Bug 19911: Do not escape html characters when saving passwords
[koha.git] / admin / edi_accounts.pl
blob9225b7ced8da15e2cd76422e40af21ee303f43a1
1 #!/usr/bin/perl
3 # Copyright 2011,2014 Mark Gavillet & PTFS Europe Ltd
5 # This file is part of Koha.
7 # Koha is free software; you can redistribute it and/or modify it under the
8 # terms of the GNU General Public License as published by the Free Software
9 # Foundation; either version 3 of the License, or (at your option) any later
10 # version.
12 # Koha is distributed in the hope that it will be useful, but WITHOUT ANY
13 # WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
14 # A PARTICULAR PURPOSE. See the GNU General Public License for more details.
16 # You should have received a copy of the GNU General Public License along
17 # with Koha; if not, write to the Free Software Foundation, Inc.,
18 # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
20 use strict;
21 use warnings;
22 use CGI;
23 use C4::Auth;
24 use C4::Output;
25 use Koha::Database;
26 use Koha::Plugins;
28 our $input = CGI->new();
29 our $schema = Koha::Database->new()->schema();
31 our ( $template, $loggedinuser, $cookie ) = get_template_and_user(
33 template_name => 'admin/edi_accounts.tt',
34 query => $input,
35 type => 'intranet',
36 authnotrequired => 0,
37 flagsrequired => { acquisition => 'edi_manage' },
41 my $op = $input->param('op');
42 $op ||= 'display';
44 if ( $op eq 'acct_form' ) {
45 show_account();
46 $template->param( acct_form => 1 );
47 my @vendors = $schema->resultset('Aqbookseller')->search(
48 undef,
50 columns => [ 'name', 'id' ],
51 order_by => { -asc => 'name' }
54 $template->param( vendors => \@vendors );
56 my $plugins_enabled = C4::Context->preference('UseKohaPlugins') && C4::Context->config("enable_plugins");
57 $template->param( plugins_enabled => $plugins_enabled );
59 if ( $plugins_enabled ) {
60 my @plugins = Koha::Plugins->new()->GetPlugins({
61 method => 'edifact',
62 });
63 $template->param( plugins => \@plugins );
66 elsif ( $op eq 'delete_confirm' ) {
67 show_account();
68 $template->param( delete_confirm => 1 );
70 else {
71 if ( $op eq 'save' ) {
73 # validate & display
74 my $id = $input->param('id');
75 my $fields = {
76 description => scalar $input->param('description'),
77 host => scalar $input->param('host'),
78 username => scalar $input->param('username'),
79 password => scalar $input->param('password'),
80 vendor_id => scalar $input->param('vendor_id'),
81 upload_directory => scalar $input->param('upload_directory'),
82 download_directory => scalar $input->param('download_directory'),
83 san => scalar $input->param('san'),
84 transport => scalar $input->param('transport'),
85 quotes_enabled => defined $input->param('quotes_enabled'),
86 invoices_enabled => defined $input->param('invoices_enabled'),
87 orders_enabled => defined $input->param('orders_enabled'),
88 responses_enabled => defined $input->param('responses_enabled'),
89 auto_orders => defined $input->param('auto_orders'),
90 id_code_qualifier => scalar $input->param('id_code_qualifier'),
91 plugin => scalar $input->param('plugin'),
94 if ($id) {
95 $schema->resultset('VendorEdiAccount')->search(
97 id => $id,
99 )->update_all($fields);
101 else { # new record
102 $schema->resultset('VendorEdiAccount')->create($fields);
105 elsif ( $op eq 'delete_confirmed' ) {
107 $schema->resultset('VendorEdiAccount')
108 ->search( { id => scalar $input->param('id'), } )->delete_all;
111 # we do a default dispaly after deletes and saves
112 # as well as when thats all you want
113 $template->param( display => 1 );
114 my @ediaccounts = $schema->resultset('VendorEdiAccount')->search(
117 join => 'vendor',
120 $template->param( ediaccounts => \@ediaccounts );
123 $template->param(
124 code_qualifiers => [
126 code => '14',
127 description => 'EAN International',
130 code => '31B',
131 description => 'US SAN Agency',
134 code => '91',
135 description => 'Assigned by supplier',
138 code => '92',
139 description => 'Assigned by buyer',
144 output_html_with_http_headers( $input, $cookie, $template->output );
146 sub get_account {
147 my $id = shift;
149 my $account = $schema->resultset('VendorEdiAccount')->find($id);
150 if ($account) {
151 return $account;
154 # passing undef will default to add
155 return;
158 sub show_account {
159 my $acct_id = $input->param('id');
160 if ($acct_id) {
161 my $acct = $schema->resultset('VendorEdiAccount')->find($acct_id);
162 if ($acct) {
163 $template->param( account => $acct );
166 return;