Bug 18275: Do not rely on CGI param userid to log a user in if auth is not required
[koha.git] / tools / overduerules.pl
blob1478c3a96e0ca7adef641297d8c756ad52743b6a
1 #!/usr/bin/perl
3 # Copyright 2000-2002 Katipo Communications
5 # This file is part of Koha.
7 # Koha is free software; you can redistribute it and/or modify it
8 # under the terms of the GNU General Public License as published by
9 # the Free Software Foundation; either version 3 of the License, or
10 # (at your option) any later version.
12 # Koha is distributed in the hope that it will be useful, but
13 # WITHOUT ANY WARRANTY; without even the implied warranty of
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 # GNU General Public License for more details.
17 # You should have received a copy of the GNU General Public License
18 # along with Koha; if not, see <http://www.gnu.org/licenses>.
20 use strict;
21 use warnings;
22 use CGI qw ( -utf8 );
23 use C4::Context;
24 use C4::Output;
25 use C4::Auth;
26 use C4::Koha;
27 use C4::Branch;
28 use C4::Letters;
29 use C4::Members;
30 use C4::Overdues;
31 use Koha::Libraries;
33 our $input = new CGI;
34 my $dbh = C4::Context->dbh;
36 my @categories = @{$dbh->selectall_arrayref(
37 'SELECT description, categorycode FROM categories WHERE overduenoticerequired > 0',
38 { Slice => {} }
39 )};
40 my @category_codes = map { $_->{categorycode} } @categories;
41 our @rule_params = qw(delay letter debarred);
43 # blank_row($category_code) - return true if the entire row is blank.
44 sub blank_row {
45 my ($category_code) = @_;
46 for my $rp (@rule_params) {
47 for my $n (1 .. 3) {
48 my $key = "${rp}${n}-$category_code";
50 if (utf8::is_utf8($key)) {
51 utf8::encode($key);
54 my $value = $input->param($key);
55 if ($value) {
56 return 0;
60 return 1;
63 my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
65 template_name => "tools/overduerules.tt",
66 query => $input,
67 type => "intranet",
68 authnotrequired => 0,
69 flagsrequired => { tools => 'edit_notice_status_triggers' },
70 debug => 1,
74 my $type = $input->param('type');
76 my $branch = $input->param('branch');
77 $branch =
78 defined $branch ? $branch
79 : C4::Context->preference('DefaultToLoggedInLibraryOverdueTriggers') ? C4::Branch::mybranch()
80 : Koha::Libraries->search->count() == 1 ? undef
81 : undef;
82 $branch ||= q{};
83 $branch = q{} if $branch eq 'NO_LIBRARY_SET';
85 my $op = $input->param('op');
86 $op ||= q{};
88 my $err=0;
90 # save the values entered into tables
91 my %temphash;
92 my $input_saved = 0;
93 if ($op eq 'save') {
94 my @names=$input->multi_param();
95 my $sth_search = $dbh->prepare("SELECT count(*) AS total FROM overduerules WHERE branchcode=? AND categorycode=?");
97 my $sth_insert = $dbh->prepare("INSERT INTO overduerules (branchcode,categorycode, delay1,letter1,debarred1, delay2,letter2,debarred2, delay3,letter3,debarred3) VALUES (?,?,?,?,?,?,?,?,?,?,?)");
98 my $sth_update=$dbh->prepare("UPDATE overduerules SET delay1=?, letter1=?, debarred1=?, delay2=?, letter2=?, debarred2=?, delay3=?, letter3=?, debarred3=? WHERE branchcode=? AND categorycode=?");
99 my $sth_delete=$dbh->prepare("DELETE FROM overduerules WHERE branchcode=? AND categorycode=?");
100 my $sth_insert_mtt = $dbh->prepare("
101 INSERT INTO overduerules_transport_types(
102 overduerules_id, letternumber, message_transport_type
103 ) VALUES (
104 (SELECT overduerules_id FROM overduerules WHERE branchcode = ? AND categorycode = ?), ?, ?
107 my $sth_delete_mtt = $dbh->prepare("
