NOTE: This patch introduces code which generates an anonymous session when a
patron first browses to OPAC.
This anonymous session contains a minimal amount of information including the
results of a query to discover
all public lists/shevles. When the user logs in, the anonymous session is
cleared and a new session created
for that user.
kohabug 1875 - fix error when editing a patron record
C4::Auth::checkauth was not distinguishing between a
'userid' input from an OPAC or staff login form and
a 'userid' input from (e.g.,) the patron editor.
Consequently, adding or editing a patron record would
result in Koha trying to log in as the new patron.
To resolve this, added a hidden input to all login
forms, 'koha_login_context', to explicitly signal
when a login is occurring. The value of this input
can be 'opac', 'intranet', or 'sco' - the value is
not used at present, but may be of use later.
C4::Auth - added debug flag to two warns
kohabug 1875 - create anonymous sessions only for OPAC
No need to create an anonymous session for the intranet.
set yuipath correct for login pages
When preparing the template parameters for a login form,
C4::Auth was overriding the value of yuipath set
by C4::Output::gettemplate(), thus causing 404 errors
if the 'yuipath' syspref was set to 'local'.
kohabug 1875 - avoid warns viewing lists anonymously
During an anonymous OPAC session, the $loggedinuser variable
is not set. As the undefined value causes warns in
C4::VirtualShelves::Page::shelfpage, for the purpose of the
shelfpage call the loggedinuser is set to -1, which should
not correspond to any real borrower number.
This is admittedly a hack to avoid digging through all
of C4::VirtualShelves to deal with lists viewed anonymously.
kohabug 1875 Refactoring of &ModShelf to avoid overwriting list owner needlessly
kohabug 1875 Avoid warning if can't find owner of shelf
Since virtualshelves.owner is not a true FK of borrowersnumber.number,
set ownername to '' if can't find the patron
---
C4/Auth.pm | 296 +++++++++++--------
C4/VirtualShelves.pm | 50 +++-
C4/VirtualShelves/Page.pm | 47 ++--
koha-tmpl/intranet-tmpl/prog/en/modules/auth.tmpl | 1 +
koha-tmpl/opac-tmpl/prog/en/modules/opac-auth.tmpl | 2 +-
koha-tmpl/opac-tmpl/prog/en/modules/opac-main.tmpl | 1 +
.../opac-tmpl/prog/en/modules/opac-shelves.tmpl | 2 +-
.../opac-tmpl/prog/en/modules/sco/sco-main.tmpl | 1 +
opac/opac-shelves.pl | 8 +-
9 files changed, 250 insertions(+), 158 deletions(-)
diff --git a/C4/Auth.pm b/C4/Auth.pm
index 3556336..9311c88 100755
--- a/C4/Auth.pm
+++ b/C4/Auth.pm
@@ -221,6 +221,26 @@ sub get_template_and_user {
}
}
}
+ else { # if this is an anonymous session, setup to display public
lists...
+
+ # load the template variables for stylesheets and JavaScript
+ $template->param( css_libs => $in->{'css_libs'} );
+ $template->param( css_module => $in->{'css_module'} );
+ $template->param( css_page => $in->{'css_page'} );
+ $template->param( css_widgets => $in->{'css_widgets'} );
+
+ $template->param( js_libs => $in->{'js_libs'} );
+ $template->param( js_module => $in->{'js_module'} );
+ $template->param( js_page => $in->{'js_page'} );
+ $template->param( js_widgets => $in->{'js_widgets'} );
+
+ $template->param( sessionID => $sessionID );
+ my $shelves;
+ if ($shelves = C4::Context->get_shelves_userenv()) {
+ $template->param( barshelves => scalar (@$shelves));
+ $template->param( barshelvesloop => $shelves);
+ }
+ }
if ( $in->{'type'} eq "intranet" ) {
$template->param(
@@ -473,6 +493,7 @@ sub checkauth {
my %info;
my ( $userid, $cookie, $sessionID, $flags, $shelves );
my $logout = $query->param('logout.x');
+
if ( $userid = $ENV{'REMOTE_USER'} ) {
# Using Basic Authentication, no cookies required
$cookie = $query->cookie(
@@ -485,7 +506,7 @@ sub checkauth {
elsif ( $sessionID = $query->cookie("CGISESSID")) { # assignment, not
comparison
my $session = get_session($sessionID);
C4::Context->_new_userenv($sessionID);
- my ($ip, $lasttime);
+ my ($ip, $lasttime, $sessiontype);
if ($session){
C4::Context::set_userenv(
$session->param('number'), $session->param('id'),
@@ -499,9 +520,20 @@ sub checkauth {
$ip = $session->param('ip');
$lasttime = $session->param('lasttime');
$userid = $session->param('id');
+ $sessiontype = $session->param('sessiontype');
}
-
- if ($logout) {
+
+ if ( ($query->param('koha_login_context')) &&
($query->param('userid') ne $session->param('id')) ) {
+ #if a user enters an id ne to the id in the current
session, we need to log them in...
