use strict;
use CGI;
+use C4::Auth;
use C4::Context;
use C4::Output;
+use C4::Interface::CGI::Output;
use C4::Search;
use HTML::Template;
use C4::Context;
$searchstring=~ s/\'/\\\'/g;
my @data=split(' ',$searchstring);
my $count=@data;
- my $query="Select id,category,authorised_value,lib from authorised_values where (category like \"$data[0]%\") order by category,authorised_value";
- my $sth=$dbh->prepare($query);
- $sth->execute;
+ my $sth=$dbh->prepare("Select id,category,authorised_value,lib from authorised_values where (category like ?) order by category,authorised_value");
+ $sth->execute("$data[0]%");
my @results;
my $cnt=0;
while (my $data=$sth->fetchrow_hashref){
my $searchfield=$input->param('searchfield');
$searchfield=~ s/\,//g;
my $id = $input->param('id');
-my $reqsel="select category,authorised_value,lib from authorised_values where id='$id'";
-my $reqdel="delete from authorised_values where id='$id'";
my $offset=$input->param('offset');
my $script_name="/cgi-bin/koha/admin/authorised_values.pl";
my $dbh = C4::Context->dbh;
-my $template = gettemplate("parameters/authorised_values.tmpl",0);
+my ($template, $borrowernumber, $cookie)
+ = get_template_and_user({template_name => "admin/authorised_values.tmpl",
+ query => $input,
+ type => "intranet",
+ authnotrequired => 0,
+ flagsrequired => {parameters => 1, management => 1},
+ debug => 1,
+ });
my $pagesize=20;
my $op = $input->param('op');
my $data;
if ($id) {
my $dbh = C4::Context->dbh;
- my $sth=$dbh->prepare("select id,category,authorised_value,lib from authorised_values where id='$id'");
- $sth->execute;
+ my $sth=$dbh->prepare("select id,category,authorised_value,lib from authorised_values where id=?");
+ $sth->execute($id);
$data=$sth->fetchrow_hashref;
$sth->finish;
} else {
}
if ($searchfield) {
$template->param(action => "Modify authorised value");
+ $template->param('heading-modify-authorized-value-p' => 1);
+ } elsif ( ! $data->{'category'} ) {
+ $template->param(action => "Add new category");
+ $template->param('heading-add-new-category-p' => 1);
} else {
$template->param(action => "Add authorised value");
+ $template->param('heading-add-authorized-value-p' => 1);
}
+ $template->param('use-heading-flags-p' => 1);
$template->param(category => $data->{'category'},
authorised_value => $data->{'authorised_value'},
lib => $data->{'lib'},
} elsif ($op eq 'add_validate') {
my $dbh = C4::Context->dbh;
my $sth=$dbh->prepare("replace authorised_values (id,category,authorised_value,lib) values (?,?,?,?)");
- $sth->execute($input->param('id'), $input->param('category'), $input->param('authorised_value'),$input->param('lib'));
+ my $lib = $input->param('lib');
+ undef $lib if ($lib eq ""); # to insert NULL instead of a blank string
+
+ $sth->execute($input->param('id'), $input->param('category'), $input->param('authorised_value'), $lib);
$sth->finish;
print "Content-Type: text/html\n\n<META HTTP-EQUIV=Refresh CONTENT=\"0; URL=authorised_values.pl?searchfield=".$input->param('category')."\"></html>";
exit;
# called by default form, used to confirm deletion of data in DB
} elsif ($op eq 'delete_confirm') {
my $dbh = C4::Context->dbh;
- my $sth=$dbh->prepare($reqsel);
- $sth->execute;
+ my $sth=$dbh->prepare("select category,authorised_value,lib from authorised_values where id=?");
+ $sth->execute($id);
my $data=$sth->fetchrow_hashref;
$sth->finish;
$template->param(searchfield => $searchfield,
# called by delete_confirm, used to effectively confirm deletion of data in DB
} elsif ($op eq 'delete_confirmed') {
my $dbh = C4::Context->dbh;
- my $sth=$dbh->prepare($reqdel);
- $sth->execute;
+ my $sth=$dbh->prepare("delete from authorised_values where id=?");
+ $sth->execute($id);
$sth->finish;
print "Content-Type: text/html\n\n<META HTTP-EQUIV=Refresh CONTENT=\"0; URL=authorised_values.pl?searchfield=$searchfield\"></html>";
exit;
-values=> \@category_list,
-default=>"",
-size=>1,
+ -tabindex=>'',
-multiple=>0,
);
if (!$searchfield) {
$template->param(loop => \@loop_data,
tab_list => $tab_list,
category => $searchfield);
+
if ($offset>0) {
my $prevpage = $offset-$pagesize;
- $template->param("<a href=$script_name?offset=".$prevpage.'<< Prev</a>');
+ $template->param(isprevpage => $offset,
+ prevpage=> $prevpage,
+ searchfield => $searchfield,
+ script_name => $script_name,
+ );
}
if ($offset+$pagesize<$count) {
my $nextpage =$offset+$pagesize;
- $template->param("a href=$script_name?offset=".$nextpage.'Next >></a>');
+ $template->param(nextpage =>$nextpage,
+ searchfield => $searchfield,
+ script_name => $script_name,
+ );
}
} #---- END $OP eq DEFAULT
-
-print "Content-Type: text/html\n\n", $template->output;
+$template->param(intranetcolorstylesheet => C4::Context->preference("intranetcolorstylesheet"),
+ intranetstylesheet => C4::Context->preference("intranetstylesheet"),
+ IntranetNav => C4::Context->preference("IntranetNav"),
+ );
+output_html_with_http_headers $input, $cookie, $template->output;