[Koha-patches] [PATCH] bug 2613: allow web self-check to accept patron ID

Galen Charlton galen.charlton at liblime.com
Sat Dec 6 00:17:27 CET 2008 

Use 'patronid' instead of 'userid' as the query parameter
for passing the patron userid or barcode around; 'userid'
is claimed by C4::Auth and should be used only for
authentication pages.

Fixes the problem where entering a patron's card
number would cause a redirect to the OPAC login
page.
---
 koha-tmpl/opac-tmpl/prog/en/css/sco.css            |    4 +-
 .../opac-tmpl/prog/en/modules/sco/sco-main.tmpl    |   21 +++++++++----------
 opac/sco/sco-main.pl                               |   22 ++++++++++----------
 3 files changed, 23 insertions(+), 24 deletions(-)

diff --git a/koha-tmpl/opac-tmpl/prog/en/css/sco.css b/koha-tmpl/opac-tmpl/prog/en/css/sco.css
index eb1c019..e31db23 100644
--- a/koha-tmpl/opac-tmpl/prog/en/css/sco.css
+++ b/koha-tmpl/opac-tmpl/prog/en/css/sco.css
@@ -180,7 +180,7 @@ em {
 	margin-top : 1em;
 }
 #barcode,
-#userid {
+#patronid {
 	font-size : 125%;
 	padding-bottom : 3px;
 }
@@ -212,4 +212,4 @@ div.button a:active {
 }
 div.button a:active {
 	border : 1px inset #666;
-}
\ No newline at end of file
+}
diff --git a/koha-tmpl/opac-tmpl/prog/en/modules/sco/sco-main.tmpl b/koha-tmpl/opac-tmpl/prog/en/modules/sco/sco-main.tmpl
index f362df9..2b085fa 100644
--- a/koha-tmpl/opac-tmpl/prog/en/modules/sco/sco-main.tmpl
+++ b/koha-tmpl/opac-tmpl/prog/en/modules/sco/sco-main.tmpl
@@ -28,7 +28,7 @@
 <p><em>Error type:</em> <!-- TMPL_VAR NAME="impossible" --></p>
 <form action="/cgi-bin/koha/sco/sco-main.pl" name="errorForm" method="post">
 <input type="hidden" name="op" value="login" />
-<input type="hidden" name="userid" value="<!-- TMPL_VAR NAME="userid" -->" />
+<input type="hidden" name="patronid" value="<!-- TMPL_VAR NAME="patronid" -->" />
 <!-- TMPL_IF NAME="returnitem" -->
 <input type="hidden" name="barcode" value="<!-- TMPL_VAR NAME="barcode" -->" />
 <input type="button" name="returnbook" value="Return this item" class="return" onclick="this.form.op.value='returnbook';this.form.submit();"  />
@@ -42,7 +42,7 @@
 
 <form action="/cgi-bin/koha/sco/sco-main.pl" name="confirmForm" method="post">
 <input type="hidden" id="op" name="op" value="checkout" />
-<input type="hidden" name="userid" value="<!-- TMPL_VAR NAME="userid" -->" />
+<input type="hidden" name="patronid" value="<!-- TMPL_VAR NAME="patronid" -->" />
 <input type="hidden" name="barcode" value="<!-- TMPL_VAR NAME="barcode" -->" />
 <input type="hidden" id="confirmation"  name="confirmed" value=""  />
 <!-- TMPL_IF NAME="renew" -->
@@ -73,13 +73,13 @@ Sorry, This Self-Checkout Station has lost authentication.  Please contact the a
 		<a href="/cgi-bin/koha/sco/help.pl">HELP</a> with the self checkout system
 	</div>
 
