=cut
+my $SERCH_HISTORY_INSERT_SQL =<<EOQ;
+INSERT INTO search_history(userid, sessionid, query_desc, query_cgi, total, time )
+VALUES ( ?, ?, ?, ?, ?, FROM_UNIXTIME(?))
+EOQ
sub get_template_and_user {
my $in = shift;
my $template =
# And if there's a cookie with searches performed when the user was not logged in,
# we add them to the logged-in search history
- my @recentSearches;
my $searchcookie = $in->{'query'}->cookie('KohaOpacRecentSearches');
if ($searchcookie){
$searchcookie = uri_unescape($searchcookie);
- if (thaw($searchcookie)) {
- @recentSearches = @{thaw($searchcookie)};
- }
-
- if (@recentSearches > 0) {
- my $query = "INSERT INTO search_history(userid, sessionid, query_desc, query_cgi, total, time) VALUES";
- my $icount = 1;
- foreach my $asearch (@recentSearches) {
- $query .= "(";
- $query .= $borrowernumber . ", ";
- $query .= '"' . $in->{'query'}->cookie("CGISESSID") . "\", ";
- $query .= '"' . $asearch->{'query_desc'} . "\", ";
- $query .= '"' . $asearch->{'query_cgi'} . "\", ";
- $query .= $asearch->{'total'} . ", ";
- $query .= 'FROM_UNIXTIME(' . $asearch->{'time'} . "))";
- if ($icount < @recentSearches) { $query .= ", ";}
- $icount++;
- }
-
- my $sth = $dbh->prepare($query);
- $sth->execute;
+ my @recentSearches = @{thaw($searchcookie) || []};
+ if (@recentSearches) {
+ my $sth = $dbh->prepare($SERCH_HISTORY_INSERT_SQL);
+ $sth->execute( $borrowernumber,
+ $in->{'query'}->cookie("CGISESSID"),
+ $_->{'query_desc'},
+ $_->{'query_cgi'},
+ $_->{'total'},
+ $_->{'time'},
+ ) foreach @recentSearches;
# And then, delete the cookie's content
my $newsearchcookie = $in->{'query'}->cookie(
}
# Anonymous opac search history
# If opac search history is enabled and at least one search has already been performed
- if (C4::Context->preference('EnableOpacSearchHistory') && $in->{'query'}->cookie('KohaOpacRecentSearches')) {
+ if (C4::Context->preference('EnableOpacSearchHistory')) {
+ my $searchcookie = $in->{'query'}->cookie('KohaOpacRecentSearches');
+ if ($searchcookie){
+ $searchcookie = uri_unescape($searchcookie);
+ my @recentSearches = @{thaw($searchcookie) || []};
# We show the link in opac
- if (thaw(uri_unescape($in->{'query'}->cookie('KohaOpacRecentSearches')))) {
- my @recentSearches = @{thaw(uri_unescape($in->{'query'}->cookie('KohaOpacRecentSearches')))};
- if (@recentSearches > 0) {
+ if (@recentSearches) {
$template->param(ShowOpacRecentSearchLink => 1);
}
}
<form action="<!-- TMPL_VAR NAME="url" -->" method="post" name="loginform" id="loginform">
<input type="hidden" name="koha_login_context" value="intranet" />
<!-- TMPL_LOOP NAME="INPUTS" -->
- <input type="hidden" name="<!-- TMPL_VAR NAME="name" -->" value="<!-- TMPL_VAR NAME="value" ESCAPE="html" -->" />
+ <input type="hidden" name="<!-- TMPL_VAR ESCAPE=HTML NAME="name" -->" value="<!-- TMPL_VAR NAME="value" ESCAPE="html" -->" />
<!-- /TMPL_LOOP -->
<p><label for="userid">Username:</label>
