search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Bug 5995 : MT2892: Fix security issue in CAS intranet login
[koha.git] / acqui / parcel.pl
blobec5071bc2aa5c3b1ee8371f4bb95bc9664c44fc1
1 #!/usr/bin/perl
2
3 #script to recieve orders
4
5
6 # Copyright 2000-2002 Katipo Communications
7 # Copyright 2008-2009 BibLibre SARL
8 #
9 # This file is part of Koha.
10 #
11 # Koha is free software; you can redistribute it and/or modify it under the
12 # terms of the GNU General Public License as published by the Free Software
13 # Foundation; either version 2 of the License, or (at your option) any later
14 # version.
15 #
16 # Koha is distributed in the hope that it will be useful, but WITHOUT ANY
17 # WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
18 # A PARTICULAR PURPOSE. See the GNU General Public License for more details.
19 #
20 # You should have received a copy of the GNU General Public License along
21 # with Koha; if not, write to the Free Software Foundation, Inc.,
22 # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
23
24 =head1 NAME
25
26 parcel.pl
27
28 =head1 DESCRIPTION
29
30 This script shows all orders receipt or pending for a given supplier.
31 It allows to write an order as 'received' when he arrives.
32
33 =head1 CGI PARAMETERS
34
35 =over 4
36
37 =item supplierid
38
39 To know the supplier this script has to show orders.
40
41 =item code
42
43 is the bookseller invoice number.
44
45 =item freight
46
47
48 =item gst
49
50
51 =item datereceived
52
53 To filter the results list on this given date.
54
55 =back
56
57 =cut
58
59 use strict;
60 #use warnings; FIXME - Bug 2505
61 use C4::Auth;
62 use C4::Acquisition;
63 use C4::Budgets;
64 use C4::Bookseller qw/ GetBookSellerFromId /;
65 use C4::Biblio;
66 use C4::Items;
67 use CGI;
68 use C4::Output;
69 use C4::Dates qw/format_date format_date_in_iso/;
70 use JSON;
71
72 my $input=new CGI;
73 my $supplierid=$input->param('supplierid');
74 my $bookseller=GetBookSellerFromId($supplierid);
75
76 my $invoice=$input->param('invoice') || '';
77 my $freight=$input->param('freight');
78 my $input_gst = ($input->param('gst') eq '' ? undef : $input->param('gst'));
79 my $gst= $input_gst // $bookseller->{gstrate} // C4::Context->preference("gist") // 0;
80 my $datereceived = ($input->param('op') eq 'new') ? C4::Dates->new($input->param('datereceived'))
81 : C4::Dates->new($input->param('datereceived'), 'iso') ;
82 $datereceived = C4::Dates->new() unless $datereceived;
83 my $code = $input->param('code');
84 my @rcv_err = $input->param('error');
85 my @rcv_err_barcode = $input->param('error_bc');
86
87 my $startfrom=$input->param('startfrom');
88 my $resultsperpage = $input->param('resultsperpage');
89 $resultsperpage = 20 unless ($resultsperpage);
90 $startfrom=0 unless ($startfrom);
91
92 if($input->param('format') eq "json"){
93 my ($template, $loggedinuser, $cookie)
94 = get_template_and_user({template_name => "acqui/ajax.tmpl",
95 query => $input,
96 type => "intranet",
97 authnotrequired => 0,
98 flagsrequired => {acquisition => 'order_receive'},
99 debug => 1,
100 });
101
102 my @datas;
103 my $search = $input->param('search') || '';
104 my $supplier = $input->param('supplierid') || '';
105 my $basketno = $input->param('basketno') || '';
106 my $orderno = $input->param('orderno') || '';
107
108 my $orders = SearchOrder($orderno, $search, $supplier, $basketno);
109 foreach my $order (@$orders){
110 if($order->{quantityreceived} < $order->{quantity}){
111 my $data = {};
112
113 $data->{basketno} = $order->{basketno};
114 $data->{ordernumber} = $order->{ordernumber};
115 $data->{title} = $order->{title};
116 $data->{author} = $order->{author};
117 $data->{isbn} = $order->{isbn};
