Bug 20666: Correct executable permissions
[koha.git] / opac / opac-review.pl
blobb4a26beb9327c28ca51bb5fe0a1e74d1d19451c1
1 #!/usr/bin/perl
3 # Copyright 2006 Katipo Communications
5 # This file is part of Koha.
7 # Koha is free software; you can redistribute it and/or modify it
8 # under the terms of the GNU General Public License as published by
9 # the Free Software Foundation; either version 3 of the License, or
10 # (at your option) any later version.
12 # Koha is distributed in the hope that it will be useful, but
13 # WITHOUT ANY WARRANTY; without even the implied warranty of
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 # GNU General Public License for more details.
17 # You should have received a copy of the GNU General Public License
18 # along with Koha; if not, see <http://www.gnu.org/licenses>.
20 use Modern::Perl;
21 use CGI qw ( -utf8 );
22 use C4::Auth;
23 use C4::Koha;
24 use C4::Output;
25 use C4::Biblio;
26 use C4::Scrubber;
27 use C4::Debug;
29 use Koha::Biblios;
30 use Koha::DateUtils;
31 use Koha::Review;
32 use Koha::Reviews;
34 my $query = new CGI;
35 my $biblionumber = $query->param('biblionumber');
36 my $review = $query->param('review');
37 my $reviewid = $query->param('reviewid');
38 my ( $template, $borrowernumber, $cookie ) = get_template_and_user(
40 template_name => "opac-review.tt",
41 query => $query,
42 type => "opac",
43 authnotrequired => ( C4::Context->preference("OpacPublic") ? 1 : 0 ),
47 # FIXME: need to allow user to delete their own comment(s)
49 my ( $clean, @errors, $savedreview );
50 my $biblio = Koha::Biblios->find( $biblionumber );
52 if( !$biblio ) {
53 push @errors, { nobiblio => 1 };
54 } elsif( $reviewid ) { # edit existing one, check on creator
55 $savedreview = Koha::Reviews->search({ reviewid => $reviewid, borrowernumber => $borrowernumber })->next;
56 push @errors, { unauthorized => 1 } if !$savedreview;
57 } else { # this check prevents adding multiple comments
58 # FIXME biblionumber, borrowernumber should be a unique key of reviews
59 $savedreview = Koha::Reviews->search({ biblionumber => $biblionumber, borrowernumber => $borrowernumber })->next;
60 $review = $savedreview? $savedreview->review: $review;
63 if( !@errors && defined $review ) {
64 if ($review !~ /\S/) {
65 push @errors, {empty=>1};
66 } else {
67 $clean = C4::Scrubber->new('comment')->scrub($review);
68 if ($clean !~ /\S/) {
69 push @errors, {scrubbed_all=>1};
70 } else {
71 if ($clean ne $review) {
72 push @errors, {scrubbed=>$clean};
74 my $js_ok_review = $clean;
75 $js_ok_review =~ s/"/&quot;/g; # probably redundant w/ TMPL ESCAPE=JS
76 $template->param(clean_review=>$js_ok_review);
77 if ($savedreview) {
78 $savedreview->set(
80 review => $clean,
81 approved => 0,
82 datereviewed => dt_from_string
84 )->store;
85 } else {
86 $reviewid = Koha::Review->new(
87 { biblionumber => $biblionumber,
88 borrowernumber => $borrowernumber,
89 review => $clean,
90 datereviewed => dt_from_string
92 )->store->reviewid;
94 unless (@errors){ $template->param(WINDOW_CLOSE=>1); }
98 (@errors ) and $template->param( ERRORS=>\@errors);
99 ($cgi_debug) and $template->param(cgi_debug=>1 );
100 $review = $clean;
101 $review ||= $savedreview->review if $savedreview;
102 $template->param(
103 'biblionumber' => $biblionumber,
104 'borrowernumber' => $borrowernumber,
105 'review' => $review,
106 'reviewid' => $reviewid || 0,
107 'title' => $biblio->title,
110 output_html_with_http_headers $query, $cookie, $template->output;