+ #first we need to clear the anonymous session...
+ $debug and warn "query id = " . $query->param('userid')
. " but session id = " . $session->param('id');
+ $session->flush;
+ $session->delete();
+ C4::Context->_unset_userenv($sessionID);
+ $sessionID = undef;
+ $userid = undef;
+ }
+ elsif ($logout) {
# voluntary logout the user
$session->flush;
$session->delete();
@@ -533,144 +565,159 @@ sub checkauth {
else {
$cookie = $query->cookie( CGISESSID => $session->id );
$session->param('lasttime',time());
- $flags = haspermission( $dbh, $userid, $flagsrequired );
- if ($flags) {
- $loggedin = 1;
- } else {
- $info{'nopermission'} = 1;
+ unless ( $sessiontype eq 'anon' ) { #if this is an
anonymous session, we want to update the session, but not behave as if they are
logged in...
+ $flags = haspermission( $dbh, $userid,
$flagsrequired );
+ if ($flags) {
+ $loggedin = 1;
+ } else {
+ $info{'nopermission'} = 1;
+ }
}
}
}
- unless ($userid) {
- my $session = get_session("") or die "Auth ERROR: Cannot
get_session()";
+ unless ($userid || $sessionID) {
+ #we initiate a session prior to checking for a username to allow for
anonymous sessions...
+ my $session = get_session("") or die "Auth ERROR: Cannot
get_session()";
my $sessionID = $session->id;
- $userid = $query->param('userid');
- my $password = $query->param('password');
- C4::Context->_new_userenv($sessionID);
- my ( $return, $cardnumber ) = checkpw( $dbh, $userid, $password );
- if ($return) {
- _session_log(sprintf "%20s from %16s logged in at %30s.\n",
$userid,$ENV{'REMOTE_ADDR'},localtime);
- $cookie = $query->cookie(CGISESSID => $sessionID);
- if ( $flags = haspermission( $dbh, $userid, $flagsrequired ) ) {
- $loggedin = 1;
- }
- else {
- $info{'nopermission'} = 1;
- C4::Context->_unset_userenv($sessionID);
- }
-
- my ($borrowernumber, $firstname, $surname, $userflags,
- $branchcode, $branchname, $branchprinter,
$emailaddress);
-
- if ( $return == 1 ) {
- my $select = "
- SELECT borrowernumber, firstname, surname, flags,
borrowers.branchcode,
- branches.branchname as branchname,
- branches.branchprinter as branchprinter,
- email
- FROM borrowers
- LEFT JOIN branches on borrowers.branchcode=branches.branchcode
- ";
- my $sth = $dbh->prepare("$select where userid=?");
- $sth->execute($userid);
- unless ($sth->rows) {
- $debug and print STDERR "AUTH_1: no rows for
userid='$userid'\n";
- $sth = $dbh->prepare("$select where
cardnumber=?");
- $sth->execute($cardnumber);
+ C4::Context->_new_userenv($sessionID);