118 $data->{booksellerid} = $order->{booksellerid};
119 $data->{biblionumber} = $order->{biblionumber};
120 $data->{freight} = $order->{freight};
121 $data->{quantity} = $order->{quantity};
122 $data->{ecost} = $order->{ecost};
123 $data->{ordertotal} = sprintf("%.2f",$order->{ecost}*$order->{quantity});
124 push @datas, $data;
125 }
126 }
127
128 my $json_text = to_json(\@datas);
129 $template->param(return => $json_text);
130 output_html_with_http_headers $input, $cookie, $template->output;
131 exit;
132 }
133
134 my ($template, $loggedinuser, $cookie)
135 = get_template_and_user({template_name => "acqui/parcel.tmpl",
136 query => $input,
137 type => "intranet",
138 authnotrequired => 0,
139 flagsrequired => {acquisition => 'order_receive'},
140 debug => 1,
141 });
142
143 my $action = $input->param('action');
144 my $ordernumber = $input->param('ordernumber');
145 my $biblionumber = $input->param('biblionumber');
146
147 # If canceling an order
148 if ($action eq "cancelorder") {
149
150 my $error_delitem;
151 my $error_delbiblio;
152
153 # We delete the order
154 DelOrder($biblionumber, $ordernumber);
155
156 # We delete all the items related to this order
157 my @itemnumbers = GetItemnumbersFromOrder($ordernumber);
158 foreach (@itemnumbers) {
159 my $delcheck = DelItemCheck(C4::Context->dbh, $biblionumber, $_);
160 # (should always success, as no issue should exist on item on order)
161 if ($delcheck != 1) { $error_delitem = 1; }
162 }
163
164 # We get the number of remaining items
165 my $itemcount = GetItemsCount($biblionumber);
166
167 # If there are no items left,
168 if ($itemcount eq 0) {
169 # We delete the record
170 $error_delbiblio = DelBiblio($biblionumber);
171 }
172
173 if ($error_delitem || $error_delbiblio) {
174 if ($error_delitem) { $template->param(error_delitem => 1); }
175 if ($error_delbiblio) { $template->param(error_delbiblio => 1); }
176 } else {
177 $template->param(success_delorder => 1);
178 }
179 }
180
181 # If receiving error, report the error (coming from finishrecieve.pl(sic)).
182 if( scalar(@rcv_err) ) {
183 my $cnt=0;
184 my $error_loop;
185 for my $err (@rcv_err) {
186 push @$error_loop, { "error_$err" => 1 , barcode => $rcv_err_barcode[$cnt] };
187 $cnt++;
188 }
189 $template->param( receive_error => 1 ,
190 error_loop => $error_loop,
191 );
192 }
193
194 my $cfstr = "%.2f"; # currency format string -- could get this from currency table.
195 my @parcelitems = GetParcel($supplierid, $invoice, $datereceived->output('iso'));
196 my $countlines = scalar @parcelitems;
197 my $totalprice = 0;
198 my $totalfreight = 0;
199 my $totalquantity = 0;
200 my $total;
201 my $tototal;
202 my @loop_received = ();
203
204 for (my $i = 0 ; $i < $countlines ; $i++) {
205
206 #$total=($parcelitems[$i]->{'unitprice'} + $parcelitems[$i]->{'freight'}) * $parcelitems[$i]->{'quantityreceived'}; #weird, are the freight fees counted by book? (pierre)
207 $total = ($parcelitems[$i]->{'unitprice'}) * $parcelitems[$i]->{'quantityreceived'}; #weird, are the freight fees counted by book? (pierre)
208 $parcelitems[$i]->{'unitprice'} += 0;
209 my %line;
210 %line = %{ $parcelitems[$i] };
211 $line{invoice} = $invoice;
212 $line{gst} = $gst;
213 $line{total} = sprintf($cfstr, $total);
214 $line{supplierid} = $supplierid;
215 push @loop_received, \%line;
216 $totalprice += $parcelitems[$i]->{'unitprice'};
217 $line{unitprice} = sprintf($cfstr, $parcelitems[$i]->{'unitprice'});
218
219 #double FIXME - totalfreight is redefined later.
220
221 # FIXME - each order in a parcel holds the freight for the whole parcel. This means if you receive a parcel with items from multiple budgets, you'll see the freight charge in each budget..