108 DELETE FROM overduerules_transport_types
109 WHERE overduerules_id = (SELECT overduerules_id FROM overduerules WHERE branchcode = ? AND categorycode = ?)
112 foreach my $key (@names){
113 # ISSUES
114 if ($key =~ /(delay|letter|debarred)([1-3])-(.*)/) {
115 my $type = $1; # data type
116 my $num = $2; # From 1 to 3
117 my $bor = $3; # borrower category
118 my $value = $input->param($key);
119 if ($type eq 'delay') {
120 $temphash{$bor}->{"$type$num"} = ($value =~ /^\d+$/ && int($value) > 0) ? int($value) : '';
121 } else {
122 # type is letter
123 $temphash{$bor}->{"$type$num"} = $value if $value ne '';
128 # figure out which rows need to be deleted
129 my @rows_to_delete = grep { blank_row($_) } @category_codes;
131 foreach my $bor (keys %temphash){
132 # get category name if we need it for an error message
133 my $bor_category = GetBorrowercategory($bor);
134 my $bor_category_name = defined($bor_category) ? $bor_category->{description} : $bor;
136 # Do some Checking here : delay1 < delay2 <delay3 all of them being numbers
137 # Raise error if not true
138 if ($temphash{$bor}->{delay1}=~/[^0-9]/ and $temphash{$bor}->{delay1} ne ""){
139 $template->param("ERROR"=>1,"ERRORDELAY"=>"delay1","BORERR"=>$bor_category_name);
140 $err=1;
141 } elsif ($temphash{$bor}->{delay2}=~/[^0-9]/ and $temphash{$bor}->{delay2} ne ""){
142 $template->param("ERROR"=>1,"ERRORDELAY"=>"delay2","BORERR"=>$bor_category_name);
143 $err=1;
144 } elsif ($temphash{$bor}->{delay3}=~/[^0-9]/ and $temphash{$bor}->{delay3} ne ""){
145 $template->param("ERROR"=>1,"ERRORDELAY"=>"delay3","BORERR"=>$bor_category_name);
146 $err=1;
147 } elsif ($temphash{$bor}->{delay1} and not ($temphash{$bor}->{"letter1"} or $temphash{$bor}->{"debarred1"})) {
148 $template->param("ERROR"=>1,"ERRORUSELESSDELAY"=>"delay1","BORERR"=>$bor_category_name);
149 $err=1;
150 } elsif ($temphash{$bor}->{delay2} and not ($temphash{$bor}->{"letter2"} or $temphash{$bor}->{"debarred2"})) {
151 $template->param("ERROR"=>1,"ERRORUSELESSDELAY"=>"delay2","BORERR"=>$bor_category_name);
152 $err=1;
153 } elsif ($temphash{$bor}->{delay3} and not ($temphash{$bor}->{"letter3"} or $temphash{$bor}->{"debarred3"})) {
154 $template->param("ERROR"=>1,"ERRORUSELESSDELAY"=>"delay3","BORERR"=>$bor_category_name);
155 $err=1;
156 }elsif ($temphash{$bor}->{delay3} and
157 ($temphash{$bor}->{delay3}<=$temphash{$bor}->{delay2} or $temphash{$bor}->{delay3}<=$temphash{$bor}->{delay1})
158 or $temphash{$bor}->{delay2} and ($temphash{$bor}->{delay2}<=$temphash{$bor}->{delay1})){
159 $template->param("ERROR"=>1,"ERRORORDER"=>1,"BORERR"=>$bor_category_name);
160 $err=1;
162 unless ($err){
163 if (($temphash{$bor}->{delay1} and ($temphash{$bor}->{"letter1"} or $temphash{$bor}->{"debarred1"}))
164 or ($temphash{$bor}->{delay2} and ($temphash{$bor}->{"letter2"} or $temphash{$bor}->{"debarred2"}))
165 or ($temphash{$bor}->{delay3} and ($temphash{$bor}->{"letter3"} or $temphash{$bor}->{"debarred3"}))) {
166 $sth_search->execute($branch,$bor);
167 my $res = $sth_search->fetchrow_hashref();
168 if ($res->{'total'}>0) {
169 $sth_update->execute(
170 ($temphash{$bor}->{"delay1"}?$temphash{$bor}->{"delay1"}:undef),
171 ($temphash{$bor}->{"letter1"}?$temphash{$bor}->{"letter1"}:""),
172 ($temphash{$bor}->{"debarred1"}?$temphash{$bor}->{"debarred1"}:0),
173 ($temphash{$bor}->{"delay2"}?$temphash{$bor}->{"delay2"}:undef),
174 ($temphash{$bor}->{"letter2"}?$temphash{$bor}->{"letter2"}:""),
175 ($temphash{$bor}->{"debarred2"}?$temphash{$bor}->{"debarred2"}:0),
176 ($temphash{$bor}->{"delay3"}?$temphash{$bor}->{"delay3"}:undef),
177 ($temphash{$bor}->{"letter3"}?$temphash{$bor}->{"letter3"}:""),
178 ($temphash{$bor}->{"debarred3"}?$temphash{$bor}->{"debarred3"}:0),
179 $branch ,$bor
181 } else {
182 $sth_insert->execute($branch,$bor,
183 ($temphash{$bor}->{"delay1"}?$temphash{$bor}->{"delay1"}:0),
