# This file is part of Koha.
#
-# Koha is free software; you can redistribute it and/or modify it under the
-# terms of the GNU General Public License as published by the Free Software
-# Foundation; either version 2 of the License, or (at your option) any later
-# version.
+# Koha is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
#
-# Koha is distributed in the hope that it will be useful, but WITHOUT ANY
-# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
-# A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+# Koha is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
#
-# You should have received a copy of the GNU General Public License along with
-# Koha; if not, write to the Free Software Foundation, Inc., 59 Temple Place,
-# Suite 330, Boston, MA 02111-1307 USA
+# You should have received a copy of the GNU General Public License
+# along with Koha; if not, see <http://www.gnu.org/licenses>.
use strict;
use warnings;
-use CGI;
+use CGI qw ( -utf8 );
+use Encode qw( encode );
use C4::Auth; # get_template_and_user
use C4::Members;
use C4::Branch;
use C4::Output;
use C4::Suggestions;
use C4::Koha;
-use C4::Dates;
+use C4::Scrubber;
+
+use Koha::DateUtils qw( dt_from_string );
my $input = new CGI;
-my $allsuggestions = $input->param('showall');
my $op = $input->param('op');
my $suggestion = $input->Vars;
-delete $$suggestion{$_} foreach qw<op suggestedbyme>;
+my $negcaptcha = $input->param('negcap');
+my $suggested_by_anyone = $input->param('suggested_by_anyone') || 0;
+
+# If a spambot accidentally populates the 'negcap' field in the sugesstions form, then silently skip and return.
+if ($negcaptcha ) {
+ print $input->redirect("/cgi-bin/koha/opac-suggestions.pl");
+ exit;
+} else {
+ # don't pass 'negcap' column to DB, else DBI::Class will error
+ # DBIx::Class::Row::store_column(): No such column 'negcap' on Koha::Schema::Result::Suggestion at Koha/C4/Suggestions.pm
+ delete $suggestion->{negcap};
+}
+
+#If suggestions are turned off we redirect to 404 error. This will also redirect guest suggestions
+if ( ! C4::Context->preference('suggestion') ) {
+ print $input->redirect("/cgi-bin/koha/errors/404.pl");
+ exit;
+}
+
+delete $suggestion->{$_} foreach qw<op suggested_by_anyone>;
$op = 'else' unless $op;
-my ( $template, $borrowernumber, $cookie );
+my ( $template, $borrowernumber, $cookie, @messages );
my $deleted = $input->param('deleted');
my $submitted = $input->param('submitted');
-if ( C4::Context->preference("AnonSuggestions") ) {
+if ( C4::Context->preference("AnonSuggestions") or ( C4::Context->preference("OPACViewOthersSuggestions") and $op eq 'else' ) ) {
( $template, $borrowernumber, $cookie ) = get_template_and_user(
{
- template_name => "opac-suggestions.tmpl",
+ template_name => "opac-suggestions.tt",
query => $input,
type => "opac",
authnotrequired => ( C4::Context->preference("OpacPublic") ? 1 : 0 ),
}
);
- if ( !$$suggestion{suggestedby} ) {
- $$suggestion{suggestedby} = C4::Context->preference("AnonymousPatron");
- }
}
else {
( $template, $borrowernumber, $cookie ) = get_template_and_user(
{
- template_name => "opac-suggestions.tmpl",
+ template_name => "opac-suggestions.tt",
query => $input,
type => "opac",
authnotrequired => 0,
}
);
}
-if ($allsuggestions){
- delete $$suggestion{suggestedby};
-}
-else {
- $$suggestion{suggestedby} ||= $borrowernumber unless ($allsuggestions);
+
+if ( $op eq 'else' ) {
+ if ( C4::Context->preference("OPACViewOthersSuggestions") ) {
+ if ( $borrowernumber ) {
+ # A logged in user is able to see suggestions from others
