search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Bug 25898: Prohibit indirect object notation
[koha.git] / svc / bib_framework
blob5566d9462a19a0a9cbe72b0f2ba05669fb22c522
1 #!/usr/bin/perl
2 # Copyright 2007 LibLime
3 # Copyright 2012 software.coop and MJ Ray
4 #
5 # This file is part of Koha.
6 #
7 # Koha is free software; you can redistribute it and/or modify it
8 # under the terms of the GNU General Public License as published by
9 # the Free Software Foundation; either version 3 of the License, or
10 # (at your option) any later version.
11 #
12 # Koha is distributed in the hope that it will be useful, but
13 # WITHOUT ANY WARRANTY; without even the implied warranty of
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 # GNU General Public License for more details.
16 #
17 # You should have received a copy of the GNU General Public License
18 # along with Koha; if not, see <http://www.gnu.org/licenses>.
19 #
20 use Modern::Perl;
21 use CGI qw ( -utf8 );
22 use C4::Auth qw/check_api_auth/;
23 use C4::Biblio;
24 use C4::Items;
25 use XML::Simple;
26
27 binmode STDOUT, ':encoding(UTF-8)';
28
29 my $query = CGI->new;
30 my ($status, $cookie, $sessionID) = check_api_auth($query, { editcatalogue => 'edit_catalogue'} );
31 unless ($status eq 'ok') {
32 print $query->header(-type => 'text/xml', -status => '403 Forbidden');
33 print XMLout({ auth_status => $status }, NoAttr => 1, RootName => 'response', XMLDecl => 1);
34 exit 0;
35 }
36
37 # do initial validation
38 my $path_info = $query->path_info();
39 my $biblionumber = undef;
40 if ($path_info =~ m!^/(\d+)$!) {
41 $biblionumber = $1;
42 } else {
43 print $query->header(-type => 'text/xml', -status => '400 Bad Request');
44 }
45 if ($query->request_method eq 'GET') {
46 fetch_bib_framework($query, $biblionumber);
47 } else {
48 print $query->header(-type => 'text/xml', -status => '405 Method not allowed');
49 print XMLout({ error => 'Method not allowed' }, NoAttr => 1, RootName => 'response', XMLDecl => 1);
50 exit 0;
51 }
52 exit 0;
53
54 sub fetch_bib_framework {
55 my $query = shift;
56 my $biblionumber = shift;
57 my $frameworkcode = GetFrameworkCode( $biblionumber );
58 my $result = {
59 'frameworkcode' => $frameworkcode
60 };
61 print $query->header(-type => 'text/xml',-charset => 'utf-8',);
62 print XMLout($result, NoAttr => 1, RootName => 'response', XMLDecl => 1, NoEscape => 0);
63 }
Koha ILS