3 # This file is part of Koha.
5 # Koha is free software; you can redistribute it and/or modify it
6 # under the terms of the GNU General Public License as published by
7 # the Free Software Foundation; either version 3 of the License, or
8 # (at your option) any later version.
10 # Koha is distributed in the hope that it will be useful, but
11 # WITHOUT ANY WARRANTY; without even the implied warranty of
12 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 # GNU General Public License for more details.
15 # You should have received a copy of the GNU General Public License
16 # along with Koha; if not, see <http://www.gnu.org/licenses>.
21 use Digest
::MD5
qw( md5_base64 md5_hex );
22 use String
::Random
qw( random_string );
27 use C4
::Form
::MessagingPreferences
;
29 use Koha
::Patron
::Modification
;
30 use Koha
::Patron
::Modifications
;
35 use Koha
::Patron
::Images
;
39 my $dbh = C4
::Context
->dbh;
41 my ( $template, $borrowernumber, $cookie ) = get_template_and_user
(
43 template_name
=> "opac-memberentry.tt",
50 unless ( C4
::Context
->preference('PatronSelfRegistration') || $borrowernumber )
52 print $cgi->redirect("/cgi-bin/koha/opac-main.pl");
56 my $action = $cgi->param('action') || q{};
57 if ( $action eq q{} ) {
58 if ($borrowernumber) {
66 my $mandatory = GetMandatoryFields
($action);
68 my @libraries = Koha
::Libraries
->search;
69 if ( my @libraries_to_display = split '\|', C4
::Context
->preference('PatronSelfRegistrationLibraryList') ) {
70 @libraries = map { my $b = $_; my $branchcode = $_->branchcode; grep( /^$branchcode$/, @libraries_to_display ) ?
$b : () } @libraries;
72 my ( $min, $max ) = C4
::Members
::get_cardnumber_length
();
75 minlength_cardnumber
=> $min,
76 maxlength_cardnumber
=> $max
82 hidden
=> GetHiddenFields
( $mandatory, 'registration' ),
83 mandatory
=> $mandatory,
84 libraries
=> \
@libraries,
85 OPACPatronDetails
=> C4
::Context
->preference('OPACPatronDetails'),
88 if ( $action eq 'create' ) {
90 my %borrower = ParseCgiForBorrower
($cgi);
92 %borrower = DelEmptyFields
(%borrower);
94 my @empty_mandatory_fields = CheckMandatoryFields
( \
%borrower, $action );
95 my $invalidformfields = CheckForInvalidFields
(\
%borrower);
96 delete $borrower{'password2'};
97 my $cardnumber_error_code;
98 if ( !grep { $_ eq 'cardnumber' } @empty_mandatory_fields ) {
99 # No point in checking the cardnumber if it's missing and mandatory, it'll just generate a
100 # spurious length warning.
101 $cardnumber_error_code = checkcardnumber
( $borrower{cardnumber
}, $borrower{borrowernumber
} );
104 if ( @empty_mandatory_fields || @
$invalidformfields || $cardnumber_error_code ) {
105 if ( $cardnumber_error_code == 1 ) {
106 $template->param( cardnumber_already_exists
=> 1 );
107 } elsif ( $cardnumber_error_code == 2 ) {
108 $template->param( cardnumber_wrong_length
=> 1 );
112 empty_mandatory_fields
=> \
@empty_mandatory_fields,
113 invalid_form_fields
=> $invalidformfields,
114 borrower
=> \
%borrower
118 md5_base64
( uc( $cgi->param('captcha') ) ) ne $cgi->param('captcha_digest') )
122 borrower
=> \
%borrower
127 C4
::Context
->boolean_preference(
128 'PatronSelfRegistrationVerifyByEmail')
131 ( $template, $borrowernumber, $cookie ) = get_template_and_user
(
133 template_name
=> "opac-registration-email-sent.tt",
136 authnotrequired
=> 1,
139 $template->param( 'email' => $borrower{'email'} );
141 my $verification_token = md5_hex
( \
%borrower );
143 $borrower{password
} = random_string
("..........");
144 $borrower{verification_token
} = $verification_token;
146 Koha
::Patron
::Modification
->new( \
%borrower )->store();
148 #Send verification email
149 my $letter = C4
::Letters
::GetPreparedLetter
(
151 letter_code
=> 'OPAC_REG_VERIFY',
153 borrower_modifications
=> $verification_token,
157 C4
::Letters
::EnqueueLetter
(
160 message_transport_type
=> 'email',
161 to_address
=> $borrower{'email'},
163 C4
::Context
->preference('KohaAdminEmailAddress'),
168 ( $template, $borrowernumber, $cookie ) = get_template_and_user
(
170 template_name
=> "opac-registration-confirmation.tt",
