my $offset=$input->param('offset');
my $father=$input->param('father');
-my $reqsel="select category,stdlib,freelib from bibliothesaurus where id='$id'";
+my $reqsel="";
my $reqdel="delete from bibliothesaurus where id='$id'";
my $script_name="/cgi-bin/koha/admin/thesaurus.pl";
my $dbh = C4::Context->dbh;
my $data;
if ($id) {
my $dbh = C4::Context->dbh;
- my $sth=$dbh->prepare("select id,category,freelib,stdlib from bibliothesaurus where id='$id'");
- $sth->execute;
+ my $sth=$dbh->prepare("select id,category,freelib,stdlib from bibliothesaurus where id=?");
+ $sth->execute($id);
$data=$sth->fetchrow_hashref;
$sth->finish;
} else {
# called by default form, used to confirm deletion of data in DB
} elsif ($op eq 'delete_confirm') {
my $dbh = C4::Context->dbh;
- my $sth=$dbh->prepare($reqsel);
- $sth->execute;
+ my $sth=$dbh->prepare("select category,stdlib,freelib from bibliothesaurus where id=?");
+ $sth->execute($id);
my $data=$sth->fetchrow_hashref;
$sth->finish;
$template->param(search_category => $search_category,
branch => $branch,
father => $father);
if ($offset>0) {
- $template->param(previous => "<a href=$script_name?branch=$branch&search_category=$search_category&searchstring=$searchstring&offset=$prevpage><< Prev</a>");
+ $template->param(previous => "$script_name?branch=$branch&search_category=$search_category&searchstring=$searchstring&offset=$prevpage");
}
if ($pagesize<$count) {
- $template->param(next => "<a href=$script_name?branch=$branch&search_category=$search_category&searchstring=$searchstring&offset=$nextpage>Next >></a>");
+ $template->param(next => "$script_name?branch=$branch&search_category=$search_category&searchstring=$searchstring&offset=$nextpage");
}
} #---- END $OP eq DEFAULT