#
# This file is part of Koha.
#
-# Koha is free software; you can redistribute it and/or modify it under the
-# terms of the GNU General Public License as published by the Free Software
-# Foundation; either version 2 of the License, or (at your option) any later
-# version.
+# Koha is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
#
-# Koha is distributed in the hope that it will be useful, but WITHOUT ANY
-# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
-# A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+# Koha is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
#
-# You should have received a copy of the GNU General Public License along
-# with Koha; if not, write to the Free Software Foundation, Inc.,
-# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+# You should have received a copy of the GNU General Public License
+# along with Koha; if not, see <http://www.gnu.org/licenses>.
-use strict;
-use warnings;
+use Modern::Perl;
-use CGI;
-use Encode qw(encode);
-use Carp;
+use CGI qw ( -utf8 );
+use Encode;
+use Carp qw( carp );
+use Try::Tiny qw( catch try );
-use Mail::Sendmail;
-use MIME::QuotedPrint;
-use MIME::Base64;
-use C4::Biblio;
-use C4::Items;
-use C4::Auth;
-use C4::Output;
-use C4::Biblio;
-use C4::Members;
+use C4::Biblio qw(
+ GetBiblioData
+ GetMarcAuthors
+ GetMarcBiblio
+ GetMarcSubjects
+);
+use C4::Items qw( GetItemsInfo );
+use C4::Auth qw( get_template_and_user );
+use C4::Output qw( output_html_with_http_headers );
+use C4::Templates;
+use Koha::Email;
+use Koha::Patrons;
+use Koha::Token;
-my $query = new CGI;
+my $query = CGI->new;
my ( $template, $borrowernumber, $cookie ) = get_template_and_user (
{
- template_name => "opac-sendbasketform.tmpl",
+ template_name => "opac-sendbasketform.tt",
query => $query,
type => "opac",
- authnotrequired => 0,
- flagsrequired => { borrow => 1 },
}
);
-my $bib_list = $query->param('bib_list');
+my $bib_list = $query->param('bib_list') || '';
my $email_add = $query->param('email_add');
-my $email_sender = $query->param('email_sender');
my $dbh = C4::Context->dbh;
if ( $email_add ) {
- my $user = GetMember(borrowernumber => $borrowernumber);
- my $user_email = GetFirstValidEmailAddress($borrowernumber)
+ die "Wrong CSRF token" unless Koha::Token->new->check_csrf({
+ session_id => scalar $query->cookie('CGISESSID'),
+ token => scalar $query->param('csrf_token'),
+ });
+ my $patron = Koha::Patrons->find( $borrowernumber );
+ my $borcat = $patron ? $patron->categorycode : q{};
+ my $user_email = $patron->first_valid_email_address
|| C4::Context->preference('KohaAdminEmailAddress');
- my $email_from = C4::Context->preference('KohaAdminEmailAddress');
- my $email_replyto = "$user->{firstname} $user->{surname} <$user_email>";
+ my $email_replyto = $patron->firstname . " " . $patron->surname . " <$user_email>";
my $comment = $query->param('comment');
- my %mail = (
- To => $email_add,
- From => $email_from,
- 'Reply-To' => $email_replyto,
-# 'X-Orig-IP' => $ENV{'REMOTE_ADDR'},
-# FIXME Commented out for now: discussion on privacy issue
- 'X-Abuse-Report' => C4::Context->preference('KohaAdminEmailAddress'),
- );
- my ( $template2, $borrowernumber, $cookie ) = get_template_and_user(
- {
- template_name => "opac-sendbasket.tmpl",
- query => $query,
- type => "opac",
- authnotrequired => 0,
- flagsrequired => { borrow => 1 },
- }
+ # Since we are already logged in, no need to check credentials again
+ # when loading a second template.