173 authnotrequired
=> 1,
177 $template->param( OpacPasswordChange
=>
178 C4
::Context
->preference('OpacPasswordChange') );
180 my ( $borrowernumber, $password ) = AddMember_Opac
(%borrower);
181 C4
::Form
::MessagingPreferences
::handle_form_action
($cgi, { borrowernumber
=> $borrowernumber }, $template, 1, C4
::Context
->preference('PatronSelfRegistrationDefaultCategory') ) if $borrowernumber && C4
::Context
->preference('EnhancedMessagingPreferences');
183 $template->param( password_cleartext
=> $password );
185 borrower
=> GetMember
( borrowernumber
=> $borrowernumber ) );
187 PatronSelfRegistrationAdditionalInstructions
=>
188 C4
::Context
->preference(
189 'PatronSelfRegistrationAdditionalInstructions')
194 elsif ( $action eq 'update' ) {
196 my $borrower = GetMember
( borrowernumber
=> $borrowernumber );
197 die "Wrong CSRF token"
198 unless Koha
::Token
->new->check_csrf({
199 id
=> $borrower->{userid
},
200 secret
=> md5_base64
( C4
::Context
->config('pass') ),
201 token
=> scalar $cgi->param('csrf_token'),
204 my %borrower = ParseCgiForBorrower
($cgi);
206 my %borrower_changes = DelEmptyFields
(%borrower);
207 my @empty_mandatory_fields =
208 CheckMandatoryFields
( \
%borrower_changes, $action );
209 my $invalidformfields = CheckForInvalidFields
(\
%borrower);
211 # Send back the data to the template
212 %borrower = ( %$borrower, %borrower );
214 if (@empty_mandatory_fields || @
$invalidformfields) {
216 empty_mandatory_fields
=> \
@empty_mandatory_fields,
217 invalid_form_fields
=> $invalidformfields,
218 borrower
=> \
%borrower,
219 csrf_token
=> Koha
::Token
->new->generate_csrf({
220 id
=> $borrower->{userid
},
221 secret
=> md5_base64
( C4
::Context
->config('pass') ),
225 $template->param( action
=> 'edit' );
228 my %borrower_changes = DelUnchangedFields
( $borrowernumber, %borrower );
229 if (%borrower_changes) {
230 ( $template, $borrowernumber, $cookie ) = get_template_and_user
(
232 template_name
=> "opac-memberentry-update-submitted.tt",
235 authnotrequired
=> 1,
239 $borrower_changes{borrowernumber
} = $borrowernumber;
241 # FIXME update the following with
242 # Koha::Patron::Modifications->search({ borrowernumber => $borrowernumber })->delete;
243 # when bug 17091 will be pushed
244 my $patron_modifications = Koha
::Patron
::Modifications
->search({ borrowernumber
=> $borrowernumber });
245 while ( my $patron_modification = $patron_modifications->next ) {
246 $patron_modification->delete;
249 my $m = Koha
::Patron
::Modification
->new( \
%borrower_changes )->store();
252 borrower
=> GetMember
( borrowernumber
=> $borrowernumber ),
259 borrower
=> GetMember
( borrowernumber
=> $borrowernumber ),
260 csrf_token
=> Koha
::Token
->new->generate_csrf({
261 id
=> $borrower->{userid
},
262 secret
=> md5_base64
( C4
::Context
->config('pass') ),
268 elsif ( $action eq 'edit' ) { #Display logged in borrower's data
269 my $borrower = GetMember
( borrowernumber
=> $borrowernumber );
271 if (C4
::Context
->preference('ExtendedPatronAttributes')) {
272 my $attributes = C4
::Members
::Attributes
::GetBorrowerAttributes
($borrowernumber, 'opac');
273 if (scalar(@
$attributes) > 0) {
274 $borrower->{ExtendedPatronAttributes
} = 1;
275 $borrower->{patron_attributes
} = $attributes;
280 borrower
=> $borrower,
281 guarantor
=> scalar Koha
::Patrons
->find($borrowernumber)->guarantor(),
282 hidden
=> GetHiddenFields
( $mandatory, 'modification' ),
283 csrf_token
=> Koha
::Token
->new->generate_csrf({
284 id
=> $borrower->{userid
},
285 secret
=> md5_base64
( C4
::Context
->config('pass') ),
289 if (C4
::Context
->preference('OPACpatronimages')) {
290 my $patron_image = Koha
::Patron
::Images
->find($borrower->{borrowernumber
});
291 $template->param( display_patron_image
=> 1 ) if $patron_image;
296 my $captcha = random_string
("CCCCC");
300 captcha_digest
=> md5_base64
($captcha)
303 output_html_with_http_headers
$cgi, $cookie, $template->output, undef, { force_no_caching
=> 1 };
305 sub GetHiddenFields
{
306 my ( $mandatory, $action ) = @_;
309 my $BorrowerUnwantedField = $action eq 'modification' ?