222 if ($i > 0 && $totalfreight != $parcelitems[$i]->{'freight'}) {
223 warn "FREIGHT CHARGE MISMATCH!!";
224 }
225 $totalfreight = $parcelitems[$i]->{'freight'};
226 $totalquantity += $parcelitems[$i]->{'quantityreceived'};
227 $tototal += $total;
228 }
229
230 my $pendingorders = GetPendingOrders($supplierid);
231 my $countpendings = scalar @$pendingorders;
232
233 # pending orders totals
234 my ($totalPunitprice, $totalPquantity, $totalPecost, $totalPqtyrcvd);
235 my $ordergrandtotal;
236 my @loop_orders = ();
237 for (my $i = 0 ; $i < $countpendings ; $i++) {
238 my %line;
239 %line = %{$pendingorders->[$i]};
240 $line{quantity}+=0;
241 $line{quantityreceived}+=0;
242 $line{unitprice}+=0;
243 $totalPunitprice += $line{unitprice};
244 $totalPquantity +=$line{quantity};
245 $totalPqtyrcvd +=$line{quantityreceived};
246 $totalPecost += $line{ecost};
247 $line{ecost} = sprintf("%.2f",$line{ecost});
248 $line{ordertotal} = sprintf("%.2f",$line{ecost}*$line{quantity});
249 $line{unitprice} = sprintf("%.2f",$line{unitprice});
250 $line{invoice} = $invoice;
251 $line{gst} = $gst;
252 $line{total} = $total;
253 $line{supplierid} = $supplierid;
254 $ordergrandtotal += $line{ecost} * $line{quantity};
255 push @loop_orders, \%line if ($i >= $startfrom and $i < $startfrom + $resultsperpage);
256 }
257 $freight = $totalfreight unless $freight;
258
259 my $count = $countpendings;
260
261 if ($count>$resultsperpage){
262 my $displaynext=0;
263 my $displayprev=$startfrom;
264 if(($count - ($startfrom+$resultsperpage)) > 0 ) {
265 $displaynext = 1;
266 }
267
268 my @numbers = ();
269 for (my $i=1; $i<$count/$resultsperpage+1; $i++) {
270 my $highlight=0;
271 ($startfrom/$resultsperpage==($i-1)) && ($highlight=1);
272 push @numbers, { number => $i,
273 highlight => $highlight ,
274 startfrom => ($i-1)*$resultsperpage};
275 }
276
277 my $from = $startfrom*$resultsperpage+1;
278 my $to;
279 if($count < (($startfrom+1)*$resultsperpage)){
280 $to = $count;
281 } else {
282 $to = (($startfrom+1)*$resultsperpage);
283 }
284 $template->param(numbers=>\@numbers,
285 displaynext=>$displaynext,
286 displayprev=>$displayprev,
287 nextstartfrom=>(($startfrom+$resultsperpage<$count)?$startfrom+$resultsperpage:$count),
288 prevstartfrom=>(($startfrom-$resultsperpage>0)?$startfrom-$resultsperpage:0)
289 );
290 }
291
292 #$totalfreight=$freight;
293 $tototal = $tototal + $freight;
294
295 $template->param(
296 invoice => $invoice,
297 datereceived => $datereceived->output('iso'),
298 invoicedatereceived => $datereceived->output('iso'),
299 formatteddatereceived => $datereceived->output(),
300 name => $bookseller->{'name'},
301 supplierid => $supplierid,
302 gst => $gst,
303 freight => $freight,
304 invoice => $invoice,
305 countreceived => $countlines,
306 loop_received => \@loop_received,
307 countpending => $countpendings,
308 loop_orders => \@loop_orders,
309 totalprice => sprintf($cfstr, $totalprice),
310 totalfreight => $totalfreight,
311 totalquantity => $totalquantity,
312 tototal => sprintf($cfstr, $tototal),
313 ordergrandtotal => sprintf($cfstr, $ordergrandtotal),
314 gst => $gst,
315 grandtot => sprintf($cfstr, $tototal + $gst),
316 totalPunitprice => sprintf("%.2f", $totalPunitprice),
317 totalPquantity => $totalPquantity,
318 totalPqtyrcvd => $totalPqtyrcvd,
319 totalPecost => sprintf("%.2f", $totalPecost),
320 resultsperpage => $resultsperpage,
321 );
322 output_html_with_http_headers $input, $cookie, $template->output;
323
Koha ILS