X-Git-Url: http://koha-dev.rot13.org:8081/gitweb/?a=blobdiff_plain;f=opac%2Filsdi.pl;h=5b105246fa491ac9df1ae20a637d5e2e77001a4c;hb=28fd57d78a69a9bb7963597ddc8ec7a70883c7e1;hp=05e7c5cf908a99fb4f0281cc014419775cd97e5c;hpb=8b9a555cc9391b841472ca11a0f48edcd4819a2f;p=koha-ffzg.git

diff --git a/opac/ilsdi.pl b/opac/ilsdi.pl
index 05e7c5cf90..5b105246fa 100755
--- a/opac/ilsdi.pl
+++ b/opac/ilsdi.pl
@@ -20,25 +20,26 @@
 use Modern::Perl;
 
 use C4::ILSDI::Services;
-use C4::Auth;
-use C4::Output;
+use C4::Auth qw( get_template_and_user );
+use C4::Output qw( output_html_with_http_headers );
 use C4::Context;
 
-use List::MoreUtils qw(any);
-use XML::Simple;
+use List::MoreUtils qw( any );
+use XML::Simple qw( XMLout );
 use CGI qw ( -utf8 );
+use Net::Netmask;
 
 =head1 DLF ILS-DI for Koha
 
 This script is a basic implementation of ILS-DI protocol for Koha.
 It acts like a dispatcher, that get the CGI request, check required and 
-optionals arguments, call a function from C4::ILS-DI, and finaly
+optionals arguments, call a function from C4::ILS-DI, and finally
 outputs the returned hashref as XML.
 
 =cut
 
 # Instanciate the CGI request
-my $cgi = new CGI;
+my $cgi = CGI->new;
 
 # List of available services, sorted by level
 my @services = (
@@ -47,7 +48,7 @@ my @services = (
     #	Level 1: Basic Discovery Interfaces
     #	'HarvestBibliographicRecords',       # OAI-PMH
     #	'HarvestExpandedRecords',            # OAI-PMH
-    'GetAvailability',    # FIXME Add bibbliographic level
+    'GetAvailability',    # FIXME Add bibliographic level
 
     #	'GoToBibliographicRequestPage'       # I don't understant this one
     #	Level 2: Elementary OPAC supplement
@@ -99,17 +100,17 @@ my %required = (
 # List of optional arguments
 my %optional = (
     'Describe'            => [],
-    'GetAvailability'     => [ 'return_type', 'return_fmt' ],
+    'GetAvailability'     => [ 'return_type', 'return_fmt', 'language' ],
     'GetRecords'          => ['schema'],
     'GetAuthorityRecords' => ['schema'],
     'LookupPatron'        => ['id_type'],
     'AuthenticatePatron'  => [],
-    'GetPatronInfo'       => [ 'show_contact', 'show_fines', 'show_holds', 'show_loans' ],
+    'GetPatronInfo'       => [ 'show_contact', 'show_fines', 'show_holds', 'show_loans', 'loans_per_page', 'loans_page', 'show_attributes' ],
     'GetPatronStatus'     => [],
     'GetServices'         => [],
     'RenewLoan'           => ['desired_due_date'],
-    'HoldTitle'  => [ 'pickup_location', 'needed_before_date', 'pickup_expiry_date' ],
-    'HoldItem'   => [ 'pickup_location', 'needed_before_date', 'pickup_expiry_date' ],
+    'HoldTitle'  => [ 'pickup_location', 'start_date', 'expiry_date' ],
+    'HoldItem'   => [ 'pickup_location', 'start_date', 'expiry_date' ],
     'CancelHold' => [],
 );
 
@@ -120,24 +121,30 @@ unless ( $cgi->param('service') ) {
             query           => $cgi,
             type            => "opac",
             authnotrequired => 1,
-            debug           => 1,
         }
     );
     output_html_with_http_headers $cgi, $cookie, $template->output;
     exit 0;
 }
 
+# Set the userenv
+C4::Context->_new_userenv( 'ILSDI_'.time() );
+C4::Context->set_userenv(
+    undef, undef, undef, 'ILSDI', 'ILSDI',
+    undef, undef, undef, undef, undef,
+);
+C4::Context->interface('opac');
+
 # If user requested a service description, then display it
-if ( $cgi->param('service') eq "Describe" and any { $cgi->param('verb') eq $_ } @services ) {
+if ( scalar $cgi->param('service') eq "Describe" and any { scalar $cgi->param('verb') eq $_ } @services ) {
     my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
         {   template_name   => "ilsdi.tt",
             query           => $cgi,
             type            => "opac",
             authnotrequired => 1,
-            debug           => 1,
         }
     );
-    $template->param( $cgi->param('verb') => 1 );
+    $template->param( scalar $cgi->param('verb') => 1 );
     output_html_with_http_headers $cgi, $cookie, $template->output;
     exit 0;
 }
@@ -155,12 +162,20 @@ unless ( C4::Context->preference('ILS-DI') ) {
 }
 
 # If the remote address is not allowed, redirect to 403
-my @AuthorizedIPs = split(/,/, C4::Context->preference('ILS-DI:AuthorizedIPs'));
-if ( @AuthorizedIPs # If no filter set, allow access to everybody
-    and not any { $ENV{'REMOTE_ADDR'} eq $_ } @AuthorizedIPs # IP Check
-    ) {
-    $out->{'code'} = "NotAllowed";
-    $out->{'message'} = "Unauthorized IP address: ".$ENV{'REMOTE_ADDR'}.".";
+my @AuthorizedIPs = split( /,/, C4::Context->preference('ILS-DI:AuthorizedIPs') );
+if (@AuthorizedIPs) {    # If no filter set, allow access to everybody
+    my $authorized = 0;
+    foreach my $ip (@AuthorizedIPs) {
+        my $netmask = Net::Netmask->new2($ip);
+        if ( $netmask && $netmask->match( $ENV{REMOTE_ADDR} ) ) {
+            $authorized = 1;
+            last;
+        }
+    }
+    unless ($authorized) {
+        $out->{'code'} = "NotAllowed";
+        $out->{'message'} = "Unauthorized IP address: $ENV{REMOTE_ADDR}.";
+    }
 }
 
 my $service = $cgi->param('service') || "ilsdi";
@@ -171,7 +186,7 @@ if ( $service and any { $service eq $_ } @services ) {
     my @parmsrequired = @{ $required{$service} };
     my @parmsoptional = @{ $optional{$service} };
     my @parmsall      = ( @parmsrequired, @parmsoptional );
-    my @names         = $cgi->param;
+    my @names         = $cgi->multi_param;
     my %paramhash;
     $paramhash{$_} = 1 for @names;
 
@@ -199,7 +214,7 @@ if ( $service and any { $service eq $_ } @services ) {
 
     # check for multiple parameters
     for ( @names ) {
-        my @values = $cgi->param($_);
+        my @values = $cgi->multi_param($_);
         if ( $#values != 0 ) {
             $out->{'code'} = "MultipleValuesNotAllowed";
             $out->{'message'} = "Multiple values not allowed for the parameter ".$_.".";