MT1644 : Added HTML Escape on ocoins to prevent unintentional tag ending
[koha.git] / suggestion / suggestion.pl
blob8f69148ba42ab30cbf546c197fb2e5aa7dd872ed
1 #!/usr/bin/perl
3 # This file is part of Koha.
5 # Koha is free software; you can redistribute it and/or modify it under the
6 # terms of the GNU General Public License as published by the Free Software
7 # Foundation; either version 2 of the License, or (at your option) any later
8 # version.
10 # Koha is distributed in the hope that it will be useful, but WITHOUT ANY
11 # WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
12 # A PARTICULAR PURPOSE. See the GNU General Public License for more details.
14 # You should have received a copy of the GNU General Public License along with
15 # Koha; if not, write to the Free Software Foundation, Inc., 59 Temple Place,
16 # Suite 330, Boston, MA 02111-1307 USA
18 use strict;
19 require Exporter;
20 use CGI;
21 use C4::Auth; # get_template_and_user
22 use C4::Output;
23 use C4::Suggestions;
24 use C4::Koha; #GetItemTypes
25 use C4::Branch;
26 use C4::Budgets;
27 use C4::Search;
28 use C4::Dates qw(format_date);
29 use C4::Members;
30 use C4::Debug;
32 sub Init{
33 my $suggestion= shift @_;
34 foreach my $date qw(suggesteddate manageddate){
35 $suggestion->{$date}=(($suggestion->{$date} eq "0000-00-00" ||$suggestion->{$date} eq "")?
36 $suggestion->{$date}=C4::Dates->today:
37 format_date($suggestion->{$date})
40 foreach my $date qw(rejecteddate accepteddate){
41 $suggestion->{$date}=(($suggestion->{$date} eq "0000-00-00" ||$suggestion->{$date} eq "")?
42 "":
43 format_date($suggestion->{$date})
46 $suggestion->{'managedby'}=C4::Context->userenv->{"number"} unless ($suggestion->{'managedby'});
47 $suggestion->{'createdby'}=C4::Context->userenv->{"number"} unless ($suggestion->{'createdby'});
48 $suggestion->{'branchcode'}=C4::Context->userenv->{"branch"} unless ($suggestion->{'branchcode'});
51 sub GetCriteriumDesc{
52 my ($criteriumvalue,$displayby)=@_;
53 return ($criteriumvalue eq 'ASKED'?"pending":lc $criteriumvalue) if ($displayby =~/status/i);
54 return (GetBranchName($criteriumvalue)) if ($displayby =~/branchcode/);
55 return (GetSupportName($criteriumvalue)) if ($displayby =~/itemtype/);
56 if ($displayby =~/managedby/||$displayby =~/acceptedby/){
57 my $borr=C4::Members::GetMember(borrowernumber=>$criteriumvalue);
58 return "" unless $borr;
59 # warn '$borr : ',Data::Dumper::Dumper($borr);
60 return $$borr{firstname}.", ".$$borr{surname};
64 my $input = CGI->new;
65 my $suggestedbyme = (defined $input->param('suggestedbyme')? $input->param('suggestedbyme'):1);
66 my $op = $input->param('op')||'else';
67 my @editsuggestions = $input->param('edit_field');
68 my $branchfilter = $input->param('branchcode');
69 my $suggestedby = $input->param('suggestedby');
70 my $managedby = $input->param('managedby');
71 my $displayby = $input->param('displayby');
72 my $tabcode = $input->param('tabcode');
74 # filter informations which are not suggestion related.
