Bug 7618 Escape HTML special characters for SQL displayed above results in Report...
[koha.git] / acqui / neworderbiblio.pl
blob5824f6b5aa989203c119b26841e4022f37a5fbeb
1 #!/usr/bin/perl
3 #origninally script to provide intranet (librarian) advanced search facility
4 #now script to do searching for acquisitions
6 # Copyright 2000-2002 Katipo Communications
7 # Copyright 2008-2009 BibLibre SARL
9 # This file is part of Koha.
11 # Koha is free software; you can redistribute it and/or modify it under the
12 # terms of the GNU General Public License as published by the Free Software
13 # Foundation; either version 2 of the License, or (at your option) any later
14 # version.
16 # Koha is distributed in the hope that it will be useful, but WITHOUT ANY
17 # WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
18 # A PARTICULAR PURPOSE. See the GNU General Public License for more details.
20 # You should have received a copy of the GNU General Public License along
21 # with Koha; if not, write to the Free Software Foundation, Inc.,
22 # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
24 =head1 NAME
26 neworderbiblio.pl
28 =head1 DESCRIPTION
30 this script allows to perform a new order from an existing record.
32 =head1 CGI PARAMETERS
34 =over 4
36 =item search
37 the title the librarian has typed to search an existing record.
39 =item q
40 the keyword the librarian has typed to search an existing record.
42 =item author
43 the author of the new record.
45 =item num
46 the number of result per page to display
48 =item booksellerid
49 the id of the bookseller this script has to add an order.
51 =item basketno
52 the basket number to know on which basket this script have to add a new order.
54 =back
56 =cut
58 use strict;
59 #use warnings; FIXME - Bug 2505
61 use C4::Search;
62 use CGI;
63 use C4::Bookseller qw/ GetBookSellerFromId /;
64 use C4::Biblio;
65 use C4::Auth;
66 use C4::Output;
67 use C4::Koha;
68 use C4::Members qw/ GetMember /;
69 use C4::Budgets qw/ GetBudgetHierarchy /;
71 my $input = new CGI;
73 #getting all CGI params into a hash.
74 my $params = $input->Vars;
76 my $page = $params->{'page'} || 1;
77 my $query = $params->{'q'};
78 my $results_per_page = $params->{'num'} || 20;
79 my $booksellerid = $params->{'booksellerid'};
80 my $basketno = $params->{'basketno'};
81 my $sub = $params->{'sub'};
82 my $bookseller = GetBookSellerFromId($booksellerid);
84 # getting the template
85 my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
87 template_name => "acqui/neworderbiblio.tmpl",
88 query => $input,
89 type => "intranet",
90 authnotrequired => 0,
91 flagsrequired => { acquisition => 'order_manage' },
95 # Searching the catalog.
96 my @operands = $query;
97 my ( @operators, @indexes, @sort_by, @limits ) = ();
98 my ( $builterror, $builtquery, $simple_query, $query_cgi, $query_desc, $limit, $limit_cgi, $limit_desc, $stopwords_removed, $query_type ) =
99 buildQuery( \@operators, \@operands, \@indexes, @limits, \@sort_by, undef, undef );
101 # find results
102 my ( $error, $marcresults, $total_hits ) = SimpleSearch( $builtquery, $results_per_page * ( $page - 1 ), $results_per_page );
104 if (defined $error) {
105 $template->param(
106 query_error => $error,
107 basketno => $basketno,
108 booksellerid => $bookseller->{'id'},
109 name => $bookseller->{'name'},
111 output_html_with_http_headers $input, $cookie, $template->output;
112 exit;
115 my @results;
117 foreach my $result ( @{$marcresults} ) {
118 my $marcrecord = MARC::File::USMARC::decode( $result );
119 my $biblio = TransformMarcToKoha( C4::Context->dbh, $marcrecord, '' );
121 $biblio->{booksellerid} = $booksellerid;
122 push @results, $biblio;
126 my $borrower= GetMember('borrowernumber' => $loggedinuser);
127 my $budgets = GetBudgetHierarchy(q{},$borrower->{branchcode},$borrower->{borrowernumber});
128 my $has_budgets = 0;
129 foreach my $r (@{$budgets}) {
130 if (!defined $r->{budget_amount} || $r->{budget_amount} == 0) {
131 next;
133 $has_budgets = 1;
134 last;
137 $template->param(
138 has_budgets => $has_budgets,
139 basketno => $basketno,
140 booksellerid => $bookseller->{'id'},
141 name => $bookseller->{'name'},
142 resultsloop => \@results,
143 total => $total_hits,
144 query => $query,
145 pagination_bar => pagination_bar( "$ENV{'SCRIPT_NAME'}?q=$query&booksellerid=$booksellerid&basketno=$basketno&", getnbpages( $total_hits, $results_per_page ), $page, 'page' ),
148 # BUILD THE TEMPLATE
149 output_html_with_http_headers $input, $cookie, $template->output;