X-Git-Url: http://git.rot13.org/?a=blobdiff_plain;f=admin%2Fauth_tag_structure.pl;h=4f30d23f797df7a0b1271f28f02fd845af1b445a;hb=c9982a6cb7cd6601a76d3132aa9a7d898d31494a;hp=90c811b75e300814879daeeb9a2f86f977ac0bce;hpb=a9f96d62d6d81880c1167177cb2f7dca7722a039;p=koha.git diff --git a/admin/auth_tag_structure.pl b/admin/auth_tag_structure.pl index 90c811b75e..4f30d23f79 100755 --- a/admin/auth_tag_structure.pl +++ b/admin/auth_tag_structure.pl @@ -24,33 +24,28 @@ use C4::Auth; use C4::Koha; use C4::Context; use C4::Output; -use C4::Interface::CGI::Output; -use C4::Search; use C4::Context; -use HTML::Template; + # retrieve parameters my $input = new CGI; -my $authtypecode = $input->param('authtypecode'); # set to select framework -$authtypecode="" unless $authtypecode; -my $existingauthtypecode = $input->param('existingauthtypecode'); # set when we have to create a new framework (in authtype) by copying an old one (in existingauthtype) -$existingauthtypecode = "" unless $existingauthtypecode; -# my $authtypeinfo = getauthtypeinfo($authtype); -my $searchfield=$input->param('searchfield'); -$searchfield=0 unless $searchfield; -$searchfield=~ s/\,//g; +my $authtypecode = $input->param('authtypecode') || ''; # set to select framework +my $existingauthtypecode = $input->param('existingauthtypecode') || ''; # set when we have to create a new framework (in authtype) by copying an old one (in existingauthtype) -my $offset=$input->param('offset'); -my $op = $input->param('op'); -my $pagesize=20; +# my $authtypeinfo = getauthtypeinfo($authtype); +my $searchfield = $input->param('searchfield') || 0; +my $offset = $input->param('offset') || 0; +my $op = $input->param('op') || ''; +$searchfield =~ s/\,//g; -my $script_name="/cgi-bin/koha/admin/auth_tag_structure.pl"; +my $pagesize = 20; +my $script_name = "/cgi-bin/koha/admin/auth_tag_structure.pl"; my $dbh = C4::Context->dbh; # open template my ($template, $loggedinuser, $cookie) - = get_template_and_user({template_name => "parameters/auth_tag_structure.tmpl", + = get_template_and_user({template_name => "admin/auth_tag_structure.tmpl", query => $input, type => "intranet", authnotrequired => 0, @@ -73,11 +68,11 @@ foreach my $thisauthtype (keys %$authtypes) { my $sth; # check that authtype framework is defined in auth_tag_structure if we are on a default action if (!$op or $op eq 'authtype_create_confirm') { -warn "IN"; $sth=$dbh->prepare("select count(*) from auth_tag_structure where authtypecode=?"); $sth->execute($authtypecode); my ($authtypeexist) = $sth->fetchrow; if ($authtypeexist) { + $op||="else"; } else { # if authtype does not exists, then OP must be changed to "create authtype" if we are not on the way to create it # (op = authtyp_create_confirm) @@ -88,15 +83,14 @@ warn "IN"; } } } +$template->param(script_name => $script_name); $template->param(authtypeloop => \@authtypesloop); -if ($op && $op ne 'authtype_create_confirm') { -$template->param(script_name => $script_name, - $op => 1); # we show only the TMPL_VAR names $op +if ($op ne 'authtype_create_confirm') { + $template->param($op => 1); } else { -$template->param(script_name => $script_name, - else => 1); # we show only the TMPL_VAR names $op + $template->param(else => 1); } - + ################## ADD_FORM ################################## # called by default. Used to create form to add or modify a record if ($op eq 'add_form') { @@ -106,7 +100,6 @@ if ($op eq 'add_form') { $sth=$dbh->prepare("select tagfield,liblibrarian,libopac,repeatable,mandatory,authorised_value from