+ $cookie = $query->cookie(CGISESSID => $sessionID);
+ if ( $userid = $query->param('userid') ) {
+ my $password = $query->param('password');
+ my ( $return, $cardnumber ) = checkpw( $dbh, $userid, $password
);
+ if ($return) {
+ _session_log(sprintf "%20s from %16s logged in at %30s.\n",
$userid,$ENV{'REMOTE_ADDR'},localtime);
+ if ( $flags = haspermission( $dbh, $userid, $flagsrequired ) ) {
+ $loggedin = 1;
+ }
+ else {
+ $info{'nopermission'} = 1;
+ C4::Context->_unset_userenv($sessionID);
+ }
+
+ my ($borrowernumber, $firstname, $surname,
$userflags,
+ $branchcode, $branchname,
$branchprinter, $emailaddress);
+
+ if ( $return == 1 ) {
+ my $select = "
+ SELECT borrowernumber, firstname, surname, flags,
borrowers.branchcode,
+ branches.branchname as branchname,
+ branches.branchprinter as branchprinter,
+ email
+ FROM borrowers
+ LEFT JOIN branches on
borrowers.branchcode=branches.branchcode
+ ";
+ my $sth = $dbh->prepare("$select where userid=?");
+ $sth->execute($userid);
unless ($sth->rows) {
- $debug and print STDERR "AUTH_2a: no rows for
cardnumber='$cardnumber'\n";
- $sth->execute($userid);
+ $debug and print STDERR "AUTH_1: no rows for
userid='$userid'\n";
+ $sth = $dbh->prepare("$select
where cardnumber=?");
+ $sth->execute($cardnumber);
unless ($sth->rows) {
- $debug and print STDERR "AUTH_2b: no
rows for userid='$userid' AS cardnumber\n";
+ $debug and print STDERR "AUTH_2a: no
rows for cardnumber='$cardnumber'\n";
+ $sth->execute($userid);
+ unless ($sth->rows) {
+ $debug and print STDERR
"AUTH_2b: no rows for userid='$userid' AS cardnumber\n";
+ }
}
}
- }
- if ($sth->rows) {
- ($borrowernumber, $firstname, $surname, $userflags,
- $branchcode, $branchname, $branchprinter,
$emailaddress) = $sth->fetchrow;
- $debug and print STDERR "AUTH_3
results: " .
-
"$cardnumber,$borrowernumber,$userid,$firstname,$surname,$userflags,$branchcode,$emailaddress\n";
- } else {
- print STDERR "AUTH_3: no results for
userid='$userid', cardnumber='$cardnumber'.\n";
- }
+ if ($sth->rows) {
+ ($borrowernumber, $firstname, $surname, $userflags,
+ $branchcode, $branchname, $branchprinter,
$emailaddress) = $sth->fetchrow;
+ $debug and print STDERR "AUTH_3
results: " .
+
"$cardnumber,$borrowernumber,$userid,$firstname,$surname,$userflags,$branchcode,$emailaddress\n";
+ } else {
+ print STDERR "AUTH_3: no
results for userid='$userid', cardnumber='$cardnumber'.\n";
+ }
# launch a sequence to check if we have a ip for the branch, i
# if we have one we replace the branchcode of the userenv by the branch bound
in the ip.
