X-Git-Url: http://koha-dev.rot13.org:8081/gitweb/?a=blobdiff_plain;f=tags%2Freview.pl;h=353e74199475e69a8fb63277a52773eb5212e930;hb=d10513dfc0d47846fdb874b0a62ce9c8c7107644;hp=c687034065d3e5f0e398b02896ae76e9eb03382e;hpb=bc297e0b724b7da255b06bb6a46e006c052cfd24;p=srvgit

diff --git a/tags/review.pl b/tags/review.pl
index c687034065..353e741994 100755
--- a/tags/review.pl
+++ b/tags/review.pl
@@ -6,49 +6,48 @@
 #
 # This file is part of Koha.
 #
-# Koha is free software; you can redistribute it and/or modify it under the
-# terms of the GNU General Public License as published by the Free Software
-# Foundation; either version 2 of the License, or (at your option) any later
-# version.
+# Koha is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
 #
-# Koha is distributed in the hope that it will be useful, but WITHOUT ANY
-# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
-# A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
+# Koha is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
 #
-# You should have received a copy of the GNU General Public License along with
-# Koha; if not, write to the Free Software Foundation, Inc., 59 Temple Place,
-# Suite 330, Boston, MA  02111-1307 USA
+# You should have received a copy of the GNU General Public License
+# along with Koha; if not, see <http://www.gnu.org/licenses>.
 
-use warnings;
-use strict;
+use Modern::Perl;
 use Data::Dumper;
 use POSIX;
-use CGI;
+use CGI qw ( -utf8 );
 use CGI::Cookie; # need to check cookies before having CGI parse the POST request
-
+use URI::Escape;
 use C4::Auth qw(:DEFAULT check_cookie_auth);
 use C4::Context;
-use C4::Dates qw(format_date format_date_in_iso);
+use Koha::DateUtils;
 # use C4::Koha;
-use C4::Output 3.02 qw(:html :ajax pagination_bar);
+use C4::Output qw(:html :ajax pagination_bar);
 use C4::Debug;
-use C4::Tags 0.03 qw(get_tags get_approval_rows approval_counts whitelist blacklist is_approved);
+use C4::Tags qw(get_tags get_approval_rows approval_counts whitelist blacklist is_approved);
 
 my $script_name = "/cgi-bin/koha/tags/review.pl";
-my $needed_flags = { tools => 'moderate_comments' };	# FIXME: replace when more specific permission is created.
+my $needed_flags = { tools => 'moderate_tags' };	# FIXME: replace when more specific permission is created.
 
 sub ajax_auth_cgi ($) {		# returns CGI object
 	my $needed_flags = shift;
-	my %cookies = fetch CGI::Cookie;
+    my %cookies = CGI::Cookie->fetch;
 	my $input = CGI->new;
-	my $sessid = $cookies{'CGISESSID'}->value || $input->param('CGISESSID');
+    my $sessid = $cookies{'CGISESSID'}->value;
 	my ($auth_status, $auth_sessid) = check_cookie_auth($sessid, $needed_flags);
 	$debug and
 	print STDERR "($auth_status, $auth_sessid) = check_cookie_auth($sessid," . Dumper($needed_flags) . ")\n";
 	if ($auth_status ne "ok") {
-		output_ajax_with_http_headers $input,
+		output_with_http_headers $input, undef,
 			"window.alert('Your CGI session cookie ($sessid) is not current.  " . 
-			"Please refresh the page and try again.');\n";
+			"Please refresh the page and try again.');\n", 'js';
 		exit 0;
 	}
 	$debug and print STDERR "AJAX request: " . Dumper($input),
@@ -63,45 +62,51 @@ if (is_ajax()) {
 	my ($tag, $js_reply);
 	if ($tag = $input->param('test')) {
 		my $check = is_approved($tag);
-		$js_reply = ( $check >=  1 ? 'success' :
-					  $check <= -1 ? 'failure' : 'indeterminate' ) . "_test('$tag');\n";
+        $js_reply = ( $check >=  1 ? 'success' : $check <= -1 ? 'failure' : 'indeterminate' ) . "_test('".uri_escape_utf8($tag)."');\n";
 	}
 	if ($tag = $input->param('ok')) {
-		$js_reply = (   whitelist($operator,$tag) ? 'success' : 'failure') . "_approve('$tag');\n";
+        $js_reply = (   whitelist($operator,$tag) ? 'success' : 'failure') . "_approve('".uri_escape_utf8($tag)."');\n";
 	} 
 	if ($tag = $input->param('rej')) {
-		$js_reply = (   blacklist($operator,$tag) ? 'success' : 'failure')  . "_reject('$tag');\n";
+        $js_reply = (   blacklist($operator,$tag) ? 'success' : 'failure')  . "_reject('".uri_escape_utf8($tag)."');\n";
 	}
-	output_ajax_with_http_headers $input, $js_reply;
+	output_with_http_headers $input, undef, $js_reply, 'js';
 	exit;
 }
 