-	<!-- TMPL_IF NAME="userid" -->
+	<!-- TMPL_IF NAME="patronid" -->
 	<!-- TMPL_IF NAME="validuser" -->
 	<h3 class="warning">You are logged in as <!-- TMPL_VAR NAME="borrowername" -->.</h3>
 	<!-- /TMPL_IF -->
 	</div>
 	<!-- TMPL_IF NAME="nouser" -->
-	<div class="error"><h4>Sorry</h4><p>The userid <!-- TMPL_VAR NAME="userid" --> was not found in the database.  Please try again.</p></div>
+	<div class="error"><h4>Sorry</h4><p>The userid <!-- TMPL_VAR NAME="patronid" --> was not found in the database.  Please try again.</p></div>
 	<br />
 	<!-- /TMPL_IF -->
 	<!-- /TMPL_IF -->
@@ -90,9 +90,8 @@ Sorry, This Self-Checkout Station has lost authentication.  Please contact the a
 	<!-- TMPL_UNLESS NAME="validuser" -->
 	<div class="sco_entry" >
 	<form id="mainform" action="/cgi-bin/koha/sco/sco-main.pl" name="mainform" method="post">
-      <input type="hidden" name="koha_login_context" value="sco" />
-	<fieldset class="checkout"><label for="userid">Please enter your card number:</label> 
-	<input type="text" id="userid" class="unfocus" size="20" name="userid" />
+	<fieldset class="checkout"><label for="patronid">Please enter your card number:</label> 
+	<input type="text" id="patronid" class="unfocus" size="20" name="patronid" />
  	<!-- TMPL_LOOP NAME="INPUTS" --><input type="hidden" name="<!-- TMPL_VAR NAME="name" -->" value="<!-- TMPL_VAR NAME="value" -->"><!-- /TMPL_LOOP -->
 	<input type="hidden" name="op" value="login" />
  	<input	type="submit" value="Submit" class="submit" /></fieldset></form>
@@ -100,13 +99,13 @@ Sorry, This Self-Checkout Station has lost authentication.  Please contact the a
 	<!-- /TMPL_UNLESS -->
 	<!-- TMPL_IF NAME="validuser" -->
 	<div id="newcheckout" class="sco_entry">
-	<form id="mainform" name="scan_form" method="post" action="/cgi-bin/koha/sco/sco-main.pl" onsubmit=" if(this.valid_session == 0) { if(confirm('Session has expired.  Click \'OK\' to continue processing this item.  Click Cancel if you are not <!-- TMPL_VAR NAME="userid" -->.')){ this.op.value='logout'; this.userid.value=''; } return true;}; " >
+	<form id="mainform" name="scan_form" method="post" action="/cgi-bin/koha/sco/sco-main.pl" onsubmit=" if(this.valid_session == 0) { if(confirm('Session has expired.  Click \'OK\' to continue processing this item.  Click Cancel if you are not <!-- TMPL_VAR NAME="patronid" -->.')){ this.op.value='logout'; this.patronid.value=''; } return true;}; " >
 	<fieldset><legend> Check out or return an item: </legend>
 	<label for="barcode">Scan a new item or enter its barcode:</label>
 	<input id="barcode" name="barcode" size="20" class="unfocus" onfocus="this.className='focus';" onblur="this.className='unfocus';" />
 	<input type="hidden" name="op" value="checkout" />
-	<input type="hidden" name="userid" value="<!-- TMPL_VAR name="userid" -->" />
-	<input type="hidden" name="valid_session" value="1">
+	<input type="hidden" name="patronid" value="<!-- TMPL_VAR name="patronid" -->" />
+	<input type="hidden" name="valid_session" value="1" />
 	<input type="submit" value="Submit" class="submit" /></fieldset>
 	</form>
 	<p class="alert"><form method="post" action="/cgi-bin/koha/sco/sco-main.pl?op=logout" >Scan next item, or <input type="submit" value="Click here if done." class="finish" /></form></p>
@@ -143,4 +142,4 @@ Sorry, This Self-Checkout Station has lost authentication.  Please contact the a
 