- my $ip = $ENV{'REMOTE_ADDR'};
- # if they specify at login, use that
- if ($query->param('branch')) {
- $branchcode = $query->param('branch');
- $branchname = GetBranchName($branchcode);
- }
- my $branches = GetBranches();
- if (C4::Context->boolean_preference('IndependantBranches') &&
C4::Context->boolean_preference('Autolocation')){
- # we have to check they are coming from the
right ip range
- my $domain =
$branches->{$branchcode}->{'branchip'};
- if ($ip !~ /^$domain/){
- $loggedin=0;
- $info{'wrongip'} = 1;
+ my $ip = $ENV{'REMOTE_ADDR'};
+ # if they specify at login, use that
+ if ($query->param('branch')) {
+ $branchcode =
$query->param('branch');
+ $branchname =
GetBranchName($branchcode);
+ }
+ my $branches = GetBranches();
+ if
(C4::Context->boolean_preference('IndependantBranches') &&
C4::Context->boolean_preference('Autolocation')){
+ # we have to check they are
coming from the right ip range
+ my $domain =
$branches->{$branchcode}->{'branchip'};
+ if ($ip !~ /^$domain/){
+ $loggedin=0;
+ $info{'wrongip'} = 1;
+ }
}
- }
- my @branchesloop;
- foreach my $br ( keys %$branches ) {
- # now we work with the treatment of ip
- my $domain = $branches->{$br}->{'branchip'};
- if ( $domain && $ip =~ /^$domain/ ) {
- $branchcode = $branches->{$br}->{'branchcode'};
+ my @branchesloop;
+ foreach my $br ( keys %$branches ) {
+ # now we work with the
treatment of ip
+ my $domain =
$branches->{$br}->{'branchip'};
+ if ( $domain && $ip =~
/^$domain/ ) {
+ $branchcode =
$branches->{$br}->{'branchcode'};
- # new op dev : add the branchprinter and branchname in
the cookie
- $branchprinter = $branches->{$br}->{'branchprinter'};
- $branchname = $branches->{$br}->{'branchname'};
- }
- }
- $session->param('number',$borrowernumber);
- $session->param('id',$userid);
- $session->param('cardnumber',$cardnumber);
- $session->param('firstname',$firstname);
- $session->param('surname',$surname);
- $session->param('branch',$branchcode);
- $session->param('branchname',$branchname);
- $session->param('flags',$userflags);
- $session->param('emailaddress',$emailaddress);
- $session->param('ip',$session->remote_addr());
- $session->param('lasttime',time());
- $debug and printf STDERR "AUTH_4: (%s)\t%s %s - %s\n", map
{$session->param($_)} qw(cardnumber firstname surname branch) ;
- }
- elsif ( $return == 2 ) {
- #We suppose the user is the superlibrarian
- $borrowernumber = 0;
- $session->param('number',0);
- $session->param('id',C4::Context->config('user'));
- $session->param('cardnumber',C4::Context->config('user'));
- $session->param('firstname',C4::Context->config('user'));
- $session->param('surname',C4::Context->config('user'));
- $session->param('branch','NO_LIBRARY_SET');
- $session->param('branchname','NO_LIBRARY_SET');
- $session->param('flags',1);
- $session->param('emailaddress',
C4::Context->preference('KohaAdminEmailAddress'));
- $session->param('ip',$session->remote_addr());
- $session->param('lasttime',time());
- }
- C4::Context::set_userenv(
- $session->param('number'), $session->param('id'),
- $session->param('cardnumber'), $session->param('firstname'),
- $session->param('surname'), $session->param('branch'),
- $session->param('branchname'), $session->param('flags'),
- $session->param('emailaddress'),
$session->param('branchprinter')
- );
- $shelves = GetShelvesSummary($borrowernumber,2,10);
+ # new op dev : add the
branchprinter and branchname in the cookie
+ $branchprinter =
$branches->{$br}->{'branchprinter'};
+ $branchname =
$branches->{$br}->{'branchname'};
+ }
+ }
+
$session->param('number',$borrowernumber);
+ $session->param('id',$userid);
+
$session->param('cardnumber',$cardnumber);
+ $session->param('firstname',$firstname);
