Bug 14423: XSS bug in lateorders
[koha.git] / about.pl
blob4e06ae53dfc3030291fae2598d3a794c5c105e7b
1 #!/usr/bin/perl
3 # Copyright Pat Eyler 2003
4 # Copyright Biblibre 2006
5 # Parts Copyright Liblime 2008
6 # Parts Copyright Chris Nighswonger 2010
8 # This file is part of Koha.
10 # Koha is free software; you can redistribute it and/or modify it
11 # under the terms of the GNU General Public License as published by
12 # the Free Software Foundation; either version 3 of the License, or
13 # (at your option) any later version.
15 # Koha is distributed in the hope that it will be useful, but
16 # WITHOUT ANY WARRANTY; without even the implied warranty of
17 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 # GNU General Public License for more details.
20 # You should have received a copy of the GNU General Public License
21 # along with Koha; if not, see <http://www.gnu.org/licenses>.
23 use strict;
24 use warnings;
26 use CGI qw ( -utf8 );
27 use LWP::Simple;
28 use XML::Simple;
29 use Config;
31 use C4::Output;
32 use C4::Auth;
33 use C4::Context;
34 use C4::Installer;
36 use Koha;
38 #use Smart::Comments '####';
40 my $query = new CGI;
41 my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
43 template_name => "about.tt",
44 query => $query,
45 type => "intranet",
46 authnotrequired => 0,
47 flagsrequired => { catalogue => 1 },
48 debug => 1,
52 my $kohaVersion = Koha::version();
53 my $osVersion = `uname -a`;
54 my $perl_path = $^X;
55 if ($^O ne 'VMS') {
56 $perl_path .= $Config{_exe} unless $perl_path =~ m/$Config{_exe}$/i;
58 my $perlVersion = $];
59 my $mysqlVersion = `mysql -V`;
60 # Get Apache version
61 my $apacheVersion = (`apache2ctl -v`)[0];
62 $apacheVersion = `httpd2 -v 2> /dev/null` unless $apacheVersion;
63 $apacheVersion = `httpd -v 2> /dev/null` unless $apacheVersion;
64 my $zebraVersion = `zebraidx -V`;
66 # Additional system information for warnings
67 my $prefAutoCreateAuthorities = C4::Context->preference('AutoCreateAuthorities');
68 my $prefBiblioAddsAuthorities = C4::Context->preference('BiblioAddsAuthorities');
69 my $warnPrefBiblioAddsAuthorities = ( $prefAutoCreateAuthorities && ( !$prefBiblioAddsAuthorities) );
71 my $prefEasyAnalyticalRecords = C4::Context->preference('EasyAnalyticalRecords');
72 my $prefUseControlNumber = C4::Context->preference('UseControlNumber');
73 my $warnPrefEasyAnalyticalRecords = ( $prefEasyAnalyticalRecords && $prefUseControlNumber );
74 my $warnPrefAnonymousPatron = (
75 C4::Context->preference('OPACPrivacy')
76 and not C4::Context->preference('AnonymousPatron')
79 my $errZebraConnection = C4::Context->Zconn("biblioserver",0)->errcode();
81 my $warnIsRootUser = (! $loggedinuser);
83 my $warnNoActiveCurrency = (! defined C4::Budgets->GetCurrency());
84 my @xml_config_warnings;
86 my $context = new C4::Context;
88 if ( ! defined C4::Context->config('zebra_bib_index_mode') ) {
89 push @xml_config_warnings, {
90 error => 'zebra_bib_index_mode_warn'
92 if ($context->{'server'}->{'biblioserver'}->{'config'} !~ /zebra-biblios-dom.cfg/) {
93 push @xml_config_warnings, {
94 error => 'zebra_bib_mode_seems_grs1'
97 else {
98 push @xml_config_warnings, {
99 error => 'zebra_bib_mode_seems_dom'
102 } else {
