projects / koha_fer / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Adding Opac-SearchHistory feature
[koha_fer] / C4 / Auth.pm
diff --git a/C4/Auth.pm b/C4/Auth.pm
old mode 100755 (executable)
new mode 100644 (file)
index 3556336..d32d4da
--- a/C4/Auth.pm
+++ b/C4/Auth.pm
@@ -1,7 +1,3 @@
-
-# -*- tab-width: 8 -*-
-# NOTE: This file uses 8-character tabs; do not change the tab size!
-
 package C4::Auth;
 
 # Copyright 2000-2002 Katipo Communications
 package C4::Auth;
 
 # Copyright 2000-2002 Katipo Communications
@@ -23,6 +19,8 @@ package C4::Auth;
 
 use strict;
 use Digest::MD5 qw(md5_base64);
 
 use strict;
 use Digest::MD5 qw(md5_base64);
+use Storable qw(thaw freeze);
+use URI::Escape;
 use CGI::Session;
 
 require Exporter;
 use CGI::Session;
 
 require Exporter;
@@ -31,7 +29,8 @@ use C4::Output;    # to get the template
 use C4::Members;
 use C4::Koha;
 use C4::Branch; # GetBranches
 use C4::Members;
 use C4::Koha;
 use C4::Branch; # GetBranches
-use C4::VirtualShelves 3.02 qw(GetShelvesSummary);
+use C4::VirtualShelves;
+use POSIX qw/strftime/;
 
 # use utf8;
 use vars qw($VERSION @ISA @EXPORT @EXPORT_OK %EXPORT_TAGS $debug $ldap);
 
 # use utf8;
 use vars qw($VERSION @ISA @EXPORT @EXPORT_OK %EXPORT_TAGS $debug $ldap);
@@ -144,15 +143,23 @@ sub get_template_and_user {
         # user info
         $template->param( loggedinusername => $user );
         $template->param( sessionID        => $sessionID );
         # user info
         $template->param( loggedinusername => $user );
         $template->param( sessionID        => $sessionID );
-               my $shelves;
-               if ($shelves = C4::Context->get_shelves_userenv()) {
-               $template->param( barshelves     => scalar (@$shelves));
-               $template->param( barshelvesloop => $shelves);
-               }
+
+        my ($total, $pubshelves, $barshelves) = C4::Context->get_shelves_userenv();
+        if (defined($pubshelves)) {
+            $template->param(   pubshelves      => scalar (@$pubshelves),
+                                pubshelvesloop  => $pubshelves,
+                            );
+            $template->param(   pubtotal        => $total->{'pubtotal'}, ) if ($total->{'pubtotal'} > scalar (@$pubshelves));
+        }
+        if (defined($barshelves)) {
+            $template->param(   barshelves      => scalar (@$barshelves),
+                                barshelvesloop  => $barshelves,
+                            );
+            $template->param(   bartotal        => $total->{'bartotal'}, ) if ($total->{'bartotal'} > scalar (@$barshelves));
+        }
 
         $borrowernumber = getborrowernumber($user);
 
         $borrowernumber = getborrowernumber($user);
-        my ( $borr, $alternativeflags ) =
-          GetMemberDetails( $borrowernumber );
+        my ( $borr ) = GetMemberDetails( $borrowernumber );
         my @bordat;
         $bordat[0] = $borr;
         $template->param( "USER_INFO" => \@bordat );
         my @bordat;
         $bordat[0] = $borr;
         $template->param( "USER_INFO" => \@bordat );
@@ -220,109 +227,222 @@ sub get_template_and_user {
                 }
             }
         }
                 }
             }
         }
+               # Logged-in opac search history
+               # If the requested template is an opac one and opac search history is enabled
+               if ($in->{'type'} == "opac" && C4::Context->preference('EnableOpacSearchHistory')) {
+                       my $dbh = C4::Context->dbh;
+                       my $query = "SELECT COUNT(*) FROM search_history WHERE userid=?";
+                       my $sth = $dbh->prepare($query);
+                       $sth->execute($borrowernumber);
+                       
+                       # If at least one search has already been performed
+                       if ($sth->fetchrow_array > 0) { 
+                       # We show the link in opac
+                       $template->param(ShowOpacRecentSearchLink => 1);
+                       }
+
+                       # And if there's a cookie with searches performed when the user was not logged in, 
+                       # we add them to the logged-in search history
+                       my @recentSearches;
+                       my $searchcookie = $in->{'query'}->cookie('KohaOpacRecentSearches');
+                       if ($searchcookie){
+                               $searchcookie = uri_unescape($searchcookie);
+                               if (thaw($searchcookie)) {
+                                       @recentSearches = @{thaw($searchcookie)};
+                               }
+
+                               if (@recentSearches > 0) {
+                                       my $query = "INSERT INTO search_history(userid, sessionid, query_desc, query_cgi, total, time) VALUES";
+                                       my $icount = 1;
+                                       foreach my $asearch (@recentSearches) {
+                                               $query .= "(";
+                                               $query .= $borrowernumber . ", ";
+                                               $query .= '"' . $in->{'query'}->cookie("CGISESSID") . "\", ";
+                                               $query .= '"' . $asearch->{'query_desc'} . "\", ";
+                                               $query .= '"' . $asearch->{'query_cgi'} . "\", ";
+                                               $query .=       $asearch->{'total'} . ", ";
+                                               $query .= 'FROM_UNIXTIME(' . $asearch->{'time'} . "))";
+                                               if ($icount < @recentSearches) { $query .= ", ";}
+                                               $icount++;
+                                       }
+
+                                       my $sth = $dbh->prepare($query);
+                                       $sth->execute;
+
+                                       # And then, delete the cookie's content
+                                       my $newsearchcookie = $in->{'query'}->cookie(
+                                                                                               -name => 'KohaOpacRecentSearches',
+                                                                                               -value => freeze([]),
+                                                                                               -expires => ''
+                                                                                        );
+                                       $cookie = [$cookie, $newsearchcookie];
+                               }
+                       }
+               }
+    }
+    else {  # if this is an anonymous session, setup to display public lists...
+
+        # load the template variables for stylesheets and JavaScript
+        $template->param( css_libs => $in->{'css_libs'} );
+        $template->param( css_module => $in->{'css_module'} );
+        $template->param( css_page => $in->{'css_page'} );
+        $template->param( css_widgets => $in->{'css_widgets'} );
+
+        $template->param( js_libs => $in->{'js_libs'} );
+        $template->param( js_module => $in->{'js_module'} );
+        $template->param( js_page => $in->{'js_page'} );
+        $template->param( js_widgets => $in->{'js_widgets'} );
+
+        $template->param( sessionID        => $sessionID );
+        
+        my ($total, $pubshelves) = C4::Context->get_shelves_userenv();  # an anonymous user has no 'barshelves'...
+        if (defined(($pubshelves))) {
+            $template->param(   pubshelves      => scalar (@$pubshelves),
+                                pubshelvesloop  => $pubshelves,
+                            );
+            $template->param(   pubtotal        => $total->{'pubtotal'}, ) if ($total->{'pubtotal'} > scalar (@$pubshelves));
+        }
+
     }
     }
+       # Anonymous opac search history
+       # If opac search history is enabled and at least one search has already been performed
+       if (C4::Context->preference('EnableOpacSearchHistory') && $in->{'query'}->cookie('KohaOpacRecentSearches')) {
+           # We show the link in opac
+           if (thaw(uri_unescape($in->{'query'}->cookie('KohaOpacRecentSearches')))) {
+                       my @recentSearches = @{thaw(uri_unescape($in->{'query'}->cookie('KohaOpacRecentSearches')))};
+                       if (@recentSearches > 0) {
+                               $template->param(ShowOpacRecentSearchLink => 1);
+                       }
+           }
+       }
+
+    # these template parameters are set the same regardless of $in->{'type'}
+    $template->param(
+            "BiblioDefaultView".C4::Context->preference("BiblioDefaultView")         => 1,
+            EnhancedMessagingPreferences => C4::Context->preference('EnhancedMessagingPreferences'),
+            GoogleJackets                => C4::Context->preference("GoogleJackets"),
+            KohaAdminEmailAddress        => "" . C4::Context->preference("KohaAdminEmailAddress"),
+            LoginBranchcode              => (C4::Context->userenv?C4::Context->userenv->{"branch"}:"insecure"),
+            LoginFirstname               => (C4::Context->userenv?C4::Context->userenv->{"firstname"}:"Bel"),
+            LoginSurname                 => C4::Context->userenv?C4::Context->userenv->{"surname"}:"Inconnu",
+            TagsEnabled                  => C4::Context->preference("TagsEnabled"),
+            hide_marc                    => C4::Context->preference("hide_marc"),
+            dateformat                   => C4::Context->preference("dateformat"),
+            'item-level_itypes'          => C4::Context->preference('item-level_itypes'),
+            patronimages                 => C4::Context->preference("patronimages"),
+            singleBranchMode             => C4::Context->preference("singleBranchMode"),
+            SyndeticsClientCode          => C4::Context->preference("SyndeticsClientCode"),
+            SyndeticsEnabled             => C4::Context->preference("SyndeticsEnabled"),
+            SyndeticsCoverImages         => C4::Context->preference("SyndeticsCoverImages"),
+            SyndeticsTOC                 => C4::Context->preference("SyndeticsTOC"),
+            SyndeticsSummary             => C4::Context->preference("SyndeticsSummary"),
+            SyndeticsEditions            => C4::Context->preference("SyndeticsEditions"),
+            SyndeticsExcerpt             => C4::Context->preference("SyndeticsExcerpt"),
+            SyndeticsReviews             => C4::Context->preference("SyndeticsReviews"),
+            SyndeticsAuthorNotes         => C4::Context->preference("SyndeticsAuthorNotes"),
+            SyndeticsAwards              => C4::Context->preference("SyndeticsAwards"),
+            SyndeticsSeries              => C4::Context->preference("SyndeticsSeries"),
+                       SyndeticsCoverImageSize          => C4::Context->preference("SyndeticsCoverImageSize"),
+                 );
 