+ $suggestion->{suggestedby} = $suggested_by_anyone
+ ? undef
+ : $borrowernumber;
+ }
+ else {
+ # Non logged in user is able to see all suggestions
+ $suggestion->{suggestedby} = undef;
+ }
+ }
+ else {
+ if ( $borrowernumber ) {
+ $suggestion->{suggestedby} = $borrowernumber;
+ }
+ else {
+ $suggestion->{suggestedby} = -1;
+ }
+ }
+} else {
+ if ( $borrowernumber ) {
+ $suggestion->{suggestedby} = $borrowernumber;
+ }
+ else {
+ $suggestion->{suggestedby} = C4::Context->preference("AnonymousPatron");
+ }
}
-# warn "bornum:",$borrowernumber;
my $suggestions_loop =
&SearchSuggestion( $suggestion);
if ( $op eq "add_confirm" ) {
if (@$suggestions_loop>=1){
#some suggestion are answering the request Donot Add
+ for my $suggestion ( @$suggestions_loop ) {
+ push @messages, { type => 'error', code => 'already_exists', id => $suggestion->{suggestionid} };
+ last;
+ }
}
else {
- $$suggestion{'suggesteddate'}=C4::Dates->today;
- $$suggestion{'branchcode'}= $input->param('branch') || C4::Context->userenv->{"branch"};
+ my $scrubber = C4::Scrubber->new();
+ foreach my $suggest (keys %$suggestion){
+ # Don't know why the encode is needed for Perl v5.10 here
+ $suggestion->{$suggest} = Encode::encode("utf8", $scrubber->scrub($suggestion->{$suggest}) );
+ }
+ $suggestion->{suggesteddate} = dt_from_string;
+ $suggestion->{branchcode} = $input->param('branchcode') || C4::Context->userenv->{"branch"};
+
&NewSuggestion($suggestion);
# empty fields, to avoid filter in "SearchSuggestion"
$$suggestion{$_}='' foreach qw<title author publishercode copyrightdate place collectiontitle isbn STATUS>;
$suggestions_loop =
&SearchSuggestion( $suggestion );
+ push @messages, { type => 'info', code => 'success_on_inserted' };
}
- $op = 'else';
- print $input->redirect("/cgi-bin/koha/opac-suggestions.pl?op=else&submitted=1");
- exit;
+ $op = 'else';
}
if ( $op eq "delete_confirm" ) {
&DelSuggestion( $borrowernumber, $delete_field );
}
$op = 'else';
- print $input->redirect("/cgi-bin/koha/opac-suggestions.pl?op=else&deleted=1");
+ print $input->redirect("/cgi-bin/koha/opac-suggestions.pl?op=else");
exit;
}
map{ $_->{'branchcodesuggestedby'}=GetBranchInfo($_->{'branchcodesuggestedby'})->[0]->{'branchname'}} @$suggestions_loop;
-my $supportlist=GetSupportList();
-foreach my $support(@$supportlist){
- if ($$support{'imageurl'}){
- $$support{'imageurl'}= getitemtypeimagelocation( 'opac', $$support{'imageurl'} );
- }
- else {
- delete $$support{'imageurl'}
- }
-}
foreach my $suggestion(@$suggestions_loop) {
if($suggestion->{'suggestedby'} == $borrowernumber) {
my ( $borr ) = GetMemberDetails( $borrowernumber );
# pass the pickup branch along....
- my $branch = $input->param('branch') || $borr->{'branchcode'} || C4::Context->userenv->{branch} || '' ;
+ my $userbranch = '';
+ if (C4::Context->userenv && C4::Context->userenv->{'branch'}) {
+ $userbranch = C4::Context->userenv->{'branch'};
+ }
+ my $branchcode = $input->param('branchcode') || $borr->{'branchcode'} || $userbranch || '' ;
# make branch selection options...
- my $CGIbranchloop = GetBranchesLoop($branch);
- $template->param( branch_loop => $CGIbranchloop );
+ my $branchloop = GetBranchesLoop($branchcode);
+ $template->param( branchloop => $branchloop );
}
$template->param(
%$suggestion,
- itemtypeloop=> $supportlist,
suggestions_loop => $suggestions_loop,
patron_reason_loop => $patron_reason_loop,
- showall => $allsuggestions,
"op_$op" => 1,
+ $op => 1,
+ messages => \@messages,
suggestionsview => 1,
+ suggested_by_anyone => $suggested_by_anyone,
);
output_html_with_http_headers $input, $cookie, $template->output;