use C4::Circulation;
use C4::Reports;
use C4::Members;
-use C4::Dates qw/format_date_in_iso/;
+
+use Koha::DateUtils;
+use Koha::Patron::Categories;
=head1 NAME
my $fullreportname = "reports/borrowers_out.tt";
my $limit = $input->param("Limit");
my $column = $input->param("Criteria");
-my @filters = $input->param("Filter");
-$filters[1] = format_date_in_iso($filters[1]) if $filters[1];
+my @filters = $input->multi_param("Filter");
+$filters[1] = eval { output_pref( { dt => dt_from_string( $filters[1]), dateonly => 1, dateformat => 'iso' } ); }
+ if ( $filters[1] );
+
my $output = $input->param("output");
my $basename = $input->param("basename");
our $sep = $input->param("sep") || '';
my $CGIextChoice = ( 'CSV' ); # FIXME translation
my $CGIsepChoice = GetDelimiterChoices;
-
- my ($codes,$labels) = GetborCatFromCatType(undef,undef);
- my @borcatloop;
- foreach my $thisborcat (sort keys %$labels) {
- my %row =(value => $thisborcat,
- description => $labels->{$thisborcat},
- );
- push @borcatloop, \%row;
- }
+
+ my $patron_categories = Koha::Patron::Categories->search_limited({}, {order_by => ['categorycode']});
$template->param(
CGIextChoice => $CGIextChoice,
CGIsepChoice => $CGIsepChoice,
- borcatloop =>\@borcatloop,
+ patron_categories => $patron_categories,
);
output_html_with_http_headers $input, $cookie, $template->output;
}
$colorder .= $column;
my $strsth2;
- $strsth2 .= "select distinct $colfield FROM borrowers WHERE 1";
- if ($colfilter[0]) {
+ $strsth2 .= "select distinct " . $dbh->quote($colfield) . " FROM borrowers WHERE 1";
+ my @query_args;
+ if ( $colfilter[0] ) {
$colfilter[0] =~ s/\*/%/g;
- $strsth2 .= " and $column LIKE '$colfilter[0]' " ;
+ $strsth2 .= " and " . $dbh->quote($column) . "LIKE ?" ;
+ push @query_args, $colfilter[0];
}
- $strsth2 .=" group by $colfield";
- $strsth2 .=" order by $colorder";
+ $strsth2 .=" group by " . $dbh->quote($colfield);
+ $strsth2 .=" order by " . $dbh->quote($colorder);
# warn "". $strsth2;
my $sth2 = $dbh->prepare( $strsth2 );
- $sth2->execute;
+ $sth2->execute( @query_args );
while (my ($celvalue) = $sth2->fetchrow) {
my %cell;
# my %ft;
# Processing calculation
$strcalc .= "SELECT CONCAT( borrowers.surname , \"\\t\",borrowers.firstname, \"\\t\", borrowers.cardnumber)";
- $strcalc .= " , $colfield " if ($colfield);
+ $strcalc .= " , " . $dbh->quote($colfield) if ($colfield);
$strcalc .= " FROM borrowers ";
$strcalc .= "WHERE 1 ";
- @$filters[0]=~ s/\*/%/g if (@$filters[0]);
- $strcalc .= " AND borrowers.categorycode like '" . @$filters[0] ."'" if ( @$filters[0] );
-
+ my @query_args;
+ if ( @$filters[0] ) {
+ @$filters[0]=~ s/\*/%/g;
+ $strcalc .= " AND borrowers.categorycode like ?";
+ push @query_args, @$filters[0];
+ }
$strcalc .= " AND NOT EXISTS (SELECT * FROM issues WHERE issues.borrowernumber=borrowers.borrowernumber ";
- $strcalc .= " AND issues.timestamp> '" . @$filters[1] . "'" if (@$filters[1]);
+ if ( @$filters[1] ) {
+ $strcalc .= " AND issues.timestamp > ?";
+ push @query_args, @$filters[1];
+ }
$strcalc .= ") ";
$strcalc .= " AND NOT EXISTS (SELECT * FROM old_issues WHERE old_issues.borrowernumber=borrowers.borrowernumber ";
- $strcalc .= " AND old_issues.timestamp> '" . @$filters[1] . "'" if (@$filters[1]);
+ if ( @$filters[1] ) {
+ $strcalc .= " AND old_issues.timestamp > ?";
+ push @query_args, @$filters[1];
+ }
$strcalc .= ") ";
$strcalc .= " group by borrowers.borrowernumber";
- $strcalc .= ", $colfield" if ($column);
- $strcalc .= " order by $colfield " if ($colfield);
+ $strcalc .= ", " . $dbh->quote($colfield) if ($column);
+ $strcalc .= " order by " . $dbh->quote($colfield) if ($colfield);
my $max;
if ($line) {
if (@loopcol) {
}
my $dbcalc = $dbh->prepare($strcalc);
- $dbcalc->execute;
+ $dbcalc->execute( @query_args );
# warn "filling table";
my $previous_col;
$i=1;