     if ( $in->{'type'} eq "intranet" ) {
         $template->param(
 
     if ( $in->{'type'} eq "intranet" ) {
         $template->param(
-            intranetcolorstylesheet => C4::Context->preference("intranetcolorstylesheet"),
-            intranetstylesheet => C4::Context->preference("intranetstylesheet"),
-            IntranetNav        => C4::Context->preference("IntranetNav"),
-            intranetuserjs     => C4::Context->preference("intranetuserjs"),
-            TemplateEncoding   => C4::Context->preference("TemplateEncoding"),
-            AmazonContent      => C4::Context->preference("AmazonContent"),
-            LibraryName        => C4::Context->preference("LibraryName"),
-            LoginBranchcode    => (C4::Context->userenv?C4::Context->userenv->{"branch"}:"insecure"),
-            LoginBranchname    => (C4::Context->userenv?C4::Context->userenv->{"branchname"}:"insecure"),
-            LoginFirstname     => (C4::Context->userenv?C4::Context->userenv->{"firstname"}:"Bel"),
-            LoginSurname       => C4::Context->userenv?C4::Context->userenv->{"surname"}:"Inconnu", 
-            AutoLocation       => C4::Context->preference("AutoLocation"),
-            hide_marc          => C4::Context->preference("hide_marc"),
-            patronimages       => C4::Context->preference("patronimages"),
+            AmazonEnabled               => C4::Context->preference("AmazonEnabled"),
+            AmazonCoverImages           => C4::Context->preference("AmazonCoverImages"),
+            AmazonSimilarItems          => C4::Context->preference("AmazonSimilarItems"),
+            AutoLocation                => C4::Context->preference("AutoLocation"),
             "BiblioDefaultView".C4::Context->preference("IntranetBiblioDefaultView") => 1,
             "BiblioDefaultView".C4::Context->preference("IntranetBiblioDefaultView") => 1,
-            advancedMARCEditor      => C4::Context->preference("advancedMARCEditor"),
-            suggestion              => C4::Context->preference("suggestion"),
-            virtualshelves          => C4::Context->preference("virtualshelves"),
-            LibraryName             => C4::Context->preference("LibraryName"),
-            KohaAdminEmailAddress   => "" . C4::Context->preference("KohaAdminEmailAddress"),
-            IntranetmainUserblock   => C4::Context->preference("IntranetmainUserblock"),
-            IndependantBranches     => C4::Context->preference("IndependantBranches"),
-                       CircAutocompl => C4::Context->preference("CircAutocompl"),
-                       FRBRizeEditions => C4::Context->preference("FRBRizeEditions"),
-                       AmazonSimilarItems => C4::Context->preference("AmazonSimilarItems"),
-                       'item-level_itypes' => C4::Context->preference('item-level_itypes'),
-                       canreservefromotherbranches => C4::Context->preference('canreservefromotherbranches'),
-                       intranetreadinghistory => C4::Context->preference("intranetreadinghistory"),
-                       noItemTypeImages => C4::Context->preference("noItemTypeImages"),
-            singleBranchMode => C4::Context->preference("singleBranchMode"),
-                       TagsEnabled => C4::Context->preference("TagsEnabled"),
-                       GoogleJackets => C4::Context->preference("GoogleJackets"),
-                       AuthorisedValueImages => C4::Context->preference("AuthorisedValueImages"),
+            CircAutocompl               => C4::Context->preference("CircAutocompl"),
+            FRBRizeEditions             => C4::Context->preference("FRBRizeEditions"),
+            IndependantBranches         => C4::Context->preference("IndependantBranches"),
+            IntranetNav                 => C4::Context->preference("IntranetNav"),
+            IntranetmainUserblock       => C4::Context->preference("IntranetmainUserblock"),
+            LibraryName                 => C4::Context->preference("LibraryName"),
+            LoginBranchname             => (C4::Context->userenv?C4::Context->userenv->{"branchname"}:"insecure"),
+            TemplateEncoding            => C4::Context->preference("TemplateEncoding"),
+            advancedMARCEditor          => C4::Context->preference("advancedMARCEditor"),
+            canreservefromotherbranches => C4::Context->preference('canreservefromotherbranches'),
+            intranetcolorstylesheet     => C4::Context->preference("intranetcolorstylesheet"),
+            intranetreadinghistory      => C4::Context->preference("intranetreadinghistory"),
+            intranetstylesheet          => C4::Context->preference("intranetstylesheet"),
+            intranetuserjs              => C4::Context->preference("intranetuserjs"),
+            noItemTypeImages            => C4::Context->preference("noItemTypeImages"),
+            suggestion                  => C4::Context->preference("suggestion"),
+            virtualshelves              => C4::Context->preference("virtualshelves"),
+                       StaffSerialIssueDisplayCount => C4::Context->preference("StaffSerialIssueDisplayCount"),
+            NoZebra                     => C4::Context->preference('NoZebra'),
         );
     }
     else {
         warn "template type should be OPAC, here it is=[" . $in->{'type'} . "]" unless ( $in->{'type'} eq 'opac' );
         );
     }
     else {
         warn "template type should be OPAC, here it is=[" . $in->{'type'} . "]" unless ( $in->{'type'} eq 'opac' );
+        #TODO : replace LibraryName syspref with 'system name', and remove this html processing
         my $LibraryNameTitle = C4::Context->preference("LibraryName");
         $LibraryNameTitle =~ s/<(?:\/?)(?:br|p)\s*(?:\/?)>/ /sgi;
         $LibraryNameTitle =~ s/<(?:[^<>'"]|'(?:[^']*)'|"(?:[^"]*)")*>//sg;
         my $LibraryNameTitle = C4::Context->preference("LibraryName");
         $LibraryNameTitle =~ s/<(?:\/?)(?:br|p)\s*(?:\/?)>/ /sgi;
         $LibraryNameTitle =~ s/<(?:[^<>'"]|'(?:[^']*)'|"(?:[^"]*)")*>//sg;
-  $template->param(
-            KohaAdminEmailAddress  => "" . C4::Context->preference("KohaAdminEmailAddress"),
-            AnonSuggestions =>  "" . C4::Context->preference("AnonSuggestions"),
-            suggestion             => "" . C4::Context->preference("suggestion"),
-            OPACViewOthersSuggestions             => "" . C4::Context->preference("OPACViewOthersSuggestions"),
-            virtualshelves         => "" . C4::Context->preference("virtualshelves"),
-            OpacNav                => "" . C4::Context->preference("OpacNav"),
-            opacheader             => "" . C4::Context->preference("opacheader"),
-            opaccredits            => "" . C4::Context->preference("opaccredits"),
-            opacsmallimage         => "" . C4::Context->preference("opacsmallimage"),
-            opaclargeimage         => "" . C4::Context->preference("opaclargeimage"),
-            opaclayoutstylesheet   => "". C4::Context->preference("opaclayoutstylesheet"),
-            opaccolorstylesheet    => "". C4::Context->preference("opaccolorstylesheet"),
-            OPACUserCSS    => "". C4::Context->preference("OPACUserCSS"),
-            opaclanguagesdisplay   => "". C4::Context->preference("opaclanguagesdisplay"),
-            opacuserlogin          => "" . C4::Context->preference("opacuserlogin"),
-                       OpacMainUserBlock =>  "" . C4::Context->preference("OpacMainUserBlock"),
-                       OPACURLOpenInNewWindow =>  "" . C4::Context->preference("OPACURLOpenInNewWindow"),
-            opacbookbag            => "" . C4::Context->preference("opacbookbag"),
-            TemplateEncoding       => "". C4::Context->preference("TemplateEncoding"),
-            AmazonContent          => "" . C4::Context->preference("AmazonContent"),
-            OPACShelfBrowser       => "". C4::Context->preference("OPACShelfBrowser"),
-            OPACAmazonSimilarItems => "" . C4::Context->preference("OPACAmazonSimilarItems"),
-            LibraryName            => "" . C4::Context->preference("LibraryName"),
