[Koha-patches] [PATCH] [bug #2843] allow simple and double quote search in auth_finder.pl
Nahuel Angelinetti
nahuel.angelinetti at biblibre.com
Thu Dec 4 15:59:27 CET 2008
This patch use quotemeta to escape meta characters like quotes, before the request to ZOOM.
And use the ESCAPE=HTML(from HTML::Template::Pro) to convert this chars in an HTML showable value.
For the "return" part, we use ESCAPE=JS to escape chars inside of javascript code.
---
C4/AuthoritiesMarc.pm | 3 ++-
.../prog/en/includes/auth-finder-search.inc | 6 +++---
.../authorities/blinddetail-biblio-search.tmpl | 2 +-
.../modules/authorities/searchresultlist-auth.tmpl | 12 ++++++------
4 files changed, 12 insertions(+), 11 deletions(-)
diff --git a/C4/AuthoritiesMarc.pm b/C4/AuthoritiesMarc.pm
index 67f3c5c..5c7b45e 100644
--- a/C4/AuthoritiesMarc.pm
+++ b/C4/AuthoritiesMarc.pm
@@ -221,6 +221,7 @@ sub SearchAuthorities {
for(my $i = 0 ; $i <= $#{$value} ; $i++)
{
if (@$value[$i]){
+ my $val = quotemeta(@$value[$i]);
##If mainentry search $a tag
if (@$tags[$i] eq "mainmainentry") {
$attr =" \@attr 1=Heading ";
@@ -239,7 +240,7 @@ sub SearchAuthorities {
$attr .=" \@attr 5=1 \@attr 4=6 ";## Word list, right truncated, anywhere
}
$and .=" \@and " ;
- $attr =$attr."\"".@$value[$i]."\"";
+ $attr =$attr."\"".$val."\"";
$q2 .=$attr;
$dosearch=1;
}#if value
diff --git a/koha-tmpl/intranet-tmpl/prog/en/includes/auth-finder-search.inc b/koha-tmpl/intranet-tmpl/prog/en/includes/auth-finder-search.inc
index 65d6d16..c6a7708 100644
--- a/koha-tmpl/intranet-tmpl/prog/en/includes/auth-finder-search.inc
+++ b/koha-tmpl/intranet-tmpl/prog/en/includes/auth-finder-search.inc
@@ -18,7 +18,7 @@
<option value="start">starts with</option>
<option value="is">is exactly</option>
</select>
- <input type="text" name="value" value="<!-- TMPL_VAR name="mainmainstring" -->" />
+ <input type="text" name="value" value="<!-- TMPL_VAR ESCAPE=HTML name="mainmainstring" -->" />
</li>
<li>
<label for="mainentry">Main entry</label>
@@ -30,7 +30,7 @@
<option value="start">starts with</option>
<option value="is">is exactly</option>
</select>
- <input type="text" name="value" value="<!-- TMPL_VAR name="mainstring" -->" />
+ <input type="text" name="value" value="<!-- TMPL_VAR ESCAPE=HTML name="mainstring" -->" />
</li>
<li>
<label for="marclist">Anywhere</label>
@@ -42,7 +42,7 @@
<option value="start">starts with</option>
<option value="is">is exactly</option>
</select>
- <input type="text" name="value" value="<!-- TMPL_VAR name="anystring" -->" />
+ <input type="text" name="value" value="<!-- TMPL_VAR ESCAPE=HTML name="anystring" -->" />
</li>
<li>
<label for="orderby">Sort by </label>
diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/authorities/blinddetail-biblio-search.tmpl b/koha-tmpl/intranet-tmpl/prog/en/modules/authorities/blinddetail-biblio-search.tmpl
index 2fc9524..b4db239 100644
--- a/koha-tmpl/intranet-tmpl/prog/en/modules/authorities/blinddetail-biblio-search.tmpl
+++ b/koha-tmpl/intranet-tmpl/prog/en/modules/authorities/blinddetail-biblio-search.tmpl
@@ -29,7 +29,7 @@
<!-- TMPL_LOOP NAME="0XX" -->
<!-- TMPL_LOOP NAME="subfield" -->
