$searchstring=~ s/\'/\\\'/g;
my @data=split(' ',$searchstring);
my $count=@data;
- my $query="Select * from categories where (description like \"$data[0]%\")";
- my $sth=$dbh->prepare($query);
- $sth->execute;
+ my $sth=$dbh->prepare("Select * from categories where (description like ?)");
+ $sth->execute("$data[0]%");
my @results;
- my $cnt=0;
while (my $data=$sth->fetchrow_hashref){
push(@results,$data);
- $cnt ++;
}
# $sth->execute;
$sth->finish;
- return ($cnt,\@results);
+ return (scalar(@results),\@results);
}
my $input = new CGI;
$searchfield=~ s/\,//g;
my ($template, $loggedinuser, $cookie)
- = get_template_and_user({template_name => "parameters/categoryitem.tmpl",
+ = get_template_and_user({template_name => "admin/categoryitem.tmpl",
query => $input,
type => "intranet",
authnotrequired => 0,
my $data;
if ($categorycode) {
my $dbh = C4::Context->dbh;
- my $sth=$dbh->prepare("select categorycode,description,enrolmentperiod,upperagelimit,dateofbirthrequired,finetype,bulk,enrolmentfee,issuelimit,reservefee,overduenoticerequired from categories where categorycode='$categorycode'");
- $sth->execute;
+ my $sth=$dbh->prepare("select categorycode,description,enrolmentperiod,upperagelimit,dateofbirthrequired,finetype,bulk,enrolmentfee,reservefee,overduenoticerequired from categories where categorycode=?");
+ $sth->execute($categorycode);
$data=$sth->fetchrow_hashref;
$sth->finish;
}
bulk => $data->{'bulk'},
enrolmentfee => $data->{'enrolmentfee'},
overduenoticerequired => $data->{'overduenoticerequired'},
- issuelimit => $data->{'issuelimit'},
reservefee => $data->{'reservefee'});
} elsif ($op eq 'add_validate') {
$template->param(add_validate => 1);
my $dbh = C4::Context->dbh;
- my $query = "replace categories (categorycode,description,enrolmentperiod,upperagelimit,dateofbirthrequired,finetype,bulk,enrolmentfee,issuelimit,reservefee,overduenoticerequired) values (";
- $query.= $dbh->quote($input->param('categorycode')).",";
- $query.= $dbh->quote($input->param('description')).",";
- $query.= $dbh->quote($input->param('enrolmentperiod')).",";
- $query.= $dbh->quote($input->param('upperagelimit')).",";
- $query.= $dbh->quote($input->param('dateofbirthrequired')).",";
- $query.= $dbh->quote($input->param('finetype')).",";
- $query.= $dbh->quote($input->param('bulk')).",";
- $query.= $dbh->quote($input->param('enrolmentfee')).",";
- $query.= $dbh->quote($input->param('issuelimit')).",";
- $query.= $dbh->quote($input->param('reservefee')).",";
- $query.= $dbh->quote($input->param('overduenoticerequired')).")";
- my $sth=$dbh->prepare($query);
- $sth->execute;
+ my $sth=$dbh->prepare("replace categories (categorycode,description,enrolmentperiod,upperagelimit,dateofbirthrequired,finetype,bulk,enrolmentfee,reservefee,overduenoticerequired) values (?,?,?,?,?,?,?,?,?,?)");
+ $sth->execute(map {$input->param($_)} ('categorycode','description','enrolmentperiod','upperagelimit','dateofbirthrequired','finetype','bulk','enrolmentfee','reservefee','overduenoticerequired'));
$sth->finish;
print "data recorded";
print "<form action='$script_name' method=post>";
} elsif ($op eq 'delete_confirm') {
$template->param(delete_confirm => 1);
my $dbh = C4::Context->dbh;
- my $sth=$dbh->prepare("select count(*) as total from categoryitem where categorycode='$categorycode'");
- $sth->execute;
+ my $sth=$dbh->prepare("select count(*) as total from categoryitem where categorycode=?");
+ $sth->execute($categorycode);
my $total = $sth->fetchrow_hashref;
print "TOTAL : $categorycode : $total->{'total'}<br>";
$sth->finish;
- my $sth2=$dbh->prepare("select categorycode,description,enrolmentperiod,upperagelimit,dateofbirthrequired,finetype,bulk,enrolmentfee,issuelimit,reservefee,overduenoticerequired from categories where categorycode='$categorycode'");
- $sth2->execute;
+ my $sth2=$dbh->prepare("select categorycode,description,enrolmentperiod,upperagelimit,dateofbirthrequired,finetype,bulk,enrolmentfee,reservefee,overduenoticerequired from categories where categorycode=?");
+ $sth2->execute($categorycode);
my $data=$sth2->fetchrow_hashref;
$sth2->finish;
bulk => $data->{'bulk'},
enrolmentfee => $data->{'enrolmentfee'},
overduenoticerequired => $data->{'overduenoticerequired'},
- issuelimit => $data->{'issuelimit'},
reservefee => $data->{'reservefee'});
# END $OP eq DELETE_CONFIRM
$template->param(delete_confirmed => 1);
my $dbh = C4::Context->dbh;
my $categorycode=uc($input->param('categorycode'));
- my $query = "delete from categories where categorycode='$categorycode'";
- my $sth=$dbh->prepare($query);
- $sth->execute;
+ my $sth=$dbh->prepare("delete from categories where categorycode=?");
+ $sth->execute($categorycode);
$sth->finish;
# END $OP eq DELETE_CONFIRMED
} else { # DEFAULT
my $env;
my @loop;
my ($count,$results)=StringSearch($env,$searchfield,'web');
+ my $toggle = 'white';
for (my $i=0; $i < $count; $i++){
my %row = (categorycode => $results->[$i]{'categorycode'},
description => $results->[$i]{'description'},
bulk => $results->[$i]{'bulk'},
enrolmentfee => $results->[$i]{'enrolmentfee'},
overduenoticerequired => $results->[$i]{'overduenoticerequired'},
- issuelimit => $results->[$i]{'issuelimit'},
- reservefee => $results->[$i]{'reservefee'} );
+ reservefee => $results->[$i]{'reservefee'},
+ toggle => $toggle );
push @loop, \%row;
+ if ( $toggle eq 'white' )
+ {
+ $toggle = '#ffffcc';
+ }
+ else
+ {
+ $toggle = 'white';
+ }
+
}
$template->param(loop => \@loop);
} #---- END $OP eq DEFAULT
-
+$template->param(intranetcolorstylesheet => C4::Context->preference("intranetcolorstylesheet"),
+ intranetstylesheet => C4::Context->preference("intranetstylesheet"),
+ IntranetNav => C4::Context->preference("IntranetNav"),
+ );
output_html_with_http_headers $input, $cookie, $template->output;