-            LibraryNameTitle       => "" . $LibraryNameTitle,
-            LoginBranchcode        => (C4::Context->userenv?C4::Context->userenv->{"branch"}:"insecure"),
-            LoginBranchname        => C4::Context->userenv?C4::Context->userenv->{"branchname"}:"", 
-            LoginFirstname        => (C4::Context->userenv?C4::Context->userenv->{"firstname"}:"Bel"),
-            LoginSurname        => C4::Context->userenv?C4::Context->userenv->{"surname"}:"Inconnu", 
-            OpacPasswordChange     => C4::Context->preference("OpacPasswordChange"),
-            opacreadinghistory     => C4::Context->preference("opacreadinghistory"),
-            opacuserjs             => C4::Context->preference("opacuserjs"),
-            OpacCloud              => C4::Context->preference("OpacCloud"),
-            OpacTopissue           => C4::Context->preference("OpacTopissue"),
-            OpacAuthorities        => C4::Context->preference("OpacAuthorities"),
-            OpacBrowser            => C4::Context->preference("OpacBrowser"),
-            RequestOnOpac          => C4::Context->preference("RequestOnOpac"),
-                       OPACItemHolds          => C4::Context->preference("OPACItemHolds"),
-            reviewson              => C4::Context->preference("reviewson"),
-            hide_marc              => C4::Context->preference("hide_marc"),
-            patronimages           => C4::Context->preference("patronimages"),
-            hidelostitems          => C4::Context->preference("hidelostitems"),
-            mylibraryfirst   => C4::Context->preference("SearchMyLibraryFirst"),
-            "BiblioDefaultView".C4::Context->preference("BiblioDefaultView") => 1,
-            OPACFRBRizeEditions => C4::Context->preference("OPACFRBRizeEditions"),
-            'item-level_itypes' => C4::Context->preference('item-level_itypes'),
-            'Version' => C4::Context->preference('Version'),
-            singleBranchMode => C4::Context->preference("singleBranchMode"),
-            XSLTResultsDisplay => C4::Context->preference("XSLTResultsDisplay"),
-            XSLTDetailsDisplay => C4::Context->preference("XSLTDetailsDisplay"),
-                       TagsEnabled => C4::Context->preference("TagsEnabled"),
-                       GoogleJackets => C4::Context->preference("GoogleJackets"),
-                       AuthorisedValueImages => C4::Context->preference("AuthorisedValueImages"),
-                       OPACBaseURL=> ($in->{'query'}->https() ? "https://" : "http://") .
-                          $ENV{'SERVER_NAME'} . 
-                          ($ENV{'SERVER_PORT'} eq ($in->{'query'}->https() ? "443" : "80") ? '' : ":$ENV{'SERVER_PORT'}"),
+        # variables passed from CGI: opac_css_override and opac_search_limits.
+        my $opac_search_limit = $ENV{'OPAC_SEARCH_LIMIT'};
+        my $opac_limit_override = $ENV{'OPAC_LIMIT_OVERRIDE'};
+        my $mylibraryfirst = C4::Context->preference("SearchMyLibraryFirst");
+        my $opac_name;
+        if($opac_limit_override && ($opac_search_limit =~ /branch:(\w+)/) ){
+             $opac_name = C4::Branch::GetBranchName($1)   # opac_search_limit is a branch, so we use it.
+        } elsif($mylibraryfirst){
+            $opac_name = C4::Branch::GetBranchName($mylibraryfirst);
+        }
+        $template->param(
+            AnonSuggestions           => "" . C4::Context->preference("AnonSuggestions"),
+            AuthorisedValueImages     => C4::Context->preference("AuthorisedValueImages"),
+            LibraryName               => "" . C4::Context->preference("LibraryName"),
+            LibraryNameTitle          => "" . $LibraryNameTitle,
+            LoginBranchname           => C4::Context->userenv?C4::Context->userenv->{"branchname"}:"",
+            OPACAmazonEnabled         => C4::Context->preference("OPACAmazonEnabled"),
+            OPACAmazonCoverImages     => C4::Context->preference("OPACAmazonCoverImages"),
+            OPACAmazonSimilarItems    => "" . C4::Context->preference("OPACAmazonSimilarItems"),
+            OPACFRBRizeEditions       => C4::Context->preference("OPACFRBRizeEditions"),
+            OPACItemHolds             => C4::Context->preference("OPACItemHolds"),
+            OPACShelfBrowser          => "". C4::Context->preference("OPACShelfBrowser"),
+            OPACURLOpenInNewWindow    => "" . C4::Context->preference("OPACURLOpenInNewWindow"),
+            OPACUserCSS               => "". C4::Context->preference("OPACUserCSS"),
+            OPACViewOthersSuggestions => "" . C4::Context->preference("OPACViewOthersSuggestions"),
+            OpacAuthorities           => C4::Context->preference("OpacAuthorities"),
+            OPACBaseURL               => ($in->{'query'}->https() ? "https://" : "http://") . $ENV{'SERVER_NAME'} .
+                   ($ENV{'SERVER_PORT'} eq ($in->{'query'}->https() ? "443" : "80") ? '' : ":$ENV{'SERVER_PORT'}"),
+            opac_name             => $opac_name,
+            opac_css_override           => $ENV{'OPAC_CSS_OVERRIDE'},
+            opac_search_limit         => $opac_search_limit,
+            opac_limit_override       => $opac_limit_override,
+            OpacBrowser               => C4::Context->preference("OpacBrowser"),
+            OpacCloud                 => C4::Context->preference("OpacCloud"),
+            OpacMainUserBlock         => "" . C4::Context->preference("OpacMainUserBlock"),
+            OpacNav                   => "" . C4::Context->preference("OpacNav"),
+            OpacPasswordChange        => C4::Context->preference("OpacPasswordChange"),
+            OPACPatronDetails        => C4::Context->preference("OPACPatronDetails"),
+            OPACFinesTab              => C4::Context->preference("OPACFinesTab"),
+            OpacTopissue              => C4::Context->preference("OpacTopissue"),
+            RequestOnOpac             => C4::Context->preference("RequestOnOpac"),
+            TemplateEncoding          => "". C4::Context->preference("TemplateEncoding"),
+            'Version'                 => C4::Context->preference('Version'),
+            XSLTDetailsDisplay        => C4::Context->preference("XSLTDetailsDisplay"),
+            XSLTResultsDisplay        => C4::Context->preference("XSLTResultsDisplay"),
+            hidelostitems             => C4::Context->preference("hidelostitems"),
+            mylibraryfirst            => (C4::Context->preference("SearchMyLibraryFirst") && C4::Context->userenv) ? C4::Context->userenv->{'branch'} : '',
+            opaclayoutstylesheet      => "" . C4::Context->preference("opaclayoutstylesheet"),
+            opaccolorstylesheet       => "" . C4::Context->preference("opaccolorstylesheet"),
+            opacstylesheet            => "" . C4::Context->preference("opacstylesheet"),
+            opacbookbag               => "" . C4::Context->preference("opacbookbag"),
+            opaccredits               => "" . C4::Context->preference("opaccredits"),
+            opacheader                => "" . C4::Context->preference("opacheader"),
+            opaclanguagesdisplay      => "" . C4::Context->preference("opaclanguagesdisplay"),
+            opacreadinghistory        => C4::Context->preference("opacreadinghistory"),
+            opacsmallimage            => "" . C4::Context->preference("opacsmallimage"),
+            opacuserjs                => C4::Context->preference("opacuserjs"),
+            opacuserlogin             => "" . C4::Context->preference("opacuserlogin"),
+            reviewson                 => C4::Context->preference("reviewson"),
+            suggestion                => "" . C4::Context->preference("suggestion"),
+            virtualshelves            => "" . C4::Context->preference("virtualshelves"),
+                       OPACSerialIssueDisplayCount => C4::Context->preference("OPACSerialIssueDisplayCount"),
         );
     }
         );
     }
-       $template->param(listloop=>[{shelfname=>"Freelist", shelfnumber=>110}]);
     return ( $template, $borrowernumber, $cookie, $flags);
 }
 