310 C4
::Context
->preference( "PatronSelfModificationBorrowerUnwantedField" ) :
311 C4
::Context
->preference( "PatronSelfRegistrationBorrowerUnwantedField" );
313 my @fields = split( /\|/, $BorrowerUnwantedField || q
|| );
316 #Don't hide mandatory fields
317 next if $mandatory->{$_};
318 $hidden_fields{$_} = 1;
321 return \
%hidden_fields;
324 sub GetMandatoryFields
{
327 my %mandatory_fields;
329 my $BorrowerMandatoryField =
330 C4
::Context
->preference("PatronSelfRegistrationBorrowerMandatoryField");
332 my @fields = split( /\|/, $BorrowerMandatoryField );
335 $mandatory_fields{$_} = 1;
338 if ( $action eq 'create' || $action eq 'new' ) {
339 $mandatory_fields{'email'} = 1
340 if C4
::Context
->boolean_preference(
341 'PatronSelfRegistrationVerifyByEmail');
344 return \
%mandatory_fields;
347 sub CheckMandatoryFields
{
348 my ( $borrower, $action ) = @_;
350 my @empty_mandatory_fields;
352 my $mandatory_fields = GetMandatoryFields
($action);
353 delete $mandatory_fields->{'cardnumber'};
355 foreach my $key ( keys %$mandatory_fields ) {
356 push( @empty_mandatory_fields, $key )
357 unless ( defined( $borrower->{$key} ) && $borrower->{$key} );
360 return @empty_mandatory_fields;
363 sub CheckForInvalidFields
{
364 my $minpw = C4
::Context
->preference('minPasswordLength');
365 my $borrower = shift;
367 if ($borrower->{'email'}) {
368 unless ( Email
::Valid
->address($borrower->{'email'}) ) {
369 push(@invalidFields, "email");
370 } elsif ( C4
::Context
->preference("PatronSelfRegistrationEmailMustBeUnique") ) {
371 my $patrons_with_same_email = Koha
::Patrons
->search( { email
=> $borrower->{email
} })->count;
372 if ( $patrons_with_same_email ) {
373 push @invalidFields, "duplicate_email";
377 if ($borrower->{'emailpro'}) {
378 push(@invalidFields, "emailpro") if (!Email
::Valid
->address($borrower->{'emailpro'}));
380 if ($borrower->{'B_email'}) {
381 push(@invalidFields, "B_email") if (!Email
::Valid
->address($borrower->{'B_email'}));
383 if ( $borrower->{'password'} ne $borrower->{'password2'} ){
384 push(@invalidFields, "password_match");
386 if ( $borrower->{'password'} && $minpw && (length($borrower->{'password'}) < $minpw) ) {
387 push(@invalidFields, "password_invalid");
389 if ( $borrower->{'password'} ) {
390 push(@invalidFields, "password_spaces") if ($borrower->{'password'} =~ /^\s/ or $borrower->{'password'} =~ /\s$/);
393 return \
@invalidFields;
396 sub ParseCgiForBorrower
{
399 my $scrubber = C4
::Scrubber
->new();
402 foreach ( $cgi->param ) {
403 if ( $_ =~ '^borrower_' ) {
404 my ($key) = substr( $_, 9 );
405 $borrower{$key} = $scrubber->scrub( scalar $cgi->param($_) );
410 $dob_dt = eval { dt_from_string
( $borrower{'dateofbirth'} ); }
411 if ( $borrower{'dateofbirth'} );
414 $borrower{'dateofbirth'} = output_pref
( { dt
=> $dob_dt, dateonly
=> 1, dateformat
=> 'iso' } );
418 $borrower{'dateofbirth'} = undef;
424 sub DelUnchangedFields
{
425 my ( $borrowernumber, %new_data ) = @_;
427 my $current_data = GetMember
( borrowernumber
=> $borrowernumber );
429 foreach my $key ( keys %new_data ) {
430 if ( $current_data->{$key} eq $new_data{$key} ) {
431 delete $new_data{$key};
441 foreach my $key ( keys %borrower ) {
442 delete $borrower{$key} unless $borrower{$key};