auth_tag_structure where tagfield=? and authtypecode=?"); $sth->execute($searchfield,$authtypecode); $data=$sth->fetchrow_hashref; - $sth->finish; } my $sth = $dbh->prepare("select distinct category from authorised_values"); $sth->execute; @@ -116,8 +109,10 @@ if ($op eq 'add_form') { push @authorised_values, $category; } my $authorised_value = CGI::scrolling_list(-name=>'authorised_value', + -id=>'authorised_value', -values=> \@authorised_values, -size=>1, + -tabindex=>'', -multiple=>0, -default => $data->{'authorised_value'}, ); @@ -134,8 +129,8 @@ if ($op eq 'add_form') { $template->param('use-heading-flags-p' => 1); $template->param(liblibrarian => $data->{'liblibrarian'}, libopac => $data->{'libopac'}, - repeatable => CGI::checkbox('repeatable',$data->{'repeatable'}?'checked':'',1,''), - mandatory => CGI::checkbox('mandatory',$data->{'mandatory'}?'checked':'',1,''), + repeatable => "".$data->{'repeatable'}, + mandatory => "".$data->{'mandatory'}, authorised_value => $authorised_value, authtypecode => $authtypecode, ); @@ -143,25 +138,39 @@ if ($op eq 'add_form') { ################## ADD_VALIDATE ################################## # called by add_form, used to insert/modify data in DB } elsif ($op eq 'add_validate') { - $sth=$dbh->prepare("replace auth_tag_structure (tagfield,liblibrarian,libopac,repeatable,mandatory,authorised_value,authtypecode) values (?,?,?,?,?,?,?)"); - my $tagfield =$input->param('tagfield'); - my $liblibrarian = $input->param('liblibrarian'); - my $libopac =$input->param('libopac'); - my $repeatable =$input->param('repeatable'); - my $mandatory =$input->param('mandatory'); - my $authorised_value =$input->param('authorised_value'); - unless (C4::Context->config('demo') eq 1) { - $sth->execute($tagfield, - $liblibrarian, - $libopac, - $repeatable?1:0, - $mandatory?1:0, - $authorised_value, - $authtypecode - ); - } - $sth->finish; - print "Content-Type: text/html\n\n"; + my $tagfield = $input->param('tagfield'); + my $liblibrarian = $input->param('liblibrarian'); + my $libopac = $input->param('libopac'); + my $repeatable = $input->param('repeatable') ? 1 : 0; + my $mandatory = $input->param('mandatory') ? 1 : 0; + my $authorised_value = $input->param('authorised_value'); + unless (C4::Context->config('demo') eq 1) { + if ($input->param('modif')) { + $sth=$dbh->prepare("UPDATE auth_tag_structure SET tagfield=?, liblibrarian=?, libopac=?, repeatable=?, mandatory=?, authorised_value=? WHERE authtypecode=? AND tagfield=?"); + $sth->execute( + $tagfield, + $liblibrarian, + $libopac, + $repeatable, + $mandatory, + $authorised_value, + $authtypecode, + $tagfield, + ); + } else { + $sth=$dbh->prepare("INSERT INTO auth_tag_structure (tagfield,liblibrarian,libopac,repeatable,mandatory,authorised_value,authtypecode) VALUES (?,?,?,?,?,?,?)"); + $sth->execute( + $tagfield, + $liblibrarian, + $libopac, + $repeatable, + $mandatory, + $authorised_value, + $authtypecode + ); + } + } + print "Content-Type: text/html\n\nparam('tagfield')."&authtypecode=$authtypecode\">"; exit; # END $OP eq ADD_VALIDATE ################## DELETE_CONFIRM ################################## @@ -170,18 +179,21 @@ if ($op eq 'add_form') { $sth=$dbh->prepare("select tagfield,liblibrarian,libopac,repeatable,mandatory,authorised_value from auth_tag_structure where tagfield=?"); $sth->execute($searchfield); my $data=$sth->fetchrow_hashref; - $sth->finish; $template->param(liblibrarian => $data->{'liblibrarian'}, searchfield => $searchfield, + authtypecode => $authtypecode, ); # END $OP eq