<input type="text" name="userid" id="userid" class="input focus" value="<!-- TMPL_VAR NAME="userid" -->" size="20" tabindex="1" />
<form action="/cgi-bin/koha/catalogue/search.pl" method="get" id="sortbyform">
<!-- TMPL_IF NAME="searchdesc" -->
<!-- TMPL_LOOP NAME="QUERY_INPUTS"-->
- <input type="hidden" name="<!-- TMPL_VAR NAME="input_name" -->" value="<!-- TMPL_VAR NAME="input_value" -->"/>
+ <input type="hidden" name="<!-- TMPL_VAR ESCAPE=HTML NAME="input_name" -->" value="<!-- TMPL_VAR ESCAPE=HTML NAME="input_value" -->"/>
<!-- /TMPL_LOOP -->
<!-- TMPL_LOOP NAME="LIMIT_INPUTS"-->
- <input type="hidden" name="<!-- TMPL_VAR NAME="input_name" -->" value="<!-- TMPL_VAR NAME="input_value" -->"/>
+ <input type="hidden" name="<!-- TMPL_VAR ESCAPE=HTML NAME="input_name" -->" value="<!-- TMPL_VAR ESCAPE=HTML NAME="input_value" -->"/>
<!-- /TMPL_LOOP -->
<!-- /TMPL_IF -->
<!-- RE-SORT START -->
<form action="/cgi-bin/koha/catalogue/search.pl" method="get" name="bookbag_form" id="bookbag_form">
<!-- TMPL_IF NAME="searchdesc" -->
<!-- TMPL_LOOP NAME="QUERY_INPUTS"-->
- <input type="hidden" name="<!-- TMPL_VAR NAME="input_name" -->" value="<!-- TMPL_VAR NAME="input_value" -->"/>
+ <input type="hidden" name="<!-- TMPL_VAR ESCAPE=HTML NAME="input_name" -->" value="<!-- TMPL_VAR ESCAPE=HTML NAME="input_value" -->"/>
<!-- /TMPL_LOOP -->
<!-- TMPL_LOOP NAME="LIMIT_INPUTS"-->
- <input type="hidden" name="<!-- TMPL_VAR NAME="input_name" -->" value="<!-- TMPL_VAR NAME="input_value" -->"/>
+ <input type="hidden" name="<!-- TMPL_VAR ESCAPE=HTML NAME="input_name" -->" value="<!-- TMPL_VAR ESCAPE=HTML NAME="input_value" -->"/>
<!-- /TMPL_LOOP -->
<!-- /TMPL_IF -->
</tr>
<!-- /TMPL_LOOP -->
</table>
-<p><a class="button" href="search.pl?<!-- TMPL_LOOP NAME="FORMINPUTS" --><!-- TMPL_VAR NAME="line" -->&<!-- /TMPL_LOOP -->startfrom=<!-- TMPL_VAR NAME="prevstartfrom" -->">Previous Records</a> <a class="button" href="search.pl?<!-- TMPL_LOOP NAME="FORMINPUTS" --><!-- TMPL_VAR NAME="line" -->&<!-- /TMPL_LOOP -->startfrom=<!-- TMPL_VAR NAME="nextstartfrom" -->">Next Records</a></p>
+<p><a class="button" href="search.pl?<!-- TMPL_LOOP NAME="FORMINPUTS" --><!-- TMPL_VAR ESCAPE=URL NAME="line" -->&<!-- /TMPL_LOOP -->startfrom=<!-- TMPL_VAR NAME="prevstartfrom" -->">Previous Records</a> <a class="button" href="search.pl?<!-- TMPL_LOOP NAME="FORMINPUTS" --><!-- TMPL_VAR NAME="line" -->&<!-- /TMPL_LOOP -->startfrom=<!-- TMPL_VAR NAME="nextstartfrom" -->">Next Records</a></p>
</div>
<!-- TMPL_INCLUDE NAME="cat-menu.inc" -->
</div>
</div>
-<!-- TMPL_INCLUDE NAME="intranet-bottom.inc" -->
\ No newline at end of file
+<!-- TMPL_INCLUDE NAME="intranet-bottom.inc" -->
<!-- login prompt time-->
<form action="<!-- TMPL_VAR NAME="url" -->" method="post" name="mainform" id="mainform">
<!-- TMPL_LOOP NAME="INPUTS" -->
- <input type="hidden" name="<!-- TMPL_VAR NAME="name" -->" value="<!-- TMPL_VAR NAME="value" -->" />
