search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Bug 25898: Prohibit indirect object notation
[koha.git] / admin / marc_subfields_structure.pl
blob63ae97732ddb80e9b2f93486ac625ede0f2f66c8
1 #!/usr/bin/perl
2
3 # Copyright 2000-2002 Katipo Communications
4 #
5 # This file is part of Koha.
6 #
7 # Koha is free software; you can redistribute it and/or modify it
8 # under the terms of the GNU General Public License as published by
9 # the Free Software Foundation; either version 3 of the License, or
10 # (at your option) any later version.
11 #
12 # Koha is distributed in the hope that it will be useful, but
13 # WITHOUT ANY WARRANTY; without even the implied warranty of
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 # GNU General Public License for more details.
16 #
17 # You should have received a copy of the GNU General Public License
18 # along with Koha; if not, see <http://www.gnu.org/licenses>.
19
20 use Modern::Perl;
21 use C4::Output;
22 use C4::Auth;
23 use CGI qw ( -utf8 );
24 use C4::Context;
25
26 use Koha::Authority::Types;
27 use Koha::AuthorisedValueCategories;
28 use Koha::Filter::MARC::ViewPolicy;
29
30 use List::MoreUtils qw( uniq );
31
32 sub string_search {
33 my ( $searchstring, $frameworkcode ) = @_;
34 my $dbh = C4::Context->dbh;
35 $searchstring =~ s/\'/\\\'/g;
36 my @data = split( ' ', $searchstring );
37 my $count = @data;
38 my $sth =
39 $dbh->prepare(
40 "Select * from marc_subfield_structure where (tagfield like ? and frameworkcode=?) order by tagfield"
41 );
42 $sth->execute( "$searchstring%", $frameworkcode );
43 my @results;
44 my $cnt = 0;
45 my $u = 1;
46
47 while ( my $data = $sth->fetchrow_hashref ) {
48 push( @results, $data );
49 $cnt++;
50 $u++;
51 }
52 $sth->finish;
53 return ( $cnt, \@results );
54 }
55
56 sub marc_subfield_structure_exists {
57 my ($tagfield, $tagsubfield, $frameworkcode) = @_;
58 my $dbh = C4::Context->dbh;
59 my $sql = "select tagfield from marc_subfield_structure where tagfield = ? and tagsubfield = ? and frameworkcode = ?";
60 my $rows = $dbh->selectall_arrayref($sql, {}, $tagfield, $tagsubfield, $frameworkcode);
61 return @$rows > 0;
62 }
63
64 my $input = CGI->new;
65 my $tagfield = $input->param('tagfield');
66 my $tagsubfield = $input->param('tagsubfield');
67 my $frameworkcode = $input->param('frameworkcode');
68 my $pkfield = "tagfield";
69 my $offset = $input->param('offset');
70 $offset = 0 if not defined $offset or $offset < 0;
71 my $script_name = "/cgi-bin/koha/admin/marc_subfields_structure.pl";
72
73 my ( $template, $borrowernumber, $cookie ) = get_template_and_user(
74 {
75 template_name => "admin/marc_subfields_structure.tt",
76 query => $input,
77 type => "intranet",
78 flagsrequired => { parameters => 'manage_marc_frameworks' },
79 debug => 1,
80 }
81 );
82 my $cache = Koha::Caches->get_instance();
83
84 my $op = $input->param('op') || "";
85 $tagfield =~ s/\,//g;
86
87 if ($op) {
88 $template->param(
89 script_name => $script_name,
90 tagfield => $tagfield,
91 frameworkcode => $frameworkcode,
92 $op => 1
93 ); # we show only the TMPL_VAR names $op
94 }
95 else {
