X-Git-Url: http://git.rot13.org/?a=blobdiff_plain;ds=sidebyside;f=tools%2Fquotes%2Fquotes_ajax.pl;h=79fbe6fb01e323d83868023581dbaf0584f3b3ef;hb=62a4969057f98728a466c0f83c3bf011ddec4835;hp=926fe9d488ec16ba415e9b0afcad35697c200826;hpb=068e5be6395088793aeab66d67c36c2b9da2c5d9;p=koha.git

diff --git a/tools/quotes/quotes_ajax.pl b/tools/quotes/quotes_ajax.pl
index 926fe9d488..79fbe6fb01 100755
--- a/tools/quotes/quotes_ajax.pl
+++ b/tools/quotes/quotes_ajax.pl
@@ -4,23 +4,22 @@
 #
 # This file is part of Koha.
 #
-# Koha is free software; you can redistribute it and/or modify it under the
-# terms of the GNU General Public License as published by the Free Software
-# Foundation; either version 2 of the License, or (at your option) any later
-# version.
+# Koha is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
 #
-# Koha is distributed in the hope that it will be useful, but WITHOUT ANY
-# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
-# A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
+# Koha is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
 #
-# You should have received a copy of the GNU General Public License along
-# with Koha; if not, write to the Free Software Foundation, Inc.,
-# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+# You should have received a copy of the GNU General Public License
+# along with Koha; if not, see <http://www.gnu.org/licenses>.
 
-use strict;
-use warnings;
+use Modern::Perl;
 
-use CGI;
+use CGI qw ( -utf8 );
 use JSON;
 use autouse 'Data::Dumper' => qw(Dumper);
 
@@ -31,24 +30,21 @@ my $cgi = CGI->new;
 my $dbh = C4::Context->dbh;
 my $sort_columns = ["id", "source", "text", "timestamp"];
 
-my ( $template, $borrowernumber, $cookie ) = get_template_and_user(
-    {
-        template_name   => "",
-        query           => $cgi,
-        type            => "intranet",
-        authnotrequired => 0,
-        flagsrequired   => { tools => 'edit_quotes' },
-        debug           => 1,
-    }
-);
+my ( $status, $cookie, $sessionID ) = C4::Auth::check_api_auth( $cgi, { tools => 'edit_quotes' } );
+unless ($status eq "ok") {
+    print $cgi->header(-type => 'application/json', -status => '403 Forbidden');
+    print to_json({ auth_status => $status });
+    exit 0;
+}
 
 # NOTE: This is a collection of ajax functions for use with tools/quotes.pl
 
 my $params = $cgi->Vars; # NOTE: Multivalue parameters NOT allowed!!
 
-print $cgi->header('application/json');
+print $cgi->header('application/json; charset=utf-8');
 
-if ($params->{'action'} eq 'add') {
+my $action = $params->{'action'} || 'get';
+if ($action eq 'add') {
     my $sth = $dbh->prepare('INSERT INTO quotes (source, text) VALUES (?, ?);');
     $sth->execute($params->{'source'}, $params->{'text'});
     if ($sth->err) {
@@ -58,30 +54,33 @@ if ($params->{'action'} eq 'add') {
     my $new_quote_id = $dbh->{q{mysql_insertid}}; # ALERT: mysqlism here
     $sth = $dbh->prepare('SELECT * FROM quotes WHERE id = ?;');
     $sth->execute($new_quote_id);
-    print to_json($sth->fetchall_arrayref);
-    exit 1;
+    print to_json($sth->fetchall_arrayref, {utf8 =>1});
+    exit 0;
 }
-elsif ($params->{'action'} eq 'edit') {
+elsif ($action eq 'edit') {
+    my $aaData = [];
     my $editable_columns = [qw(source text)]; # pay attention to element order; these columns match the quotes table columns
     my $sth = $dbh->prepare("UPDATE quotes SET $editable_columns->[$params->{'column'}-1]  = ? WHERE id = ?;");
     $sth->execute($params->{'value'}, $params->{'id'});
     if ($sth->err) {
         warn sprintf('Database returned the following error: %s', $sth->errstr);
-        exit 0;
+        exit 1;
     }
     $sth = $dbh->prepare("SELECT $editable_columns->[$params->{'column'}-1] FROM quotes WHERE id = ?;");
     $sth->execute($params->{'id'});
-    print $sth->fetchrow_array();
-    exit 1;
+    $aaData = $sth->fetchrow_array();
+    print Encode::encode('utf8', $aaData);
+
+    exit 0;
 }
-elsif ($params->{'action'} eq 'delete') {
+elsif ($action eq 'delete') {
     my $sth = $dbh->prepare("DELETE FROM quotes WHERE id = ?;");
     $sth->execute($params->{'id'});
     if ($sth->err) {
         warn sprintf('Database returned the following error: %s', $sth->errstr);
-        exit 0;
+        exit 1;
     }
-    exit 1;
+    exit 0;
 }
 else {
     my $aaData = [];
@@ -94,7 +93,7 @@ else {
     $sth->execute();
     if ($sth->err) {
         warn sprintf('Database returned the following error: %s', $sth->errstr);
-        exit 0;
+        exit 1;
     }
 
     $aaData = $sth->fetchall_arrayref;
@@ -106,5 +105,5 @@ else {
                     iTotalDisplayRecords=>  $iTotalDisplayRecords,
                     sEcho               =>  $params->{'sEcho'},
                     aaData              =>  $aaData,
-                  });
+                  }, {utf8 =>1});
 }