search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Bug 19061: Avoid SQL Injection vulnerability
[koha.git] / members / statistics.pl
blob5979e7f1dd29bdf48973e1fc191dd96a9854dc38
1 #!/usr/bin/perl
2
3 # Copyright 2012 BibLibre
4 # This file is part of Koha.
5 #
6 # Koha is free software; you can redistribute it and/or modify it under the
7 # terms of the GNU General Public License as published by the Free Software
8 # Foundation; either version 2 of the License, or (at your option) any later
9 # version.
10 #
11 # Koha is distributed in the hope that it will be useful, but WITHOUT ANY
12 # WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
13 # A PARTICULAR PURPOSE. See the GNU General Public License for more details.
14 #
15 # You should have received a copy of the GNU General Public License along with
16 # Koha; if not, write to the Free Software Foundation, Inc.,
17 # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
18
19 =head1 members/statistics.pl
20
21 Generate statistic issues for a member
22
23 =cut
24
25 use Modern::Perl;
26
27 use CGI qw ( -utf8 );
28 use C4::Auth;
29 use C4::Context;
30 use C4::Members;
31 use C4::Members::Statistics;
32 use C4::Members::Attributes qw(GetBorrowerAttributes);
33 use C4::Output;
34 use Koha::Patrons;
35
36 my $input = new CGI;
37
38 my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
39 { template_name => "members/statistics.tt",
40 query => $input,
41 type => "intranet",
42 authnotrequired => 0,
43 flagsrequired => { borrowers => 1 },
44 debug => 1,
45 }
46 );
47
48 my $borrowernumber = $input->param('borrowernumber');
49
50 # Set informations for the patron
51 my $patron = Koha::Patrons->find( $borrowernumber );
52 unless ( $patron ) {
53 $template->param (unknowuser => 1);
54 output_html_with_http_headers $input, $cookie, $template->output;
55 exit;
56 }
57
58 my $category = $patron->category;
59 my $borrower= $patron->unblessed;
60 $borrower->{description} = $category->description;
61 $borrower->{category_type} = $category->category_type;
62
63 foreach my $key ( keys %$borrower ) {
64 $template->param( $key => $borrower->{$key} );
65 }
66 $template->param(
67 categoryname => $borrower->{'description'},
68 );
69 # Construct column names
70 my $fields = C4::Members::Statistics::get_fields();
71 our @statistic_column_names = split '\|', $fields;
72 our @value_column_names = ( 'count_precedent_state', 'count_total_issues_today', 'count_total_issues_returned_today' );
73 our @column_names = ( @statistic_column_names, @value_column_names );
74
75 # Get statistics
76 my $precedent_state = GetPrecedentStateByBorrower( $borrowernumber );
77 my $total_issues_today = GetTotalIssuesTodayByBorrower( $borrowernumber );
78 my $total_issues_returned_today = GetTotalIssuesReturnedTodayByBorrower( $borrowernumber );
79 my $r = merge (
80 @$precedent_state, @$total_issues_today, @$total_issues_returned_today
81 );
82
83 add_actual_state( $r );
84 my ( $total, $datas ) = build_array( $r );
85
86 # Gettings sums
87 my $count_total_precedent_state = $total->{count_precedent_state} || 0;
88 my $count_total_issues = $total->{count_total_issues_today} || 0;
89 my $count_total_issues_returned = $total->{count_total_issues_returned_today} || 0;
90 my $count_total_actual_state = ($count_total_precedent_state - $count_total_issues_returned + $count_total_issues);
91
92 if (C4::Context->preference('ExtendedPatronAttributes')) {
93 my $attributes = GetBorrowerAttributes($borrowernumber);
94 $template->param(
95 ExtendedPatronAttributes => 1,
96 extendedattributes => $attributes
97 );
98 }
99
100 $template->param( picture => 1 ) if $patron->image;
101
102 $template->param(%$borrower);
103
104 $template->param( adultborrower => 1 ) if ( $borrower->{category_type} eq 'A' || $borrower->{category_type} eq 'I' );
105
106 $template->param(
107 statisticsview => 1,
108 datas => $datas,
109 column_names => \@statistic_column_names,
110 count_total_issues => $count_total_issues,
111 count_total_issues_returned => $count_total_issues_returned,
112 count_total_precedent_state => $count_total_precedent_state,
113 count_total_actual_state => $count_total_actual_state,
114 RoutingSerials => C4::Context->preference('RoutingSerials'),
115 );
116
117 output_html_with_http_headers $input, $cookie, $template->output;
118
119
120 =head1 FUNCTIONS
121
122 =head2 add_actual_state
123
124 Add a 'count_actual_state' key in all hashes
125 count_actual_state = count_precedent_state - count_total_issues_returned_today + count_total_issues_today
126
127 =cut
128
129 sub add_actual_state {
130 my ( $array ) = @_;
131 for my $hash ( @$array ) {
132 $hash->{count_actual_state} = ( $hash->{count_precedent_state} // 0 ) - ( $hash->{count_total_issues_returned_today} // 0 ) + ( $hash->{count_total_issues_today} // 0 );
