Bug 7618 Escape HTML special characters for SQL displayed above results in Report...
[koha.git] / acqui / z3950_search.pl
blob80503e0d82dbd9afa34c5d76bf69f6c17ddbaeab
1 #!/usr/bin/perl
3 # This is a completely new Z3950 clients search using async ZOOM -TG 02/11/06
4 # Copyright 2000-2002 Katipo Communications
5 # Copyright 2010 Catalyst IT
7 # This file is part of Koha.
9 # Koha is free software; you can redistribute it and/or modify it under the
10 # terms of the GNU General Public License as published by the Free Software
11 # Foundation; either version 2 of the License, or (at your option) any later
12 # version.
14 # Koha is distributed in the hope that it will be useful, but WITHOUT ANY
15 # WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
16 # A PARTICULAR PURPOSE. See the GNU General Public License for more details.
18 # You should have received a copy of the GNU General Public License along
19 # with Koha; if not, write to the Free Software Foundation, Inc.,
20 # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
22 use warnings;
23 use strict;
24 use CGI;
26 use C4::Auth;
27 use C4::Output;
28 use C4::Biblio;
29 use C4::Context;
30 use C4::Breeding;
31 use C4::Koha;
32 use C4::Charset;
33 use C4::Bookseller qw/ GetBookSellerFromId /;
34 use ZOOM;
36 my $input = new CGI;
37 my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
39 template_name => "acqui/z3950_search.tmpl",
40 query => $input,
41 type => "intranet",
42 authnotrequired => 1,
43 flagsrequired => { acquisition => 'order_manage' },
44 debug => 1,
49 my $dbh = C4::Context->dbh;
50 my $error = $input->param('error');
51 my $biblionumber = $input->param('biblionumber');
52 $biblionumber = 0 unless $biblionumber;
53 my $frameworkcode = $input->param('frameworkcode');
54 my $title = $input->param('title');
55 my $author = $input->param('author');
56 my $isbn = $input->param('isbn');
57 my $issn = $input->param('issn');
58 my $lccn = $input->param('lccn');
59 my $lccall = $input->param('lccall');
60 my $subject= $input->param('subject');
61 my $dewey = $input->param('dewey');
62 my $controlnumber = $input->param('controlnumber');
63 my $op = $input->param('op');
64 my $booksellerid = $input->param('booksellerid');
65 my $basketno = $input->param('basketno');
66 my $noconnection;
67 my $numberpending;
68 my $attr = '';
69 my $term;
70 my $host;
71 my $server;
72 my $database;
73 my $port;
74 my $marcdata;
75 my @encoding;
76 my @results;
77 my $count;
78 my $toggle;
79 my $record;
80 my $oldbiblio;
81 my $errmsg;
82 my @serverhost;
83 my @servername;
84 my @breeding_loop = ();
85 my $random = $input->param('random');
86 unless ($random)
87 { # this var is not useful anymore just kept to keep rel2_2 compatibility
88 $random = rand(1000000000);
91 my $DEBUG = 0; # if set to 1, many debug message are send on syslog.
