Bug 25009: Avoid leakages in opac-showmarc.pl
[koha.git] / admin / preferences.pl
blob3b1676e0e2a233cc4b88d66bb024f937bb7fdb2d
1 #!/usr/bin/perl
3 # Copyright 2009 Jesse Weaver and the Koha Dev Team
5 # This file is part of Koha.
7 # Koha is free software; you can redistribute it and/or modify it
8 # under the terms of the GNU General Public License as published by
9 # the Free Software Foundation; either version 3 of the License, or
10 # (at your option) any later version.
12 # Koha is distributed in the hope that it will be useful, but
13 # WITHOUT ANY WARRANTY; without even the implied warranty of
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 # GNU General Public License for more details.
17 # You should have received a copy of the GNU General Public License
18 # along with Koha; if not, see <http://www.gnu.org/licenses>.
20 use Modern::Perl;
22 use CGI qw ( -utf8 );
23 use C4::Auth;
24 use C4::Context;
25 use C4::Koha;
26 use C4::Languages qw(getTranslatedLanguages);
27 use C4::ClassSource;
28 use C4::Log;
29 use C4::Output;
30 use C4::Templates;
31 use Koha::Acquisition::Currencies;
32 use File::Spec;
33 use IO::File;
34 use YAML::Syck qw();
35 use List::MoreUtils qw(any);
36 $YAML::Syck::ImplicitTyping = 1;
37 $YAML::Syck::ImplicitUnicode = 1;
39 # use Smart::Comments;
42 sub GetTab {
43 my ( $input, $tab ) = @_;
45 my $tab_template = C4::Templates::gettemplate( 'admin/preferences/' . $tab . '.pref', 'intranet', $input );
47 my $active_currency = Koha::Acquisition::Currencies->get_active;
48 my $local_currency;
49 if ($active_currency) {
50 $local_currency = $active_currency->currency;
52 $tab_template->param(
53 local_currency => $local_currency, # currency code is used, because we do not know how a given currency is formatted.
56 return YAML::Syck::Load( $tab_template->output() );
59 sub _get_chunk {
60 my ( $value, %options ) = @_;
62 my $name = $options{'pref'};
63 my $chunk = { name => $name, value => $value, type => $options{'type'} || 'input', class => $options{'class'} };
64 if( $options{'syntax'} ){
65 $chunk->{'syntax'} = $options{'syntax'};
67 if ( $options{'class'} && $options{'class'} eq 'password' ) {
68 $chunk->{'input_type'} = 'password';
69 } elsif ( $options{'class'} && $options{'class'} eq 'date' ) {
70 $chunk->{'dateinput'} = 1;
71 } elsif ( $options{'type'} && ( $options{'type'} eq 'opac-languages' || $options{'type'} eq 'staff-languages' ) ) {
72 my $current_languages = { map { +$_, 1 } split( /\s*,\s*/, $value ) };
74 my $theme;
75 my $interface;
76 if ( $options{'type'} eq 'opac-languages' ) {
77 # this is the OPAC
78 $interface = 'opac';
79 $theme = C4::Context->preference('opacthemes');
80 } else {
81 # this is the staff client
82 $interface = 'intranet';
83 $theme = C4::Context->preference('template');
85 $chunk->{'languages'} = getTranslatedLanguages( $interface, $theme, undef, $current_languages );
86 $chunk->{'type'} = 'languages';
87 } elsif ( $options{ 'choices' } ) {
88 if ( $options{'choices'} && ref( $options{ 'choices' } ) eq '' ) {
89 if ( $options{'choices'} eq 'class-sources' ) {
90 my $sources = GetClassSources();
91 $options{'choices'} = { map { $_ => $sources->{$_}->{'description'} } keys %$sources };
92 } elsif ( $options{'choices'} eq 'opac-templates' ) {
93 $options{'choices'} = { map { $_ => $_ } getallthemes( 'opac' ) }
94 } elsif ( $options{'choices'} eq 'staff-templates' ) {
95 $options{'choices'} = { map { $_ => $_ } getallthemes( 'intranet' ) }
96 } else {
97 die 'Unrecognized source of preference values: ' . $options{'choices'};