75 my $suggestion_ref = $input->Vars;
76 delete $$suggestion_ref{$_} foreach qw( suggestedbyme op displayby tabcode edit_field );
77 foreach (keys %$suggestion_ref){
78 delete $$suggestion_ref{$_} if (!$$suggestion_ref{$_} && ($op eq 'else' || $op eq 'change'));
80 my ( $template, $borrowernumber, $cookie ) = get_template_and_user(
82 template_name => "suggestion/suggestion.tmpl",
83 query => $input,
84 type => "intranet",
85 flagsrequired => { catalogue => 1 },
89 #########################################
90 ## Operations
92 if ($op =~/save/i){
93 if ($$suggestion_ref{'suggestionid'}>0){
94 &ModSuggestion($suggestion_ref);
96 else {
97 ###FIXME:Search here if suggestion already exists.
98 my $suggestions_loop =
99 SearchSuggestion( $suggestion_ref );
100 if (@$suggestions_loop>=1){
101 #some suggestion are answering the request Donot Add
103 else {
104 ## Adding some informations related to suggestion
105 &NewSuggestion($suggestion_ref);
107 # empty fields, to avoid filter in "SearchSuggestion"
109 map{delete $$suggestion_ref{$_}} keys %$suggestion_ref;
110 $op = 'else';
112 elsif ($op=~/add/) {
113 #Adds suggestion
114 Init($suggestion_ref);
115 $op ='save';
117 elsif ($op=~/edit/) {
118 #Edit suggestion
119 $suggestion_ref=&GetSuggestion($$suggestion_ref{'suggestionid'});
120 Init($suggestion_ref);
121 $op ='save';
123 elsif ($op eq "change" ) {
124 if ($$suggestion_ref{"STATUS"}){
125 if (my $tmpstatus=lc($$suggestion_ref{"STATUS"}) =~/ACCEPTED|REJECTED/i){
126 $$suggestion_ref{"$tmpstatus"."date"}=C4::Dates->today;
127 $$suggestion_ref{"$tmpstatus"."by"}=C4::Context->userenv->{number};
129 $$suggestion_ref{"manageddate"}=C4::Dates->today;
130 $$suggestion_ref{"managedby"}=C4::Context->userenv->{number};
132 if ( my $reason = $$suggestion_ref{"reason$tabcode"}){
133 if ( $reason eq "other" ) {
134 $reason = $$suggestion_ref{"other_reason$tabcode"};
136 $$suggestion_ref{'reason'}=$reason;
138 delete $$suggestion_ref{$_} foreach ("reason$tabcode", "other_reason$tabcode");
139 foreach (keys %$suggestion_ref){
140 delete $$suggestion_ref{$_} unless ($$suggestion_ref{$_});
142 foreach my $suggestionid (@editsuggestions) {
143 next unless $suggestionid;
144 $$suggestion_ref{'suggestionid'}=$suggestionid;
145 &ModSuggestion($suggestion_ref);
147 $op = 'else';
148 }elsif ($op eq "delete" ) {
149 foreach my $delete_field (@editsuggestions) {
150 &DelSuggestion( $borrowernumber, $delete_field,'intranet' );
152 $op = 'else';
154 if ($op=~/else/) {
155 $op='else';
157 $displayby||="STATUS";
158 my $criteria_list=GetDistinctValues("suggestions.".$displayby);
159 my @allsuggestions;
160 foreach my $criteriumvalue (map{$$_{'value'}} @$criteria_list){
161 my $definedvalue = defined $$suggestion_ref{$displayby} && $$suggestion_ref{$displayby} ne "";
163 next if ($definedvalue && $$suggestion_ref{$displayby} ne $criteriumvalue);
164 $$suggestion_ref{$displayby}=$criteriumvalue;
165 warn $$suggestion_ref{$displayby}."=$criteriumvalue; $displayby";
167 my $suggestions = &SearchSuggestion($suggestion_ref);
168 foreach (@$suggestions){
169 foreach my $date qw(suggesteddate manageddate accepteddate){
170 if ($_->{$date} ne "0000-00-00" && $_->{$date} ne "" ){
171 $_->{$date}=format_date($_->{$date}) ;
172 } else {
173 $_->{$date}="" ;
177 push @allsuggestions,{
