my $input = new CGI;
my $searchfield=$input->param('searchfield');
-my $pkfield="currency";
-my $reqsel="select currency,rate from currency where $pkfield='$searchfield'";
-my $reqdel="delete from currency where $pkfield='$searchfield'";
#my $branchcode=$input->param('branchcode');
my $offset=$input->param('offset');
my $script_name="/cgi-bin/koha/admin/currency.pl";
$searchfield=~ s/\,//g;
my ($template, $loggedinuser, $cookie)
- = get_template_and_user({template_name => "parameters/currency.tmpl",
+ = get_template_and_user({template_name => "admin/currency.tmpl",
query => $input,
type => "intranet",
- authnotrequired => 0,
+ flagsrequired => {parameters => 1, management => 1},
+ authnotrequired => 0,
debug => 1,
});
my $data;
if ($searchfield) {
my $dbh = C4::Context->dbh;
- my $sth=$dbh->prepare("select currency,rate from currency where currency='$searchfield'");
- $sth->execute;
+ my $sth=$dbh->prepare("select currency,rate from currency where currency=?");
+ $sth->execute($searchfield);
$data=$sth->fetchrow_hashref;
$sth->finish;
}
} elsif ($op eq 'add_validate') {
$template->param(add_validate => 1);
my $dbh = C4::Context->dbh;
- my $query = "replace currency (currency,rate) values (";
- $query.= $dbh->quote($input->param('currency')).",";
- $query.= $dbh->quote($input->param('rate')).")";
- my $sth=$dbh->prepare($query);
- $sth->execute;
- $sth->finish;
+
+ my $check = $dbh->prepare("select * from currency where currency = ?");
+ $check->execute($input->param('currency'));
+ if ( $check->fetchrow )
+ {
+ my $sth = $dbh->prepare("UPDATE currency SET rate = ? WHERE currency = ?");
+ $sth->execute($input->param('rate'),$input->param('currency'));
+ $sth->finish;
+ }
+ else
+ {
+ my $sth = $dbh->prepare("INSERT INTO currency (currency, rate) VALUES (?,?)");
+ $sth->execute($input->param('currency'),$input->param('rate'));
+ $sth->finish;
+ }
+
+ $check->finish;
# END $OP eq ADD_VALIDATE
################## DELETE_CONFIRM ##################################
# called by default form, used to confirm deletion of data in DB
} elsif ($op eq 'delete_confirm') {
$template->param(delete_confirm => 1);
my $dbh = C4::Context->dbh;
- my $sth=$dbh->prepare("select count(*) as total from aqbooksellers where currency='$searchfield'");
- $sth->execute;
+ my $sth=$dbh->prepare("select count(*) as total from aqbooksellers where currency=?");
+ $sth->execute($searchfield);
my $total = $sth->fetchrow_hashref;
$sth->finish;
- my $sth2=$dbh->prepare($reqsel);
- $sth2->execute;
+ my $sth2=$dbh->prepare("select currency,rate from currency where currency=?");
+ $sth2->execute($searchfield);
my $data=$sth2->fetchrow_hashref;
$sth2->finish;
} elsif ($op eq 'delete_confirmed') {
$template->param(delete_confirmed => 1);
my $dbh = C4::Context->dbh;
- my $sth=$dbh->prepare($reqdel);
- $sth->execute;
+ my $sth=$dbh->prepare("delete from currency where currency=?");
+ $sth->execute($searchfield);
$sth->finish;
# END $OP eq DELETE_CONFIRMED
################## DEFAULT ##################################
nextpage => $offset+$pagesize);
}
} #---- END $OP eq DEFAULT
-
+$template->param(intranetcolorstylesheet => C4::Context->preference("intranetcolorstylesheet"),
+ intranetstylesheet => C4::Context->preference("intranetstylesheet"),
+ IntranetNav => C4::Context->preference("IntranetNav"),
+ );
output_html_with_http_headers $input, $cookie, $template->output;