 ### Below is the sad, boring, necessary non-AJAX HTML code.
 
 my $input = CGI->new;
-my ($template, $borrowernumber, $cookie) = get_template_and_user({
-		template_name => "tags/review.tmpl",
-		query => $input,
-		 type => "intranet",
-		debug => 1,
-		authnotrequired => 0,
-	 	  flagsrequired => $needed_flags,
-});
+my ($template, $borrowernumber, $cookie) = get_template_and_user(
+    {
+        template_name   => "tags/review.tt",
+        query           => $input,
+        type            => "intranet",
+        debug           => 1,
+        authnotrequired => 0,
+        flagsrequired   => $needed_flags,
+    }
+);
 
 my ($op, @errors, @tags);
-$op   = $input->param('op') || 'none';
-@tags = $input->param('tags');
+
+foreach (qw( approve reject test )) {
+    $op = $_ if ( $input->param("op-$_") );
+}
+$op ||= 'none';
+
+@tags = $input->multi_param('tags');
 
 $borrowernumber == 0 and push @errors, {op_zero=>1};
-     if (lc($op) eq 'approve') {
+     if ($op eq 'approve') {
 	foreach (@tags) {
 	 	whitelist($borrowernumber,$_) or push @errors, {failed_ok=>$_};
 	}
-} elsif (lc($op) eq 'reject' ) {
+} elsif ($op eq 'reject' ) {
 	foreach (@tags) {
 	 	blacklist($borrowernumber,$_) or push @errors, {failed_rej=>$_};
 	}
-} elsif (lc($op) eq 'test'   ) {
+} elsif ($op eq 'test'   ) {
 	my $tag = $input->param('test');
 	push @tags, $tag;
 	my $check = is_approved($tag);
@@ -162,7 +167,8 @@ if ($filter = $input->param('tag')) {
 	$filters{term} = $filter;
 }
 if ($filter = $input->param('from')) {
-	if ($date_from = format_date_in_iso($filter)) {
+        $date_from = eval { output_pref( { dt => dt_from_string( $filter ), dateonly => 1, dateformat => 'iso' } ); };
+        if ( $date_from ) {
 		$template->param(filter_date_approved_from=>$filter);
 		$filters{date_approved} = ">=$date_from";
 	} else {
@@ -170,7 +176,8 @@ if ($filter = $input->param('from')) {
 	}
 }
 if ($filter = $input->param('to')) {
-	if ($date_to = format_date_in_iso($filter)) {
+        $date_to = eval { output_pref( { dt => dt_from_string( $filter ), dateonly => 1, dateformat => 'iso' } ); };
+        if ( $date_to ) {
 		$template->param(filter_date_approved_to=>$filter);
 		$filters{date_approved} = "<=$date_to";
 	} else {
@@ -178,11 +185,12 @@ if ($filter = $input->param('to')) {
 	}
 }
 if ($filter = $input->param('approver')) {		# name (or borrowernumber) from input box
-	if (($filter =~ /^\d+$/ and $filter > 0) or
-		(1) ){	# $filter=get borrowernumber from name
+	if ($filter =~ /^\d+$/ and $filter > 0) {
+		# $filter=get borrowernumber from name
+		# FIXME: get borrowernumber from name not implemented.
 		$template->param(filter_approver=>$filter);
 		$filters{approved_by} = $filter;
-	# } else {
+	} else {
 		push @errors, {approver=>$filter};
 	}
 }
@@ -203,9 +211,8 @@ $qstring = "limit=$pagesize" . ($qstring ? '&amp;' . $qstring : '');
 $debug and print STDERR "number of approval_rows: " . scalar(@$tagloop) . "rows\n";
 (scalar @errors) and $template->param(message_loop=>\@errors);
 $template->param(
-	DHTMLcalendar_dateformat => C4::Dates->DHTMLcalendar(),
 	offset => $offset,	# req'd for EXPR
-	op => lc($op),
+	op => $op,
 	op_count => scalar(@tags),
 	script_name => $script_name,
 	approved => 0,		# dummy value (also EXPR)