if (code.value == "<!-- TMPL_VAR NAME="marc_subfield" -->"){
- subfield.value = "<!-- TMPL_VAR NAME="marc_value" -->";
+ subfield.value = "<!-- TMPL_VAR ESCAPE=JS NAME="marc_value" -->";
}
<!-- /TMPL_LOOP -->
<!-- /TMPL_LOOP -->
diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/authorities/searchresultlist-auth.tmpl b/koha-tmpl/intranet-tmpl/prog/en/modules/authorities/searchresultlist-auth.tmpl
index fb12357..53ed58e 100644
--- a/koha-tmpl/intranet-tmpl/prog/en/modules/authorities/searchresultlist-auth.tmpl
+++ b/koha-tmpl/intranet-tmpl/prog/en/modules/authorities/searchresultlist-auth.tmpl
@@ -23,7 +23,7 @@ function jumpfull(page)
<!-- TMPL_INCLUDE NAME="auth-finder-search.inc" -->
<!-- TMPL_IF name="total" --><div id="resultnumber">
<!-- TMPL_IF name="displayprev" -->
- <a href="auth_finder.pl?startfrom=<!-- TMPL_VAR NAME="startfromprev" -->&authtypecode=<!-- TMPL_VAR name="authtypecode" --><!-- TMPL_LOOP name="searchdata"-->&<!-- TMPL_VAR name="term" -->=<!-- TMPL_VAR name="val"--><!-- /TMPL_LOOP -->&op=do_search&type=intranet&index=<!-- TMPL_VAR name="index" -->&tagid=<!-- TMPL_VAR name="tagid" -->&orderby=<!-- TMPL_VAR name="orderby" -->">
+ <a href="auth_finder.pl?startfrom=<!-- TMPL_VAR NAME="startfromprev" -->&authtypecode=<!-- TMPL_VAR name="authtypecode" --><!-- TMPL_LOOP name="searchdata"-->&<!-- TMPL_VAR name="term" -->=<!-- TMPL_VAR ESCAPE=HTML name="val"--><!-- /TMPL_LOOP -->&op=do_search&type=intranet&index=<!-- TMPL_VAR name="index" -->&tagid=<!-- TMPL_VAR name="tagid" -->&orderby=<!-- TMPL_VAR name="orderby" -->">
<<
</a>
<!-- /TMPL_IF -->
@@ -31,12 +31,12 @@ function jumpfull(page)
<!-- TMPL_IF name="highlight" -->
<!-- TMPL_VAR NAME="number" -->
<!-- TMPL_ELSE -->
- <a href="auth_finder.pl?startfrom=<!-- TMPL_VAR NAME="startfrom" -->&authtypecode=<!-- TMPL_VAR name="authtypecode" --><!-- TMPL_LOOP name="searchdata"-->&<!-- TMPL_VAR name="term" -->=<!-- TMPL_VAR name="val"--><!-- /TMPL_LOOP -->&op=do_search&type=intranet&index=<!-- TMPL_VAR name="index" -->&tagid=<!-- TMPL_VAR name="tagid" -->>&orderby=<!-- TMPL_VAR name="orderby" -->">
+ <a href="auth_finder.pl?startfrom=<!-- TMPL_VAR NAME="startfrom" -->&authtypecode=<!-- TMPL_VAR name="authtypecode" --><!-- TMPL_LOOP name="searchdata"-->&<!-- TMPL_VAR name="term" -->=<!-- TMPL_VAR ESCAPE=HTML name="val"--><!-- /TMPL_LOOP -->&op=do_search&type=intranet&index=<!-- TMPL_VAR name="index" -->&tagid=<!-- TMPL_VAR name="tagid" -->>&orderby=<!-- TMPL_VAR name="orderby" -->">
<!-- TMPL_VAR NAME="number" --></a>
<!-- /TMPL_IF -->
<!-- /TMPL_LOOP -->
<!-- TMPL_IF name="displaynext" -->
- <a href="auth_finder.pl?startfrom=<!-- TMPL_VAR NAME="startfromnext" -->&authtypecode=<!-- TMPL_VAR name="authtypecode" --><!-- TMPL_LOOP name="searchdata"-->&<!-- TMPL_VAR name="term" -->=<!-- TMPL_VAR name="val"--><!-- /TMPL_LOOP -->&op=do_search&type=intranet&index=<!-- TMPL_VAR name="index" -->&tagid=<!-- TMPL_VAR name="tagid" -->>&orderby=<!-- TMPL_VAR name="orderby" -->">
