# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
use strict;
-#use warnings; FIXME - Bug 2505
+use warnings;
use Digest::MD5 qw(md5_base64);
use Storable qw(thaw freeze);
use URI::Escape;
use C4::Context;
use C4::Templates; # to get the template
use C4::Branch; # GetBranches
+use C4::Update::Database;
use C4::VirtualShelves;
use POSIX qw/strftime/;
use List::MoreUtils qw/ any /;
if ( psgi_env ) { die 'psgi:exit' }
else { exit }
}
- $VERSION = 3.02; # set version for version checking
+ $VERSION = 3.07.00.049; # set version for version checking
+
$debug = $ENV{DEBUG};
@ISA = qw(Exporter);
@EXPORT = qw(&checkauth &get_template_and_user &haspermission &get_user_subpermissions);
INSERT INTO search_history(userid, sessionid, query_desc, query_cgi, total, time )
VALUES ( ?, ?, ?, ?, ?, FROM_UNIXTIME(?))
EOQ
+
sub get_template_and_user {
my $in = shift;
my $template =
C4::Templates::gettemplate( $in->{'template_name'}, $in->{'type'}, $in->{'query'} );
- my ( $user, $cookie, $sessionID, $flags );
+ my ( $user, $cookie, $sessionID, $flags, $new_session );
if ( $in->{'template_name'} !~m/maintenance/ ) {
- ( $user, $cookie, $sessionID, $flags ) = checkauth(
+ ( $user, $cookie, $sessionID, $flags, $new_session ) = checkauth(
$in->{'query'},
$in->{'authnotrequired'},
$in->{'flagsrequired'},
my $borrowernumber;
my $insecure = C4::Context->preference('insecure');
if ($user or $insecure) {
+ require C4::Members;
# It's possible for $user to be the borrowernumber if they don't have a
# userid defined (and are logging in through some other method, such
# as SSL certs against an email address)
$borrowernumber = getborrowernumber($user) if defined($user);
if (!defined($borrowernumber) && defined($user)) {
- my $borrower = GetMember(borrowernumber => $user);
- if ($borrower) {
- $borrowernumber = $user;
+ my $borrower = C4::Members::GetMember(borrowernumber => $user);
+ if ($borrower) {
+ $borrowernumber = $user;
# A bit of a hack, but I don't know there's a nicer way
# to do it.
$user = $borrower->{firstname} . ' ' . $borrower->{surname};
barshelvesloop => $barshelves,
);
- require C4::Members;
my ( $borr ) = C4::Members::GetMemberDetails( $borrowernumber );
my @bordat;
$bordat[0] = $borr;
"BiblioDefaultView".C4::Context->preference("BiblioDefaultView") => 1,
EnhancedMessagingPreferences => C4::Context->preference('EnhancedMessagingPreferences'),
GoogleJackets => C4::Context->preference("GoogleJackets"),
- OpenLibraryCovers => C4::Context->preference("OpenLibraryCovers"),
+ OpenLibraryCovers => C4::Context->preference("OpenLibraryCovers"),
KohaAdminEmailAddress => "" . C4::Context->preference("KohaAdminEmailAddress"),
LoginBranchcode => (C4::Context->userenv?C4::Context->userenv->{"branch"}:"insecure"),
LoginFirstname => (C4::Context->userenv?C4::Context->userenv->{"firstname"}:"Bel"),
XSLTDetailsDisplay => C4::Context->preference("XSLTDetailsDisplay"),
XSLTResultsDisplay => C4::Context->preference("XSLTResultsDisplay"),
using_https => $in->{'query'}->https() ? 1 : 0,
- noItemTypeImages => C4::Context->preference("noItemTypeImages"),
+ noItemTypeImages => C4::Context->preference("noItemTypeImages"),
+ marcflavour => C4::Context->preference("marcflavour"),
);
if ( $in->{'type'} eq "intranet" ) {
$template->param(
- AmazonContent => C4::Context->preference("AmazonContent"),
AmazonCoverImages => C4::Context->preference("AmazonCoverImages"),
- AmazonEnabled => C4::Context->preference("AmazonEnabled"),
- AmazonSimilarItems => C4::Context->preference("AmazonSimilarItems"),
AutoLocation => C4::Context->preference("AutoLocation"),
"BiblioDefaultView".C4::Context->preference("IntranetBiblioDefaultView") => 1,
CalendarFirstDayOfWeek => (C4::Context->preference("CalendarFirstDayOfWeek") eq "Sunday")?0:1,
LocalCoverImages => C4::Context->preference('LocalCoverImages'),
OPACLocalCoverImages => C4::Context->preference('OPACLocalCoverImages'),
AllowMultipleCovers => C4::Context->preference('AllowMultipleCovers'),
+ EnableBorrowerFiles => C4::Context->preference('EnableBorrowerFiles'),
);
}
else {
my $opac_search_limit = $ENV{'OPAC_SEARCH_LIMIT'};
my $opac_limit_override = $ENV{'OPAC_LIMIT_OVERRIDE'};
my $opac_name = '';
- if (($opac_search_limit =~ /branch:(\w+)/ && $opac_limit_override) || $in->{'query'}->param('limit') =~ /branch:(\w+)/){
+ if (($opac_search_limit && $opac_search_limit =~ /branch:(\w+)/ && $opac_limit_override) || ($in->{'query'}->param('limit') && $in->{'query'}->param('limit') =~ /branch:(\w+)/)){
$opac_name = $1; # opac_search_limit is a branch, so we use it.
