# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
# A PARTICULAR PURPOSE. See the GNU General Public License for more details.
#
-# You should have received a copy of the GNU General Public License along with
-# Koha; if not, write to the Free Software Foundation, Inc., 59 Temple Place,
-# Suite 330, Boston, MA 02111-1307 USA
+# You should have received a copy of the GNU General Public License along
+# with Koha; if not, write to the Free Software Foundation, Inc.,
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
=head1 ysearch.pl
=cut
use strict;
+#use warnings; FIXME - Bug 2505
use CGI;
use C4::Context;
+use C4::Members;
+use C4::Auth qw/check_cookie_auth/;
my $input = new CGI;
my $query = $input->param('query');
-# FIXME: charset should be UTF-8 but borrowers table is still ISO-8859-1
-print $input->header(-type => 'text/plain', -charset => 'ISO-8859-1');
-
-my $dbh = C4::Context->dbh;
-$query = "SELECT surname, firstname, cardnumber, address, city, zipcode ".
- "FROM borrowers " .
- "WHERE surname LIKE '". $query . "%' " .
- "OR firstname LIKE '" . $query . "%' " .
- #"OR cardnumber LIKE '" . $query . "%' " .
- "ORDER BY surname, firstname ";
-my $sth = $dbh->prepare( $query );
-$sth->execute();
-while ( my $rec = $sth->fetchrow_hashref ) {
- print $rec->{surname} . ", " . $rec->{firstname} . "\t" .
- $rec->{cardnumber} . "\t" .
- $rec->{address} . "\t" .
- $rec->{city} . "\t" .
- $rec->{zip} .
- "\n";
+binmode STDOUT, ":encoding(UTF-8)";
+print $input->header(-type => 'text/plain', -charset => 'UTF-8');
+
+my ($auth_status, $sessionID) = check_cookie_auth($input->cookie('CGISESSID'), { circulate => '*' });
+if ($auth_status ne "ok") {
+ exit 0;
}
+
+print map $_->{surname} . ", " . $_->{firstname} . "\t" .
+ $_->{cardnumber} . "\t" .
+ $_->{address} . "\t" .
+ $_->{city} . "\t" .
+ $_->{zipcode} . "\t" .
+ $_->{country} .
+ "\n",
+ @{ Search($query, [qw(surname firstname cardnumber)], [10], [qw(surname firstname cardnumber address city zipcode country)]) };