+ $session->param('surname',$surname);
+ $session->param('branch',$branchcode);
+
$session->param('branchname',$branchname);
+ $session->param('flags',$userflags);
+
$session->param('emailaddress',$emailaddress);
+
$session->param('ip',$session->remote_addr());
+ $session->param('lasttime',time());
+ $debug and printf STDERR "AUTH_4:
(%s)\t%s %s - %s\n", map {$session->param($_)} qw(cardnumber firstname surname
branch) ;
+ }
+ elsif ( $return == 2 ) {
+ #We suppose the user is the
superlibrarian
+ $borrowernumber = 0;
+ $session->param('number',0);
+
$session->param('id',C4::Context->config('user'));
+
$session->param('cardnumber',C4::Context->config('user'));
+
$session->param('firstname',C4::Context->config('user'));
+
$session->param('surname',C4::Context->config('user'));
+
$session->param('branch','NO_LIBRARY_SET');
+
$session->param('branchname','NO_LIBRARY_SET');
+ $session->param('flags',1);
+ $session->param('emailaddress',
C4::Context->preference('KohaAdminEmailAddress'));
+
$session->param('ip',$session->remote_addr());
+ $session->param('lasttime',time());
+ }
+ C4::Context::set_userenv(
+ $session->param('number'),
$session->param('id'),
+ $session->param('cardnumber'),
$session->param('firstname'),
+ $session->param('surname'),
$session->param('branch'),
+ $session->param('branchname'),
$session->param('flags'),
+ $session->param('emailaddress'),
$session->param('branchprinter')
+ );
+ $shelves =
GetShelvesSummary($borrowernumber,2,10);
+ $session->param('shelves', $shelves);
+ C4::Context::set_shelves_userenv($shelves);
+ }
+ else {
+ if ($userid) {
+ $info{'invalid_username_or_password'} = 1;
+ C4::Context->_unset_userenv($sessionID);
+ }
+ }
+ } # END if ( $userid = $query->param('userid') )
+ elsif ($type eq "opac") {
+ # if we are here this is an anonymous session; add public lists to
it and a few other items...
+ # anonymous sessions are created only for the OPAC
+ $debug and warn "Initiating an anonymous session...";
+ $shelves = GetShelvesSummary(0,2,10);
$session->param('shelves', $shelves);
C4::Context::set_shelves_userenv($shelves);
- }
- else {
- if ($userid) {
- $info{'invalid_username_or_password'} = 1;
- C4::Context->_unset_userenv($sessionID);
- }
-
- }
+ # setting a couple of other session vars...
+ $session->param('ip',$session->remote_addr());
+ $session->param('lasttime',time());
+ $session->param('sessiontype','anon');
+ }
} # END unless ($userid)
my $insecure = C4::Context->boolean_preference('insecure');
@@ -738,7 +785,6 @@ sub checkauth {
TemplateEncoding => C4::Context->preference("TemplateEncoding"),
IndependantBranches=> C4::Context->preference("IndependantBranches"),
AutoLocation => C4::Context->preference("AutoLocation"),
- yuipath => C4::Context->preference("yuipath"),
wrongip => $info{'wrongip'}
);
diff --git a/C4/VirtualShelves.pm b/C4/VirtualShelves.pm
index fc56284..85a511f 100644
--- a/C4/VirtualShelves.pm
+++ b/C4/VirtualShelves.pm
@@ -25,6 +25,8 @@ use strict;
use Carp;
use C4::Context;
use C4::Circulation;
+use C4::Debug;
+
use vars qw($VERSION @ISA @EXPORT @EXPORT_OK);
BEGIN {
@@ -341,21 +343,51 @@ sub AddToShelfFromBiblio {
=item ModShelf
-ModShelf($shelfnumber, $shelfname, $owner, $category )
+ModShelf($shelfnumber, $hashref)
+
+Where $hashref->{column} = param
-Modify the value into virtualshelves table with values given on input arg.
+Modify the value into virtualshelves table with values given
+from hashref, which each key of the hashref should be
+the name of a column of virtualshelves.
=cut
sub ModShelf {
- my ( $shelfnumber, $shelfname, $owner, $category, $sortfield ) = @_;
- my $query = qq(
- UPDATE virtualshelves
- SET shelfname=?,owner=?,category=?,sortfield=?
- WHERE shelfnumber=?
