#
# This file is part of Koha.
#
-# Koha is free software; you can redistribute it and/or modify it under the
-# terms of the GNU General Public License as published by the Free Software
-# Foundation; either version 2 of the License, or (at your option) any later
-# version.
+# Koha is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
#
-# Koha is distributed in the hope that it will be useful, but WITHOUT ANY
-# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
-# A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+# Koha is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
#
-# You should have received a copy of the GNU General Public License along
-# with Koha; if not, write to the Free Software Foundation, Inc.,
-# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+# You should have received a copy of the GNU General Public License
+# along with Koha; if not, see <http://www.gnu.org/licenses>.
-use strict;
-use warnings;
-use CGI;
+use Modern::Perl;
+use CGI qw ( -utf8 );
+use CGI::Cookie;
use C4::Context;
+use C4::Auth qw/check_cookie_auth/;
use C4::ImportExportFramework;
+my %cookies = CGI::Cookie->fetch();
+my $authenticated = 0;
+my ($auth_status, $sessionID);
+if (exists $cookies{'CGISESSID'}) {
+ ($auth_status, $sessionID) = check_cookie_auth(
+ $cookies{'CGISESSID'}->value,
+ { parameters => 'parameters_remaining_permissions' },
+ );
+}
+if ($auth_status eq 'ok') {
+ $authenticated = 1;
+}
+
my $input = new CGI;
-my $frameworkcode = $input->param('frameworkcode') || '';
+unless ($authenticated) {
+ print $input->header(-type => 'text/plain', -status => '403 Forbidden');
+ exit 0;
+}
+
+my $framework_name = $input->param('frameworkcode') || 'default';
+my $frameworkcode = ($framework_name eq 'default') ? q{} : $framework_name;
my $action = $input->param('action') || 'export';
## Exporting
if ($action eq 'export' && $input->request_method() eq 'GET') {
my $strXml = '';
- my $format = $input->param('type_export_' . $frameworkcode);
+ my $format = $input->param('type_export_' . $framework_name);
ExportFramework($frameworkcode, \$strXml, $format);
+
if ($format eq 'csv') {
# CSV file
- print $input->header(-type => 'application/vnd.ms-excel', -attachment => 'export_' . $frameworkcode . '.csv');
- print $strXml;
- } elsif ($format eq 'sql') {
- # SQL file
- print $input->header(-type => 'text/plain', -attachment => 'export_' . $frameworkcode . '.sql');
+
+ # Correctly set the encoding to output plain text in UTF-8
+ binmode(STDOUT,':encoding(UTF-8)');
+ print $input->header(-type => 'application/vnd.ms-excel', -attachment => 'export_' . $framework_name . '.csv');
print $strXml;
} elsif ($format eq 'excel') {
# Excel-xml file
- print $input->header(-type => 'application/excel', -attachment => 'export_' . $frameworkcode . '.xml');
+ print $input->header(-type => 'application/excel', -attachment => 'export_' . $framework_name . '.xml');
print $strXml;
} else {
# ODS file
my $strODS = '';
createODS($strXml, 'en', \$strODS);
- print $input->header(-type => 'application/vnd.oasis.opendocument.spreadsheet', -attachment => 'export_' . $frameworkcode . '.ods');
+ print $input->header(-type => 'application/vnd.oasis.opendocument.spreadsheet', -attachment => 'export_' . $framework_name . '.ods');
print $strODS;
}
## Importing
} elsif ($input->request_method() eq 'POST') {
my $ok = -1;
- my $fieldname = 'file_import_' . $frameworkcode;
+ my $fieldname = 'file_import_' . $framework_name;
my $filename = $input->param($fieldname);
# upload the input file
- if ($filename && $filename =~ /\.(csv|ods|xml|sql)$/i) {
+ if ($filename && $filename =~ /\.(csv|ods|xml)$/i) {
my $extension = $1;
my $uploadFd = $input->upload($fieldname);
if ($uploadFd && !$input->cgi_error) {
- my $tmpfilename = $input->tmpFileName($input->param($fieldname));
+ my $tmpfilename = $input->tmpFileName(scalar $input->param($fieldname));
$filename = $tmpfilename . '.' . $extension; # rename the tmp file with the extension
$ok = ImportFramework($filename, $frameworkcode, 1) if (rename($tmpfilename, $filename));
}
projects / koha.git / blobdiff