X-Git-Url: http://koha-dev.rot13.org:8081/gitweb/?a=blobdiff_plain;f=offline_circ%2Fservice.pl;h=771d4594f8fe6b0d1d4e0a72998d76ec1fdd2739;hb=bab96c3f22921d2f6438b5e612866b4cea120240;hp=8d1dd5ff3d2c554ec8e7c211d2b7676e6f4a7f47;hpb=e07b36dd901aa55d41d1a7367fcffcbc2f147c41;p=koha_fer

diff --git a/offline_circ/service.pl b/offline_circ/service.pl
index 8d1dd5ff3d..771d4594f8 100755
--- a/offline_circ/service.pl
+++ b/offline_circ/service.pl
@@ -13,11 +13,14 @@
 # WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
 # A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
 #
-# You should have received a copy of the GNU General Public License along with
-# Koha; if not, write to the Free Software Foundation, Inc., 59 Temple Place,
-# Suite 330, Boston, MA  02111-1307 USA
+# You should have received a copy of the GNU General Public License along
+# with Koha; if not, write to the Free Software Foundation, Inc.,
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 #
 
+use strict;
+use warnings;
+
 use CGI;
 use C4::Auth;
 use C4::Circulation;
@@ -26,31 +29,47 @@ my $cgi = CGI->new;
 
 # get the status of the user, this will check his credentials and rights
 my ($status, $cookie, $sessionId) = C4::Auth::check_api_auth($cgi, undef);
+($status, $sessionId) = C4::Auth::check_cookie_auth($cgi, undef) if ($status ne 'ok');
 
 my $result;
 
 if ($status eq 'ok') { # if authentication is ok
-	if ( $cgi->param('pending') eq 'true' ) { # if the 'pending' flag is true, we store the operation in the db instead of directly processing them
-		$result = AddOfflineOperation(
-	        $cgi->param('userid')     || '',
-            $cgi->param('branchcode') || '',
-            $cgi->param('timestamp')  || '',
-            $cgi->param('action')     || '',
-            $cgi->param('barcode')    || '',
-            $cgi->param('cardnumber') || '',
-		);
-	} else {
-		$result = ProcessOfflineOperation(
+
+    my $userid     = $cgi->param('userid')     || '';
+    my $branchcode = $cgi->param('branchcode') || '';
+    my $timestamp  = $cgi->param('timestamp')  || '';
+    my $action     = $cgi->param('action')     || '';
+    my $barcode    = $cgi->param('barcode')    || '';
+    my $amount     = $cgi->param('amount')     || 0;
+    $barcode    =~ s/^\s+//;
+    $barcode    =~ s/\s+$//;
+    my $cardnumber = $cgi->param('cardnumber') || '';
+    $cardnumber =~ s/^\s+//;
+    $cardnumber =~ s/\s+$//;
+
+    if ( $cgi->param('pending') eq 'true' ) { # if the 'pending' flag is true, we store the operation in the db instead of directly processing them
+        $result = AddOfflineOperation(
+            $userid,
+            $branchcode,
+            $timestamp,
+            $action,
+            $barcode,
+            $cardnumber,
+            $amount
+        );
+    } else {
+        $result = ProcessOfflineOperation(
             {
-                'userid'      => $cgi->param('userid'),
-                'branchcode'  => $cgi->param('branchcode'),
-                'timestamp'   => $cgi->param('timestamp'),
-                'action'      => $cgi->param('action'),
-                'barcode'     => $cgi->param('barcode'),
-                'cardnumber'  => $cgi->param('cardnumber'),
+                'userid'      => $userid,
+                'branchcode'  => $branchcode,
+                'timestamp'   => $timestamp,
+                'action'      => $action,
+                'barcode'     => $barcode,
+                'cardnumber'  => $cardnumber,
+                'amount'      => $amount
             }
-		);
-	}
+        );
+    }
 } else {
     $result = "Authentication failed."
 }