96 $template->param(
97 script_name => $script_name,
98 tagfield => $tagfield,
99 frameworkcode => $frameworkcode,
100 else => 1
101 ); # we show only the TMPL_VAR names $op
102 }
103
104 ################## ADD_FORM ##################################
105 # called by default. Used to create form to add or modify a record
106 if ( $op eq 'add_form' ) {
107 my $dbh = C4::Context->dbh;
108
109 # builds kohafield tables
110 my @kohafields;
111 push @kohafields, "";
112 my $sth2 = $dbh->prepare("SHOW COLUMNS from biblio");
113 $sth2->execute;
114 while ( ( my $field ) = $sth2->fetchrow_array ) {
115 push @kohafields, "biblio." . $field;
116 }
117 $sth2 = $dbh->prepare("SHOW COLUMNS from biblioitems");
118 $sth2->execute;
119 while ( ( my $field ) = $sth2->fetchrow_array ) {
120 if ( $field eq 'notes' ) { $field = 'bnotes'; }
121 push @kohafields, "biblioitems." . $field;
122 }
123 $sth2 = $dbh->prepare("SHOW COLUMNS from items");
124 $sth2->execute;
125 while ( ( my $field ) = $sth2->fetchrow_array ) {
126 push @kohafields, "items." . $field;
127 }
128
129 # build authorised value list
130 $sth2->finish;
131 $sth2 = $dbh->prepare("select distinct category from authorised_values");
132 $sth2->execute;
133 my @av_cat = Koha::AuthorisedValueCategories->search;
134 my @authorised_values = map { $_->category_name } @av_cat;
135
136 # build thesaurus categories list
137 my @authtypes = uniq( "", map { $_->authtypecode } Koha::Authority::Types->search );
138
139 # build value_builder list
140 my @value_builder = ('');
141
142 # read value_builder directory.
143 # 2 cases here : on CVS install, $cgidir does not need a /cgi-bin
144 # on a standard install, /cgi-bin need to be added.
145 # test one, then the other
146 my $cgidir = C4::Context->config('intranetdir') . "/cgi-bin";
147 unless ( opendir( DIR, "$cgidir/cataloguing/value_builder" ) ) {
148 $cgidir = C4::Context->config('intranetdir');
149 opendir( DIR, "$cgidir/cataloguing/value_builder" )
150 || die "can't opendir $cgidir/value_builder: $!";
151 }
152 while ( my $line = readdir(DIR) ) {
153 if ( $line =~ /\.pl$/ &&
154 $line !~ /EXAMPLE\.pl$/ ) { # documentation purposes
155 push( @value_builder, $line );
156 }
157 }
158 @value_builder= sort {$a cmp $b} @value_builder;
159 closedir DIR;
160
161 # build values list
162 my $sth =
163 $dbh->prepare(
164 "select * from marc_subfield_structure where tagfield=? and frameworkcode=?"
165 ); # and tagsubfield='$tagsubfield'");
166 $sth->execute( $tagfield, $frameworkcode );
167 my @loop_data = ();
168 my $i = 0;
169 while ( my $data = $sth->fetchrow_hashref ) {
170 my %row_data; # get a fresh hash for the row data
171 $row_data{defaultvalue} = $data->{defaultvalue};
172 $row_data{maxlength} = $data->{maxlength};
173 $row_data{tab} = $data->{tab};
174 $row_data{tagsubfield} = $data->{tagsubfield};
175 $row_data{subfieldcode} = $data->{'tagsubfield'};
176 $row_data{urisubfieldcode} = $row_data{subfieldcode} eq '%' ? 'pct' : $row_data{subfieldcode};
177 $row_data{liblibrarian} = $data->{'liblibrarian'};
178 $row_data{libopac} = $data->{'libopac'};
179 $row_data{seealso} = $data->{'seealso'};