178 "suggestiontype"=>$criteriumvalue||"suggest",
179 "suggestiontypelabel"=>GetCriteriumDesc($criteriumvalue,$displayby)||"",
180 "suggestionscount"=>scalar(@$suggestions),
181 'suggestions_loop'=>$suggestions,
184 delete $$suggestion_ref{$displayby} unless $definedvalue;
186 my $reasonsloop = GetAuthorisedValues("SUGGEST");
187 $template->param(
188 "displayby"=> $displayby,
189 "notabs"=> $displayby eq "",
190 suggestions => \@allsuggestions,
191 reasonsloop => $reasonsloop,
195 foreach my $element qw(managedby suggestedby){
196 $debug || warn $$suggestion_ref{$element};
197 if ($$suggestion_ref{$element}){
198 my $member=GetMember(borrowernumber=>$$suggestion_ref{$element});
199 my $presentation_string=$$member{firstname}." ".$$member{surname}." ".GetBranchName($$member{branchcode})." ".$$member{description}." ".$$member{category_type};
200 $debug || warn $presentation_string;
201 $template->param($element."information"=>$presentation_string);
204 $template->param(
205 %$suggestion_ref,
206 "op_$op" => 1,
207 dateformat => C4::Context->preference("dateformat"),
208 "op" =>$op,
212 ####################
213 ## Initializing selection lists
215 #branch display management
216 my $onlymine=C4::Context->preference('IndependantBranches') &&
217 C4::Context->userenv &&
218 C4::Context->userenv->{flags}!=1 &&
219 C4::Context->userenv->{branch};
220 my $branches = GetBranches($onlymine);
221 my @branchloop;
223 foreach my $thisbranch ( sort {$branches->{$a}->{'branchname'} cmp $branches->{$b}->{'branchname'}} keys %$branches ) {
224 my %row = (
225 value => $thisbranch,
226 branchname => $branches->{$thisbranch}->{'branchname'},
227 selected => ($branches->{$thisbranch}->{'branchcode'} eq $branchfilter)
228 ||($branches->{$thisbranch}->{'branchcode'} eq $$suggestion_ref{'branchcode'})
230 push @branchloop, \%row;
232 $branchfilter=C4::Context->userenv->{'branch'} if ($onlymine && !$branchfilter);
234 $template->param( branchloop => \@branchloop,
235 branchfilter => $branchfilter);
237 # the index parameter is different for item-level itemtypes
238 my $supportlist=GetSupportList();
239 foreach my $support(@$supportlist){
240 $$support{'selected'}= $$support{'code'} eq $$suggestion_ref{'itemtype'};
241 if ($$support{'imageurl'}){
242 $$support{'imageurl'}= getitemtypeimagelocation( 'intranet', $$support{'imageurl'} );
244 else {
245 delete $$support{'imageurl'}
248 $template->param(itemtypeloop=>$supportlist);
250 #Budgets management
251 my $searchbudgets={ budget_branchcode=>$branchfilter} if $branchfilter;
252 my $budgets = GetBudgets($searchbudgets);
254 foreach (@$budgets){
255 $_->{'selected'}=1 if ($$suggestion_ref{'budget_id'} && $_{'budget_id'} eq $$suggestion_ref{'budget_id'})
258 $template->param( budgetsloop => $budgets);
260 my %hashlists;
261 foreach my $field qw(managedby acceptedby suggestedby STATUS){
262 my $values_list;
263 $values_list=GetDistinctValues("suggestions.".$field) ;
264 my @codes_list = map{
265 { 'code'=>$$_{'value'},
266 'desc'=>GetCriteriumDesc($$_{'value'},$field),
267 'selected'=> $$_{'value'} eq $$suggestion_ref{$field}
269 } @$values_list;
270 $hashlists{lc($field)."_loop"}=\@codes_list;
272 $template->param(%hashlists);
274 output_html_with_http_headers $input, $cookie, $template->output;