission( $dbh, $userid, $flagsrequired );
+            my $flags = haspermission($userid, $flagsrequired);
             if ($flags) {
                 return ("ok", $sessionID);
             } else {
             if ($flags) {
                 return ("ok", $sessionID);
             } else {
@@ -1189,7 +1207,7 @@ sub checkpw {
 
     my ( $dbh, $userid, $password ) = @_;
     if ($ldap) {
 
     my ( $dbh, $userid, $password ) = @_;
     if ($ldap) {
-        $debug and print "## checkpw - checking LDAP\n";
+        $debug and print STDERR "## checkpw - checking LDAP\n";
         my ($retval,$retcard) = checkpw_ldap(@_);    # EXTERNAL AUTH
         ($retval) and return ($retval,$retcard);
     }
         my ($retval,$retcard) = checkpw_ldap(@_);    # EXTERNAL AUTH
         ($retval) and return ($retval,$retcard);
     }
@@ -1249,10 +1267,12 @@ sub checkpw {
 
 =item getuserflags
 
 
 =item getuserflags
 
- $authflags = getuserflags($flags,$dbh);
+    my $authflags = getuserflags($flags, $userid, [$dbh]);
+
 Translates integer flags into permissions strings hash.
 
 C<$flags> is the integer userflags value ( borrowers.userflags )
 Translates integer flags into permissions strings hash.
 
 C<$flags> is the integer userflags value ( borrowers.userflags )
+C<$userid> is the members.userid, used for building subpermissions
 C<$authflags> is a hashref of permissions
 
 =cut
 C<$authflags> is a hashref of permissions
 
 =cut
@@ -1260,7 +1280,7 @@ C<$authflags> is a hashref of permissions
 sub getuserflags {
     my $flags   = shift;
     my $userid  = shift;
 sub getuserflags {
     my $flags   = shift;
     my $userid  = shift;
-    my $dbh     = shift;
+    my $dbh     = @_ ? shift : C4::Context->dbh;
     my $userflags;
     $flags = 0 unless $flags;
     my $sth = $dbh->prepare("SELECT bit, flag, defaulton FROM userflags");
     my $userflags;
     $flags = 0 unless $flags;
     my $sth = $dbh->prepare("SELECT bit, flag, defaulton FROM userflags");
@@ -1318,11 +1338,11 @@ sub get_user_subpermissions {
     my $userid = shift;
 
     my $dbh = C4::Context->dbh;
     my $userid = shift;
 
     my $dbh = C4::Context->dbh;
-    my $sth = $dbh->prepare("SELECT flag, code
+    my $sth = $dbh->prepare("SELECT flag, user_permissions.code as code
                              FROM user_permissions
                              JOIN permissions USING (module_bit, code)
                              FROM user_permissions
                              JOIN permissions USING (module_bit, code)
-                             JOIN userflags ON (module_bit = bit)
-                             JOIN borrowers USING (borrowernumber)
+                             JOIN userflags ON (permissions.module_bit = userflags.bit)
+                             JOIN borrowers ON (user_permissions.borrowernumber=borrowers.borrowernumber)
                              WHERE userid = ?");
     $sth->execute($userid);
 
                              WHERE userid = ?");
     $sth->execute($userid);
 
@@ -1365,9 +1385,9 @@ sub get_all_subpermissions {
 
 =item haspermission 
 
 
 =item haspermission 
 
-  $flags = ($dbh,$member,$flagsrequired);
+  $flags = ($userid, $flagsrequired);
 
 
-C<$member> may be either userid or overloaded with $borrower hashref from GetMemberDetails.
+C<$userid> the userid of the member
 C<$flags> is a hashref of required flags like C<$borrower-&lt;{authflags}> 
 
 Returns member's flags or 0 if a permission is not met.
 C<$flags> is a hashref of required flags like C<$borrower-&lt;{authflags}> 
 
 Returns member's flags or 0 if a permission is not met.
@@ -1375,22 +1395,15 @@ Returns member's flags or 0 if a permission is not met.
 =cut
 
 sub haspermission {
 =cut
 
 sub haspermission {
-    my ( $dbh, $userid, $flagsrequired ) = @_;
-    my ($flags,$intflags);
-    $dbh=C4::Context->dbh unless($dbh);
-    if(ref($userid)) {
-        $intflags = $userid->{'flags'};  
-    } else {
-        my $sth = $dbh->prepare("SELECT flags FROM borrowers WHERE userid=?");
-        $sth->execute($userid);
-        my ($intflags) = $sth->fetchrow;
-        $flags = getuserflags( $intflags, $userid, $dbh );
-    }
+    my ($userid, $flagsrequired) = @_;
+    my $sth = C4::Context->dbh->prepare("SELECT flags FROM borrowers WHERE userid=?");
+    $sth->execute($userid);
+    my $flags = getuserflags( $sth->fetchrow(), $userid );
     if ( $userid eq C4::Context->config('user') ) {
         # Super User Account from /etc/koha.conf
         $flags->{'superlibrarian'} = 1;
     }
     if ( $userid eq C4::Context->config('user') ) {
         # Super User Account from /etc/koha.conf
         $flags->{'superlibrarian'} = 1;
     }
-    if ( $userid eq 'demo' && C4::Context->config('demo') ) {
+    elsif ( $userid eq 'demo' && C4::Context->config('demo') ) {
         # Demo user that can do "anything" (demo=1 in /etc/koha.conf)
         $flags->{'superlibrarian'} = 1;
     }
         # Demo user that can do "anything" (demo=1 in /etc/koha.conf)
         $flags->{'superlibrarian'} = 1;
     }
Koha ILS @ FFZG - based on git://git.koha.org/pub/scm/koha.git