--- /dev/null
+if (typeof KOHA == "undefined" || !KOHA) {
+ var KOHA = {};
+}
+
+/**
+* A namespace for Tags related functions.
+* readCookie is expected to already be declared. That's why the assignment below is unscoped.
+* readCookie should be from basket.js or undefined.
+
+$.ajaxSetup({
+ url: "/cgi-bin/koha/opac-tags.pl",
+ type: "POST",
+ dataType: "script"
+});
+*/
+if (typeof(readCookie) == "undefined") {
+ readCookie = function (name) { // from http://www.quirksmode.org/js/cookies.html
+ var nameEQ = name + "=";
+ var ca = document.cookie.split(';');
+ for(var i=0;i < ca.length;i++) {
+ var c = ca[i];
+ while (c.charAt(0)==' '){ c = c.substring(1,c.length); }
+ if (c.indexOf(nameEQ) == 0){ return c.substring(nameEQ.length,c.length); }
+ }
+ return null;
+ }
+}
+KOHA.Tags = {
+ add_tag_button: function(){
+ var mybibnum = $(this).attr("title");
+ var mynewtag = "newtag" + mybibnum;
+ var mytagid = "#" + mynewtag;
+ var mydata = {CGISESSID: readCookie('CGISESSID')}; // Someday this should be OPACSESSID
+ mydata[mynewtag] = $(mytagid).val(); // need [bracket] for variable property id
+ var response; // AJAX from server will assign value to response.
+ $.post(
+ "/cgi-bin/koha/opac-tags.pl",
+ mydata,
+ function(data){
+ // alert("AJAX Response: " + data);
+ eval(data);
+ // alert("counts: " + response["added"] + response["deleted"] + response["errors"]);
+ KOHA.Tags.set_tag_status(
+ mytagid + "_status",
+ KOHA.Tags.common_status(response["added"], response["deleted"], response["errors"])
+ );
+ if (response.alerts) {
+ alert(response.alerts.join("\n\n"));
+ }
+ },
+ 'script'
+ );
+ return false;
+ },
+ common_status : function(addcount, delcount, errcount) {
+ var cstat = "";
+ if (addcount && addcount > 0) {cstat += "Added " + addcount + (addcount==1 ? " tag" : " tags") + ". " ;}
+ if (delcount && delcount > 0) {cstat += "Deleted " + delcount + (delcount==1 ? " tag" : " tags") + ". " ;}
+ if (errcount && errcount > 0) {cstat += (errcount==1 ? "ERROR" : errcount + " ERRORS") + " during operation.";}
+ return cstat;
+ },
+ set_tag_status : function(tagid, newstatus) {
+ $(tagid).html(newstatus);
+ $(tagid).css({display:"inline"});
+ },
+
+ tag_message: {
+ tagsdisabled : function(arg) {return ("Sorry, tags are not enabled on this system.");},
+ scrubbed_all_bad : function(arg) {return ("Error! Your tag was entirely markup code. It was NOT added. Please try again with plain text.");},
+ badparam : function(arg) {return ("Error! Illegal parameter '" +arg+ "'.");},
+ scrubbed : function(arg) {return ("Note: your tag contained markup code that was removed. The tag was added as '" +arg+ "'.");},
+ failed_add_tag : function(arg) {return ("Error! The add_tag operation failed on '" +arg+ "'.");},
+ failed_delete : function(arg) {return ("Error! You cannot delete the tag '" +arg+ "'. Note: you can only delete your own tags.");},
+ },
+};
+
use CGI;
use CGI::Cookie; # need to check cookies before having CGI parse the POST request
-use C4::Auth;
+use C4::Auth qw(:DEFAULT check_cookie_auth);
use C4::Context;
use C4::Debug;
use C4::Output 3.02 qw(:html :ajax pagination_bar);
my %counts = ();
my @errors = ();
+sub ajax_auth_cgi ($) { # returns CGI object
+ my $needed_flags = shift;
+ my %cookies = fetch CGI::Cookie;
+ my $input = CGI->new;
+ my $sessid = $cookies{'CGISESSID'}->value || $input->param('CGISESSID');
+ my ($auth_status, $auth_sessid) = check_cookie_auth($sessid, $needed_flags);
+ $debug and
+ print STDERR "($auth_status, $auth_sessid) = check_cookie_auth($sessid," . Dumper($needed_flags) . ")\n";
+ if ($auth_status ne "ok") {
+ output_ajax_with_http_headers $input,
+ "window.alert('Your CGI session cookie ($sessid) is not current. " .