} elsif (C4::Context->preference("SearchMyLibraryFirst") && C4::Context->userenv && C4::Context->userenv->{'branch'}) {
$opac_name = C4::Context->userenv->{'branch'};
}
- my $checkstyle = C4::Context->preference("opaccolorstylesheet");
- if ($checkstyle =~ /http/)
- {
- $template->param( opacexternalsheet => $checkstyle);
- } else
- {
- my $opaccolorstylesheet = C4::Context->preference("opaccolorstylesheet");
- $template->param( opaccolorstylesheet => $opaccolorstylesheet);
- }
$template->param(
- AmazonContent => "" . C4::Context->preference("AmazonContent"),
+ opaccolorstylesheet => C4::Context->preference("opaccolorstylesheet"),
AnonSuggestions => "" . C4::Context->preference("AnonSuggestions"),
AuthorisedValueImages => C4::Context->preference("AuthorisedValueImages"),
BranchesLoop => GetBranchesLoop($opac_name),
LibraryName => "" . C4::Context->preference("LibraryName"),
LibraryNameTitle => "" . $LibraryNameTitle,
LoginBranchname => C4::Context->userenv?C4::Context->userenv->{"branchname"}:"",
- OPACAmazonEnabled => C4::Context->preference("OPACAmazonEnabled"),
- OPACAmazonSimilarItems => C4::Context->preference("OPACAmazonSimilarItems"),
OPACAmazonCoverImages => C4::Context->preference("OPACAmazonCoverImages"),
- OPACAmazonReviews => C4::Context->preference("OPACAmazonReviews"),
OPACFRBRizeEditions => C4::Context->preference("OPACFRBRizeEditions"),
OpacHighlightedWords => C4::Context->preference("OpacHighlightedWords"),
OPACItemHolds => C4::Context->preference("OPACItemHolds"),
OpacShowRecentComments => C4::Context->preference("OpacShowRecentComments"),
OPACURLOpenInNewWindow => "" . C4::Context->preference("OPACURLOpenInNewWindow"),
OPACUserCSS => "". C4::Context->preference("OPACUserCSS"),
+ OPACMobileUserCSS => "". C4::Context->preference("OPACMobileUserCSS"),
OPACViewOthersSuggestions => "" . C4::Context->preference("OPACViewOthersSuggestions"),
OpacAuthorities => C4::Context->preference("OpacAuthorities"),
OPACBaseURL => ($in->{'query'}->https() ? "https://" : "http://") . $ENV{'SERVER_NAME'} .