 	</div>
 </div>
-<!-- TMPL_INCLUDE NAME="opac-bottom.inc" -->
\ No newline at end of file
+<!-- TMPL_INCLUDE NAME="opac-bottom.inc" -->
diff --git a/opac/sco/sco-main.pl b/opac/sco/sco-main.pl
index 12e1a3e..2c2f2f4 100755
--- a/opac/sco/sco-main.pl
+++ b/opac/sco/sco-main.pl
@@ -2,7 +2,7 @@
 # This code has been modified by Trendsetters (originally from opac-user.pl)
 # This code has been modified by rch
 # We're going to authenticate a self-check user.  we'll add a flag to borrowers 'selfcheck'
-# We're in a controlled environment; we trust the user. so the selfcheck station will accept a userid and 
+# We're in a controlled environment; we trust the user. so the selfcheck station will accept a patronid and 
 # issue items to that borrower.
 #
 use strict;
@@ -34,8 +34,8 @@ my ($template, $loggedinuser, $cookie)
 my $dbh = C4::Context->dbh;
 
 my $issuerid = $loggedinuser;
-my ($op, $userid, $barcode, $confirmed, $timedout )= ($query->param("op"), 
-					 $query->param("userid"), 
+my ($op, $patronid, $barcode, $confirmed, $timedout )= ($query->param("op"), 
+					 $query->param("patronid"), 
 					$query->param("barcode"),
 					$query->param( "confirmed"),
 					$query->param( "timedout"), #not actually using this...
@@ -47,7 +47,7 @@ my $cnt = 0;
 my ($issuer) = GetMemberDetails($issuerid);
 my $item = GetItem(undef,$barcode);
 my $borrower;
-($borrower) = GetMemberDetails(undef,$userid);
+($borrower) = GetMemberDetails(undef,$patronid);
 
 my $branch = $issuer->{branchcode};
 my $confirm_required = 0;
@@ -55,12 +55,12 @@ my $return_only = 0;
 #warn "issuer cardnum: " . $issuer->{cardnumber};
 #warn "cardnumber= ".$borrower->{cardnumber};
 if ($op eq "logout") {
-        $query->param( userid => undef );
+        $query->param( patronid => undef );
 }
   if ($op eq "returnbook") {
       my ($doreturn ) = AddReturn($barcode, $branch);
      #warn "returnbook: " . $doreturn;
-    ($borrower) = GetMemberDetails(undef, $userid);
+    ($borrower) = GetMemberDetails(undef, $patronid);
   }
   
   if ($op eq "checkout" ) {
@@ -109,9 +109,9 @@ if ($op eq "logout") {
 	 if ( $confirmed || $issuenoconfirm ) {  # we'll want to call getpatroninfo again to get updated issues.
       	    #warn "issuing book?";
             AddIssue($borrower,$barcode);
-	#    ($borrower, $flags) = getpatroninformation(undef,undef, $userid);
+	#    ($borrower, $flags) = getpatroninformation(undef,undef, $patronid);
 		
-       #    $template->param( userid => $userid,
+       #    $template->param( patronid => $patronid,
 #			validuser => 1,
 #			);
          } else {
@@ -142,7 +142,7 @@ if ($borrower->{cardnumber}) {
    			borrowername => $borrowername,
 			issues_count => $cnt, 
 			ISSUES => \@issues,,
-			userid => $userid ,
+			patronid => $patronid ,
 			noitemlinks => 1 ,
 		);
    $cnt = 0;
@@ -161,8 +161,8 @@ $template->param( inputfocus => $inputfocus,
 
 } else {
 
- $template->param( userid => $userid,  nouser => $userid,
- 			inputfocus => 'userid', );
+ $template->param( patronid => $patronid,  nouser => $patronid,
+ 			inputfocus => 'patronid', );
 }
 
 output_html_with_http_headers $query, $cookie, $template->output;
-- 
1.5.5.GIT

More information about the Koha-patches mailing list