- );
+ my $shelfnumber = shift;
+ my $shelf = shift;
+
+ if (exists $shelf->{shelfnumber}) {
+ carp "Should not use ModShelf to change shelfnumber";
+ return;
+ }
+ unless (defined $shelfnumber and $shelfnumber =~ /^\d+$/) {
+ carp "Invalid shelfnumber passed to ModShelf: $shelfnumber";
+ return;
+ }
+
+ my $query = "UPDATE virtualshelves SET ";
+ my @bind_params = ();
+ my @set_clauses = ();
+
+ foreach my $column (keys %$shelf) {
+ push @set_clauses, "$column = ?";
+ push @bind_params, $shelf->{$column};
+ }
+
+ if ($#set_clauses == -1) {
+ carp "No columns to update passed to ModShelf";
+ return;
+ }
+ $query .= join(", ", @set_clauses);
+
+ $query .= " WHERE shelfnumber = ? ";
+ push @bind_params, $shelfnumber;
+
+ $debug and warn "ModShelf query:\n $query\n",
+ "ModShelf query args: ", join(',', @bind_params), "\n";
my $sth = $dbh->prepare($query);
- $sth->execute( $shelfname, $owner, $category, $sortfield, $shelfnumber );
+ $sth->execute( @bind_params );
}
=item ShelfPossibleAction
diff --git a/C4/VirtualShelves/Page.pm b/C4/VirtualShelves/Page.pm
index bd2255f..0789a69 100755
--- a/C4/VirtualShelves/Page.pm
+++ b/C4/VirtualShelves/Page.pm
@@ -119,19 +119,24 @@ SWITCH: {
last SWITCH;
}
if ( $op eq 'modifsave' ) {
- ModShelf(
- $shelfnumber, $query->param('shelfname'),
$loggedinuser,
- $query->param('category'),
$query->param('sortfield')
- );
+ my $shelf = {
+ 'shelfname' => $query->param('shelfname'),
+ 'category' =>
$query->param('category'),
+ 'sortfield' =>
$query->param('sortfield'),
+ };
+ $shelf->{'owner'} = $loggedinuser if $type eq
'intranet'; #we only overwrite the list owner if &ModShelf was called
from the staff client
+
+ ModShelf( $shelfnumber, $shelf );
$shelflist = GetShelves( $loggedinuser, 2 ); #
refresh after mods
} elsif ( $op eq 'modif' ) {
- my ( $shelfnumber2, $shelfname, $owner, $category,
$sortfield ) =GetShelf( $query->param('shelfnumber') );
+ my ( $shelfnumber2, $shelfname, $owner, $category,
$sortfield ) =GetShelf( $shelfnumber );
$template->param(
edit => 1,
shelfnumber => $shelfnumber2,
shelfname => $shelfname,
owner => $owner,
- "category$category" => 1,
+ "category$category" => 1,
+ category => $category,
"sort_$sortfield" => 1,
);
}
@@ -139,12 +144,12 @@ SWITCH: {
}
if ($shelfnumber = $query->param('viewshelf') ) {
#check that the user can view the shelf
- if ( ShelfPossibleAction( $loggedinuser, $shelfnumber, 'view' ) ) {
- my $items = GetShelfContents($shelfnumber);
- for my $this_item (@$items) {
- $this_item->{imageurl} = $imgdir."/".$itemtypes->{
$this_item->{itemtype} }->{'imageurl'};
- $this_item->{'description'} = $itemtypes->{
$this_item->{itemtype} }->{'description'};
- }
+ if ( ShelfPossibleAction( $loggedinuser, $shelfnumber, 'view' )
) {
+ my $items = GetShelfContents($shelfnumber);
+ for my $this_item (@$items) {
+ $this_item->{imageurl} =
$imgdir."/".$itemtypes->{ $this_item->{itemtype} }->{'imageurl'};
+ $this_item->{'description'} = $itemtypes->{
$this_item->{itemtype} }->{'description'};
