bug 10016: munge history in SCO to discourage resubmitting user login

This patch uses history.replaceState (introduced in HTML5) to manipulate
the browser history to encourage returning to the SCO patron barcode
form if the back button is used.

Note that a side effect of this patch is that if the user uses
the help link, they will be prompted to enter their barcode
again.  It may be better to put the help inline with the rest
of the SCO forms.

To test:

[1] Start a web-based self-check session.
[2] Enter a patron barcode.
[3] Allow the self-check session to time out.
[4] Use the back button.  You should get the patron barcode
    entry form; you should not be prompted to resubmit form input.
[5] Enter a patron barcode, perform some transactions, then
    use the finish button.
[6] Next, use the back button.  You should get the patron barcode
    entry form.

Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Signed-off-by: Ed Veal <ed.veal@bywatersolutions.com>
Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>
Signed-off-by: Galen Charlton <gmc@esilibrary.com>

diff --git a/koha-tmpl/opac-tmpl/bootstrap/en/modules/sco/sco-main.tt b/koha-tmpl/opac-tmpl/bootstrap/en/modules/sco/sco-main.tt
index 922a0db..b1c2f11 100644 (file)
--- a/koha-tmpl/opac-tmpl/bootstrap/en/modules/sco/sco-main.tt
+++ b/koha-tmpl/opac-tmpl/bootstrap/en/modules/sco/sco-main.tt
@@ -16,7 +16,7 @@
 </script>
 <script type="text/javascript" src="[% interface %]/[% theme %]/lib/modernizr.min.js"></script>
 </head>
-<body onload="dofocus();">
+<body onload="dofocus();" onunload="mungeHistory();">
 [% INCLUDE 'masthead-sco.inc' %]
 
     <div class="main">
@@ -309,8 +309,17 @@
     [% INCLUDE 'datatables.inc' %]
     <script type="text/javascript">
         //<![CDATA[
+        function mungeHistory() {
+            // prevent back button from allowing form resubmission
+            if (history && history.pushState) {
+                history.replaceState(null, document.title, window.location.href);
+            }
+        }
+        var mainTimeout;
         function sco_init() {
-            setTimeout("location.href='/cgi-bin/koha/sco/sco-main.pl?op=logout';",[% SelfCheckTimeout %]);
+            mainTimeout = setTimeout(function() {
+                location.href = '/cgi-bin/koha/sco/sco-main.pl?op=logout';
+            }, [% SelfCheckTimeout %]);
         }
         function dofocus() {    // named function req'd for body onload event by some FF and IE7 security models
             // alert("dofocus called");
@@ -346,6 +355,7 @@
             }));
 
             $("#logout_form").submit(function(){
+                clearTimeout(mainTimeout);
                 if(confirm("Would you like to print a receipt?")){
                     window.open("/cgi-bin/koha/sco/printslip.pl?borrowernumber=[% borrowernumber %]&amp;print=qslip");
                 }
@@ -357,4 +367,4 @@
 
     [% IF ( opacuserjs ) %]<script type="text/javascript">[% opacuserjs %]</script>[% END %]
     [% IF ( SCOUserJS ) %]<script type="text/javascript">[% SCOUserJS %]</script>[% END %]
-[% END %]
\ No newline at end of file
+[% END %]

diff --git a/koha-tmpl/opac-tmpl/prog/en/modules/sco/sco-main.tt b/koha-tmpl/opac-tmpl/prog/en/modules/sco/sco-main.tt
index 3803368..6ab8b11 100644 (file)
--- a/koha-tmpl/opac-tmpl/prog/en/modules/sco/sco-main.tt
+++ b/koha-tmpl/opac-tmpl/prog/en/modules/sco/sco-main.tt
@@ -15,8 +15,17 @@
 </script>
 [% INCLUDE 'datatables.inc' %]
 <script type="text/javascript">//<![CDATA[
+function mungeHistory() {
+    // prevent back button from allowing form resubmission
+    if (history && history.pushState) {
+        history.replaceState(null, document.title, window.location.href);
+    }
+}
+var mainTimeout;
 function sco_init() {
-    setTimeout("location.href='/cgi-bin/koha/sco/sco-main.pl?op=logout';",[% SelfCheckTimeout %]);
+    mainTimeout = setTimeout(function() {
+        location.href = '/cgi-bin/koha/sco/sco-main.pl?op=logout';
+    }, [% SelfCheckTimeout %]);
 }
 function dofocus() {    // named function req'd for body onload event by some FF and IE7 security models
     // alert("dofocus called");
@@ -80,6 +89,7 @@ $(document).ready(function() {
         ]
     }));
     $("#logout_form").submit(function(){
+        clearTimeout(mainTimeout);
         if(confirm("Would you like to print a receipt?")){
             window.open("/cgi-bin/koha/sco/printslip.pl?borrowernumber=[% borrowernumber %]&amp;print=qslip");
         }
@@ -96,7 +106,7 @@ $(document).ready(function() {
 [% IF ( SCOUserCSS ) %]<style type="text/css">[% SCOUserCSS %]</style>[% END %]
 
 </head>
-<body onload="dofocus();">
+<body onload="dofocus();" onunload="mungeHistory();">
 
 <div id="doc" class="yui-t7">