180 $row_data{kohafields} = \@kohafields;
181 $row_data{kohafield} = $data->{kohafield};
182 $row_data{authorised_values} = \@authorised_values;
183 $row_data{authorised_value} = $data->{authorised_value};
184 $row_data{value_builders} = \@value_builder;
185 $row_data{value_builder} = $data->{'value_builder'};
186 $row_data{authtypes} = \@authtypes;
187 $row_data{authtypecode} = $data->{'authtypecode'};
188 $row_data{repeatable} = $data->{repeatable};
189 $row_data{mandatory} = $data->{mandatory};
190 $row_data{important} = $data->{important};
191 $row_data{hidden} = $data->{hidden};
192 $row_data{isurl} = $data->{isurl};
193 $row_data{row} = $i;
194 $row_data{link} = $data->{'link'};
195
196 if ( defined $data->{kohafield}
197 and $data->{kohafield} eq 'biblio.biblionumber' )
198 {
199 my $hidden_opac = Koha::Filter::MARC::ViewPolicy->should_hide_marc(
200 {
201 frameworkcode => $frameworkcode,
202 interface => "opac",
203 }
204 )->{biblionumber};
205
206 my $hidden_intranet = Koha::Filter::MARC::ViewPolicy->should_hide_marc(
207 {
208 frameworkcode => $frameworkcode,
209 interface => "intranet",
210 }
211 )->{biblionumber};
212
213 if ( $hidden_opac or $hidden_intranet ) {
214 # We should allow editing for fixing it
215 $row_data{hidden_protected} = 0;
216 }
217 else {
218 $row_data{hidden_protected} = 1;
219 }
220 }
221
222 push( @loop_data, \%row_data );
223 $i++;
224 }
225
226 # Add a new row for the "New" tab
227 my %row_data; # get a fresh hash for the row data
228 $row_data{'new_subfield'} = 1;
229 $row_data{'subfieldcode'} = '';
230 $row_data{'maxlength'} = 9999;
231 $row_data{tab} = -1; #ignore
232 $row_data{tagsubfield} = "";
233 $row_data{liblibrarian} = "";
234 $row_data{libopac} = "";
235 $row_data{seealso} = "";
236 $row_data{hidden} = "";
237 $row_data{repeatable} = 0;
238 $row_data{mandatory} = 0;
239 $row_data{important} = 0;
240 $row_data{isurl} = 0;
241 $row_data{kohafields} = \@kohafields;
242 $row_data{authorised_values} = \@authorised_values;
243 $row_data{value_builders} = \@value_builder;
244 $row_data{authtypes} = \@authtypes;
245 $row_data{link} = "";
246 $row_data{row} = $i;
247 push( @loop_data, \%row_data );
248
249 $template->param( 'use_heading_flags_p' => 1 );
250 $template->param( 'heading_edit_subfields_p' => 1 );
251 $template->param(
252 action => "Edit subfields",
253 tagfield => $tagfield,
254 loop => \@loop_data,
255 more_tag => $tagfield
256 );
257
258 # END $OP eq ADD_FORM
259 ################## ADD_VALIDATE ##################################
260 # called by add_form, used to insert/modify data in DB
261 }
262 elsif ( $op eq 'add_validate' ) {
263 my $dbh = C4::Context->dbh;
264 $template->param( tagfield => "$input->param('tagfield')" );
265 my $sth_update = $dbh->prepare(qq{
266 update marc_subfield_structure set tagfield=?, tagsubfield=?, liblibrarian=?, libopac=?, repeatable=?, mandatory=?, important=?, kohafield=?, tab=?, seealso=?, authorised_value=?, authtypecode=?, value_builder=?, hidden=?, isurl=?, frameworkcode=?, link=?, defaultvalue=?, maxlength=?
267 where tagfield=? and tagsubfield=? and frameworkcode=?