OpacCloud => C4::Context->preference("OpacCloud"),
OpacKohaUrl => C4::Context->preference("OpacKohaUrl"),
OpacMainUserBlock => "" . C4::Context->preference("OpacMainUserBlock"),
+ OpacMainUserBlockMobile => "" . C4::Context->preference("OpacMainUserBlockMobile"),
+ OpacShowFiltersPulldownMobile => C4::Context->preference("OpacShowFiltersPulldownMobile"),
+ OpacShowLibrariesPulldownMobile => C4::Context->preference("OpacShowLibrariesPulldownMobile"),
OpacNav => "" . C4::Context->preference("OpacNav"),
+ OpacNavRight => "" . C4::Context->preference("OpacNavRight"),
OpacNavBottom => "" . C4::Context->preference("OpacNavBottom"),
OpacPasswordChange => C4::Context->preference("OpacPasswordChange"),
OPACPatronDetails => C4::Context->preference("OPACPatronDetails"),
hidelostitems => C4::Context->preference("hidelostitems"),
mylibraryfirst => (C4::Context->preference("SearchMyLibraryFirst") && C4::Context->userenv) ? C4::Context->userenv->{'branch'} : '',
opaclayoutstylesheet => "" . C4::Context->preference("opaclayoutstylesheet"),
- opacstylesheet => "" . C4::Context->preference("opacstylesheet"),
opacbookbag => "" . C4::Context->preference("opacbookbag"),
opaccredits => "" . C4::Context->preference("opaccredits"),
OpacFavicon => C4::Context->preference("OpacFavicon"),
SyndeticsSeries => C4::Context->preference("SyndeticsSeries"),
SyndeticsCoverImageSize => C4::Context->preference("SyndeticsCoverImageSize"),
OPACLocalCoverImages => C4::Context->preference("OPACLocalCoverImages"),
+ PatronSelfRegistration => C4::Context->preference("PatronSelfRegistration"),
+ PatronSelfRegistrationDefaultCategory => C4::Context->preference("PatronSelfRegistrationDefaultCategory"),
);
$template->param(OpacPublic => '1') if ($user || C4::Context->preference("OpacPublic"));
}
+
+ if ( $new_session ) {
+ # Check the version and redirect if DB is not up-to-date
+ version_check($in->{query}, $in->{'type'}, $cookie);
+ }
+
return ( $template, $borrowernumber, $cookie, $flags);
}
=cut
-sub _version_check ($$) {
- my $type = shift;
- my $query = shift;
- my $version;
- # If Version syspref is unavailable, it means Koha is beeing installed,
- # and so we must redirect to OPAC maintenance page or to the WebInstaller
- # also, if OpacMaintenance is ON, OPAC should redirect to maintenance
- if (C4::Context->preference('OpacMaintenance') && $type eq 'opac') {
- warn "OPAC Install required, redirecting to maintenance";
- print $query->redirect("/cgi-bin/koha/maintenance.pl");
- }
- unless ( $version = C4::Context->preference('Version') ) { # assignment, not comparison
+sub _session_log {
+ (@_) or return 0;
+ open my $fh, '>>', "/tmp/sessionlog" or warn "ERROR: Cannot append to /tmp/sessionlog";
+ printf $fh join("\n",@_);
+ close $fh;
+}
+
+sub _timeout_syspref {
+ my $timeout = C4::Context->preference('timeout') || 600;
+ # value in days, convert in seconds
+ if ($timeout =~ /(\d+)[dD]/) {
+ $timeout = $1 * 86400;
+ };
+ return $timeout;
+}
+
+sub version_check {
+ my ( $query, $type, $cookie ) = @_;
+ # check we have a Version. Otherwise => go to installer
+ unless ( C4::Context->preference('Version') ) {
if ( $type ne 'opac' ) {
- warn "Install required, redirecting to Installer";
+ $debug && warn "Install required, redirecting to Installer";
print $query->redirect("/cgi-bin/koha/installer/install.pl");
} else {
- warn "OPAC Install required, redirecting to maintenance";
+ $debug && warn "OPAC Install required, redirecting to maintenance";
print $query->redirect("/cgi-bin/koha/maintenance.pl");
}
safe_exit;
}
- # check that database and koha version are the same
- # there is no DB version, it's a fresh install,
- # go to web installer
- # there is a DB version, compare it to the code version
- my $kohaversion=C4::Context::KOHAVERSION;
- # remove the 3 last . to have a Perl number
- $kohaversion =~ s/(.*\..*)\.(.*)\.(.*)/$1$2$3/;
- $debug and print STDERR "kohaversion : $kohaversion\n";
- if ($version < $kohaversion){
- my $warning = "Database update needed, redirecting to %s. Database is $version and Koha is $kohaversion";
- if ($type ne 'opac'){
- warn sprintf($warning, 'Installer');
- print $query->redirect("/cgi-bin/koha/installer/install.pl?step=3");
- } else {
- warn sprintf("OPAC: " . $warning, 'maintenance');