93 # get framework list
94 my $frameworks = getframeworks;
95 my @frameworkcodeloop;
96 foreach my $thisframeworkcode ( keys %$frameworks ) {
97 my %row = (
98 value => $thisframeworkcode,
99 frameworktext => $frameworks->{$thisframeworkcode}->{'frameworktext'},
101 if ( $row{'value'} eq $frameworkcode){
102 $row{'active'} = 'true';
104 push @frameworkcodeloop, \%row;
107 my $vendor = GetBookSellerFromId($booksellerid);
108 $template->param( frameworkcode => $frameworkcode,
109 frameworkcodeloop => \@frameworkcodeloop,
110 booksellerid => $booksellerid,
111 basketno => $basketno,
112 name => $vendor->{'name'}
117 if ( $op ne "do_search" ) {
118 my $sth = $dbh->prepare("select id,host,name,checked from z3950servers order by host");
119 $sth->execute();
120 my $serverloop = $sth->fetchall_arrayref( {} );
121 $template->param(
122 isbn => $isbn,
123 issn => $issn,
124 lccn => $lccn,
125 lccall => $lccall,
126 title => $title,
127 author => $author,
128 controlnumber=> $controlnumber,
129 serverloop => $serverloop,
130 opsearch => "search",
131 biblionumber => $biblionumber,
133 output_html_with_http_headers $input, $cookie, $template->output;
135 else {
136 my @id = $input->param('id');
138 if ( not defined @id ) {
139 # empty server list -> report and exit
140 $template->param( emptyserverlist => 1 );
141 output_html_with_http_headers $input, $cookie, $template->output;
142 exit;
145 my @oConnection;
146 my @oResult;
147 my @errconn;
148 my $s = 0;
149 my $query;
150 my $nterms;
151 if ($isbn || $issn) {
152 $term=$isbn if ($isbn);
153 $term=$issn if ($issn);
154 $query .= " \@or \@attr 1=8 \"$term\" \@attr 1=7 \"$term\" ";
155 $nterms++;
157 if ($title) {
158 utf8::decode($title);
159 $query .= " \@attr 1=4 \"$title\" ";
160 $nterms++;
162 if ($author) {
163 utf8::decode($author);
164 $query .= " \@attr 1=1003 \"$author\" ";
165 $nterms++;
167 if ($dewey) {
168 $query .= " \@attr 1=16 \"$dewey\" ";
169 $nterms++;
171 if ($subject) {
172 utf8::decode($subject);
173 $query .= " \@attr 1=21 \"$subject\" ";
174 $nterms++;
176 if ($lccn) {
177 $query .= " \@attr 1=9 $lccn ";
178 $nterms++;
180 if ($lccall) {
181 $query .= " \@attr 1=16 \@attr 2=3 \@attr 3=1 \@attr 4=1 \@attr 5=1 \@attr 6=1 \"$lccall\" ";
182 $nterms++;
184 if ($controlnumber) {
185 $query .= " \@attr 1=12 \"$controlnumber\" ";
186 $nterms++;
188 for my $i (1..$nterms-1) {
189 $query = "\@and " . $query;
191 warn "query ".$query if $DEBUG;
193 foreach my $servid (@id) {
194 my $sth = $dbh->prepare("select * from z3950servers where id=?");
195 $sth->execute($servid);
196 while ( $server = $sth->fetchrow_hashref ) {
197 warn "serverinfo ".join(':',%$server) if $DEBUG;
198 my $option1 = new ZOOM::Options();
199 $option1->option( 'async' => 1 );
200 $option1->option( 'elementSetName', 'F' );
201 $option1->option( 'databaseName', $server->{db} );
202 $option1->option( 'user', $server->{userid} ) if $server->{userid};
203 $option1->option( 'password', $server->{password} )
204 if $server->{password};
205 $option1->option( 'preferredRecordSyntax', $server->{syntax} );
206 $oConnection[$s] = create ZOOM::Connection($option1)
207 || $DEBUG
208 && warn( "" . $oConnection[$s]->errmsg() );
209 warn( "server data", $server->{name}, $server->{port} ) if $DEBUG;
210 $oConnection[$s]->connect( $server->{host}, $server->{port} )
211 || $DEBUG
212 && warn( "" . $oConnection[$s]->errmsg() );
213 $serverhost[$s] = $server->{host};
214 $servername[$s] = $server->{name};
215 $encoding[$s] = ($server->{encoding}?$server->{encoding}:"iso-5426");
216 $s++;