+ "Please refresh the page and try again.');\n";
+ exit 0;
+ }
+ $debug and print STDERR "AJAX request: " . Dumper($input),
+ "\n(\$auth_status,\$auth_sessid) = ($auth_status,$auth_sessid)\n";
+ return $input;
+}
+
# The trick here is to support multiple tags added to multiple bilbios in one POST.
# The HTML might not use this, but it makes it more web-servicey from the start.
# So the name of param has to have biblionumber built in.
# For lack of anything more compelling, we just use "newtag[biblionumber]"
# We split the value into tags at comma and semicolon
+my $is_ajax = is_ajax();
my $openadds = C4::Context->preference('TagsModeration') ? 0 : 1;
-my $query = new CGI;
+my $query = ($is_ajax) ? &ajax_auth_cgi({}) : CGI->new();
unless (C4::Context->preference('TagsEnabled')) {
push @errors, {+ tagsdisabled=>1 };
} else {
}
my $add_op = (scalar(keys %newtags) + scalar(@deltags)) ? 1 : 0;
-my ($template, $loggedinuser, $cookie) = get_template_and_user({
- template_name => "opac-tags.tmpl",
- query => $query,
- type => "opac",
- authnotrequired => ($add_op ? 0 : 1), # auth required to add tags
- debug => 1,
-});
+my ($template, $loggedinuser, $cookie);
+if ($is_ajax) {
+ $loggedinuser = C4::Context->userenv->{'number'}; # must occur AFTER auth
+ $debug and print STDERR "op: $loggedinuser\n";
+} else {
+ ($template, $loggedinuser, $cookie) = get_template_and_user({
+ template_name => "opac-tags.tmpl",
+ query => $query,
+ type => "opac",
+ authnotrequired => ($add_op ? 0 : 1), # auth required to add tags
+ debug => 1,
+ });
+}
if ($add_op) {
unless ($loggedinuser) {
if ($result) {
$counts{$biblionumber}++;
} else {
+ push @errors, {failed_add_tag=>$clean_tag};
warn "add_tag($biblionumber,$clean_tag,$loggedinuser...) returned bad result ($result)";
}
}
}
}
+if ($is_ajax) {
+ my $sum = 0;
+ foreach (values %counts) {$sum += $_;}
+ my $js_reply = sprintf("response = {\n\tadded: %d,\n\tdeleted: %d,\n\terrors: %d,",$sum,$dels,scalar @errors);
+ my $err_string = '';
+ if (scalar @errors) {
+ $err_string = "\n\talerts: ["; # open response_function
+ foreach (@errors) {
+ my $key = (keys %$_)[0];
+ $err_string .= "\n\t\t KOHA.Tags.tag_message.$key(\"" . $_->{$key} . '"),';
+ }
+ $err_string .= "\n\t],\n"; # close response_function
+ }
+ output_ajax_with_http_headers($query, "$js_reply\n$err_string};");
+ exit;
+}
+
my $results = [];
my $my_tags = [];
(scalar @$my_tags) and $template->param(MY_TAGS => $my_tags);
output_html_with_http_headers $query, $cookie, $template->output;
+__END__
+
+=head1 EXAMPLE AJAX POST PARAMETERS
+
+CGISESSID 7c6288263107beb320f70f78fd767f56
+newtag396 fire,+<a+href="foobar.html">foobar</a>,+<img+src="foo.jpg"+/>
+
+So this request is trying to add 3 tags to biblio #396. The CGISESSID is the same as that the browser would
+typically communicate using cookies. If it is valid, the server will split the value of "newtag396" and
+process the components for addition. In this case the intended tags are:
+ fire
+ <a+href="foobar.html">foobar</a>
+ <img src="foo.jpg" />
+
+The first tag is acceptable. The second will be scrubbed of markup, resulting in the tag "foobar".
+The third tag is all markup, and will be rejected.
+
+=head1 EXAMPLE AJAX JSON response
+
+response = {
+ added: 2,
+ deleted: 0,
+ errors: 2,
+ alerts: [
+ KOHA.Tags.tag_message.scrubbed("foobar"),
+ KOHA.Tags.tag_message.scrubbed_all_bad("1"),
+ ],
+};
+
+=cut
projects / koha-ffzg.git / commitdiff