     return ( $template, $borrowernumber, $cookie, $flags);
 }
 
@@ -332,8 +452,8 @@ sub get_template_and_user {
 
 Verifies that the user is authorized to run this script.  If
 the user is authorized, a (userid, cookie, session-id, flags)
 
 Verifies that the user is authorized to run this script.  If
 the user is authorized, a (userid, cookie, session-id, flags)
-quadruple is returned.  If the user is not authorized but does
-not have the required privilege (see $flagsrequired below), it
+quadruple is returned.  If the user is not authorized due to
+insufficent privileges (see $flagsrequired below), it
 displays an error page and exits.  Otherwise, it displays the
 login page and exits.
 
 displays an error page and exits.  Otherwise, it displays the
 login page and exits.
 
@@ -409,7 +529,11 @@ sub _version_check ($$) {
     my $version;
     # If Version syspref is unavailable, it means Koha is beeing installed,
     # and so we must redirect to OPAC maintenance page or to the WebInstaller
     my $version;
     # If Version syspref is unavailable, it means Koha is beeing installed,
     # and so we must redirect to OPAC maintenance page or to the WebInstaller
-    #warn "about to check version";
+    # also, if OpacMaintenance is ON, OPAC should redirect to maintenance
+    if (C4::Context->preference('OpacMaintenance') && $type eq 'opac') {
+        warn "OPAC Install required, redirecting to maintenance";
+        print $query->redirect("/cgi-bin/koha/maintenance.pl");
+    }
     unless ($version = C4::Context->preference('Version')) {    # assignment, not comparison
       if ($type ne 'opac') {
         warn "Install required, redirecting to Installer";
     unless ($version = C4::Context->preference('Version')) {    # assignment, not comparison
       if ($type ne 'opac') {
         warn "Install required, redirecting to Installer";
@@ -452,7 +576,7 @@ sub _session_log {
 
 sub checkauth {
     my $query = shift;
 