- print $query->redirect("/cgi-bin/koha/maintenance.pl");
- }
+ # check if you're uptodate, and if you're not, head to updater
+ my $koha39 = "3.0900028";
+
+ # Old updatedatabase method
+ if (C4::Context->preference('Version') < $koha39) {
+ print $query->redirect("/cgi-bin/koha/installer/install.pl?step=3");
safe_exit;
}
-}
-sub _session_log {
- (@_) or return 0;
- open L, ">>/tmp/sessionlog" or warn "ERROR: Cannot append to /tmp/sessionlog";
- printf L join("\n",@_);
- close L;
+ # New updatedatabase method
+ unless ( C4::Update::Database::is_uptodate() ) {
+ # not up-to-date, redirect to updatedatabase page
+ warn "redirect to updatedatabase";
+ print $query->redirect(-location => "/cgi-bin/koha/admin/updatedatabase.pl", -cookie => $cookie);
+ safe_exit;
+ }
}
sub checkauth {
my $flagsrequired = shift;
my $type = shift;
$type = 'opac' unless $type;
+ my $new_session = 0;
my $dbh = C4::Context->dbh;
- my $timeout = C4::Context->preference('timeout');
+ my $timeout = _timeout_syspref();
# days
if ($timeout =~ /(\d+)[dD]/) {
$timeout = $1 * 86400;
};
$timeout = 600 unless $timeout;
- _version_check($type,$query);
# state variables
my $loggedin = 0;
my %info;
$ip = $session->param('ip');
$lasttime = $session->param('lasttime');
$userid = $session->param('id');
- $sessiontype = $session->param('sessiontype');
+ $sessiontype = $session->param('sessiontype') || '';
}
if ( ( ($query->param('koha_login_context')) && ($query->param('userid') ne $session->param('id')) )
|| ( $cas && $query->param('ticket') ) ) {
elsif ( $lasttime < time() - $timeout ) {
# timed logout
$info{'timed_out'} = 1;
- $session->delete();
+ $session->delete() if $session;
C4::Context->_unset_userenv($sessionID);
#_session_log(sprintf "%20s from %16s logged out at %30s (inactivity).\n", $userid,$ip,(strftime "%c",localtime));
$userid = undef;
else {
$cookie = $query->cookie( CGISESSID => $session->id );
$session->param('lasttime',time());
- unless ( $sessiontype eq 'anon' ) { #if this is an anonymous session, we want to update the session, but not behave as if they are logged in...
+ unless ( $sessiontype && $sessiontype eq 'anon' ) { #if this is an anonymous session, we want to update the session, but not behave as if they are logged in...
$flags = haspermission($userid, $flagsrequired);
if ($flags) {
$loggedin = 1;
my $sessionID = $session->id;
C4::Context->_new_userenv($sessionID);
$cookie = $query->cookie( CGISESSID => $sessionID );
+
$userid = $query->param('userid');
if ( ( $cas && $query->param('ticket') )
|| $userid
checkpw( $dbh, $userid, $password, $query );
$userid = $retuserid;
$info{'invalidCasLogin'} = 1 unless ($return);
+ $new_session = 1;
}
elsif (
( $pki_field eq 'Common Name' && $ENV{'SSL_CLIENT_S_DN_CN'} )
( $return, $cardnumber, $retuserid ) =
checkpw( $dbh, $userid, $password, $query );
$userid = $retuserid if ( $retuserid ne '' );
+ $new_session = 1;
}
if ($return) {
#_session_log(sprintf "%20s from %16s logged in at %30s.\n", $userid,$ENV{'REMOTE_ADDR'},(strftime '%c', localtime));
unless ($cookie) {
$cookie = $query->cookie( CGISESSID => '' );
}
- return ( $userid, $cookie, $sessionID, $flags );
+ return ( $userid, $cookie, $sessionID, $flags, $new_session );
}
#
my $value = $query->param($name);
push @inputs, { name => $name, value => $value };
}
- # get the branchloop, which we need for authentication
- my $branches = GetBranches();
- my @branch_loop;
- for my $branch_hash (sort keys %$branches) {
- push @branch_loop, {branchcode => "$branch_hash", branchname => $branches->{$branch_hash}->{'branchname'}, };
- }
my $template_name = ( $type eq 'opac' ) ? 'opac-auth.tmpl' : 'auth.tmpl';
- my $template = C4::Templates::gettemplate( $template_name, $type, $query );
- $template->param(branchloop => \@branch_loop,);
- my $checkstyle = C4::Context->preference("opaccolorstylesheet");
- if ($checkstyle =~ /\//)
- {
- $template->param( opacexternalsheet => $checkstyle);
- } else
- {
- my $opaccolorstylesheet = C4::Context->preference("opaccolorstylesheet");
- $template->param( opaccolorstylesheet => $opaccolorstylesheet);
- }
+ my $template = C4::Templates::gettemplate($template_name, $type, $query );
$template->param(
- login => 1,
+ branchloop => GetBranchesLoop(),
+ opaccolorstylesheet => C4::Context->preference("opaccolorstylesheet"),