DELETE_CONFIRM ################## DELETE_CONFIRMED ################################## # called by delete_confirm, used to effectively confirm deletion of data in DB } elsif ($op eq 'delete_confirmed') { unless (C4::Context->config('demo') eq 1) { - $dbh->do("delete from auth_tag_structure where tagfield='$searchfield'"); - $dbh->do("delete from auth_subfield_structure where tagfield='$searchfield'"); + $dbh->do("delete from auth_tag_structure where tagfield='$searchfield' and authtypecode='$authtypecode'"); + $dbh->do("delete from auth_subfield_structure where tagfield='$searchfield' and authtypecode='$authtypecode'"); + # FIXME: Secuity vulnerability -- use placeholders, prepare and execute! } + print "Content-Type: text/html\n\nparam('tagfield')."&authtypecode=$authtypecode\">"; + exit; # END $OP eq DELETE_CONFIRMED ################## ITEMTYPE_CREATE ################################## # called automatically if an unexisting authtypecode is selected @@ -203,30 +215,29 @@ if ($op eq 'add_form') { ################## DEFAULT ################################## } else { # DEFAULT # here, $op can be unset or set to "authtype_create_confirm". - warn "authtype : $authtypecode"; +# warn "authtype : $authtypecode"; if ($searchfield ne '') { $template->param(searchfield => $searchfield); } - my $env; - my ($count,$results)=StringSearch($env,$searchfield,$authtypecode); - my $toggle="white"; + my ($count,$results)=StringSearch($searchfield,$authtypecode); + my $toggle=1; my @loop_data = (); for (my $i=$offset; $i < ($offset+$pagesize<$count?$offset+$pagesize:$count); $i++){ - if ($toggle eq 'white'){ - $toggle="#ffffcc"; + if ($toggle eq 1){ + $toggle=0; } else { - $toggle="white"; + $toggle=1; } my %row_data; # get a fresh hash for the row data - $row_data{tagfield} = $results->[$i]{'tagfield'}; - $row_data{liblibrarian} = $results->[$i]{'liblibrarian'}; - $row_data{repeatable} = $results->[$i]{'repeatable'}; - $row_data{mandatory} = $results->[$i]{'mandatory'}; - $row_data{authorised_value} = $results->[$i]{'authorised_value'}; - $row_data{subfield_link} ="auth_subfields_structure.pl?tagfield=".$results->[$i]{'tagfield'}."&authtypecode=".$authtypecode; - $row_data{edit} = "$script_name?op=add_form&searchfield=".$results->[$i]{'tagfield'}."&authtypecode=".$authtypecode; - $row_data{delete} = "$script_name?op=delete_confirm&searchfield=".$results->[$i]{'tagfield'}."&authtypecode=".$authtypecode; - $row_data{bgcolor} = $toggle; + $row_data{tagfield} = $results->[$i]{'tagfield'}; + $row_data{liblibrarian} = $results->[$i]{'liblibrarian'}; + $row_data{repeatable} = $results->[$i]{'repeatable'}; + $row_data{mandatory} = $results->[$i]{'mandatory'}; + $row_data{authorised_value} = $results->[$i]{'authorised_value'}; + $row_data{subfield_link} = "auth_subfields_structure.pl?tagfield=" . $results->[$i]{'tagfield'} . "&authtypecode=" . $authtypecode; + $row_data{edit} = "$script_name?op=add_form&searchfield=" . $results->[$i]{'tagfield'} . "&authtypecode=" . $authtypecode; + $row_data{delete} = "$script_name?op=delete_confirm&searchfield=" . $results->[$i]{'tagfield'} . "&authtypecode=" . $authtypecode; + $row_data{toggle} = $toggle; push(@loop_data, \%row_data); } $template->param(loop => \@loop_data, @@ -237,39 +248,32 @@ if ($op eq 'add_form') { $template->param(isprevpage => $offset, prevpage=> $prevpage, searchfield => $searchfield, - script_name => $script_name, ); } if ($offset+$pagesize<$count) { my $nextpage =$offset+$pagesize; $template->param(nextpage =>$nextpage, searchfield => $searchfield, - script_name => $script_name, ); } } #---- END $OP eq DEFAULT -$template->param(loggeninuser => $loggedinuser); output_html_with_http_headers $input, $cookie, $template->output; - # # the sub used for searches # sub StringSearch { - my ($env,$searchstring,$authtypecode)=@_; + my ($searchstring,$authtypecode)=@_; my $dbh = C4::Context->dbh; $searchstring=~ s/\'/\\\'/g; my @data=split(' ',$searchstring); - my $count=@data; my $sth=$dbh->prepare("Select tagfield,liblibrarian,libopac,repeatable,mandatory,authorised_value from auth_tag_structure where (tagfield >= ? and authtypecode=?) order by tagfield"); $sth->execute($data[0], $authtypecode); my @results; while (my $data=$sth->fetchrow_hashref){ - push(@results,$data); + push(@results,$data); } - # $sth->execute; - $sth->finish; return (scalar(@results),\@results); } @@ -278,19 +282,19 @@ sub StringSearch { # sub duplicate_auth_framework { my ($newauthtype,$oldauthtype) = @_; - warn "TO $newauthtype FROM $oldauthtype"; +# warn "TO $newauthtype FROM $oldauthtype"; my $sth = $dbh->prepare("select tagfield,liblibrarian,libopac,repeatable,mandatory,authorised_value from auth_tag_structure where authtypecode=?"); $sth->execute($oldauthtype); - my $sth_insert = $dbh->prepare("insert into auth_tag_structure (tagfield, liblibrarian, libopac, repeatable, mandatory, authorised_value, authtypecode) values (?,?,?,?,?,?,?)"); + my $sth_insert = $dbh->prepare("insert into auth_tag_structure (tagfield, liblibrarian, libopac, repeatable, mandatory, authorised_value, authtypecode) values (?,?,?,?,?,?,?)"); while ( my ($tagfield,$liblibrarian,$libopac,$repeatable,$mandatory,$authorised_value) = $sth->fetchrow) { $sth_insert->execute($tagfield,$liblibrarian,$libopac,$repeatable,$mandatory,$authorised_value,$newauthtype); } - $sth = $dbh->prepare("select authtypecode,tagfield,tagsubfield,liblibrarian,libopac,repeatable,mandatory,kohafield,tab,authorised_value,thesaurus_category,value_builder,seealso from auth_subfield_structure where authtypecode=?"); + $sth = $dbh->prepare("select tagfield,tagsubfield,liblibrarian,libopac,repeatable,mandatory,kohafield,tab,authorised_value,value_builder,seealso,hidden from auth_subfield_structure where authtypecode=?"); $sth->execute($oldauthtype); - $sth_insert = $dbh->prepare("insert into auth_subfield_structure (authtypecode,tagfield,tagsubfield,liblibrarian,libopac,repeatable,mandatory,kohafield,tab,authorised_value,thesaurus_category,value_builder,seealso) values (?,?,?,?,?,?,?,?,?,?,?,?,?)"); - while ( my ($authtypecode, $tagfield, $tagsubfield, $liblibrarian, $libopac, $repeatable, $mandatory, $kohafield, $tab, $authorised_value, $thesaurus_category, $value_builder, $seealso) = $sth->fetchrow) { - $sth_insert->execute($newauthtype, $tagfield, $tagsubfield, $liblibrarian, $libopac, $repeatable, $mandatory, $kohafield, $tab, $authorised_value, $thesaurus_category, $value_builder, $seealso); + $sth_insert = $dbh->prepare("insert into auth_subfield_structure (authtypecode,tagfield,tagsubfield,liblibrarian,libopac,repeatable,mandatory,kohafield,tab,authorised_value,value_builder,seealso,hidden) values (?,?,?,?,?,?,?,?,?,?,?,?,?)"); + while ( my ( $tagfield, $tagsubfield, $liblibrarian, $libopac, $repeatable, $mandatory, $kohafield,$tab, $authorised_value, $thesaurus_category, $seealso,$hidden) = $sth->fetchrow) { + $sth_insert->execute($newauthtype, $tagfield, $tagsubfield, $liblibrarian, $libopac, $repeatable, $mandatory,$kohafield, $tab, $authorised_value, $thesaurus_category, $seealso,$hidden); } }