#
# This file is part of Koha.
#
-# Koha is free software; you can redistribute it and/or modify it under the
-# terms of the GNU General Public License as published by the Free Software
-# Foundation; either version 2 of the License, or (at your option) any later
-# version.
+# Koha is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
#
-# Koha is distributed in the hope that it will be useful, but WITHOUT ANY
-# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
-# A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+# Koha is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
#
-# You should have received a copy of the GNU General Public License along with
-# Koha; if not, write to the Free Software Foundation, Inc., 59 Temple Place,
-# Suite 330, Boston, MA 02111-1307 USA
+# You should have received a copy of the GNU General Public License
+# along with Koha; if not, see <http://www.gnu.org/licenses>.
use warnings;
use strict;
use Data::Dumper;
use POSIX;
-use CGI;
+use CGI qw ( -utf8 );
use CGI::Cookie; # need to check cookies before having CGI parse the POST request
-
+use URI::Escape;
use C4::Auth qw(:DEFAULT check_cookie_auth);
use C4::Context;
-use C4::Dates qw(format_date format_date_in_iso);
+use Koha::DateUtils;
# use C4::Koha;
-use C4::Output 3.02 qw(:html :ajax pagination_bar);
+use C4::Output qw(:html :ajax pagination_bar);
use C4::Debug;
-use C4::Tags 0.03 qw(get_tags get_approval_rows approval_counts whitelist blacklist is_approved);
+use C4::Tags qw(get_tags get_approval_rows approval_counts whitelist blacklist is_approved);
my $script_name = "/cgi-bin/koha/tags/review.pl";
my $needed_flags = { tools => 'moderate_tags' }; # FIXME: replace when more specific permission is created.
sub ajax_auth_cgi ($) { # returns CGI object
my $needed_flags = shift;
- my %cookies = fetch CGI::Cookie;
+ my %cookies = CGI::Cookie->fetch;
my $input = CGI->new;
- my $sessid = $cookies{'CGISESSID'}->value || $input->param('CGISESSID');
+ my $sessid = $cookies{'CGISESSID'}->value;
my ($auth_status, $auth_sessid) = check_cookie_auth($sessid, $needed_flags);
$debug and
print STDERR "($auth_status, $auth_sessid) = check_cookie_auth($sessid," . Dumper($needed_flags) . ")\n";
my ($tag, $js_reply);
if ($tag = $input->param('test')) {
my $check = is_approved($tag);
- $js_reply = ( $check >= 1 ? 'success' :
- $check <= -1 ? 'failure' : 'indeterminate' ) . "_test('$tag');\n";
+ $js_reply = ( $check >= 1 ? 'success' : $check <= -1 ? 'failure' : 'indeterminate' ) . "_test('".uri_escape_utf8($tag)."');\n";
}
if ($tag = $input->param('ok')) {
- $js_reply = ( whitelist($operator,$tag) ? 'success' : 'failure') . "_approve('$tag');\n";
+ $js_reply = ( whitelist($operator,$tag) ? 'success' : 'failure') . "_approve('".uri_escape_utf8($tag)."');\n";
}
if ($tag = $input->param('rej')) {
- $js_reply = ( blacklist($operator,$tag) ? 'success' : 'failure') . "_reject('$tag');\n";
+ $js_reply = ( blacklist($operator,$tag) ? 'success' : 'failure') . "_reject('".uri_escape_utf8($tag)."');\n";
}
output_with_http_headers $input, undef, $js_reply, 'js';
exit;
### Below is the sad, boring, necessary non-AJAX HTML code.
my $input = CGI->new;
-my ($template, $borrowernumber, $cookie) = get_template_and_user({
- template_name => "tags/review.tmpl",
- query => $input,
- type => "intranet",
- debug => 1,
- authnotrequired => 0,
- flagsrequired => $needed_flags,
-});
+my ($template, $borrowernumber, $cookie) = get_template_and_user(
+ {
+ template_name => "tags/review.tt",
+ query => $input,
+ type => "intranet",
+ debug => 1,
+ authnotrequired => 0,
+ flagsrequired => $needed_flags,
+ }
+);
my ($op, @errors, @tags);
-$op = lc($input->param('op')) || 'none';
-@tags = $input->param('tags');
+
+foreach (qw( approve reject test )) {
+ $op = $_ if ( $input->param("op-$_") );
+}
+$op ||= 'none';
+
+@tags = $input->multi_param('tags');
$borrowernumber == 0 and push @errors, {op_zero=>1};
if ($op eq 'approve') {
$filters{term} = $filter;
}
if ($filter = $input->param('from')) {
- if ($date_from = format_date_in_iso($filter)) {
+ $date_from = eval { output_pref( { dt => dt_from_string( $filter ), dateonly => 1, dateformat => 'iso' } ); };
+ if ( $date_from ) {
$template->param(filter_date_approved_from=>$filter);
$filters{date_approved} = ">=$date_from";
} else {
}
}
if ($filter = $input->param('to')) {
- if ($date_to = format_date_in_iso($filter)) {
+ $date_to = eval { output_pref( { dt => dt_from_string( $filter ), dateonly => 1, dateformat => 'iso' } ); };
+ if ( $date_to ) {
$template->param(filter_date_approved_to=>$filter);
$filters{date_approved} = "<=$date_to";
} else {
}
}
if ($filter = $input->param('approver')) { # name (or borrowernumber) from input box
- if (($filter =~ /^\d+$/ and $filter > 0) or
- (1) ){ # $filter=get borrowernumber from name
+ if ($filter =~ /^\d+$/ and $filter > 0) {
+ # $filter=get borrowernumber from name
+ # FIXME: get borrowernumber from name not implemented.
$template->param(filter_approver=>$filter);
$filters{approved_by} = $filter;
- # } else {
+ } else {
push @errors, {approver=>$filter};
}
}
$debug and print STDERR "number of approval_rows: " . scalar(@$tagloop) . "rows\n";
(scalar @errors) and $template->param(message_loop=>\@errors);
$template->param(
- DHTMLcalendar_dateformat => C4::Dates->DHTMLcalendar(),
offset => $offset, # req'd for EXPR
op => $op,
op_count => scalar(@tags),
projects / koha.git / blobdiff