 sub checkauth {
     my $query = shift;
-       $debug and warn "Checking Auth";
+    $debug and warn "Checking Auth";
     # $authnotrequired will be set for scripts which will run without authentication
     my $authnotrequired = shift;
     my $flagsrequired   = shift;
     # $authnotrequired will be set for scripts which will run without authentication
     my $authnotrequired = shift;
     my $flagsrequired   = shift;
@@ -471,8 +595,9 @@ sub checkauth {
     # state variables
     my $loggedin = 0;
     my %info;
     # state variables
     my $loggedin = 0;
     my %info;
-    my ( $userid, $cookie, $sessionID, $flags, $shelves );
+    my ( $userid, $cookie, $sessionID, $flags, $barshelves, $pubshelves );
     my $logout = $query->param('logout.x');
     my $logout = $query->param('logout.x');
+
     if ( $userid = $ENV{'REMOTE_USER'} ) {
         # Using Basic Authentication, no cookies required
         $cookie = $query->cookie(
     if ( $userid = $ENV{'REMOTE_USER'} ) {
         # Using Basic Authentication, no cookies required
         $cookie = $query->cookie(
@@ -485,7 +610,7 @@ sub checkauth {
     elsif ( $sessionID = $query->cookie("CGISESSID")) {     # assignment, not comparison 
         my $session = get_session($sessionID);
         C4::Context->_new_userenv($sessionID);
     elsif ( $sessionID = $query->cookie("CGISESSID")) {     # assignment, not comparison 
         my $session = get_session($sessionID);
         C4::Context->_new_userenv($sessionID);
-        my ($ip, $lasttime);
+        my ($ip, $lasttime, $sessiontype);
         if ($session){
             C4::Context::set_userenv(
                 $session->param('number'),       $session->param('id'),
         if ($session){
             C4::Context::set_userenv(
                 $session->param('number'),       $session->param('id'),
@@ -494,184 +619,234 @@ sub checkauth {
                 $session->param('branchname'),   $session->param('flags'),
                 $session->param('emailaddress'), $session->param('branchprinter')
             );
                 $session->param('branchname'),   $session->param('flags'),
                 $session->param('emailaddress'), $session->param('branchprinter')
             );
-            C4::Context::set_shelves_userenv($session->param('shelves'));
+            C4::Context::set_shelves_userenv('bar',$session->param('barshelves'));
+            C4::Context::set_shelves_userenv('pub',$session->param('pubshelves'));
+            C4::Context::set_shelves_userenv('tot',$session->param('totshelves'));
             $debug and printf STDERR "AUTH_SESSION: (%s)\t%s %s - %s\n", map {$session->param($_)} qw(cardnumber firstname surname branch) ;
             $ip       = $session->param('ip');
             $lasttime = $session->param('lasttime');
             $userid   = $session->param('id');
             $debug and printf STDERR "AUTH_SESSION: (%s)\t%s %s - %s\n", map {$session->param($_)} qw(cardnumber firstname surname branch) ;
             $ip       = $session->param('ip');
             $lasttime = $session->param('lasttime');
             $userid   = $session->param('id');
+            $sessiontype = $session->param('sessiontype');
         }
         }
-    
-        if ($logout) {
+   
+        if ( ($query->param('koha_login_context')) && ($query->param('userid') ne $session->param('id')) ) {
+            #if a user enters an id ne to the id in the current session, we need to log them in...
+            #first we need to clear the anonymous session...
+            $debug and warn "query id = " . $query->param('userid') . " but session id = " . $session->param('id');
+            $session->flush;      
+            $session->delete();
+            C4::Context->_unset_userenv($sessionID);
+            $sessionID = undef;
+            $userid = undef;
+        }
+        elsif ($logout) {
             # voluntary logout the user
             $session->flush;      
             $session->delete();
             C4::Context->_unset_userenv($sessionID);
             # voluntary logout the user
             $session->flush;      
             $session->delete();
             C4::Context->_unset_userenv($sessionID);
-            _session_log(sprintf "%20s from %16s logged out at %30s (manually).\n", $userid,$ip,localtime);
+            _session_log(sprintf "%20s from %16s logged out at %30s (manually).\n", $userid,$ip,(strftime "%c",localtime));
             $sessionID = undef;
             $userid    = undef;
         }
             $sessionID = undef;
             $userid    = undef;
         }
-               elsif ( $lasttime < time() - $timeout ) {
-                       # timed logout
-                       $info{'timed_out'} = 1;
-                       $session->delete();
-                       C4::Context->_unset_userenv($sessionID);
-                       _session_log(sprintf "%20s from %16s logged out at %30s (inactivity).\n", $userid,$ip,localtime);
-                       $userid    = undef;
-                       $sessionID = undef;
-               }
-               elsif ( $ip ne $ENV{'REMOTE_ADDR'} ) {
-                       # Different ip than originally logged in from
-                       $info{'oldip'}        = $ip;
-                       $info{'newip'}        = $ENV{'REMOTE_ADDR'};
-                       $info{'different_ip'} = 1;
-                       $session->delete();
-                       C4::Context->_unset_userenv($sessionID);
-                       _session_log(sprintf "%20s from %16s logged out at %30s (ip changed to %16s).\n", $userid,$ip,localtime, $info{'newip'});
-                       $sessionID = undef;
-                       $userid    = undef;
-               }
-               else {
-                       $cookie = $query->cookie( CGISESSID => $session->id );
-                       $session->param('lasttime',time());
-                       $flags = haspermission( $dbh, $userid, $flagsrequired );
-                       if ($flags) {
-                               $loggedin = 1;
-                       } else {
-                               $info{'nopermission'} = 1;
-                       }
-               }
+        elsif ( $lasttime < time() - $timeout ) {
+            # timed logout
+            $info{'timed_out'} = 1;
+            $session->delete();
+            C4::Context->_unset_userenv($sessionID);
+            _session_log(sprintf "%20s from %16s logged out at %30s (inactivity).\n", $userid,$ip,(strftime "%c",localtime));
+            $userid    = undef;
+            $sessionID = undef;
+        }
+        elsif ( $ip ne $ENV{'REMOTE_ADDR'} ) {
+            # Different ip than originally logged in from
+            $info{'oldip'}        = $ip;
+            $info{'newip'}        = $ENV{'REMOTE_ADDR'};
+            $info{'different_ip'} = 1;
+            $session->delete();
+            C4::Context->_unset_userenv($sessionID);
+            _session_log(sprintf "%20s from %16s logged out at %30s (ip changed to %16s).\n", $userid,$ip,(strftime "%c",localtime), $info{'newip'});
+            $sessionID = undef;
+            $userid    = undef;
+        }
+        else {
+            $cookie = $query->cookie( CGISESSID => $session->id );
+            $session->param('lasttime',time());
+            unless ( $sessiontype eq 'anon' ) { #if this is an anonymous session, we want to update the session, but not behave as if they are logged in...
+                $flags = haspermission($userid, $flagsrequired);
+                if ($flags) {
+                    $loggedin = 1;
+                } else {
+                    $info{'nopermission'} = 1;
+                }
+            }
+        }
     }
     }
-    unless ($userid) {
+    unless ($userid || $sessionID) {
+        #we initiate a session prior to checking for a username to allow for anonymous sessions...
         my $session = get_session("") or die "Auth ERROR: Cannot get_session()";
         my $sessionID = $session->id;
         my $session = get_session("") or die "Auth ERROR: Cannot get_session()";
         my $sessionID = $session->id;
-        $userid    = $query->param('userid');
-        my $password = $query->param('password');
         C4::Context->_new_userenv($sessionID);
         C4::Context->_new_userenv($sessionID);
-        my ( $return, $cardnumber ) = checkpw( $dbh, $userid, $password );
-        if ($return) {
-            _session_log(sprintf "%20s from %16s logged in  at %30s.\n", $userid,$ENV{'REMOTE_ADDR'},localtime);
-            $cookie = $query->cookie(CGISESSID => $sessionID);
-            if ( $flags = haspermission( $dbh, $userid, $flagsrequired ) ) {
-                               $loggedin = 1;
-            }
-            else {
-                $info{'nopermission'} = 1;
-                C4::Context->_unset_userenv($sessionID);
-            }
-
-                       my ($borrowernumber, $firstname, $surname, $userflags,
-                               $branchcode, $branchname, $branchprinter, $emailaddress);
+        $cookie = $query->cookie(CGISESSID => $sessionID);
+        if ( $userid    = $query->param('userid') ) {
+            my $password = $query->param('password');
+            my ( $return, $cardnumber ) = checkpw( $dbh, $userid, $password );
+            if ($return) {
+                _session_log(sprintf "%20s from %16s logged in  at %30s.\n", $userid,$ENV{'REMOTE_ADDR'},(strftime "%c",localtime));
+                if ( $flags = haspermission($userid, $flagsrequired) ) {
+                    $loggedin = 1;
+                }
+                else {
+                    $info{'nopermission'} = 1;
+                    C4::Context->_unset_userenv($sessionID);
+                }
 
