Bug 7684: QA Followup and bugfixes

[koha.git] / offline_circ / service.pl

diff --git a/offline_circ/service.pl b/offline_circ/service.pl
index 8d1dd5f..771d459 100755 (executable)
--- a/offline_circ/service.pl
+++ b/offline_circ/service.pl
@@ -13,11 +13,14 @@
 # WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
 # A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
 #
-# You should have received a copy of the GNU General Public License along with
-# Koha; if not, write to the Free Software Foundation, Inc., 59 Temple Place,
-# Suite 330, Boston, MA  02111-1307 USA
+# You should have received a copy of the GNU General Public License along
+# with Koha; if not, write to the Free Software Foundation, Inc.,
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 #
 
+use strict;
+use warnings;
+
 use CGI;
 use C4::Auth;
 use C4::Circulation;
@@ -26,31 +29,47 @@ my $cgi = CGI->new;
 
 # get the status of the user, this will check his credentials and rights
 my ($status, $cookie, $sessionId) = C4::Auth::check_api_auth($cgi, undef);
+($status, $sessionId) = C4::Auth::check_cookie_auth($cgi, undef) if ($status ne 'ok');
 
 my $result;
 
 if ($status eq 'ok') { # if authentication is ok
-       if ( $cgi->param('pending') eq 'true' ) { # if the 'pending' flag is true, we store the operation in the db instead of directly processing them
-               $result = AddOfflineOperation(
-               $cgi->param('userid')     || '',
-            $cgi->param('branchcode') || '',
-            $cgi->param('timestamp')  || '',
-            $cgi->param('action')     || '',
-            $cgi->param('barcode')    || '',
-            $cgi->param('cardnumber') || '',
-               );
-       } else {
-               $result = ProcessOfflineOperation(
+
+    my $userid     = $cgi->param('userid')     || '';
+    my $branchcode = $cgi->param('branchcode') || '';
+    my $timestamp  = $cgi->param('timestamp')  || '';
+    my $action     = $cgi->param('action')     || '';
+    my $barcode    = $cgi->param('barcode')    || '';
+    my $amount     = $cgi->param('amount')     || 0;
+    $barcode    =~ s/^\s+//;
+    $barcode    =~ s/\s+$//;
+    my $cardnumber = $cgi->param('cardnumber') || '';
+    $cardnumber =~ s/^\s+//;
+    $cardnumber =~ s/\s+$//;
+
+    if ( $cgi->param('pending') eq 'true' ) { # if the 'pending' flag is true, we store the operation in the db instead of directly processing them
+        $result = AddOfflineOperation(
+            $userid,
+            $branchcode,
+            $timestamp,
+            $action,
+            $barcode,
+            $cardnumber,
+            $amount
+        );
+    } else {
+        $result = ProcessOfflineOperation(
             {
-                'userid'      => $cgi->param('userid'),
-                'branchcode'  => $cgi->param('branchcode'),
-                'timestamp'   => $cgi->param('timestamp'),
-                'action'      => $cgi->param('action'),
-                'barcode'     => $cgi->param('barcode'),
-                'cardnumber'  => $cgi->param('cardnumber'),
+                'userid'      => $userid,
+                'branchcode'  => $branchcode,
+                'timestamp'   => $timestamp,
+                'action'      => $action,
+                'barcode'     => $barcode,
+                'cardnumber'  => $cardnumber,
+                'amount'      => $amount
             }
-               );
-       }
+        );
+    }
 } else {
     $result = "Authentication failed."
 }