koha-cvs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Koha-cvs] CVS: koha/admin itemtypes.pl,1.5,1.6

From: Paul POULAIN
Subject: [Koha-cvs] CVS: koha/admin itemtypes.pl,1.5,1.6
Date: Mon, 02 Dec 2002 07:55:21 -0800 
Update of /cvsroot/koha/koha/admin
In directory sc8-pr-cvs1:/tmp/cvs-serv15938/admin

Modified Files:
        itemtypes.pl 
Log Message:
bugfix for bug N°135.

Note : yes, checks are performed only on client side.
I agree this is not very secure, but it's a rarely  modified value and koha 2.0 
will need :
* IE5+ or Mozilla/Netscape 6+
* javascript enabled.

Maybe the best solution would be to include in *.inc files a test for 
javascript activated and refuse acces if it's not.

Index: itemtypes.pl
===================================================================
RCS file: /cvsroot/koha/koha/admin/itemtypes.pl,v
retrieving revision 1.5
retrieving revision 1.6
diff -C2 -r1.5 -r1.6
*** itemtypes.pl        5 Oct 2002 10:02:49 -0000       1.5
--- itemtypes.pl        2 Dec 2002 15:55:19 -0000       1.6
***************
*** 74,84 ****
  print $input->header;
  
- #start the page and read in includes
- print startpage();
- print startmenu('admin');
  
  ################## ADD_FORM ##################################
  # called by default. Used to create form to add or  modify a record
  if ($op eq 'add_form') {
        #---- if primkey exists, it's a modify action, so read values to 
modify...
        my $data;
--- 74,84 ----
  print $input->header;
  
  
  ################## ADD_FORM ##################################
  # called by default. Used to create form to add or  modify a record
  if ($op eq 'add_form') {
+       #start the page and read in includes
+       print startpage();
+       print startmenu('admin');
        #---- if primkey exists, it's a modify action, so read values to 
modify...
        my $data;
***************
*** 134,142 ****
                        _alertString += "- description missing\\n";
                }
!               if (!isNum(f.loanlength,0)) {
                        _alertString += "- loan length is not a number\\n";
                }
!               if (!isNum(f.rentalcharge,0)) {
!                       _alertString += "- loan length is not a number\\n";
                }
                if (_alertString.length==0) {
--- 134,142 ----
                        _alertString += "- description missing\\n";
                }
!               if ((!isNum(f.loanlength,0)) && f.loanlength.value.length > 0) {
                        _alertString += "- loan length is not a number\\n";
                }
!               if ((!isNum(f.rentalcharge,0)) && f.rentalcharge.value.length > 
0) {
!                       _alertString += "- rental charge is not a number\\n";
                }
                if (_alertString.length==0) {
***************
*** 197,208 ****
        $sth->execute;
        $sth->finish;
!       print "data recorded";
!       print "<form action='$script_name' method=post>";
!       print "<input type=submit value=OK>";
!       print "</form>";
                                                                                
                        # END $OP eq ADD_VALIDATE
  ################## DELETE_CONFIRM ##################################
  # called by default form, used to confirm deletion of data in DB
  } elsif ($op eq 'delete_confirm') {
        my $dbh = C4::Context->dbh;
        my $sth=$dbh->prepare("select count(*) as total from categoryitem where 
itemtype='$itemtype'");
--- 197,209 ----
        $sth->execute;
        $sth->finish;
!       print "Content-Type: text/html\n\n<META HTTP-EQUIV=Refresh CONTENT=\"0; 
URL=itemtypes.pl\"></html>";
!       exit;
                                                                                
                        # END $OP eq ADD_VALIDATE
  ################## DELETE_CONFIRM ##################################
  # called by default form, used to confirm deletion of data in DB
  } elsif ($op eq 'delete_confirm') {
+       #start the page and read in includes
+       print startpage();
+       print startmenu('admin');
        my $dbh = C4::Context->dbh;
        my $sth=$dbh->prepare("select count(*) as total from categoryitem where 
itemtype='$itemtype'");
***************
*** 233,236 ****
--- 234,240 ----
  # called by delete_confirm, used to effectively confirm deletion of data in DB
  } elsif ($op eq 'delete_confirmed') {
+       #start the page and read in includes
+       print startpage();
+       print startmenu('admin');
        my $dbh = C4::Context->dbh;
        my $itemtype=uc($input->param('itemtype'));
***************
*** 246,257 ****
  ################## DEFAULT ##################################
  } else { # DEFAULT
        my @inputs=(["text","description",$searchfield],
                ["reset","reset","clr"]);
        print mkheadr(2,'Item types admin');
        print mkformnotable("$script_name",@inputs);
-       print <<printend
- 
- printend
-       ;
        if  ($searchfield ne '') {
                print "You Searched for <b>$searchfield<b><p>";
--- 250,260 ----
  ################## DEFAULT ##################################
  } else { # DEFAULT
+       #start the page and read in includes
+       print startpage();
+       print startmenu('admin');
        my @inputs=(["text","description",$searchfield],
                ["reset","reset","clr"]);
        print mkheadr(2,'Item types admin');
        print mkformnotable("$script_name",@inputs);
        if  ($searchfield ne '') {
                print "You Searched for <b>$searchfield<b><p>";
reply via email to
[Prev in Thread] Current Thread [Next in Thread]