search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Bug 24786: Add validation to point of sale
[koha.git] / opac / svc / checkout_notes
blob8913ab70d77278c211289a94fa3bf94e756ee839
1 #!/usr/bin/perl
2
3 # This file is part of Koha.
4 #
5 # Copyright 2016 Aleisha Amohia <aleisha@catalyst.net.nz>
6 #
7 # Koha is free software; you can redistribute it and/or modify it
8 # under the terms of the GNU General Public License as published by
9 # the Free Software Foundation; either version 3 of the License, or
10 # (at your option) any later version.
11 #
12 # Koha is distributed in the hope that it will be useful, but
13 # WITHOUT ANY WARRANTY; without even the implied warranty of
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 # GNU General Public License for more details.
16 #
17 # You should have received a copy of the GNU General Public License
18 # along with Koha; if not, see <http://www.gnu.org/licenses>.
19
20 use Modern::Perl;
21
22 use JSON qw( encode_json );
23 use C4::Service;
24 use C4::Auth qw /check_cookie_auth/;
25 use C4::Letters;
26 use CGI;
27 use C4::Output qw(:DEFAULT :ajax);
28 use C4::Scrubber;
29 use C4::Circulation;
30 use C4::Biblio;
31 use Koha::Checkouts;
32 use Koha::DateUtils;
33 use Koha::Patrons;
34
35 =head1 NAME
36
37 svc/checkout_notes - Web service for setting patron notes on items
38
39 =head1 DESCRIPTION
40
41 =cut
42
43 # AJAX requests
44 my $is_ajax = is_ajax();
45 my $query = CGI->new;
46 my ( $auth_status, $sessionID ) = check_cookie_auth( $query->cookie('CGISESSID'), {} );
47 if ( $auth_status ne "ok" ) {
48 exit 0;
49 }
50 if ($is_ajax) {
51 my $action = $query->param('action');
52
53 # Issue Note
54 if ( $action eq 'issuenote' && C4::Context->preference('AllowCheckoutNotes') ) {
55 my $scrubber = C4::Scrubber->new();
56 my $note = $query->param('note');
57 my $issue_id = $query->param('issue_id');
58 my $clean_note = $scrubber->scrub($note);
59 my $status = "saved";
60 my ($patron, $issue);
61
62 my ( $template, $borrowernumber, $cookie ) = C4::Auth::get_template_and_user({
63 template_name => "opac-user.tt",
64 query => $query,
65 type => "opac",
66 authnotrequired => 1,
67 });
68
69 # verify issue_id
70 if ( $issue_id =~ /\d+/ ) {
71 $patron = Koha::Patrons->find( $borrowernumber );
72 $issue = Koha::Checkouts->find($issue_id);
73 if ( $issue->borrowernumber != $borrowernumber ) {
74 $status = "fail";
75 }
76 }
77
78 if ( $issue ) {
79 $issue->set({ notedate => dt_from_string(), note => $clean_note, noteseen => 0 })->store;
80 if($clean_note) { # only send email if note not empty
81 my $branch = Koha::Libraries->find( $issue->branchcode );
82 my $biblionumber = $issue->item->biblionumber;
83 my $letter = C4::Letters::GetPreparedLetter (
84 module => 'circulation',
85 letter_code => 'CHECKOUT_NOTE',
86 branchcode => $branch,
87 tables => {
88 'biblio' => $biblionumber,
89 'borrowers' => $borrowernumber,
90 'issues' => $issue->itemnumber,
91 },
92 );
93
94 my $to_address = $branch->inbound_email_address;
95 my $reply_address = $patron->email || $patron->emailpro || $patron->B_email;
96
97 C4::Letters::EnqueueLetter({
98 letter => $letter,
99 message_transport_type => 'email',
100 borrowernumber => $patron->borrowernumber,
101 to_address => $to_address,
102 reply_address => $reply_address,
103 });
104 } else { # note empty, i.e removed
105 $status = "removed";
106 }
107 } else {
108 $status = "fail";
109 }
110
111 my $json = encode_json ( { status => $status, note => $clean_note, issue_id => $issue_id } );
112 output_with_http_headers($query, undef, $json, 'json');
113 exit;
114 } # END Issue Note
115 }
Koha ILS