217 } ## while fetch
218 } # foreach
219 my $nremaining = $s;
220 my $firstresult = 1;
222 for ( my $z = 0 ; $z < $s ; $z++ ) {
223 warn "doing the search" if $DEBUG;
224 $oResult[$z] = $oConnection[$z]->search_pqf($query)
225 || $DEBUG
226 && warn( "somthing went wrong: " . $oConnection[$s]->errmsg() );
228 # $oResult[$z] = $oConnection[$z]->search_pqf($query);
231 sub displayresults {
232 my $k;
233 my $event;
234 while ( ( $k = ZOOM::event( \@oConnection ) ) != 0 ) {
235 $event = $oConnection[ $k - 1 ]->last_event();
236 warn( "connection ", $k - 1, ": event $event (",
237 ZOOM::event_str($event), ")\n" )
238 if $DEBUG;
239 last if $event == ZOOM::Event::ZEND;
242 if ( $k != 0 ) {
243 $k--;
244 warn $serverhost[$k] if $DEBUG;
245 my ( $error, $errmsg, $addinfo, $diagset ) =
246 $oConnection[$k]->error_x();
247 if ($error) {
248 if ($error =~ m/^(10000|10007)$/ ) {
249 push(@errconn, {'server' => $serverhost[$k]});
251 $DEBUG and warn "$k $serverhost[$k] error $query: $errmsg ($error) $addinfo\n";
253 else {
254 my $numresults = $oResult[$k]->size();
255 my $i;
256 my $result = '';
257 if ( $numresults > 0 ) {
258 for (
259 $i = 0 ;
260 $i < ( ( $numresults < 20 ) ? ($numresults) : (20) ) ;
261 $i++
264 my $rec = $oResult[$k]->record($i);
265 if ($rec) {
266 my $marcrecord;
267 $marcdata = $rec->raw();
269 my ($charset_result, $charset_errors);
270 ($marcrecord, $charset_result, $charset_errors) =
271 MarcToUTF8Record($marcdata, C4::Context->preference('marcflavour'), $encoding[$k]);
272 ####WARNING records coming from Z3950 clients are in various character sets MARC8,UTF8,UNIMARC etc
273 ## In HEAD i change everything to UTF-8
274 # In rel2_2 i am not sure what encoding is so no character conversion is done here
275 ##Add necessary encoding changes to here -TG
276 my $oldbiblio = TransformMarcToKoha( $dbh, $marcrecord, "" );
277 $oldbiblio->{isbn} =~ s/ |-|\.//g if $oldbiblio->{isbn};
278 # pad | and ( with spaces to allow line breaks in the HTML
279 $oldbiblio->{isbn} =~ s/\|/ \| /g if $oldbiblio->{isbn};
280 $oldbiblio->{isbn} =~ s/\(/ \(/g if $oldbiblio->{isbn};
282 $oldbiblio->{issn} =~ s/ |-|\.//g if $oldbiblio->{issn};
283 # pad | and ( with spaces to allow line breaks in the HTML
284 $oldbiblio->{issn} =~ s/\|/ \| /g if $oldbiblio->{issn};
285 $oldbiblio->{issn} =~ s/\(/ \(/g if $oldbiblio->{issn};
286 my (
287 $notmarcrecord, $alreadyindb, $alreadyinfarm,
288 $imported, $breedingid
290 = ImportBreeding( $marcdata, 2, $serverhost[$k], $encoding[$k], $random, 'z3950' );
291 my %row_data;
292 $row_data{server} = $servername[$k];
293 $row_data{isbn} = $oldbiblio->{isbn};
294 $row_data{lccn} = $oldbiblio->{lccn};
295 $row_data{title} = $oldbiblio->{title};
296 $row_data{author} = $oldbiblio->{author};
297 $row_data{breedingid} = $breedingid;
298 $row_data{biblionumber} = $biblionumber;
299 push( @breeding_loop, \%row_data );
301 } else {
302 push(@breeding_loop,{'server'=>$servername[$k],'title'=>join(': ',$oConnection[$k]->error_x()),'breedingid'=>-1,'biblionumber'=>-1});
303 } # $rec
304 } # upto 5 results
305 } #$numresults
307 } # if $k !=0
308 $numberpending = $nremaining - 1;
309 $template->param(
310 breeding_loop => \@breeding_loop,
311 server => $servername[$k],
312 numberpending => $numberpending,
313 errconn => \@errconn
315 output_html_with_http_headers $input, $cookie, $template->output if $numberpending == 0;
317 # print $template->output if $firstresult !=1;
318 $firstresult++;
320 displayresults();
321 while ( --$nremaining > 0 ) {
322 displayresults();
324 } ## if op=search