+ }
$showadd = 1;
my $i = 0;
foreach (grep {$i++ % 2} @$items) { # every other
item
@@ -152,14 +157,14 @@ SWITCH: {
}
# my $manageshelf = &ShelfPossibleAction(
$loggedinuser, $shelfnumber, 'manage' );
# ($manageshelf) and $showadd = 1;
- $template->param(
- shelfname => $shelflist->{$shelfnumber}->{'shelfname'},
- shelfnumber => $shelfnumber,
- viewshelf => $shelfnumber,
- manageshelf => &ShelfPossibleAction( $loggedinuser,
$shelfnumber, 'manage' ),
- itemsloop => $items,
- );
- } else { push @paramsloop, {nopermission=>$shelfnumber}; }
+ $template->param(
+ shelfname =>
$shelflist->{$shelfnumber}->{'shelfname'},
+ shelfnumber => $shelfnumber,
+ viewshelf => $shelfnumber,
+ manageshelf => &ShelfPossibleAction(
$loggedinuser, $shelfnumber, 'manage' ),
+ itemsloop => $items,
+ );
+ } else { push @paramsloop, {nopermission=>$shelfnumber} };
last SWITCH;
}
if ( $query->param('shelves') ) {
@@ -234,7 +239,7 @@ foreach my $element (sort {
lc($shelflist->{$a}->{'shelfname'}) cmp lc($shelflis
$shelflist->{$element}->{'mine'} = 1;
}
my $member = GetMember($owner,'borrowernumber');
- $shelflist->{$element}->{ownername} = $member->{firstname} . " " .
$member->{surname};
+ $shelflist->{$element}->{ownername} = defined($member) ?
$member->{firstname} . " " . $member->{surname} : '';
$numberCanManage++ if $canmanage; # possibly outmoded
if ($shelflist->{$element}->{'category'} eq '1') {
(scalar(@shelveslooppriv) % 2) and
$shelflist->{$element}->{toggle} = 1;
diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/auth.tmpl
b/koha-tmpl/intranet-tmpl/prog/en/modules/auth.tmpl
index 3e56cab..b3d1f4c 100644
--- a/koha-tmpl/intranet-tmpl/prog/en/modules/auth.tmpl
+++ b/koha-tmpl/intranet-tmpl/prog/en/modules/auth.tmpl
@@ -37,6 +37,7 @@
<!-- login prompt time-->
<form action="<!-- TMPL_VAR NAME="url" -->" method="post" name="loginform"
id="loginform">
+ <input type="hidden" name="koha_login_context" value="intranet" />
<!-- TMPL_LOOP NAME="INPUTS" -->
<input type="hidden" name="<!-- TMPL_VAR NAME="name" -->" value="<!--
TMPL_VAR NAME="value" ESCAPE="html" -->" />
<!-- /TMPL_LOOP -->
diff --git a/koha-tmpl/opac-tmpl/prog/en/modules/opac-auth.tmpl
b/koha-tmpl/opac-tmpl/prog/en/modules/opac-auth.tmpl
index 21d5afe..1262156 100644
--- a/koha-tmpl/opac-tmpl/prog/en/modules/opac-auth.tmpl
+++ b/koha-tmpl/opac-tmpl/prog/en/modules/opac-auth.tmpl
@@ -40,7 +40,7 @@
<!-- /TMPL_IF -->
<form action="<!-- TMPL_VAR NAME="url" -->" name="auth" id="auth"
method="post">
-
+ <input type="hidden" name="koha_login_context" value="opac" />
<fieldset class="brief"><!-- TMPL_LOOP NAME="INPUTS" -->
<input type="hidden" name="<!-- TMPL_VAR NAME="name" -->" value="<!--
TMPL_VAR NAME="value" -->" />
<!-- /TMPL_LOOP -->
diff --git a/koha-tmpl/opac-tmpl/prog/en/modules/opac-main.tmpl
b/koha-tmpl/opac-tmpl/prog/en/modules/opac-main.tmpl
index 023ac1d..a2313b2 100644
--- a/koha-tmpl/opac-tmpl/prog/en/modules/opac-main.tmpl
+++ b/koha-tmpl/opac-tmpl/prog/en/modules/opac-main.tmpl
@@ -96,6 +96,7 @@