184 ($temphash{$bor}->{"letter1"}?$temphash{$bor}->{"letter1"}:""),
185 ($temphash{$bor}->{"debarred1"}?$temphash{$bor}->{"debarred1"}:0),
186 ($temphash{$bor}->{"delay2"}?$temphash{$bor}->{"delay2"}:0),
187 ($temphash{$bor}->{"letter2"}?$temphash{$bor}->{"letter2"}:""),
188 ($temphash{$bor}->{"debarred2"}?$temphash{$bor}->{"debarred2"}:0),
189 ($temphash{$bor}->{"delay3"}?$temphash{$bor}->{"delay3"}:0),
190 ($temphash{$bor}->{"letter3"}?$temphash{$bor}->{"letter3"}:""),
191 ($temphash{$bor}->{"debarred3"}?$temphash{$bor}->{"debarred3"}:0)
195 $sth_delete_mtt->execute( $branch, $bor );
196 for my $letternumber ( 1..3 ) {
197 my @mtt = $input->multi_param( "mtt${letternumber}-$bor" );
198 next unless @mtt;
199 for my $mtt ( @mtt ) {
200 $sth_insert_mtt->execute( $branch, $bor, $letternumber, $mtt);
206 unless ($err) {
207 for my $category_code (@rows_to_delete) {
208 $sth_delete->execute($branch, $category_code);
210 $template->param(datasaved => 1);
211 $input_saved = 1;
214 my $branchloop = GetBranchesLoop($branch);
216 my $letters = C4::Letters::GetLettersAvailableForALibrary(
218 branchcode => $branch,
219 module => "circulation",
223 my @line_loop;
225 my $message_transport_types = C4::Letters::GetMessageTransportTypes();
226 my ( @first, @second, @third );
227 for my $data (@categories) {
228 if (%temphash and not $input_saved){
229 # if we managed to save the form submission, don't
230 # reuse %temphash, but take the values from the
231 # database - this makes it easier to identify
232 # bugs where the form submission was not correctly saved
233 for my $i ( 1..3 ){
234 my %row = (
235 overduename => $data->{'categorycode'},
236 line => $data->{'description'}
238 $row{delay}=$temphash{$data->{'categorycode'}}->{"delay$i"};
239 $row{debarred}=$temphash{$data->{'categorycode'}}->{"debarred$i"};
240 $row{selected_lettercode} = $temphash{ $data->{categorycode} }->{"letter$i"};
241 my @selected_mtts = @{ GetOverdueMessageTransportTypes( $branch, $data->{'categorycode'}, $i) };
242 my @mtts;
243 for my $mtt ( @$message_transport_types ) {
244 push @mtts, {
245 value => $mtt,
246 selected => ( grep {/$mtt/} @selected_mtts ) ? 1 : 0 ,
249 $row{message_transport_types} = \@mtts;
250 if ( $i == 1 ) {
251 push @first, \%row;
252 } elsif ( $i == 2 ) {
253 push @second, \%row;
254 } else {
255 push @third, \%row;
258 } else {
259 #getting values from table
260 my $sth2=$dbh->prepare("SELECT * from overduerules WHERE branchcode=? AND categorycode=?");
261 $sth2->execute($branch,$data->{'categorycode'});
262 my $dat=$sth2->fetchrow_hashref;
263 for my $i ( 1..3 ){
264 my %row = (
265 overduename => $data->{'categorycode'},
266 line => $data->{'description'}
269 $row{selected_lettercode} = $dat->{"letter$i"};
271 if ($dat->{"delay$i"}){$row{delay}=$dat->{"delay$i"};}
272 if ($dat->{"debarred$i"}){$row{debarred}=$dat->{"debarred$i"};}
273 my @selected_mtts = @{ GetOverdueMessageTransportTypes( $branch, $data->{'categorycode'}, $i) };
274 my @mtts;
275 for my $mtt ( @$message_transport_types ) {
276 push @mtts, {
277 value => $mtt,
278 selected => ( grep {/$mtt/} @selected_mtts ) ? 1 : 0 ,
281 $row{message_transport_types} = \@mtts;
282 if ( $i == 1 ) {
283 push @first, \%row;
284 } elsif ( $i == 2 ) {
285 push @second, \%row;
286 } else {
287 push @third, \%row;
294 my @tabs = (
296 id => 'first',
297 number => 1,
298 values => \@first,
301 id => 'second',
302 number => 2,
303 values => \@second,
306 id => 'third',
307 number => 3,
308 values => \@third,
312 $template->param(
313 table => ( @first or @second or @third ? 1 : 0 ),
314 branchloop => $branchloop,
315 branch => $branch,
316 tabs => \@tabs,
317 message_transport_types => $message_transport_types,
318 letters => $letters,
320 output_html_with_http_headers $input, $cookie, $template->output;