- my $input = &ajax_auth_cgi($needed_flags);
- my $operator = C4::Context->userenv->{'number'}; # must occur AFTER auth
- $debug and print STDERR "op: " . Dumper($operator) . "\n";
- my ($tag, $js_reply);
- if ($tag = $input->param('test')) {
- my $check = is_approved($tag);
- $js_reply = ( $check >= 1 ? 'success' :
- $check <= -1 ? 'failure' : 'indeterminate' ) . "_test('$tag');\n";
- }
- if ($tag = $input->param('ok')) {
- $js_reply = ( whitelist($operator,$tag) ? 'success' : 'failure') . "_approve('$tag');\n";
- }
- if ($tag = $input->param('rej')) {
- $js_reply = ( blacklist($operator,$tag) ? 'success' : 'failure') . "_reject('$tag');\n";
- }
- output_with_http_headers $input, undef, $js_reply, 'js';
- exit;
+ my $input = &ajax_auth_cgi($needed_flags);
+ my $operator = C4::Context->userenv->{'number'}; # must occur AFTER auth
+ my ($tag, $js_reply);
+ if ($tag = $input->param('test')) {
+ my $check = is_approved($tag);
+ $js_reply = ( $check >= 1 ? 'success' : $check <= -1 ? 'failure' : 'indeterminate' ) . "_test('".uri_escape_utf8($tag)."');\n";
+ }
+ if ($tag = $input->param('ok')) {
+ $js_reply = ( whitelist($operator,$tag) ? 'success' : 'failure') . "_approve('".uri_escape_utf8($tag)."');\n";
+ }
+ if ($tag = $input->param('rej')) {
+ $js_reply = ( blacklist($operator,$tag) ? 'success' : 'failure') . "_reject('".uri_escape_utf8($tag)."');\n";
+ }
+ output_with_http_headers $input, undef, $js_reply, 'js';
+ exit;