Bug 19086 XSS in members/member.pl
[koha.git] / acqui / acqui-home.pl
blobfe53174e3f383174f67cf47e44b26819fe24eac6
1 #!/usr/bin/perl
3 # Copyright 2008 - 2009 BibLibre SARL
4 # This file is part of Koha.
6 # Koha is free software; you can redistribute it and/or modify it
7 # under the terms of the GNU General Public License as published by
8 # the Free Software Foundation; either version 3 of the License, or
9 # (at your option) any later version.
11 # Koha is distributed in the hope that it will be useful, but
12 # WITHOUT ANY WARRANTY; without even the implied warranty of
13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 # GNU General Public License for more details.
16 # You should have received a copy of the GNU General Public License
17 # along with Koha; if not, see <http://www.gnu.org/licenses>.
19 =head1 NAME
21 acqui-home.pl
23 =head1 DESCRIPTION
25 this script is the main page for acqui
27 =cut
29 use strict;
30 use warnings;
32 use CGI qw ( -utf8 );
33 use C4::Auth;
34 use C4::Output;
35 use C4::Acquisition;
36 use C4::Budgets;
37 use C4::Members;
38 use C4::Debug;
39 use C4::Suggestions;
40 use Koha::Acquisition::Currencies;
42 my $query = CGI->new;
43 my ( $template, $loggedinuser, $cookie, $userflags ) = get_template_and_user(
44 { template_name => 'acqui/acqui-home.tt',
45 query => $query,
46 type => 'intranet',
47 authnotrequired => 0,
48 flagsrequired => { acquisition => '*' },
49 debug => 1,
53 my $status = $query->param('status') || "ASKED";
54 my $suggestions_count = CountSuggestion($status);
56 my $budget_arr = GetBudgetHierarchy;
58 my $total = 0;
59 my $totspent = 0;
60 my $totordered = 0;
61 my $totcomtd = 0;
62 my $totavail = 0;
64 my $total_active = 0;
65 my $totspent_active = 0;
66 my $totordered_active = 0;
67 my $totavail_active = 0;
69 my @budget_loop;
70 foreach my $budget ( @{$budget_arr} ) {
71 next unless (CanUserUseBudget($loggedinuser, $budget, $userflags));
73 my $member = GetMember( borrowernumber => $budget->{budget_owner_id} );
74 if ($member) {
75 $budget->{budget_owner_firstname} = $member->{'firstname'};
76 $budget->{budget_owner_surname} = $member->{'surname'};
77 $budget->{budget_owner_borrowernumber} = $member->{'borrowernumber'};
80 if ( !defined $budget->{budget_amount} ) {
81 $budget->{budget_amount} = 0;
84 $budget->{'budget_ordered'} = GetBudgetOrdered( $budget->{'budget_id'} );
85 $budget->{'budget_spent'} = GetBudgetSpent( $budget->{'budget_id'} );
86 if ( !defined $budget->{budget_spent} ) {
87 $budget->{budget_spent} = 0;
89 if ( !defined $budget->{budget_ordered} ) {
90 $budget->{budget_ordered} = 0;
92 $budget->{'budget_avail'} =
93 $budget->{'budget_amount'} - ( $budget->{'budget_spent'} + $budget->{'budget_ordered'} );
95 $total += $budget->{'budget_amount'};
96 $totspent += $budget->{'budget_spent'};
97 $totordered += $budget->{'budget_ordered'};
98 $totavail += $budget->{'budget_avail'};
100 if ($budget->{budget_period_active}){
101 $total_active += $budget->{'budget_amount'};
102 $totspent_active += $budget->{'budget_spent'};
103 $totordered_active += $budget->{'budget_ordered'};
104 $totavail_active += $budget->{'budget_avail'};
107 push @budget_loop, $budget;
110 $template->param(
111 type => 'intranet',
112 loop_budget => \@budget_loop,
113 total => $total,
114 totspent => $totspent,
115 totordered => $totordered,
116 totcomtd => $totcomtd,
117 totavail => $totavail,
118 total_active => $total_active,
119 totspent_active => $totspent_active,
120 totordered_active => $totordered_active,
121 totavail_active => $totavail_active,
122 suggestions_count => $suggestions_count,
125 my $cur = Koha::Acquisition::Currencies->get_active;
126 if ( $cur ) {
127 $template->param(
128 currency => $cur->currency,
132 output_html_with_http_headers $query, $cookie, $template->output;