103 push @xml_config_warnings, { error => 'zebra_bib_grs_warn' }
104 if C4::Context->config('zebra_bib_index_mode') eq 'grs1';
107 if ( (C4::Context->config('zebra_bib_index_mode') eq 'dom') &&
108 ($context->{'server'}->{'biblioserver'}->{'config'} !~ /zebra-biblios-dom.cfg/) ) {
110 push @xml_config_warnings, {
111 error => 'zebra_bib_index_mode_mismatch_warn'
115 if ( (C4::Context->config('zebra_bib_index_mode') eq 'grs1') &&
116 ($context->{'server'}->{'biblioserver'}->{'config'} =~ /zebra-biblios-dom.cfg/) ) {
118 push @xml_config_warnings, {
119 error => 'zebra_bib_index_mode_mismatch_warn'
123 if ( ! defined C4::Context->config('zebra_auth_index_mode') ) {
124 push @xml_config_warnings, {
125 error => 'zebra_auth_index_mode_warn'
127 if ($context->{'server'}->{'authorityserver'}->{'config'} !~ /zebra-authorities-dom.cfg/) {
128 push @xml_config_warnings, {
129 error => 'zebra_auth_mode_seems_grs1'
132 else {
133 push @xml_config_warnings, {
134 error => 'zebra_auth_mode_seems_dom'
137 } else {
138 push @xml_config_warnings, { error => 'zebra_auth_grs_warn' }
139 if C4::Context->config('zebra_auth_index_mode') eq 'grs1';
142 if ( (C4::Context->config('zebra_auth_index_mode') eq 'dom') && ($context->{'server'}->{'authorityserver'}->{'config'} !~ /zebra-authorities-dom.cfg/) ) {
143 push @xml_config_warnings, {
144 error => 'zebra_auth_index_mode_mismatch_warn'
148 if ( (C4::Context->config('zebra_auth_index_mode') eq 'grs1') && ($context->{'server'}->{'authorityserver'}->{'config'} =~ /zebra-authorities-dom.cfg/) ) {
149 push @xml_config_warnings, {
150 error => 'zebra_auth_index_mode_mismatch_warn'
154 # Test QueryParser configuration sanity
155 if ( C4::Context->preference( 'UseQueryParser' ) ) {
156 # Get the QueryParser configuration file name
157 my $queryparser_file = C4::Context->config( 'queryparser_config' );
158 my $queryparser_fallback_file = '/etc/koha/searchengine/queryparser.yaml';
159 # Check QueryParser is functional
160 my $QParser = C4::Context->queryparser();
161 my $queryparser_error = {};
162 if ( ! defined $QParser || ref($QParser) ne 'Koha::QueryParser::Driver::PQF' ) {
163 # Error initializing the QueryParser object
164 # Get the used queryparser.yaml file path to report the user
165 $queryparser_error->{ fallback } = ( defined $queryparser_file ) ? 0 : 1;
166 $queryparser_error->{ file } = ( defined $queryparser_file )
167 ? $queryparser_file
168 : $queryparser_fallback_file;
169 # Report error data to the template
170 $template->param( QueryParserError => $queryparser_error );
171 } else {
172 # Check for an absent queryparser_config entry in koha-conf.xml
173 if ( ! defined $queryparser_file ) {
174 # Not an error but a warning for the missing entry in koha-conf-xml
175 push @xml_config_warnings, {
176 error => 'queryparser_entry_missing',
177 file => $queryparser_fallback_file
183 # Test Zebra facets configuration
184 if ( !defined C4::Context->config('use_zebra_facets') ) {
185 push @xml_config_warnings, { error => 'use_zebra_facets_entry_missing' };
186 } else {
187 if ( C4::Context->config('use_zebra_facets') &&
188 C4::Context->config('zebra_bib_index_mode') ) {
189 # use_zebra_facets works with DOM
190 push @xml_config_warnings, {
191 error => 'use_zebra_facets_needs_dom'