<div class="yui-u">
<div id="login" class="container">
<form action="/cgi-bin/koha/opac-user.pl" method="post" name="auth"
id="auth">
+ <input type="hidden" name="koha_login_context" value="opac" />
<fieldset class="brief">
<legend>Log in to Your Account:</legend>
<ol>
diff --git a/koha-tmpl/opac-tmpl/prog/en/modules/opac-shelves.tmpl
b/koha-tmpl/opac-tmpl/prog/en/modules/opac-shelves.tmpl
index ae9c34d..bd67918 100644
--- a/koha-tmpl/opac-tmpl/prog/en/modules/opac-shelves.tmpl
+++ b/koha-tmpl/opac-tmpl/prog/en/modules/opac-shelves.tmpl
@@ -169,7 +169,7 @@ $.tablesorter.addParser({
</select></li>
</ol>
</fieldset>
- <fieldset class="action"><input type="hidden" name="category"
value="1" /><input type="submit" value="Save" class="submit" /> <a
class="cancel" href="/cgi-bin/koha/opac-shelves.pl?shelfnumber=<!-- TMPL_VAR
NAME="shelfnumber" -->">Cancel</a></fieldset>
+ <fieldset class="action"><input type="hidden" name="category"
value="<!-- TMPL_VAR NAME="category" -->" /><input type="submit" value="Save"
class="submit" /> <a class="cancel"
href="/cgi-bin/koha/opac-shelves.pl?shelfnumber=<!-- TMPL_VAR
NAME="shelfnumber" -->">Cancel</a></fieldset>
</form>
<!-- /TMPL_IF -->
diff --git a/koha-tmpl/opac-tmpl/prog/en/modules/sco/sco-main.tmpl
b/koha-tmpl/opac-tmpl/prog/en/modules/sco/sco-main.tmpl
index 088d23a..a03fbc0 100644
--- a/koha-tmpl/opac-tmpl/prog/en/modules/sco/sco-main.tmpl
+++ b/koha-tmpl/opac-tmpl/prog/en/modules/sco/sco-main.tmpl
@@ -78,6 +78,7 @@ Sorry, This Self-Checkout Station has lost authentication.
Please contact the a
<!-- TMPL_UNLESS NAME="validuser" -->
<div class="sco_entry" >
<form id="mainform" action="/cgi-bin/koha/sco/sco-main.pl"
name="myForm" method="post">
+ <input type="hidden" name="koha_login_context" value="sco" />
<p class="checkout"><label for="userid">Please enter your
cardnumber:</label>
<input type="text" id="userid" class="firstField" size="10"
name="userid" onblur="ValidateCode();" />
<!-- TMPL_LOOP NAME="INPUTS" --><input type="hidden" name="<!--
TMPL_VAR NAME="name" -->" value="<!-- TMPL_VAR NAME="value" -->"><!--
/TMPL_LOOP -->
diff --git a/opac/opac-shelves.pl b/opac/opac-shelves.pl
index b26f73a..61bf9e3 100755
--- a/opac/opac-shelves.pl
+++ b/opac/opac-shelves.pl
@@ -31,4 +31,10 @@ my ( $template, $loggedinuser, $cookie ) =
get_template_and_user({
type => "opac",
authnotrequired => 1,
});
-shelfpage('opac', $query, $template, $loggedinuser, $cookie);
+
+# if $loggedinuser is not defined, set it to -1, which should
+# not correspond to any real borrowernumber.
+# FIXME: this is a hack to temporarily avoid changing several
+# routines in C4::VirtualShelves and C4::VirtualShelves::page
+# to deal with lists accessed during an anonymous OPAC session
+shelfpage('opac', $query, $template, (defined($loggedinuser) ? $loggedinuser :
-1), $cookie);
--
1.5.5.GIT
_______________________________________________
Koha-patches mailing list
[email protected]
http://lists.koha.org/mailman/listinfo/koha-patches
