X-Git-Url: http://git.rot13.org/?a=blobdiff_plain;f=admin%2Fauth_tag_structure.pl;h=bd3dc93f77e4bc926f7142096bd754e4f8484c30;hb=7fcff602f5fe294e78e3012fc12d600e43ca2443;hp=4cd9b75508ef89575cf8dc74e0948e2a6881abe1;hpb=f4ec623939a66f34c8f77e76b9b8e6d91cdacbc4;p=koha.git
diff --git a/admin/auth_tag_structure.pl b/admin/auth_tag_structure.pl
index 4cd9b75508..bd3dc93f77 100755
--- a/admin/auth_tag_structure.pl
+++ b/admin/auth_tag_structure.pl
@@ -14,11 +14,12 @@
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
# A PARTICULAR PURPOSE. See the GNU General Public License for more details.
#
-# You should have received a copy of the GNU General Public License along with
-# Koha; if not, write to the Free Software Foundation, Inc., 59 Temple Place,
-# Suite 330, Boston, MA 02111-1307 USA
+# You should have received a copy of the GNU General Public License along
+# with Koha; if not, write to the Free Software Foundation, Inc.,
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
use strict;
+#use warnings; FIXME - Bug 2505
use CGI;
use C4::Auth;
use C4::Koha;
@@ -38,7 +39,7 @@ my $offset = $input->param('offset') || 0;
my $op = $input->param('op') || '';
$searchfield =~ s/\,//g;
-my $pagesize = 20;
+
my $script_name = "/cgi-bin/koha/admin/auth_tag_structure.pl";
my $dbh = C4::Context->dbh;
@@ -54,15 +55,14 @@ my ($template, $loggedinuser, $cookie)
});
# get authtype list
-my $authtypes = getauthtypes;
-my @authtypesloop;
-foreach my $thisauthtype (keys %$authtypes) {
- my $selected = 1 if $thisauthtype eq $authtypecode;
- my %row =(value => $thisauthtype,
- selected => $selected,
- authtypetext => $authtypes->{$thisauthtype}->{'authtypetext'},
- );
- push @authtypesloop, \%row;
+my $authtypes = getauthtypes;
+my @authtypesloop = ();
+foreach my $thisauthtype ( keys %{$authtypes} ) {
+ push @authtypesloop,
+ { value => $thisauthtype,
+ selected => $thisauthtype eq $authtypecode,
+ authtypetext => $authtypes->{$thisauthtype}->{'authtypetext'},
+ };
}
my $sth;
@@ -84,7 +84,7 @@ if (!$op or $op eq 'authtype_create_confirm') {
}
$template->param(script_name => $script_name);
$template->param(authtypeloop => \@authtypesloop);
-if ($op ne 'authtype_create_confirm') {
+if ($op && $op ne 'authtype_create_confirm') {
$template->param($op => 1);
} else {
$template->param(else => 1);
@@ -119,13 +119,13 @@ if ($op eq 'add_form') {
if ($searchfield) {
$template->param(action => "Modify tag",
searchfield => "$searchfield");
- $template->param('heading-modify-tag-p' => 1);
+ $template->param('heading_modify_tag_p' => 1);
} else {
$template->param(action => "Add tag",
searchfield => "");
- $template->param('heading-add-tag-p' => 1);
+ $template->param('heading_add_tag_p' => 1);
}
- $template->param('use-heading-flags-p' => 1);
+ $template->param('use_heading_flags_p' => 1);
$template->param(liblibrarian => $data->{'liblibrarian'},
libopac => $data->{'libopac'},
repeatable => "".$data->{'repeatable'},
@@ -187,9 +187,10 @@ if ($op eq 'add_form') {
# called by delete_confirm, used to effectively confirm deletion of data in DB
} elsif ($op eq 'delete_confirmed') {
unless (C4::Context->config('demo') eq 1) {
- $dbh->do("delete from auth_tag_structure where tagfield='$searchfield' and authtypecode='$authtypecode'");
- $dbh->do("delete from auth_subfield_structure where tagfield='$searchfield' and authtypecode='$authtypecode'");
- # FIXME: Secuity vulnerability -- use placeholders, prepare and execute!
+ my $sth = $dbh->prepare("delete from auth_tag_structure where tagfield=? and authtypecode=?");
+ $sth->execute($searchfield,$authtypecode);
+ my $sth = $dbh->prepare("delete from auth_subfield_structure where tagfield=? and authtypecode=?");
+ $sth->execute($searchfield,$authtypecode);
}
print "Content-Type: text/html\n\nparam('tagfield')."&authtypecode=$authtypecode\">";
exit;
@@ -219,14 +220,8 @@ if ($op eq 'add_form') {
$template->param(searchfield => $searchfield);
}
my ($count,$results)=StringSearch($searchfield,$authtypecode);
- my $toggle=1;
my @loop_data = ();
- for (my $i=$offset; $i < ($offset+$pagesize<$count?$offset+$pagesize:$count); $i++){
- if ($toggle eq 1){
- $toggle=0;
- } else {
- $toggle=1;
- }
+ for ( my $i = $offset ; $i < $count ; $i++ ) {
my %row_data; # get a fresh hash for the row data
$row_data{tagfield} = $results->[$i]{'tagfield'};
$row_data{liblibrarian} = $results->[$i]{'liblibrarian'};
@@ -236,22 +231,18 @@ if ($op eq 'add_form') {
$row_data{subfield_link} = "auth_subfields_structure.pl?tagfield=" . $results->[$i]{'tagfield'} . "&authtypecode=" . $authtypecode;
$row_data{edit} = "$script_name?op=add_form&searchfield=" . $results->[$i]{'tagfield'} . "&authtypecode=" . $authtypecode;
$row_data{delete} = "$script_name?op=delete_confirm&searchfield=" . $results->[$i]{'tagfield'} . "&authtypecode=" . $authtypecode;
- $row_data{toggle} = $toggle;
push(@loop_data, \%row_data);
}
$template->param(loop => \@loop_data,
authtypecode => $authtypecode,
);
if ($offset>0) {
- my $prevpage = $offset-$pagesize;
$template->param(isprevpage => $offset,
- prevpage=> $prevpage,
searchfield => $searchfield,
);
}
- if ($offset+$pagesize<$count) {
- my $nextpage =$offset+$pagesize;
- $template->param(nextpage =>$nextpage,
+ if ( $offset < $count ) {
+ $template->param(
searchfield => $searchfield,
);
}