+ <input type="hidden" name="<!-- TMPL_VAR ESCAPE=HTML NAME="name" -->" value="<!-- TMPL_VAR ESCAPE=HTML NAME="value" -->" />
<!-- /TMPL_LOOP -->
<h3>Welcome to the Koha Web Installer</h3>
<p>Before we begin, please verify you have the correct credentials to continue. Please log in
<form action="<!-- TMPL_VAR NAME="url" -->" name="auth" id="auth" method="post">
<input type="hidden" name="koha_login_context" value="opac" />
<fieldset class="brief"><!-- TMPL_LOOP NAME="INPUTS" -->
- <input type="hidden" name="<!-- TMPL_VAR NAME="name" -->" value="<!-- TMPL_VAR NAME="value" -->" />
+ <input type="hidden" name="<!-- TMPL_VAR ESCAPE=HTML NAME="name" -->" value="<!-- TMPL_VAR ESCAPE=HTML NAME="value" -->" />
<!-- /TMPL_LOOP -->
<ol>
<li><label for="userid">Login</label>
<form action="/cgi-bin/koha/opac-search.pl" method="get" name="bookbag_form" id="bookbag_form">
<!-- TMPL_IF NAME="searchdesc" -->
<!-- TMPL_LOOP NAME="QUERY_INPUTS"-->
- <input type="hidden" name="<!-- TMPL_VAR NAME="input_name" -->" value="<!-- TMPL_VAR NAME="input_value" -->"/>
+ <input type="hidden" name="<!-- TMPL_VAR ESCAPE=HTML NAME="input_name" -->" value="<!-- TMPL_VAR ESCAPE=HTML NAME="input_value" -->"/>
<!-- /TMPL_LOOP -->
<!-- TMPL_LOOP NAME="LIMIT_INPUTS"-->
- <input type="hidden" name="<!-- TMPL_VAR NAME="input_name" -->" value="<!-- TMPL_VAR NAME="input_value" -->"/>
+ <input type="hidden" name="<!-- TMPL_VAR ESCAPE=HTML NAME="input_name" -->" value="<!-- TMPL_VAR ESCAPE=HTML NAME="input_value" -->"/>
<!-- /TMPL_LOOP -->
<!-- /TMPL_IF -->
<form action="/cgi-bin/koha/opac-search.pl" method="get" name="bookbag_form" id="bookbag_form">
<!-- TMPL_IF NAME="searchdesc" -->
<!-- TMPL_LOOP NAME="QUERY_INPUTS"-->
- <input type="hidden" name="<!-- TMPL_VAR NAME="input_name" -->" value="<!-- TMPL_VAR NAME="input_value" -->"/>
+ <input type="hidden" name="<!-- TMPL_VAR ESCAPE=HTML NAME="input_name" -->" value="<!-- TMPL_VAR ESCAPE=HTML NAME="input_value" -->"/>
<!-- /TMPL_LOOP -->
<!-- TMPL_LOOP NAME="LIMIT_INPUTS"-->
- <input type="hidden" name="<!-- TMPL_VAR NAME="input_name" -->" value="<!-- TMPL_VAR NAME="input_value" -->"/>
+ <input type="hidden" name="<!-- TMPL_VAR ESCAPE=HTML NAME="input_name" -->" value="<!-- TMPL_VAR ESCAPE=HTML NAME="input_value" -->"/>
<!-- /TMPL_LOOP -->
<!-- /TMPL_IF -->
<fieldset class="checkout"><label for="patronid">Please enter your card number:</label>
<input type="text" id="patronid" class="focus" size="20" name="patronid" />
- <!-- TMPL_LOOP NAME="INPUTS" --><input type="hidden" name="<!-- TMPL_VAR NAME="name" -->" value="<!-- TMPL_VAR NAME="value" -->"><!-- /TMPL_LOOP -->
+ <!-- TMPL_LOOP NAME="INPUTS" --><input type="hidden" name="<!-- TMPL_VAR ESCAPE=HTML NAME="name" -->" value="<!-- TMPL_VAR ESCAPE=HTML NAME="value" -->"><!-- /TMPL_LOOP -->
<input type="hidden" name="op" value="login" />
<input type="submit" value="Submit" class="submit" /></fieldset></form>
</div>