+ opaclayoutstylesheet => C4::Context->preference("opaclayoutstylesheet"),
+ login => 1,
INPUTS => \@inputs,
casAuthentication => C4::Context->preference("casAuthentication"),
suggestion => C4::Context->preference("suggestion"),
LibraryName => C4::Context->preference("LibraryName"),
opacuserlogin => C4::Context->preference("opacuserlogin"),
OpacNav => C4::Context->preference("OpacNav"),
+ OpacNavRight => C4::Context->preference("OpacNavRight"),
OpacNavBottom => C4::Context->preference("OpacNavBottom"),
opaccredits => C4::Context->preference("opaccredits"),
OpacFavicon => C4::Context->preference("OpacFavicon"),
opacreadinghistory => C4::Context->preference("opacreadinghistory"),
opacsmallimage => C4::Context->preference("opacsmallimage"),
- opaclayoutstylesheet => C4::Context->preference("opaclayoutstylesheet"),
opaclanguagesdisplay => C4::Context->preference("opaclanguagesdisplay"),
opacuserjs => C4::Context->preference("opacuserjs"),
opacbookbag => "" . C4::Context->preference("opacbookbag"),
OpacAuthorities => C4::Context->preference("OpacAuthorities"),
OpacBrowser => C4::Context->preference("OpacBrowser"),
opacheader => C4::Context->preference("opacheader"),
- TagsEnabled => C4::Context->preference("TagsEnabled"),
+ TagsEnabled => C4::Context->preference("TagsEnabled"),
OPACUserCSS => C4::Context->preference("OPACUserCSS"),
- opacstylesheet => C4::Context->preference("opacstylesheet"),
- intranetcolorstylesheet =>
- C4::Context->preference("intranetcolorstylesheet"),
+ intranetcolorstylesheet => C4::Context->preference("intranetcolorstylesheet"),
intranetstylesheet => C4::Context->preference("intranetstylesheet"),
intranetbookbag => C4::Context->preference("intranetbookbag"),
IntranetNav => C4::Context->preference("IntranetNav"),
+ IntranetFavicon => C4::Context->preference("IntranetFavicon"),
intranetuserjs => C4::Context->preference("intranetuserjs"),
IndependantBranches=> C4::Context->preference("IndependantBranches"),
AutoLocation => C4::Context->preference("AutoLocation"),
- wrongip => $info{'wrongip'},
+ wrongip => $info{'wrongip'},
+ PatronSelfRegistration => C4::Context->preference("PatronSelfRegistration"),
+ PatronSelfRegistrationDefaultCategory => C4::Context->preference("PatronSelfRegistrationDefaultCategory"),
);
$template->param( OpacPublic => C4::Context->preference("OpacPublic"));
my $flagsrequired = shift;
my $dbh = C4::Context->dbh;
- my $timeout = C4::Context->preference('timeout');
- $timeout = 600 unless $timeout;
-
- unless (C4::Context->preference('Version')) {
- # database has not been installed yet
- return ("maintenance", undef, undef);
- }
- my $kohaversion=C4::Context::KOHAVERSION;
- $kohaversion =~ s/(.*\..*)\.(.*)\.(.*)/$1$2$3/;
- if (C4::Context->preference('Version') < $kohaversion) {
- # database in need of version update; assume that
- # no API should be called while databsae is in
- # this condition.
- return ("maintenance", undef, undef);
- }
+ my $timeout = _timeout_syspref();
# FIXME -- most of what follows is a copy-and-paste
# of code from checkauth. There is an obvious need
my $flagsrequired = shift;
my $dbh = C4::Context->dbh;
- my $timeout = C4::Context->preference('timeout');
- $timeout = 600 unless $timeout;
-
- unless (C4::Context->preference('Version')) {
- # database has not been installed yet
- return ("maintenance", undef);
- }
- my $kohaversion=C4::Context::KOHAVERSION;
- $kohaversion =~ s/(.*\..*)\.(.*)\.(.*)/$1$2$3/;
- if (C4::Context->preference('Version') < $kohaversion) {
- # database in need of version update; assume that
- # no API should be called while databsae is in
- # this condition.
- return ("maintenance", undef);
- }
+ my $timeout = _timeout_syspref();
# FIXME -- most of what follows is a copy-and-paste
# of code from checkauth. There is an obvious need
my $userid = shift;
my $dbh = @_ ? shift : C4::Context->dbh;
my $userflags;
- $flags = 0 unless $flags;
+ {
+ # I don't want to do this, but if someone logs in as the database
+ # user, it would be preferable not to spam them to death with
+ # numeric warnings. So, we make $flags numeric.
+ no warnings 'numeric';
+ $flags += 0;
+ }
my $sth = $dbh->prepare("SELECT bit, flag, defaulton FROM userflags");
$sth->execute;
projects / koha.git / blobdiff