268 });
269 my @tagsubfield = $input->multi_param('tagsubfield');
270 my @liblibrarian = $input->multi_param('liblibrarian');
271 my @libopac = $input->multi_param('libopac');
272 my @kohafield = $input->multi_param('kohafield');
273 my @tab = $input->multi_param('tab');
274 my @seealso = $input->multi_param('seealso');
275 my @hidden = $input->multi_param('hidden');
276 my @authorised_values = $input->multi_param('authorised_value');
277 my @authtypecodes = $input->multi_param('authtypecode');
278 my @value_builder = $input->multi_param('value_builder');
279 my @link = $input->multi_param('link');
280 my @defaultvalue = $input->multi_param('defaultvalue');
281 my @maxlength = $input->multi_param('maxlength');
282
283 for ( my $i = 0 ; $i <= $#tagsubfield ; $i++ ) {
284 my $tagfield = $input->param('tagfield');
285 my $tagsubfield = $tagsubfield[$i];
286 $tagsubfield = "@" unless $tagsubfield ne '';
287 my $liblibrarian = $liblibrarian[$i];
288 my $libopac = $libopac[$i];
289 my $repeatable = $input->param("repeatable$i") ? 1 : 0;
290 my $mandatory = $input->param("mandatory$i") ? 1 : 0;
291 my $important = $input->param("important$i") ? 1 : 0;
292 my $kohafield = $kohafield[$i];
293 my $tab = $tab[$i];
294 my $seealso = $seealso[$i];
295 my $authorised_value = $authorised_values[$i];
296 my $authtypecode = $authtypecodes[$i];
297 my $value_builder = $value_builder[$i];
298 my $hidden = $hidden[$i]; #input->param("hidden$i");
299 my $isurl = $input->param("isurl$i") ? 1 : 0;
300 my $link = $link[$i];
301 my $defaultvalue = $defaultvalue[$i];
302 my $maxlength = $maxlength[$i] ? $maxlength[$i] : 9999;
303
304 if (defined($liblibrarian) && $liblibrarian ne "") {
305 if (marc_subfield_structure_exists($tagfield, $tagsubfield, $frameworkcode)) {
306 $sth_update->execute(
307 $tagfield,
308 $tagsubfield,
309 $liblibrarian,
310 $libopac,
311 $repeatable,
312 $mandatory,
313 $important,
314 $kohafield,
315 $tab,
316 $seealso,
317 $authorised_value,
318 $authtypecode,
319 $value_builder,
320 $hidden,
321 $isurl,
322 $frameworkcode,
323 $link,
324 $defaultvalue,
325 $maxlength,
326 (
327 $tagfield,
328 $tagsubfield,
329 $frameworkcode,
330 )
331 );
332 } else {
333 if( $frameworkcode ne q{} ) {
334 # BZ 19096: Overwrite kohafield from Default when adding a new record
335 my $rec = Koha::MarcSubfieldStructures->find( q{}, $tagfield, $tagsubfield );
336 $kohafield = $rec->kohafield if $rec;
337 }
338 Koha::MarcSubfieldStructure->new(
339 {
340 tagfield => $tagfield,
341 tagsubfield => $tagsubfield,
342 liblibrarian => $liblibrarian,
343 libopac => $libopac,
344 repeatable => $repeatable,
345 mandatory => $mandatory,
346 important => $important,
347 kohafield => $kohafield,
348 tab => $tab,
349 seealso => $seealso,
350 authorised_value => $authorised_value,
351 authtypecode => $authtypecode,
352 value_builder => $value_builder,
353 hidden => $hidden,
354 isurl => $isurl,
355 frameworkcode => $frameworkcode,
356 link => $link,
357 defaultvalue => $defaultvalue,
358 maxlength => $maxlength,
359 }
360 )->store;
361 }
362 }
363 }
364 $sth_update->finish;
365 $cache->clear_from_cache("MarcStructure-0-$frameworkcode");
366 $cache->clear_from_cache("MarcStructure-1-$frameworkcode");
367 $cache->clear_from_cache("default_value_for_mod_marc-");
368 $cache->clear_from_cache("MarcSubfieldStructure-$frameworkcode");
369
370 print $input->redirect("/cgi-bin/koha/admin/marc_subfields_structure.pl?tagfield=$tagfield&amp;frameworkcode=$frameworkcode");
371 exit;
372
373 # END $OP eq ADD_VALIDATE
374 ################## DELETE_CONFIRM ##################################
375 # called by default form, used to confirm deletion of data in DB
376 }
377 elsif ( $op eq 'delete_confirm' ) {
378 my $dbh = C4::Context->dbh;
379 my $sth =
380 $dbh->prepare(
381 "select * from marc_subfield_structure where tagfield=? and tagsubfield=? and frameworkcode=?"