101 $value ||= 0;
103 $chunk->{'type'} = 'select';
104 $chunk->{'CHOICES'} = [
105 sort { $a->{'text'} cmp $b->{'text'} }
106 map { { text => $options{'choices'}->{$_}, value => $_, selected => ( $_ eq $value || ( $_ eq '' && ( $value eq '0' || !$value ) ) ) } }
107 keys %{ $options{'choices'} }
109 } elsif ( $options{'multiple'} ) {
110 my @values;
111 @values = split /,/, $value if defined($value);
112 $chunk->{type} = 'multiple';
113 $chunk->{CHOICES} = [
114 sort { $a->{'text'} cmp $b->{'text'} }
115 map {
116 my $option_value = $_;
118 text => $options{multiple}->{$option_value},
119 value => $option_value,
120 selected => (grep { $_ eq $option_value } @values) ? 1 : 0,
123 keys %{ $options{multiple} }
127 $chunk->{ 'type_' . $chunk->{'type'} } = 1;
129 return $chunk;
132 sub TransformPrefsToHTML {
133 my ( $data, $searchfield ) = @_;
135 my @lines;
136 my $dbh = C4::Context->dbh;
137 my $title = ( keys( %$data ) )[0];
138 my $tab = $data->{ $title };
139 $tab = { '' => $tab } if ( ref( $tab ) eq 'ARRAY' );
141 my @override_syspref_names;
142 if ( exists($ENV{OVERRIDE_SYSPREF_NAMES}) &&
143 defined($ENV{OVERRIDE_SYSPREF_NAMES})
145 @override_syspref_names = split /,/, $ENV{OVERRIDE_SYSPREF_NAMES};
148 foreach my $group ( sort keys %$tab ) {
149 if ( $group ) {
150 push @lines, { is_group_title => 1, title => $group };
153 foreach my $line ( @{ $tab->{ $group } } ) {
154 my @chunks;
155 my @names;
157 foreach my $piece ( @$line ) {
158 if ( ref ( $piece ) eq 'HASH' ) {
159 my $name = $piece->{'pref'};
161 if ( $name ) {
162 my $row = $dbh->selectrow_hashref( "SELECT value, type FROM systempreferences WHERE variable = ?", {}, $name );
163 my $value;
164 if ( ( !defined( $row ) || ( !defined( $row->{'value'} ) && $row->{'type'} ne 'YesNo' ) ) && defined( $piece->{'default'} ) ) {
165 $value = $piece->{'default'};
166 } else {
167 $value = $row->{'value'};
169 my $chunk = _get_chunk( $value, %$piece );
171 # No highlighting of inputs yet, but would be useful
172 $chunk->{'highlighted'} = 1 if ( $searchfield && $name =~ /^$searchfield$/i );
174 push @chunks, $chunk;
176 my $name_entry = { name => $name };
177 if ( $searchfield ) {
178 if ( $name =~ /^$searchfield$/i ) {
179 $name_entry->{'jumped'} = 1;
180 } elsif ( $name =~ /$searchfield/i ) {
181 $name_entry->{'highlighted'} = 1;
184 $name_entry->{'overridden'} = 1 if ( any { $name eq $_ } @override_syspref_names );
185 push @names, $name_entry;
186 } else {
187 push @chunks, $piece;
189 } else {
190 if ( $piece ) {
191 my $version = Koha::version();
192 my ( $major, $minor, $maintenance, $development ) = split( '\.', $version );
193 if ( $minor % 2 ) {
194 $piece =~ s|__VERSION__|${major}_${minor}|g;
195 } else {
196 $piece =~ s|__VERSION__|master|g;
199 push @chunks, { type_text => 1, contents => $piece };
202 push @lines, { CHUNKS => \@chunks, NAMES => \@names, is_group_title => 0 };
206 return $title, \@lines;
209 sub _get_pref_files {
210 my ( $input, $open_files ) = @_;
212 my ( $htdocs, $theme, $lang, undef ) = C4::Templates::_get_template_file( 'admin/preferences/admin.pref', 'intranet', $input );
214 my %results;
216 foreach my $file ( glob( "$htdocs/$theme/$lang/modules/admin/preferences/*.pref" ) ) {
217 my ( $tab ) = ( $file =~ /([a-z0-9_-]+)\.pref$/ );
219 $results{$tab} = $open_files ? new IO::File( $file, 'r' ) : '';
222 return %results;
225 sub SearchPrefs {
226 my ( $input, $searchfield ) = @_;
227 my @tabs;
229 my %tab_files = _get_pref_files( $input );
230 our @terms = split( /\s+/, $searchfield );