 
-            if ( $return == 1 ) {
-                my $select = "
-                SELECT borrowernumber, firstname, surname, flags, borrowers.branchcode, 
-                        branches.branchname    as branchname, 
-                        branches.branchprinter as branchprinter, 
-                        email 
-                FROM borrowers 
-                LEFT JOIN branches on borrowers.branchcode=branches.branchcode
-                ";
-                my $sth = $dbh->prepare("$select where userid=?");
-                $sth->execute($userid);
-                               unless ($sth->rows) {
-                       $debug and print STDERR "AUTH_1: no rows for userid='$userid'\n";
-                                       $sth = $dbh->prepare("$select where cardnumber=?");
-                    $sth->execute($cardnumber);
-                                       unless ($sth->rows) {
-                               $debug and print STDERR "AUTH_2a: no rows for cardnumber='$cardnumber'\n";
-                       $sth->execute($userid);
-                                               unless ($sth->rows) {
-                                       $debug and print STDERR "AUTH_2b: no rows for userid='$userid' AS cardnumber\n";
-                                               }
-                                       }
-                               }
-                if ($sth->rows) {
-                    ($borrowernumber, $firstname, $surname, $userflags,
-                       $branchcode, $branchname, $branchprinter, $emailaddress) = $sth->fetchrow;
-                                       $debug and print STDERR "AUTH_3 results: " .
-                                               "$cardnumber,$borrowernumber,$userid,$firstname,$surname,$userflags,$branchcode,$emailaddress\n";
-                               } else {
-                                       print STDERR "AUTH_3: no results for userid='$userid', cardnumber='$cardnumber'.\n";
-                               }
+                my ($borrowernumber, $firstname, $surname, $userflags,
+                    $branchcode, $branchname, $branchprinter, $emailaddress);
+
+                if ( $return == 1 ) {
+                    my $select = "
+                    SELECT borrowernumber, firstname, surname, flags, borrowers.branchcode, 
+                            branches.branchname    as branchname, 
+                            branches.branchprinter as branchprinter, 
+                            email 
+                    FROM borrowers 
+                    LEFT JOIN branches on borrowers.branchcode=branches.branchcode
+                    ";
+                    my $sth = $dbh->prepare("$select where userid=?");
+                    $sth->execute($userid);
+                    unless ($sth->rows) {
+                        $debug and print STDERR "AUTH_1: no rows for userid='$userid'\n";
+                        $sth = $dbh->prepare("$select where cardnumber=?");
+                        $sth->execute($cardnumber);
+                        unless ($sth->rows) {
+                            $debug and print STDERR "AUTH_2a: no rows for cardnumber='$cardnumber'\n";
+                            $sth->execute($userid);
+                            unless ($sth->rows) {
+                                $debug and print STDERR "AUTH_2b: no rows for userid='$userid' AS cardnumber\n";
+                            }
+                        }
+                    }
+                    if ($sth->rows) {
+                        ($borrowernumber, $firstname, $surname, $userflags,
+                            $branchcode, $branchname, $branchprinter, $emailaddress) = $sth->fetchrow;
+                        $debug and print STDERR "AUTH_3 results: " .
+                            "$cardnumber,$borrowernumber,$userid,$firstname,$surname,$userflags,$branchcode,$emailaddress\n";
+                    } else {
+                        print STDERR "AUTH_3: no results for userid='$userid', cardnumber='$cardnumber'.\n";
+                    }
 
 # launch a sequence to check if we have a ip for the branch, i
 # if we have one we replace the branchcode of the userenv by the branch bound in the ip.
 
 
 # launch a sequence to check if we have a ip for the branch, i
 # if we have one we replace the branchcode of the userenv by the branch bound in the ip.
 
-                my $ip       = $ENV{'REMOTE_ADDR'};
-                # if they specify at login, use that
-                if ($query->param('branch')) {
-                    $branchcode  = $query->param('branch');
-                    $branchname = GetBranchName($branchcode);
-                }
-                my $branches = GetBranches();
-                if (C4::Context->boolean_preference('IndependantBranches') && C4::Context->boolean_preference('Autolocation')){
-                                   # we have to check they are coming from the right ip range
-                                       my $domain = $branches->{$branchcode}->{'branchip'};
-                                       if ($ip !~ /^$domain/){
-                                               $loggedin=0;
-                                               $info{'wrongip'} = 1;
-                                       }
-                               }
+                    my $ip       = $ENV{'REMOTE_ADDR'};
+                    # if they specify at login, use that
+                    if ($query->param('branch')) {
+                        $branchcode  = $query->param('branch');
+                        $branchname = GetBranchName($branchcode);
+                    }
+                    my $branches = GetBranches();
+                    if (C4::Context->boolean_preference('IndependantBranches') && C4::Context->boolean_preference('Autolocation')){
+                        # we have to check they are coming from the right ip range
+                        my $domain = $branches->{$branchcode}->{'branchip'};
+                        if ($ip !~ /^$domain/){
+                            $loggedin=0;
+                            $info{'wrongip'} = 1;
+                        }
+                    }
 
 
-                my @branchesloop;
-                foreach my $br ( keys %$branches ) {
-                    #     now we work with the treatment of ip
-                    my $domain = $branches->{$br}->{'branchip'};
-                    if ( $domain && $ip =~ /^$domain/ ) {
-                        $branchcode = $branches->{$br}->{'branchcode'};
+                    my @branchesloop;
+                    foreach my $br ( keys %$branches ) {
+                        #     now we work with the treatment of ip
+                        my $domain = $branches->{$br}->{'branchip'};
+                        if ( $domain && $ip =~ /^$domain/ ) {
+                            $branchcode = $branches->{$br}->{'branchcode'};
 
