get_column_type get_distinct_values save_dictionary get_from_dictionary
delete_definition delete_report format_results get_sql
nb_rows update_sql build_authorised_value_list
+ GetReservedAuthorisedValues
+ GetParametersFromSQL
+ IsAuthorisedValueValid
+ ValidateSQLParameters
);
}
-=item get_report_areas()
+=head1 NAME
+
+C4::Reports::Guided - Module for generating guided reports
+
+=head1 SYNOPSIS
+
+ use C4::Reports::Guided;
+
+=head1 DESCRIPTION
+
+=cut
+
+=head1 METHODS
+
+=head2 get_report_areas
This will return a list of all the available report areas
unshift @{ $criteria{'CAT'} }, 'biblioitems.itemtype';
}
-=head1 NAME
-
-C4::Reports::Guided - Module for generating guided reports
-
-=head1 SYNOPSIS
-
- use C4::Reports::Guided;
-
-=head1 DESCRIPTION
-
-=cut
-
-=head1 METHODS
-
-=over 2
-
-=cut
-
-=item get_report_types()
+=head2 get_report_types
This will return a list of all the available report types
}
-=item get_report_groups()
+=head2 get_report_groups
This will return a list of all the available report areas with groups
return \%groups_with_subgroups
}
-=item get_all_tables()
+=head2 get_all_tables
This will return a list of all tables in the database
}
-=item get_columns($area)
+=head2 get_columns($area)
This will return a list of all columns for a report area
return (@columns);
}
-=item build_query($columns,$criteria,$orderby,$area)
+=head2 build_query($columns,$criteria,$orderby,$area)
This will build the sql needed to return the results asked for,
$columns is expected to be of the format tablename.columnname.
return ($query);
}
-=item get_criteria($area,$cgi);
+=head2 get_criteria($area,$cgi);
Returns an arraref to hashrefs suitable for using in a tmpl_loop. With the criteria and available values.
return ( \@criteria_array );
}
-sub nb_rows($) {
+sub nb_rows {
my $sql = shift or return;
my $sth = C4::Context->dbh->prepare($sql);
$sth->execute();
return scalar (@$rows);
}
-=item execute_query
+=head2 execute_query
($results, $error) = execute_query($sql, $offset, $limit)
# ~ remove any LIMIT clause
# ~ repace SELECT clause w/ SELECT count(*)
-sub select_2_select_count ($) {
+sub select_2_select_count {
# Modify the query passed in to create a count query... (I think this covers all cases -crn)
my ($sql) = strip_limit(shift) or return;
$sql =~ s/\bSELECT\W+(?:\w+\W+){1,}?FROM\b|\bSELECT\W\*\WFROM\b/SELECT count(*) FROM /ig;
# store_results($id,$xml);
}
-=item save_report($sql,$name,$type,$notes)
+=head2 save_report($sql,$name,$type,$notes)
Given some sql and a name this will saved it so that it can reused
Returns id of the newly created report
return $dbh->selectrow_hashref($query, undef, $report_arg);
}
-=item create_compound($masterID,$subreportID)
+=head2 create_compound($masterID,$subreportID)
This will take 2 reports and create a compound report using both of them
return ( $mastertables, $subtables );
}
-=item get_column_type($column)
+=head2 get_column_type($column)
This takes a column name of the format table.column and will return what type it is
(free text, set values, date)
}
}
-=item get_distinct_values($column)
+=head2 get_distinct_values($column)
Given a column name, return an arrary ref of hashrefs suitable for use as a tmpl_loop
with the distinct values of the column
return \%columns;
}
-=item build_authorised_value_list($authorised_value)
+=head2 build_authorised_value_list($authorised_value)
Returns an arrayref - hashref pair. The hashref consists of
various code => name lists depending on the $authorised_value.
return (\@authorised_values, \%authorised_lib);
}
+=head2 GetReservedAuthorisedValues
+
+ my %reserved_authorised_values = GetReservedAuthorisedValues();
+
+Returns a hash containig all reserved words
+
+=cut
+
+sub GetReservedAuthorisedValues {
+ my %reserved_authorised_values =
+ map { $_ => 1 } ( 'date',
+ 'branches',
+ 'itemtypes',
+ 'cn_source',
+ 'categorycode' );
+
+ return \%reserved_authorised_values;
+}
+
+
+=head2 IsAuthorisedValueValid
+
+ my $is_valid_ath_value = IsAuthorisedValueValid($authorised_value)
+
+Returns 1 if $authorised_value is on the reserved authorised values list or
+in the authorised value categories defined in
+
+=cut
+
+sub IsAuthorisedValueValid {
+
+ my $authorised_value = shift;
+ my $reserved_authorised_values = GetReservedAuthorisedValues();
+
+ if ( exists $reserved_authorised_values->{$authorised_value} ||
+ IsAuthorisedValueCategory($authorised_value) ) {
+ return 1;
+ }
+
+ return 0;
+}
+
+=head2 GetParametersFromSQL
+
+ my @sql_parameters = GetParametersFromSQL($sql)
+
+Returns an arrayref of hashes containing the keys name and authval
+
+=cut
+
+sub GetParametersFromSQL {
+
+ my $sql = shift ;
+ my @split = split(/<<|>>/,$sql);
+ my @sql_parameters = ();
+
+ for ( my $i = 0; $i < ($#split/2) ; $i++ ) {
+ my ($name,$authval) = split(/\|/,$split[$i*2+1]);
+ push @sql_parameters, { 'name' => $name, 'authval' => $authval };
+ }
+
+ return \@sql_parameters;
+}
+
+=head2 ValidateSQLParameters
+
+ my @problematic_parameters = ValidateSQLParameters($sql)
+
+Returns an arrayref of hashes containing the keys name and authval of
+those SQL parameters that do not correspond to valid authorised names
+
+=cut
+
+sub ValidateSQLParameters {
+
+ my $sql = shift;
+ my @problematic_parameters = ();
+ my $sql_parameters = GetParametersFromSQL($sql);
+
+ foreach my $sql_parameter (@$sql_parameters) {
+ if ( defined $sql_parameter->{'authval'} ) {
+ push @problematic_parameters, $sql_parameter unless
+ IsAuthorisedValueValid($sql_parameter->{'authval'});
+ }
+ }
+
+ return \@problematic_parameters;
+}
+
1;
__END__
-=back
-
=head1 AUTHOR
Chris Cormack <crc@liblime.com>