+ <a href="auth_finder.pl?startfrom=<!-- TMPL_VAR NAME="startfromnext" -->&authtypecode=<!-- TMPL_VAR name="authtypecode" --><!-- TMPL_LOOP name="searchdata"-->&<!-- TMPL_VAR name="term" -->=<!-- TMPL_VAR ESCAPE=HTML name="val"--><!-- /TMPL_LOOP -->&op=do_search&type=intranet&index=<!-- TMPL_VAR name="index" -->&tagid=<!-- TMPL_VAR name="tagid" -->>&orderby=<!-- TMPL_VAR name="orderby" -->">
>></a>
<!-- /TMPL_IF -->
<div>
@@ -80,7 +80,7 @@ function jumpfull(page)
</div>
<div id="resultnumber">
<!-- TMPL_IF name="displayprev" -->
- <a href="auth_finder.pl?startfrom=<!-- TMPL_VAR NAME="startfromprev" -->&authtypecode=<!-- TMPL_VAR name="authtypecode" --><!-- TMPL_LOOP name="searchdata"-->&<!-- TMPL_VAR name="term" -->=<!-- TMPL_VAR name="val"--><!-- /TMPL_LOOP -->&op=do_search&type=intranetamp;&index=<!-- TMPL_VAR name="index" -->&tagid=<!-- TMPL_VAR name="tagid" -->>&orderby=<!-- TMPL_VAR name="orderby" -->">
+ <a href="auth_finder.pl?startfrom=<!-- TMPL_VAR ESCAPE=HTML NAME="startfromprev" -->&authtypecode=<!-- TMPL_VAR name="authtypecode" --><!-- TMPL_LOOP name="searchdata"-->&<!-- TMPL_VAR name="term" -->=<!-- TMPL_VAR ESCAPE=HTML name="val"--><!-- /TMPL_LOOP -->&op=do_search&type=intranetamp;&index=<!-- TMPL_VAR name="index" -->&tagid=<!-- TMPL_VAR name="tagid" -->>&orderby=<!-- TMPL_VAR name="orderby" -->">
<<
</a>
<!-- /TMPL_IF -->
@@ -88,12 +88,12 @@ function jumpfull(page)
<!-- TMPL_IF name="highlight" -->
<!-- TMPL_VAR NAME="number" -->
<!-- TMPL_ELSE -->
- <a href="auth_finder.pl?startfrom=<!-- TMPL_VAR NAME="startfrom" -->&authtypecode=<!-- TMPL_VAR name="authtypecode" --><!-- TMPL_LOOP name="searchdata"-->&<!-- TMPL_VAR name="term" -->=<!-- TMPL_VAR name="val"--><!-- /TMPL_LOOP -->&op=do_search&type=intranet&index=<!-- TMPL_VAR name="index" -->&tagid=<!-- TMPL_VAR name="tagid" -->>&orderby=<!-- TMPL_VAR name="orderby" -->">
+ <a href="auth_finder.pl?startfrom=<!-- TMPL_VAR ESCAPE=HTML NAME="startfrom" -->&authtypecode=<!-- TMPL_VAR name="authtypecode" --><!-- TMPL_LOOP name="searchdata"-->&<!-- TMPL_VAR name="term" -->=<!-- TMPL_VAR ESCAPE=HTML name="val"--><!-- /TMPL_LOOP -->&op=do_search&type=intranet&index=<!-- TMPL_VAR name="index" -->&tagid=<!-- TMPL_VAR name="tagid" -->>&orderby=<!-- TMPL_VAR name="orderby" -->">
<!-- TMPL_VAR NAME="number" --></a>
<!-- /TMPL_IF -->
<!-- /TMPL_LOOP -->
<!-- TMPL_IF name="displaynext" -->
- <a href="auth_finder.pl?startfrom=<!-- TMPL_VAR NAME="startfromnext" -->&authtypecode=<!-- TMPL_VAR name="authtypecode" --><!-- TMPL_LOOP name="searchdata"-->&<!-- TMPL_VAR name="term" -->=<!-- TMPL_VAR name="val"--><!-- /TMPL_LOOP -->&op=do_search&type=intranet&index=<!-- TMPL_VAR name="index" -->&tagid=<!-- TMPL_VAR name="tagid" -->>&orderby=<!-- TMPL_VAR name="orderby" -->">
+ <a href="auth_finder.pl?startfrom=<!-- TMPL_VAR ESCAPE=HTML NAME="startfromnext" -->&authtypecode=<!-- TMPL_VAR name="authtypecode" --><!-- TMPL_LOOP name="searchdata"-->&<!-- TMPL_VAR name="term" -->=<!-- TMPL_VAR ESCAPE=HTML name="val"--><!-- /TMPL_LOOP -->&op=do_search&type=intranet&index=<!-- TMPL_VAR name="index" -->&tagid=<!-- TMPL_VAR name="tagid" -->>&orderby=<!-- TMPL_VAR name="orderby" -->">
>></a>
<!-- /TMPL_IF -->
</div><!-- /TMPL_IF -->
--
1.5.6.3
More information about the Koha-patches
mailing list