192 } if C4::Context->config('zebra_bib_index_mode') ne 'dom' ;
196 $template->param(
197 kohaVersion => $kohaVersion,
198 osVersion => $osVersion,
199 perlPath => $perl_path,
200 perlVersion => $perlVersion,
201 perlIncPath => [ map { perlinc => $_ }, @INC ],
202 mysqlVersion => $mysqlVersion,
203 apacheVersion => $apacheVersion,
204 zebraVersion => $zebraVersion,
205 prefBiblioAddsAuthorities => $prefBiblioAddsAuthorities,
206 prefAutoCreateAuthorities => $prefAutoCreateAuthorities,
207 warnPrefBiblioAddsAuthorities => $warnPrefBiblioAddsAuthorities,
208 warnPrefEasyAnalyticalRecords => $warnPrefEasyAnalyticalRecords,
209 warnPrefAnonymousPatron => $warnPrefAnonymousPatron,
210 errZebraConnection => $errZebraConnection,
211 warnIsRootUser => $warnIsRootUser,
212 warnNoActiveCurrency => $warnNoActiveCurrency,
213 xml_config_warnings => \@xml_config_warnings,
216 my @components = ();
218 my $perl_modules = C4::Installer::PerlModules->new;
219 $perl_modules->version_info;
221 my @pm_types = qw(missing_pm upgrade_pm current_pm);
223 foreach my $pm_type(@pm_types) {
224 my $modules = $perl_modules->get_attr($pm_type);
225 foreach (@$modules) {
226 my ($module, $stats) = each %$_;
227 push(
228 @components,
230 name => $module,
231 version => $stats->{'cur_ver'},
232 missing => ($pm_type eq 'missing_pm' ? 1 : 0),
233 upgrade => ($pm_type eq 'upgrade_pm' ? 1 : 0),
234 current => ($pm_type eq 'current_pm' ? 1 : 0),
235 require => $stats->{'required'},
236 reqversion => $stats->{'min_ver'},
242 @components = sort {$a->{'name'} cmp $b->{'name'}} @components;
244 my $counter=0;
245 my $row = [];
246 my $table = [];
247 foreach (@components) {
248 push (@$row, $_);
249 unless (++$counter % 4) {
250 push (@$table, {row => $row});
251 $row = [];
254 # Processing the last line (if there are any modules left)
255 if (scalar(@$row) > 0) {
256 # Extending $row to the table size
257 $$row[3] = '';
258 # Pushing the last line
259 push (@$table, {row => $row});
261 ## ## $table
263 $template->param( table => $table );
266 ## ------------------------------------------
267 ## Koha time line code
269 #get file location
270 my $docdir;
271 if ( defined C4::Context->config('docdir') ) {
272 $docdir = C4::Context->config('docdir');
273 } else {
274 # if no <docdir> is defined in koha-conf.xml, use the default location
275 # this is a work-around to stop breakage on upgraded Kohas, bug 8911
276 $docdir = C4::Context->config('intranetdir') . '/docs';
279 if ( open( my $file, "<:encoding(UTF-8)", "$docdir" . "/history.txt" ) ) {
281 my $i = 0;
283 my @rows2 = ();
284 my $row2 = [];
286 my @lines = <$file>;
287 close($file);
289 shift @lines; #remove header row
291 foreach (@lines) {
292 my ( $date, $desc, $tag ) = split(/\t/);
293 if(!$desc && $date=~ /(?<=\d{4})\s+/) {
294 ($date, $desc)= ($`, $');
296 push(
297 @rows2,
299 date => $date,
300 desc => $desc,
305 my $table2 = [];
306 #foreach my $row2 (@rows2) {
307 foreach (@rows2) {
308 push (@$row2, $_);
309 push( @$table2, { row2 => $row2 } );
310 $row2 = [];
313 $template->param( table2 => $table2 );
314 } else {
315 $template->param( timeline_read_error => 1 );
318 output_html_with_http_headers $query, $cookie, $template->output;