X-Git-Url: http://koha-dev.rot13.org:8081/gitweb/?a=blobdiff_plain;f=reports%2Fborrowers_out.pl;h=50c73b0dcbed7ba5ca9e2373d5076999f629de66;hb=13ca4962068b184f803b6588e53e39209a77f2b6;hp=722faba29e5daa5a366eeebc2187e6e27bd0953f;hpb=a598b100613a37dc2710090cb381dce56eae2f26;p=koha-ffzg.git

diff --git a/reports/borrowers_out.pl b/reports/borrowers_out.pl
index 722faba29e..50c73b0dcb 100755
--- a/reports/borrowers_out.pl
+++ b/reports/borrowers_out.pl
@@ -4,23 +4,23 @@
 #
 # This file is part of Koha.
 #
-# Koha is free software; you can redistribute it and/or modify it under the
-# terms of the GNU General Public License as published by the Free Software
-# Foundation; either version 2 of the License, or (at your option) any later
-# version.
+# Koha is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
 #
-# Koha is distributed in the hope that it will be useful, but WITHOUT ANY
-# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
-# A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
+# Koha is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
 #
-# You should have received a copy of the GNU General Public License along
-# with Koha; if not, write to the Free Software Foundation, Inc.,
-# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+# You should have received a copy of the GNU General Public License
+# along with Koha; if not, see <http://www.gnu.org/licenses>.
 
 use strict;
 use warnings;
 
-use CGI;
+use CGI qw ( -utf8 );
 use C4::Auth;
 use C4::Context;
 use C4::Koha;
@@ -28,25 +28,29 @@ use C4::Output;
 use C4::Circulation;
 use C4::Reports;
 use C4::Members;
-use C4::Dates qw/format_date_in_iso/;
+
+use Koha::DateUtils;
+use Koha::Patron::Categories;
 
 =head1 NAME
 
-plugin that shows a stats on borrowers
+reports/borrowers_out.pl
 
 =head1 DESCRIPTION
 
-=over 2
+Plugin that shows a stats on borrowers
 
 =cut
 
 my $input = new CGI;
 my $do_it=$input->param('do_it');
-my $fullreportname = "reports/borrowers_out.tmpl";
+my $fullreportname = "reports/borrowers_out.tt";
 my $limit = $input->param("Limit");
 my $column = $input->param("Criteria");
-my @filters = $input->param("Filter");
-$filters[1] = format_date_in_iso($filters[1]) if $filters[1];
+my @filters = $input->multi_param("Filter");
+$filters[1] = eval { output_pref( { dt => dt_from_string( $filters[1]), dateonly => 1, dateformat => 'iso' } ); }
+    if ( $filters[1] );
+
 my $output = $input->param("output");
 my $basename = $input->param("basename");
 our $sep     = $input->param("sep") || '';
@@ -60,7 +64,6 @@ my ($template, $borrowernumber, $cookie)
                 debug => 1,
                 });
 $template->param(do_it => $do_it,
-        DHTMLcalendar_dateformat => C4::Dates->DHTMLcalendar(),
         );
 if ($do_it) {
 # Displaying results
@@ -113,27 +116,14 @@ if ($do_it) {
     my %select;
     my $req;
     
-    my $CGIextChoice=CGI::scrolling_list(
-                -name     => 'MIME',
-                -id       => 'MIME',
-                -values   => ['CSV'], # FIXME translation
-                -size     => 1,
-                -multiple => 0 );
-    
+    my $CGIextChoice = ( 'CSV' ); # FIXME translation
 	my $CGIsepChoice = GetDelimiterChoices;
-    
-    my ($codes,$labels) = GetborCatFromCatType(undef,undef);
-    my @borcatloop;
-    foreach my $thisborcat (sort keys %$labels) {
-            my %row =(value => $thisborcat,
-                                    description => $labels->{$thisborcat},
-                            );
-            push @borcatloop, \%row;
-    }
+
+    my $patron_categories = Koha::Patron::Categories->search_limited({}, {order_by => ['categorycode']});
     $template->param(
                     CGIextChoice => $CGIextChoice,
                     CGIsepChoice => $CGIsepChoice,
-                    borcatloop =>\@borcatloop,
+                    patron_categories => $patron_categories,
                     );
 output_html_with_http_headers $input, $cookie, $template->output;
 }
@@ -181,17 +171,19 @@ sub calculate {
         $colorder .= $column;
         