 
-                        # new op dev : add the branchprinter and branchname in the cookie
-                        $branchprinter = $branches->{$br}->{'branchprinter'};
-                        $branchname    = $branches->{$br}->{'branchname'};
+                            # new op dev : add the branchprinter and branchname in the cookie
+                            $branchprinter = $branches->{$br}->{'branchprinter'};
+                            $branchname    = $branches->{$br}->{'branchname'};
+                        }
                     }
                     }
+                    $session->param('number',$borrowernumber);
+                    $session->param('id',$userid);
+                    $session->param('cardnumber',$cardnumber);
+                    $session->param('firstname',$firstname);
+                    $session->param('surname',$surname);
+                    $session->param('branch',$branchcode);
+                    $session->param('branchname',$branchname);
+                    $session->param('flags',$userflags);
+                    $session->param('emailaddress',$emailaddress);
+                    $session->param('ip',$session->remote_addr());
+                    $session->param('lasttime',time());
+                    $debug and printf STDERR "AUTH_4: (%s)\t%s %s - %s\n", map {$session->param($_)} qw(cardnumber firstname surname branch) ;
                 }
                 }
-                $session->param('number',$borrowernumber);
-                $session->param('id',$userid);
-                $session->param('cardnumber',$cardnumber);
-                $session->param('firstname',$firstname);
-                $session->param('surname',$surname);
-                $session->param('branch',$branchcode);
-                $session->param('branchname',$branchname);
-                $session->param('flags',$userflags);
-                $session->param('emailaddress',$emailaddress);
-                $session->param('ip',$session->remote_addr());
-                $session->param('lasttime',time());
-                $debug and printf STDERR "AUTH_4: (%s)\t%s %s - %s\n", map {$session->param($_)} qw(cardnumber firstname surname branch) ;
-            }
-            elsif ( $return == 2 ) {
-                #We suppose the user is the superlibrarian
-                               $borrowernumber = 0;
-                $session->param('number',0);
-                $session->param('id',C4::Context->config('user'));
-                $session->param('cardnumber',C4::Context->config('user'));
-                $session->param('firstname',C4::Context->config('user'));
-                $session->param('surname',C4::Context->config('user'));
-                $session->param('branch','NO_LIBRARY_SET');
-                $session->param('branchname','NO_LIBRARY_SET');
-                $session->param('flags',1);
-                $session->param('emailaddress', C4::Context->preference('KohaAdminEmailAddress'));
-                $session->param('ip',$session->remote_addr());
-                $session->param('lasttime',time());
+                elsif ( $return == 2 ) {
+                    #We suppose the user is the superlibrarian
+                    $borrowernumber = 0;
+                    $session->param('number',0);
+                    $session->param('id',C4::Context->config('user'));
+                    $session->param('cardnumber',C4::Context->config('user'));
+                    $session->param('firstname',C4::Context->config('user'));
+                    $session->param('surname',C4::Context->config('user'));
+                    $session->param('branch','NO_LIBRARY_SET');
+                    $session->param('branchname','NO_LIBRARY_SET');
+                    $session->param('flags',1);
+                    $session->param('emailaddress', C4::Context->preference('KohaAdminEmailAddress'));
+                    $session->param('ip',$session->remote_addr());
+                    $session->param('lasttime',time());
+                }
+                C4::Context::set_userenv(
+                    $session->param('number'),       $session->param('id'),
+                    $session->param('cardnumber'),   $session->param('firstname'),
+                    $session->param('surname'),      $session->param('branch'),
+                    $session->param('branchname'),   $session->param('flags'),
+                    $session->param('emailaddress'), $session->param('branchprinter')
+                );
+
+                # Grab borrower's shelves and public shelves and add them to the session
+                # $row_count determines how many records are returned from the db query
+                # and the number of lists to be displayed of each type in the 'Lists' button drop down
+                my $row_count = 10; # FIXME:This probably should be a syspref
+                my ($total, $totshelves, $barshelves, $pubshelves);
+                ($barshelves, $totshelves) = C4::VirtualShelves::GetRecentShelves(1, $row_count, $borrowernumber);
+                $total->{'bartotal'} = $totshelves;
+                ($pubshelves, $totshelves) = C4::VirtualShelves::GetRecentShelves(2, $row_count, undef);
+                $total->{'pubtotal'} = $totshelves;
+                $session->param('barshelves', $barshelves->[0]);
+                $session->param('pubshelves', $pubshelves->[0]);
+                $session->param('totshelves', $total);
+                
+                C4::Context::set_shelves_userenv('bar',$barshelves->[0]);
+                C4::Context::set_shelves_userenv('pub',$pubshelves->[0]);
+                C4::Context::set_shelves_userenv('tot',$total);
             }
             }
-            C4::Context::set_userenv(
-                $session->param('number'),       $session->param('id'),
-                $session->param('cardnumber'),   $session->param('firstname'),
-                $session->param('surname'),      $session->param('branch'),
-                $session->param('branchname'),   $session->param('flags'),
-                $session->param('emailaddress'), $session->param('branchprinter')
-            );
-                       $shelves = GetShelvesSummary($borrowernumber,2,10);
-                       $session->param('shelves', $shelves);
-                       C4::Context::set_shelves_userenv($shelves);
-        }
-        else {
-            if ($userid) {
-                $info{'invalid_username_or_password'} = 1;
-                C4::Context->_unset_userenv($sessionID);
+            else {
+                if ($userid) {
+                    $info{'invalid_username_or_password'} = 1;
+                    C4::Context->_unset_userenv($sessionID);
+                }
             }
             }
-
+        }   # END if ( $userid    = $query->param('userid') )
+        elsif ($type eq "opac") {   
+            # if we are here this is an anonymous session; add public lists to it and a few other items...
+            # anonymous sessions are created only for the OPAC
+            $debug and warn "Initiating an anonymous session...";
+
+            # Grab the public shelves and add to the session...
+            my $row_count = 20; # FIXME:This probably should be a syspref
+            my ($total, $totshelves, $pubshelves);
+            ($pubshelves, $totshelves) = C4::VirtualShelves::GetRecentShelves(2, $row_count, undef);
+            $total->{'pubtotal'} = $totshelves;
+            $session->param('pubshelves', $pubshelves->[0]);
+            $session->param('totshelves', $total);
+            C4::Context::set_shelves_userenv('pub',$pubshelves->[0]);
+            C4::Context::set_shelves_userenv('tot',$total);
+            
+            # setting a couple of other session vars...
+            $session->param('ip',$session->remote_addr());
+            $session->param('lasttime',time());
+            $session->param('sessiontype','anon');
         }
         }
-    }  # END unless ($userid)
+    }   # END unless ($userid)
     my $insecure = C4::Context->boolean_preference('insecure');
 
     # finished authentification, now respond
     my $insecure = C4::Context->boolean_preference('insecure');
 
     # finished authentification, now respond
@@ -701,7 +876,7 @@ sub checkauth {
     my $branches = GetBranches();
     my @branch_loop;
     for my $branch_hash (sort keys %$branches) {
     my $branches = GetBranches();
     my @branch_loop;
     for my $branch_hash (sort keys %$branches) {
-               push @branch_loop, {branchcode => "$branch_hash", branchname => $branches->{$branch_hash}->{'branchname'}, };
+        push @branch_loop, {branchcode => "$branch_hash", branchname => $branches->{$branch_hash}->{'branchname'}, };
     }
 
     my $template_name = ( $type eq 'opac' ) ? 'opac-auth.tmpl' : 'auth.tmpl';
     }
 
     my $template_name = ( $type eq 'opac' ) ? 'opac-auth.tmpl' : 'auth.tmpl';
@@ -712,7 +887,6 @@ sub checkauth {
         INPUTS               => \@inputs,
         suggestion           => C4::Context->preference("suggestion"),
         virtualshelves       => C4::Context->preference("virtualshelves"),
         INPUTS               => \@inputs,
         suggestion           => C4::Context->preference("suggestion"),
         virtualshelves       => C4::Context->preference("virtualshelves"),
-        opaclargeimage       => C4::Context->preference("opaclargeimage"),
         LibraryName          => C4::Context->preference("LibraryName"),
         opacuserlogin        => C4::Context->preference("opacuserlogin"),
         OpacNav              => C4::Context->preference("OpacNav"),
         LibraryName          => C4::Context->preference("LibraryName"),
         opacuserlogin        => C4::Context->preference("opacuserlogin"),
         OpacNav              => C4::Context->preference("OpacNav"),
@@ -729,17 +903,17 @@ sub checkauth {
         OpacAuthorities      => C4::Context->preference("OpacAuthorities"),
         OpacBrowser          => C4::Context->preference("OpacBrowser"),
         opacheader           => C4::Context->preference("opacheader"),
         OpacAuthorities      => C4::Context->preference("OpacAuthorities"),
         OpacBrowser          => C4::Context->preference("OpacBrowser"),
         opacheader           => C4::Context->preference("opacheader"),
+        TagsEnabled                  => C4::Context->preference("TagsEnabled"),
         OPACUserCSS           => C4::Context->preference("OPACUserCSS"),
         intranetcolorstylesheet =>
         OPACUserCSS           => C4::Context->preference("OPACUserCSS"),
         intranetcolorstylesheet =>
-                                                               C4::Context->preference("intranetcolorstylesheet"),
+                                C4::Context->preference("intranetcolorstylesheet"),
         intranetstylesheet => C4::Context->preference("intranetstylesheet"),
         IntranetNav        => C4::Context->preference("IntranetNav"),
         intranetuserjs     => C4::Context->preference("intranetuserjs"),
         TemplateEncoding   => C4::Context->preference("TemplateEncoding"),
         IndependantBranches=> C4::Context->preference("IndependantBranches"),
         AutoLocation       => C4::Context->preference("AutoLocation"),
         intranetstylesheet => C4::Context->preference("intranetstylesheet"),
         IntranetNav        => C4::Context->preference("IntranetNav"),
         intranetuserjs     => C4::Context->preference("intranetuserjs"),
         TemplateEncoding   => C4::Context->preference("TemplateEncoding"),
         IndependantBranches=> C4::Context->preference("IndependantBranches"),
         AutoLocation       => C4::Context->preference("AutoLocation"),
-        yuipath            => C4::Context->preference("yuipath"),
-               wrongip            => $info{'wrongip'}
+        wrongip            => $info{'wrongip'}
     );
     