133 }
134 }
135
136 =head2 build_array
137
138 Build a new array containing values of hashes.
139 It used by template whitch display silly values.
140 ex:
141 $array = [
142 {
143 'count_total_issues_returned_today' => 1,
144 'ccode' => 'ccode',
145 'count_actual_state' => 1,
146 'count_precedent_state' => 1,
147 'homebranch' => 'homebranch',
148 'count_total_issues_today' => 1,
149 'itype' => 'itype'
150 }
151 ];
152 and returns:
153 [
154 [
155 'homebranch',
156 'itype',
157 'ccode',
158 1,
159 1,
160 1,
161 1
162 ]
163 ];
164
165 =cut
166
167 sub build_array {
168 my ( $array ) = @_;
169 my ( @r, $total );
170 for my $hash ( @$array) {
171 my @line;
172 for my $cn ( ( @column_names, 'count_actual_state') ) {
173 if ( grep /$cn/, ( @value_column_names, 'count_actual_state') ) {
174 $hash->{$cn} //= 0;
175 if ( exists $total->{$cn} ) {
176 $total->{$cn} += $hash->{$cn} if $hash->{$cn};
177 } else {
178 $total->{$cn} = $hash->{$cn};
179 }
180 }
181 push @line, $hash->{$cn};
182 }
183 push @r, \@line;
184 }
185 return ( $total, \@r );
186 }
187
188 =head2 merge
189
190 Merge hashes with the same statistic column names into one
191 param: array, a arrayref of arrayrefs
192 ex:
193 @array = (
194 {
195 'ccode' => 'ccode',
196 'count_precedent_state' => '1',
197 'homebranch' => 'homebranch',
198 'itype' => 'itype'
199 },
200 {
201 'count_total_issues_returned_today' => '1',
202 'ccode' => 'ccode',
203 'homebranch' => 'homebranch',
204 'itype' => 'itype'
205 }
206 );
207 and returns:
208 [
209 {
210 'count_total_issues_returned_today' => '1',
211 'ccode' => 'ccode',
212 'count_precedent_state' => '1',
213 'homebranch' => 'homebranch',
214 'itype' => 'itype'
215 }
216 ];
217
218 =cut
219
220 sub merge {
221 my @array = @_;
222 my @r;
223 for my $h ( @array ) {
224 my $exists = 0;
225 for my $ch ( @r ) {
226 $exists = 1;
227 for my $cn ( @statistic_column_names ) {
228 if ( $ch->{$cn} and not $ch->{$cn} eq $h->{$cn} ) {
229 $exists = 0;
230 last;
231 }
232 }
233 if ($exists){
234 for my $cn ( @value_column_names ) {
235 next if not exists $h->{$cn};
236 $ch->{$cn} = $h->{$cn} ? $h->{$cn} : 0;
237 }
238 last;
239 }
240 }
241
242 if ( not $exists ) {push @r, $h;}
243 }
244 return \@r;
245 }
Koha ILS