[open-ils-commits] [GIT] Evergreen ILS branch master updated. 689171ab8e35da2ab7ef5e89c7e1dade3f38a753
Evergreen Git
git at git.evergreen-ils.org
Tue Nov 7 14:14:53 EST 2017
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "Evergreen ILS".
The branch, master has been updated
via 689171ab8e35da2ab7ef5e89c7e1dade3f38a753 (commit)
via 259e491dc3f48825114fd7e2927b29b7ce60f78f (commit)
from b59863ee1af8c67e1c16361113cdfa58f5d0b97b (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 689171ab8e35da2ab7ef5e89c7e1dade3f38a753
Author: Galen Charlton <gmc at equinoxinitiative.org>
Date: Tue Nov 7 14:33:16 2017 -0500
LP#1671635: escape some values to avoid XSS
Signed-off-by: Galen Charlton <gmc at equinoxinitiative.org>
diff --git a/Open-ILS/src/templates/opac/parts/place_hold.tt2 b/Open-ILS/src/templates/opac/parts/place_hold.tt2
index fc59a0d..76d8d9e 100644
--- a/Open-ILS/src/templates/opac/parts/place_hold.tt2
+++ b/Open-ILS/src/templates/opac/parts/place_hold.tt2
@@ -57,9 +57,9 @@ function toggleActivationDate() {
<!-- Adding hidden fields so that parameters are maintained in
searchbar throughout the place hold process. -->
- <input type="hidden" name="locg" value="[% CGI.param('locg') %]" />
- <input type="hidden" name="qtype" value="[% CGI.param('qtype') %]" />
- <input type="hidden" name="query" value="[% CGI.param('query') %]" />
+ <input type="hidden" name="locg" value="[% CGI.param('locg') | html %]" />
+ <input type="hidden" name="qtype" value="[% CGI.param('qtype') | html %]" />
+ <input type="hidden" name="query" value="[% CGI.param('query') | html %]" />
[%
usr_barcode = CGI.param('usr_barcode') | html;
is_requestor = CGI.param('is_requestor');
commit 259e491dc3f48825114fd7e2927b29b7ce60f78f
Author: Kathy Lussier <klussier at masslnc.org>
Date: Fri Sep 22 15:18:12 2017 -0400
LP#1671635: Maintain search parameters throughout place hold process
Add hidden fields to the Place Hold form for the search query, type
and locg fields so that they will appear correctly in the search bar
on the holds confirmation page. This commit also keeps the query
parameter in the URL after clicking the Place Hold link from the search
results page.
Test Plan:
Log into the public catalog and perform a search that is limited to a library
that differs from the user's preferred search library and using a search type
that is not keyword (e.g. title or author). Place a hold on any title from
either the search results or record page. After submitting the form, look
at the search parameters in the search bar on the hold confirmation page.
Pre-patch, the query terms will not appear, the search type will revert back
to the default of keyword, and the search library will be the user's preferred
search library.
Post-patch, the query parameters will be maintained in the search bar.
Signed-off-by: Kathy Lussier <klussier at masslnc.org>
Signed-off-by: Cesar Velez <cesar.velez at equinoxinitiative.org>
Signed-off-by: Galen Charlton <gmc at equinoxinitiative.org>
diff --git a/Open-ILS/src/templates/opac/parts/place_hold.tt2 b/Open-ILS/src/templates/opac/parts/place_hold.tt2
index 73192ba..fc59a0d 100644
--- a/Open-ILS/src/templates/opac/parts/place_hold.tt2
+++ b/Open-ILS/src/templates/opac/parts/place_hold.tt2
@@ -54,6 +54,12 @@ function toggleActivationDate() {
%]
<input type="hidden" name="redirect_to" value="[% redirect | html %]" />
<input type="hidden" name="hold_source_page" value="[% CGI.param('hold_source_page') | html %]" />
+
+ <!-- Adding hidden fields so that parameters are maintained in
+ searchbar throughout the place hold process. -->
+ <input type="hidden" name="locg" value="[% CGI.param('locg') %]" />
+ <input type="hidden" name="qtype" value="[% CGI.param('qtype') %]" />
+ <input type="hidden" name="query" value="[% CGI.param('query') %]" />
[%
usr_barcode = CGI.param('usr_barcode') | html;
is_requestor = CGI.param('is_requestor');
diff --git a/Open-ILS/src/templates/opac/parts/result/table.tt2 b/Open-ILS/src/templates/opac/parts/result/table.tt2
index f9e710f..5ab8e9a 100644
--- a/Open-ILS/src/templates/opac/parts/result/table.tt2
+++ b/Open-ILS/src/templates/opac/parts/result/table.tt2
@@ -389,7 +389,7 @@ END;
<div class="results_aux_utils place_hold"><a
href="[% mkurl(ctx.opac_root _ '/place_hold',
{hold_target => rec.id, hold_type => hold_type,
- hold_source_page => mkurl()}, ['query','tag','subfield','term','_special','sort','page']) %]"
+ hold_source_page => mkurl()}, ['tag','subfield','term','_special','sort','page']) %]"
[% html_text_attr('title', l('Place Hold on [_1]', attrs.title)) %]
class="no-dec" rel="nofollow" vocab=""><img
src="[% ctx.media_prefix %]/images/green_check.png[% ctx.cache_key %]"
-----------------------------------------------------------------------
Summary of changes:
Open-ILS/src/templates/opac/parts/place_hold.tt2 | 6 ++++++
Open-ILS/src/templates/opac/parts/result/table.tt2 | 2 +-
2 files changed, 7 insertions(+), 1 deletions(-)
hooks/post-receive
--
Evergreen ILS
More information about the open-ils-commits
mailing list