         my $strsth2;
-        $strsth2 .= "select distinct $colfield FROM borrowers WHERE 1";
-        if ($colfilter[0]) {
+        $strsth2 .= "select distinct " . $dbh->quote($colfield) . " FROM borrowers WHERE 1";
+        my @query_args;
+        if ( $colfilter[0] ) {
             $colfilter[0] =~ s/\*/%/g;
-            $strsth2 .= " and $column LIKE '$colfilter[0]' " ;
+            $strsth2 .= " and " . $dbh->quote($column) . "LIKE ?" ;
+            push @query_args, $colfilter[0];
         }
-        $strsth2 .=" group by $colfield";
-        $strsth2 .=" order by $colorder";
+        $strsth2 .=" group by " . $dbh->quote($colfield);
+        $strsth2 .=" order by " . $dbh->quote($colorder);
         # warn "". $strsth2;
         
         my $sth2 = $dbh->prepare( $strsth2 );
-        $sth2->execute;
+        $sth2->execute( @query_args );
         while (my ($celvalue) = $sth2->fetchrow) {
             my %cell;
     #		my %ft;
@@ -224,21 +216,30 @@ sub calculate {
     
 # Processing calculation
     $strcalc .= "SELECT CONCAT( borrowers.surname , \"\\t\",borrowers.firstname, \"\\t\", borrowers.cardnumber)";
-    $strcalc .= " , $colfield " if ($colfield);
+    $strcalc .= " , " . $dbh->quote($colfield) if ($colfield);
     $strcalc .= " FROM borrowers ";
     $strcalc .= "WHERE 1 ";
-    @$filters[0]=~ s/\*/%/g if (@$filters[0]);
-    $strcalc .= " AND borrowers.categorycode like '" . @$filters[0] ."'" if ( @$filters[0] );
-
+    my @query_args;
+    if ( @$filters[0] ) {
+        @$filters[0]=~ s/\*/%/g;
+        $strcalc .= " AND borrowers.categorycode like ?";
+        push @query_args, @$filters[0];
+    }
     $strcalc .= " AND NOT EXISTS (SELECT * FROM issues WHERE issues.borrowernumber=borrowers.borrowernumber ";
-    $strcalc .= " AND issues.timestamp> '" . @$filters[1] . "'" if (@$filters[1]);
+    if ( @$filters[1] ) {
+        $strcalc .= " AND issues.timestamp > ?";
+        push @query_args, @$filters[1];
+    }
     $strcalc .= ") ";
     $strcalc .= " AND NOT EXISTS (SELECT * FROM old_issues WHERE old_issues.borrowernumber=borrowers.borrowernumber ";
-    $strcalc .= " AND old_issues.timestamp> '" . @$filters[1] . "'" if (@$filters[1]);
+    if ( @$filters[1] ) {
+        $strcalc .= " AND old_issues.timestamp > ?";
+        push @query_args, @$filters[1];
+    }
     $strcalc .= ") ";
     $strcalc .= " group by borrowers.borrowernumber";
-    $strcalc .= ", $colfield" if ($column);
-    $strcalc .= " order by $colfield " if ($colfield);
+    $strcalc .= ", " . $dbh->quote($colfield) if ($column);
+    $strcalc .= " order by " . $dbh->quote($colfield) if ($colfield);
     my $max;
     if ($line) {
         if (@loopcol) {
@@ -248,7 +249,7 @@ sub calculate {
      } 
     
     my $dbcalc = $dbh->prepare($strcalc);
-    $dbcalc->execute;
+    $dbcalc->execute( @query_args );
 # 	warn "filling table";
     my $previous_col;
     $i=1;