[Koha-cvs] CVS: koha/admin itemtypes.pl,1.5,1.6
Paul POULAIN
tipaul at users.sourceforge.net
Mon Dec 2 16:55:21 CET 2002
Update of /cvsroot/koha/koha/admin
In directory sc8-pr-cvs1:/tmp/cvs-serv15938/admin
Modified Files:
itemtypes.pl
Log Message:
bugfix for bug N°135.
Note : yes, checks are performed only on client side.
I agree this is not very secure, but it's a rarely modified value and koha 2.0 will need :
* IE5+ or Mozilla/Netscape 6+
* javascript enabled.
Maybe the best solution would be to include in *.inc files a test for javascript activated and refuse acces if it's not.
Index: itemtypes.pl
===================================================================
RCS file: /cvsroot/koha/koha/admin/itemtypes.pl,v
retrieving revision 1.5
retrieving revision 1.6
diff -C2 -r1.5 -r1.6
*** itemtypes.pl 5 Oct 2002 10:02:49 -0000 1.5
--- itemtypes.pl 2 Dec 2002 15:55:19 -0000 1.6
***************
*** 74,84 ****
print $input->header;
- #start the page and read in includes
- print startpage();
- print startmenu('admin');
################## ADD_FORM ##################################
# called by default. Used to create form to add or modify a record
if ($op eq 'add_form') {
#---- if primkey exists, it's a modify action, so read values to modify...
my $data;
--- 74,84 ----
print $input->header;
################## ADD_FORM ##################################
# called by default. Used to create form to add or modify a record
if ($op eq 'add_form') {
+ #start the page and read in includes
+ print startpage();
+ print startmenu('admin');
#---- if primkey exists, it's a modify action, so read values to modify...
my $data;
***************
*** 134,142 ****
_alertString += "- description missing\\n";
}
! if (!isNum(f.loanlength,0)) {
_alertString += "- loan length is not a number\\n";
}
! if (!isNum(f.rentalcharge,0)) {
! _alertString += "- loan length is not a number\\n";
}
if (_alertString.length==0) {
--- 134,142 ----
_alertString += "- description missing\\n";
}
! if ((!isNum(f.loanlength,0)) && f.loanlength.value.length > 0) {
_alertString += "- loan length is not a number\\n";
}
! if ((!isNum(f.rentalcharge,0)) && f.rentalcharge.value.length > 0) {
! _alertString += "- rental charge is not a number\\n";
}
if (_alertString.length==0) {
***************
*** 197,208 ****
$sth->execute;
$sth->finish;
! print "data recorded";
! print "<form action='$script_name' method=post>";
! print "<input type=submit value=OK>";
! print "</form>";
# END $OP eq ADD_VALIDATE
################## DELETE_CONFIRM ##################################
# called by default form, used to confirm deletion of data in DB
} elsif ($op eq 'delete_confirm') {
my $dbh = C4::Context->dbh;
my $sth=$dbh->prepare("select count(*) as total from categoryitem where itemtype='$itemtype'");
--- 197,209 ----
$sth->execute;
$sth->finish;
! print "Content-Type: text/html\n\n<META HTTP-EQUIV=Refresh CONTENT=\"0; URL=itemtypes.pl\"></html>";
! exit;
# END $OP eq ADD_VALIDATE
################## DELETE_CONFIRM ##################################
# called by default form, used to confirm deletion of data in DB
} elsif ($op eq 'delete_confirm') {
+ #start the page and read in includes
+ print startpage();
+ print startmenu('admin');
my $dbh = C4::Context->dbh;
my $sth=$dbh->prepare("select count(*) as total from categoryitem where itemtype='$itemtype'");
***************
*** 233,236 ****
--- 234,240 ----
# called by delete_confirm, used to effectively confirm deletion of data in DB
} elsif ($op eq 'delete_confirmed') {
+ #start the page and read in includes
+ print startpage();
+ print startmenu('admin');
my $dbh = C4::Context->dbh;
my $itemtype=uc($input->param('itemtype'));
***************
*** 246,257 ****
################## DEFAULT ##################################
} else { # DEFAULT
my @inputs=(["text","description",$searchfield],
["reset","reset","clr"]);
print mkheadr(2,'Item types admin');
print mkformnotable("$script_name", at inputs);
- print <<printend
-
- printend
- ;
if ($searchfield ne '') {
print "You Searched for <b>$searchfield<b><p>";
--- 250,260 ----
################## DEFAULT ##################################
} else { # DEFAULT
+ #start the page and read in includes
+ print startpage();
+ print startmenu('admin');
my @inputs=(["text","description",$searchfield],
["reset","reset","clr"]);
print mkheadr(2,'Item types admin');
print mkformnotable("$script_name", at inputs);
if ($searchfield ne '') {
print "You Searched for <b>$searchfield<b><p>";
More information about the Koha-cvs
mailing list