search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Bug 25898: Prohibit indirect object notation
[koha.git] / admin / cities.pl
blobeda3dc1d06e3eac3817ee7b217743304751aa752
1 #! /usr/bin/perl
2
3 # Copyright 2006 SAN OUEST-PROVENCE et Paul POULAIN
4 # Copyright 2015 Koha Development Team
5 #
6 # This file is part of Koha.
7 #
8 # Koha is free software; you can redistribute it and/or modify it
9 # under the terms of the GNU General Public License as published by
10 # the Free Software Foundation; either version 3 of the License, or
11 # (at your option) any later version.
12 #
13 # Koha is distributed in the hope that it will be useful, but
14 # WITHOUT ANY WARRANTY; without even the implied warranty of
15 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 # GNU General Public License for more details.
17 #
18 # You should have received a copy of the GNU General Public License
19 # along with Koha; if not, see <http://www.gnu.org/licenses>.
20
21 use Modern::Perl;
22 use CGI qw ( -utf8 );
23 use C4::Context;
24 use C4::Auth;
25 use C4::Output;
26
27 use Koha::Cities;
28
29 my $input = CGI->new;
30 my $city_name_filter = $input->param('city_name_filter') // q||;
31 my $cityid = $input->param('cityid');
32 my $op = $input->param('op') || 'list';
33 my @messages;
34
35 my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
36 { template_name => "admin/cities.tt",
37 query => $input,
38 type => "intranet",
39 flagsrequired => { parameters => 'manage_cities' },
40 debug => 1,
41 }
42 );
43
44 my $dbh = C4::Context->dbh;
45 if ( $op eq 'add_form' ) {
46 my $city;
47 if ($cityid) {
48 $city = Koha::Cities->find($cityid);
49 }
50
51 $template->param( city => $city, );
52 } elsif ( $op eq 'add_validate' ) {
53 my $city_name = $input->param('city_name');
54 my $city_state = $input->param('city_state');
55 my $city_zipcode = $input->param('city_zipcode');
56 my $city_country = $input->param('city_country');
57
58 if ($cityid) {
59 my $city = Koha::Cities->find($cityid);
60 $city->city_name($city_name);
61 $city->city_state($city_state);
62 $city->city_zipcode($city_zipcode);
63 $city->city_country($city_country);
64 eval { $city->store; };
65 if ($@) {
66 push @messages, { type => 'error', code => 'error_on_update' };
67 } else {
68 push @messages, { type => 'message', code => 'success_on_update' };
69 }
70 } else {
71 my $city = Koha::City->new(
72 { city_name => $city_name,
73 city_state => $city_state,
74 city_zipcode => $city_zipcode,
75 city_country => $city_country,
76 }
77 );
78 eval { $city->store; };
79 if ($@) {
80 push @messages, { type => 'error', code => 'error_on_insert' };
81 } else {
82 push @messages, { type => 'message', code => 'success_on_insert' };
83 }
84 }
85 $city_name = q||;
86 $op = 'list';
87 } elsif ( $op eq 'delete_confirm' ) {
88 my $city = Koha::Cities->find($cityid);
89 $template->param( city => $city, );
90 } elsif ( $op eq 'delete_confirmed' ) {
91 my $city = Koha::Cities->find($cityid);
92 my $deleted = eval { $city->delete; };
93
94 if ( $@ or not $deleted ) {
95 push @messages, { type => 'error', code => 'error_on_delete' };
96 } else {
97 push @messages, { type => 'message', code => 'success_on_delete' };
98 }
99 $op = 'list';
100 }
101
102 if ( $op eq 'list' ) {
103 $template->param( cities_count => Koha::Cities->search->count );
104 }
105
106 $template->param(
107 cityid => $cityid,
108 city_name_filter => $city_name_filter,
109 messages => \@messages,
110 op => $op,
111 );
112
113 output_html_with_http_headers $input, $cookie, $template->output;
Koha ILS