my $input = new CGI;
my $id = $input->param('id');
my $op = $input->param('op') || '';
-my $offset = $input->param('offset') || 0;
-my $searchfield = $input->param('searchfield');
+our $offset = $input->param('offset') || 0;
+our $searchfield = $input->param('searchfield');
$searchfield = '' unless defined $searchfield;
$searchfield =~ s/\,//g;
-my $script_name = "/cgi-bin/koha/admin/authorised_values.pl";
-my $dbh = C4::Context->dbh;
+our $script_name = "/cgi-bin/koha/admin/authorised_values.pl";
+our $dbh = C4::Context->dbh;
-my ($template, $borrowernumber, $cookie)= get_template_and_user({
+our ($template, $borrowernumber, $cookie)= get_template_and_user({
template_name => "admin/authorised_values.tmpl",
authnotrequired => 0,
flagsrequired => {parameters => 1},
my $duplicate_entry = 0;
if ( $id ) { # Update
- my $sth = $dbh->prepare( "SELECT category, authorised_value FROM authorised_values WHERE id='$id' ");
- $sth->execute();
+ my $sth = $dbh->prepare( "SELECT category, authorised_value FROM authorised_values WHERE id = ? ");
+ $sth->execute($id);
my ($category, $authorised_value) = $sth->fetchrow_array();
if ( $authorised_value ne $new_authorised_value ) {
my $sth = $dbh->prepare_cached( "SELECT COUNT(*) FROM authorised_values " .
- "WHERE category = '$new_category' AND authorised_value = '$new_authorised_value' and id<>$id");
- $sth->execute();
+ "WHERE category = ? AND authorised_value = ? and id <> ? ");
+ $sth->execute($new_category, $new_authorised_value, $id);
($duplicate_entry) = $sth->fetchrow_array();
- warn "**** duplicate_entry = $duplicate_entry";
}
unless ( $duplicate_entry ) {
my $sth=$dbh->prepare( 'UPDATE authorised_values
}
else { # Insert
my $sth = $dbh->prepare_cached( "SELECT COUNT(*) FROM authorised_values " .
- "WHERE category = '$new_category' AND authorised_value = '$new_authorised_value' ");
- $sth->execute();
+ "WHERE category = ? AND authorised_value = ? ");
+ $sth->execute($new_category, $new_authorised_value);
($duplicate_entry) = $sth->fetchrow_array();
unless ( $duplicate_entry ) {
my $sth=$dbh->prepare( 'INSERT INTO authorised_values