search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Bug 25898: Prohibit indirect object notation
[koha.git] / clubs / clubs-add-modify.pl
blob058d8222ba5c763ef5a8893d7df4056e3b9b2df6
1 #!/usr/bin/perl
2
3 # Copyright 2013 ByWater Solutions
4 #
5 # This file is part of Koha.
6 #
7 # Koha is free software; you can redistribute it and/or modify it
8 # under the terms of the GNU General Public License as published by
9 # the Free Software Foundation; either version 3 of the License, or
10 # (at your option) any later version.
11 #
12 # Koha is distributed in the hope that it will be useful, but
13 # WITHOUT ANY WARRANTY; without even the implied warranty of
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 # GNU General Public License for more details.
16 #
17 # You should have received a copy of the GNU General Public License
18 # along with Koha; if not, see <http://www.gnu.org/licenses>.
19
20 use Modern::Perl;
21
22 use CGI;
23
24 use C4::Auth;
25 use C4::Output;
26 use Koha::Database;
27 use Koha::DateUtils qw(dt_from_string);
28 use Koha::Clubs;
29 use Koha::Club::Fields;
30
31 my $cgi = CGI->new;
32
33 my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
34 {
35 template_name => 'clubs/clubs-add-modify.tt',
36 query => $cgi,
37 type => 'intranet',
38 flagsrequired => { clubs => 'edit_clubs' },
39 }
40 );
41
42 my $schema = Koha::Database->new()->schema();
43
44 my $id = $cgi->param('id');
45 my $club = $id ? Koha::Clubs->find($id) : Koha::Club->new();
46
47 my $stored =
48 $cgi->param('name')
49 ? $id
50 ? 'updated'
51 : 'stored'
52 : undef;
53
54 my $club_template_id = $cgi->param('club_template_id');
55 my $club_template = $club->club_template() || Koha::Club::Templates->find($club_template_id);
56 $club_template_id ||= $club_template->id();
57
58 my $date_start = $cgi->param('date_start');
59 $date_start = $date_start ? dt_from_string($date_start) : undef;
60 my $date_end = $cgi->param('date_end');
61 $date_end = $date_end ? dt_from_string($date_end) : undef;
62
63 if ( $cgi->param('name') ) { # Update or create club
64 $club->set(
65 {
66 club_template_id => scalar $cgi->param('club_template_id') || undef,
67 name => scalar $cgi->param('name') || undef,
68 description => scalar $cgi->param('description') || undef,
69 branchcode => scalar $cgi->param('branchcode') || undef,
70 date_start => $date_start,
71 date_end => $date_end,
72 date_updated => dt_from_string(),
73 }
74 )->store();
75
76 my @club_template_field_id = $cgi->multi_param('club_template_field_id');
77 my @club_field_id = $cgi->multi_param('club_field_id');
78 my @club_field = $cgi->multi_param('club_field');
79
80 for ( my $i = 0 ; $i < @club_template_field_id ; $i++ ) {
81 my $club_template_field_id = $club_template_field_id[$i] || undef;
82 my $club_field_id = $club_field_id[$i] || undef;
83 my $club_field = $club_field[$i] || undef;
84
85 my $field =
86 $club_field_id
87 ? Koha::Club::Fields->find($club_field_id)
88 : Koha::Club::Field->new();
89
90 $field->set(
91 {
92 club_id => $club->id(),
93 club_template_field_id => $club_template_field_id,
94 value => $club_field,
95 }
96 )->store();
97 }
98
99 $id ||= $club->id();
100
101 print $cgi->redirect("/cgi-bin/koha/clubs/clubs.pl?stored=$stored&club_id=$id");
102 exit;
103 }
104
105 $club = Koha::Clubs->find($id);
106
107 $template->param(
108 club_template => $club_template,
109 club => $club,
110 );
111
112 output_html_with_http_headers( $cgi, $cookie, $template->output );
Koha ILS