232 foreach my $tab_name ( sort keys %tab_files ) {
233 # Force list context to remove 'uninitialized value in goto' warn coming from YAML::Syck; note that the other GetTab call is in list context too. The actual cause however is the null value for the pref OpacRenewalBranch in opac.pref
234 my ($data) = GetTab( $input, $tab_name );
235 my $title = ( keys( %$data ) )[0];
236 my $tab = $data->{ $title };
237 $tab = { '' => $tab } if ( ref( $tab ) eq 'ARRAY' );
239 my $matched_groups;
241 while ( my ( $group_title, $contents ) = each %$tab ) {
242 if ( matches( $group_title, \@terms ) ) {
243 $matched_groups->{$group_title} = $contents;
244 next;
247 my @new_contents;
249 foreach my $line ( @$contents ) {
250 my $matched;
252 foreach my $piece ( @$line ) {
253 if ( ref( $piece ) eq 'HASH' ) {
254 if ( !$piece->{'pref'} ){
255 next;
257 if ( matches( $piece->{'pref'}, \@terms) ) {
258 $matched = 1;
259 } elsif ( ref( $piece->{'choices'} ) eq 'HASH' && grep( { $_ && matches( $_, \@terms ) } values( %{ $piece->{'choices'} } ) ) ) {
260 $matched = 1;
262 } elsif ( matches( $piece, \@terms ) ) {
263 $matched = 1;
265 last if ( $matched );
268 push @new_contents, $line if ( $matched );
271 $matched_groups->{$group_title} = \@new_contents if ( @new_contents );
274 if ( $matched_groups ) {
275 my ( $title, $LINES ) = TransformPrefsToHTML( { $title => $matched_groups }, $searchfield );
277 push @tabs, { tab => $tab, tab_title => $title, LINES => $LINES, tab_id => $tab_name };
281 return @tabs;
284 sub matches {
285 my ( $text, $terms ) = @_;
286 if ( $text ) {
287 return !grep(
289 my $re = eval{qr|$_|i};
290 $re = qr|\Q$_\E| if $@;
291 $text !~ m|$re|;
292 } @$terms
297 my $dbh = C4::Context->dbh;
298 our $input = new CGI;
300 my ( $template, $borrowernumber, $cookie ) = get_template_and_user(
301 { template_name => "admin/preferences.tt",
302 query => $input,
303 type => "intranet",
304 authnotrequired => 0,
305 flagsrequired => { parameters => 'manage_sysprefs' },
306 debug => 1,
310 my $op = $input->param( 'op' ) || '';
311 my $tab = $input->param( 'tab' );
312 $tab ||= 'accounting'; # Ideally this should be "local-use" but preferences.pl
313 # does not presently support local use preferences
315 my $highlighted;
317 if ( $op eq 'save' ) {
318 foreach my $param ( $input->param() ) {
319 my ( $pref ) = ( $param =~ /pref_(.*)/ );
321 next if ( !defined( $pref ) );
323 my $value = join( ',', $input->param( $param ) );
325 C4::Context->set_preference( $pref, $value );
328 print $input->redirect( '/cgi-bin/koha/admin/preferences.pl?tab=' . $tab );
329 exit;
332 my @TABS;
334 if ( $op eq 'search' ) {
335 my $searchfield = $input->param( 'searchfield' );
337 $searchfield =~ s/\p{IsC}//g;
338 $searchfield =~ s/\s+/ /;
339 $searchfield =~ s/^\s+//;
340 $searchfield =~ s/\s+$//;
342 $template->param( searchfield => $searchfield );
344 @TABS = SearchPrefs( $input, $searchfield );
346 foreach my $tabh ( @TABS ) {
347 $template->param(
348 $tabh->{'tab'} => 1
352 if ( @TABS ) {
353 $tab = ''; # No need to load a particular tab, as we found results
354 $template->param( search_jumped => 1 ) if ( $TABS[0]->{'search_jumped'} );
355 } else {
356 $template->param(
357 search_not_found => 1,
362 if ( $tab ) {
363 my ( $tab_title, $LINES ) = TransformPrefsToHTML( GetTab( $input, $tab ), $highlighted );
365 push @TABS, { tab_title => $tab_title, LINES => $LINES, tab_id => $tab };
366 $template->param(
367 $tab => 1,
368 tab => $tab,
372 $template->param( TABS => \@TABS );
374 output_html_with_http_headers $input, $cookie, $template->output;