382 );
383
384 $sth->execute( $tagfield, $tagsubfield, $frameworkcode );
385 my $data = $sth->fetchrow_hashref;
386 $sth->finish;
387 $template->param(
388 liblibrarian => $data->{'liblibrarian'},
389 tagsubfield => $data->{'tagsubfield'},
390 delete_link => $script_name,
391 tagfield => $tagfield,
392 tagsubfield => $tagsubfield,
393 frameworkcode => $frameworkcode,
394 );
395
396 # END $OP eq DELETE_CONFIRM
397 ################## DELETE_CONFIRMED ##################################
398 # called by delete_confirm, used to effectively confirm deletion of data in DB
399 }
400 elsif ( $op eq 'delete_confirmed' ) {
401 my $dbh = C4::Context->dbh;
402 my $sth =
403 $dbh->prepare(
404 "delete from marc_subfield_structure where tagfield=? and tagsubfield=? and frameworkcode=?"
405 );
406 $sth->execute( $tagfield, $tagsubfield, $frameworkcode );
407 $sth->finish;
408 $cache->clear_from_cache("MarcStructure-0-$frameworkcode");
409 $cache->clear_from_cache("MarcStructure-1-$frameworkcode");
410 $cache->clear_from_cache("default_value_for_mod_marc-");
411 $cache->clear_from_cache("MarcSubfieldStructure-$frameworkcode");
412 print $input->redirect("/cgi-bin/koha/admin/marc_subfields_structure.pl?tagfield=$tagfield&amp;frameworkcode=$frameworkcode");
413 exit;
414
415 # END $OP eq DELETE_CONFIRMED
416 ################## DEFAULT ##################################
417 }
418 else { # DEFAULT
419 my ( $count, $results ) = string_search( $tagfield, $frameworkcode );
420 my @loop_data = ();
421 for ( my $i = 0; $i < $count; $i++ ) {
422 my %row_data; # get a fresh hash for the row data
423 $row_data{tagfield} = $results->[$i]{'tagfield'};
424 $row_data{tagsubfield} = $results->[$i]{'tagsubfield'};
425 $row_data{liblibrarian} = $results->[$i]{'liblibrarian'};
426 $row_data{kohafield} = $results->[$i]{'kohafield'};
427 $row_data{repeatable} = $results->[$i]{'repeatable'};
428 $row_data{mandatory} = $results->[$i]{'mandatory'};
429 $row_data{important} = $results->[$i]{'important'};
430 $row_data{tab} = $results->[$i]{'tab'};
431 $row_data{seealso} = $results->[$i]{'seealso'};
432 $row_data{authorised_value} = $results->[$i]{'authorised_value'};
433 $row_data{authtypecode} = $results->[$i]{'authtypecode'};
434 $row_data{value_builder} = $results->[$i]{'value_builder'};
435 $row_data{hidden} = $results->[$i]{'hidden'};
436 $row_data{isurl} = $results->[$i]{'isurl'};
437 $row_data{link} = $results->[$i]{'link'};
438
439 if ( $row_data{tab} eq -1 ) {
440 $row_data{subfield_ignored} = 1;
441 }
442
443 push( @loop_data, \%row_data );
444 }
445 $template->param( loop => \@loop_data );
446 $template->param(
447 edit_tagfield => $tagfield,
448 edit_frameworkcode => $frameworkcode
449 );
450
451 } #---- END $OP eq DEFAULT
452
453 output_html_with_http_headers $input, $cookie, $template->output;
Koha ILS