+ my $template2 = C4::Templates::gettemplate(
+ 'opac-sendbasket.tt', 'opac', $query,
);
my @bibs = split( /\//, $bib_list );
$template2->param( biblionumber => $biblionumber );
my $dat = GetBiblioData($biblionumber);
- my $record = GetMarcBiblio($biblionumber);
- my $marcnotesarray = GetMarcNotes( $record, $marcflavour );
+ next unless $dat;
+ my $record = GetMarcBiblio({
+ biblionumber => $biblionumber,
+ embed_items => 1,
+ opac => 1,
+ borcat => $borcat });
my $marcauthorsarray = GetMarcAuthors( $record, $marcflavour );
my $marcsubjctsarray = GetMarcSubjects( $record, $marcflavour );
}
- $dat->{MARCNOTES} = $marcnotesarray;
$dat->{MARCSUBJCTS} = $marcsubjctsarray;
$dat->{MARCAUTHORS} = $marcauthorsarray;
$dat->{HASAUTHORS} = $hasauthors;
$template2->param(
BIBLIO_RESULTS => $resultsarray,
- email_sender => $email_sender,
comment => $comment,
- firstname => $user->{firstname},
- surname => $user->{surname},
+ firstname => $patron->firstname,
+ surname => $patron->surname,
);
# Getting template result
my $body;
# Analysing information and getting mail properties
- if ( $template_res =~ /<SUBJECT>\n(.*)\n?<END_SUBJECT>/s ) {
- $mail{'subject'} = $1;
+ my $subject;
+ if ( $template_res =~ /\<SUBJECT\>(?<subject>.*)\<END_SUBJECT\>/s ) {
+ $subject = $+{subject};
+ $subject =~ s|\n?(.*)\n?|$1|;
}
- else { $mail{'subject'} = "no subject"; }
-
- my $email_header = "";
- if ( $template_res =~ /<HEADER>\n(.*)\n?<END_HEADER>/s ) {
- $email_header = encode_qp($1);
+ else {
+ $subject = "no subject";
}
- my $email_file = "basket.txt";
- if ( $template_res =~ /<FILENAME>\n(.*)\n?<END_FILENAME>/s ) {
- $email_file = $1;
+ my $email_header = "";
+ if ( $template_res =~ /<HEADER>(.*)<END_HEADER>/s ) {
+ $email_header = $1;
+ $email_header =~ s|\n?(.*)\n?|$1|;
}
- if ( $template_res =~ /<MESSAGE>\n(.*)\n?<END_MESSAGE>/s ) {
- $body = encode_qp($1);
+ if ( $template_res =~ /<MESSAGE>(.*)<END_MESSAGE>/s ) {
+ $body = $1;
+ $body =~ s|\n?(.*)\n?|$1|;
}
- my $boundary = "====" . time() . "====";
-
- $mail{'content-type'} = "multipart/mixed; boundary=\"$boundary\"";
- my $isofile = encode_base64(encode("UTF-8", $iso2709));
- $boundary = '--' . $boundary;
- $mail{body} = <<END_OF_BODY;
-$boundary
-MIME-Version: 1.0
-Content-Type: text/plain; charset="UTF-8"
-Content-Transfer-Encoding: quoted-printable
-
+ my $THE_body = <<END_OF_BODY;
$email_header
$body
-$boundary
-Content-Type: application/octet-stream; name="basket.iso2709"
-Content-Transfer-Encoding: base64
-Content-Disposition: attachment; filename="basket.iso2709"
-
-$isofile
-$boundary--
END_OF_BODY
- # Sending mail (if not empty basket)
- if ( defined($iso2709) && sendmail %mail ) {
- # do something if it works....
- $template->param( SENT => "1" );
+ if ( !defined $iso2709 ) {
+ carp "Error sending mail: empty basket";
+ $template->param( error => 1 );
}
else {
- # do something if it doesnt work....
- carp "Error sending mail: empty basket" if !defined($iso2709);
- carp "Error sending mail: $Mail::Sendmail::error" if $Mail::Sendmail::error;
- $template->param( error => 1 );
+ try {
+ # if you want to use the KohaAdmin address as from, that is the default no need to set it
+ my $email = Koha::Email->create({
+ to => $email_add,
+ reply_to => $email_replyto,
+ subject => $subject,
+ });
+ $email->header( 'X-Abuse-Report' => C4::Context->preference('KohaAdminEmailAddress') );
+ $email->text_body( $THE_body );
+ $email->attach(
+ Encode::encode( "UTF-8", $iso2709 ),
+ content_type => 'application/octet-stream',
+ name => 'basket.iso2709',
+ disposition => 'attachment',
+ );
+ my $library = $patron->library;
+ $email->transport( $library->smtp_server->transport );
+ $email->send_or_die;
+ $template->param( SENT => "1" );
+ }
+ catch {
+ carp "Error sending mail: $_";
+ $template->param( error => 1 );
+ };
}
+
$template->param( email_add => $email_add );
- output_html_with_http_headers $query, $cookie, $template->output;
+ output_html_with_http_headers $query, $cookie, $template->output, undef, { force_no_caching => 1 };
}
else {
- $template->param( bib_list => $bib_list );
+ my $new_session_id = $cookie->value;
$template->param(
+ bib_list => $bib_list,
url => "/cgi-bin/koha/opac-sendbasket.pl",
suggestion => C4::Context->preference("suggestion"),
virtualshelves => C4::Context->preference("virtualshelves"),
+ csrf_token => Koha::Token->new->generate_csrf(
+ { session_id => $new_session_id, } ),
);
- output_html_with_http_headers $query, $cookie, $template->output;
+ output_html_with_http_headers $query, $cookie, $template->output, undef, { force_no_caching => 1 };
}
projects / srvgit / blobdiff