     $template->param( loginprompt => 1 ) unless $info{'nopermission'};
     );
     
     $template->param( loginprompt => 1 ) unless $info{'nopermission'};
@@ -863,7 +1037,7 @@ sub check_api_auth {
             } else {
                 my $cookie = $query->cookie( CGISESSID => $session->id );
                 $session->param('lasttime',time());
             } else {
                 my $cookie = $query->cookie( CGISESSID => $session->id );
                 $session->param('lasttime',time());
-                my $flags = haspermission( $dbh, $userid, $flagsrequired );
+                my $flags = haspermission($userid, $flagsrequired);
                 if ($flags) {
                     return ("ok", $cookie, $sessionID);
                 } else {
                 if ($flags) {
                     return ("ok", $cookie, $sessionID);
                 } else {
@@ -886,7 +1060,7 @@ sub check_api_auth {
             return ("failed", undef, undef);
         }
         my ( $return, $cardnumber ) = checkpw( $dbh, $userid, $password );
             return ("failed", undef, undef);
         }
         my ( $return, $cardnumber ) = checkpw( $dbh, $userid, $password );
-        if ($return and haspermission( $dbh, $userid, $flagsrequired)) {
+        if ($return and haspermission($userid, $flagsrequired)) {
             my $session = get_session("");
             return ("failed", undef, undef) unless $session;
 
             my $session = get_session("");
             return ("failed", undef, undef) unless $session;
 
@@ -1081,7 +1255,7 @@ sub check_cookie_auth {
             return ("expired", undef);
         } else {
             $session->param('lasttime',time());
             return ("expired", undef);
         } else {
             $session->param('lasttime',time());
-            my $flags = haspermission( $dbh, $userid, $flagsrequired );
+            my $flags = haspermission($userid, $flagsrequired);
             if ($flags) {
                 return ("ok", $sessionID);
             } else {
             if ($flags) {
                 return ("ok", $sessionID);
             } else {
@@ -1134,7 +1308,7 @@ sub checkpw {
 
     my ( $dbh, $userid, $password ) = @_;
     if ($ldap) {
 
     my ( $dbh, $userid, $password ) = @_;
     if ($ldap) {
-        $debug and print "## checkpw - checking LDAP\n";
+        $debug and print STDERR "## checkpw - checking LDAP\n";
         my ($retval,$retcard) = checkpw_ldap(@_);    # EXTERNAL AUTH
         ($retval) and return ($retval,$retcard);
     }
         my ($retval,$retcard) = checkpw_ldap(@_);    # EXTERNAL AUTH
         ($retval) and return ($retval,$retcard);
     }
@@ -1194,10 +1368,12 @@ sub checkpw {
 
 =item getuserflags
 
 
 =item getuserflags
 
- $authflags = getuserflags($flags,$dbh);
+    my $authflags = getuserflags($flags, $userid, [$dbh]);
+
 Translates integer flags into permissions strings hash.
 
 C<$flags> is the integer userflags value ( borrowers.userflags )
 Translates integer flags into permissions strings hash.
 
 C<$flags> is the integer userflags value ( borrowers.userflags )
+C<$userid> is the members.userid, used for building subpermissions
 C<$authflags> is a hashref of permissions
 
 =cut
 C<$authflags> is a hashref of permissions
 
 =cut
@@ -1205,7 +1381,7 @@ C<$authflags> is a hashref of permissions
 sub getuserflags {
     my $flags   = shift;
     my $userid  = shift;
 sub getuserflags {
     my $flags   = shift;
     my $userid  = shift;
-    my $dbh     = shift;
+    my $dbh     = @_ ? shift : C4::Context->dbh;
     my $userflags;
     $flags = 0 unless $flags;
     my $sth = $dbh->prepare("SELECT bit, flag, defaulton FROM userflags");
     my $userflags;
     $flags = 0 unless $flags;
     my $sth = $dbh->prepare("SELECT bit, flag, defaulton FROM userflags");
@@ -1263,7 +1439,7 @@ sub get_user_subpermissions {
     my $userid = shift;
 
     my $dbh = C4::Context->dbh;
     my $userid = shift;
 
     my $dbh = C4::Context->dbh;
-    my $sth = $dbh->prepare("SELECT flag, code
+    my $sth = $dbh->prepare("SELECT flag, user_permissions.code
                              FROM user_permissions
                              JOIN permissions USING (module_bit, code)
                              JOIN userflags ON (module_bit = bit)
                              FROM user_permissions
                              JOIN permissions USING (module_bit, code)
                              JOIN userflags ON (module_bit = bit)
@@ -1310,9 +1486,9 @@ sub get_all_subpermissions {
 
 =item haspermission 
 
 
 =item haspermission 
 
-  $flags = ($dbh,$member,$flagsrequired);
+  $flags = ($userid, $flagsrequired);
 
 
-C<$member> may be either userid or overloaded with $borrower hashref from GetMemberDetails.
+C<$userid> the userid of the member
 C<$flags> is a hashref of required flags like C<$borrower-&lt;{authflags}> 
 
 Returns member's flags or 0 if a permission is not met.
 C<$flags> is a hashref of required flags like C<$borrower-&lt;{authflags}> 
 
 Returns member's flags or 0 if a permission is not met.
@@ -1320,22 +1496,15 @@ Returns member's flags or 0 if a permission is not met.
 =cut
 
 sub haspermission {
 =cut
 
 sub haspermission {
-    my ( $dbh, $userid, $flagsrequired ) = @_;
-    my ($flags,$intflags);
-    $dbh=C4::Context->dbh unless($dbh);
-    if(ref($userid)) {
-        $intflags = $userid->{'flags'};  
-    } else {
-        my $sth = $dbh->prepare("SELECT flags FROM borrowers WHERE userid=?");
-        $sth->execute($userid);
-        my ($intflags) = $sth->fetchrow;
-        $flags = getuserflags( $intflags, $userid, $dbh );
-    }
+    my ($userid, $flagsrequired) = @_;
+    my $sth = C4::Context->dbh->prepare("SELECT flags FROM borrowers WHERE userid=?");
+    $sth->execute($userid);
+    my $flags = getuserflags( $sth->fetchrow(), $userid );
     if ( $userid eq C4::Context->config('user') ) {
         # Super User Account from /etc/koha.conf
         $flags->{'superlibrarian'} = 1;
     }
     if ( $userid eq C4::Context->config('user') ) {
         # Super User Account from /etc/koha.conf
         $flags->{'superlibrarian'} = 1;
     }
-    if ( $userid eq 'demo' && C4::Context->config('demo') ) {
+    elsif ( $userid eq 'demo' && C4::Context->config('demo') ) {
         # Demo user that can do "anything" (demo=1 in /etc/koha.conf)
         $flags->{'superlibrarian'} = 1;
     }
         # Demo user that can do "anything" (demo=1 in /etc/koha.conf)
         $flags->{'superlibrarian'} = 1;
     }
@@ -1364,6 +1533,10 @@ sub haspermission {
 
 sub getborrowernumber {
     my ($userid) = @_;
 
 sub getborrowernumber {
     my ($userid) = @_;
+    my $userenv = C4::Context->userenv;
+    if ( defined( $userenv ) && ref( $userenv ) eq 'HASH' && $userenv->{number} ) {
+        return $userenv->{number};
+    }
     my $dbh = C4::Context->dbh;
     for my $field ( 'userid', 'cardnumber' ) {
         my $sth =
     my $dbh = C4::Context->dbh;
     for my $field ( 'userid', 'cardnumber' ) {
         my $sth =
Unnamed repository; edit this file 'description' to name the repository.