From 509c09ed9e472f15da0753f64e82f920efb0edaa Mon Sep 17 00:00:00 2001 From: Bill Erickson Date: Fri, 25 May 2012 14:41:18 -0400 Subject: [PATCH] TPAC bookbag CGI param changed to bbid To avoid propagating a generic URL parameter like 'id', which can be picked up by other pages and cause breakage, use 'bbid' instead. Also, clear the 'bbid' param from the my-account tabs. While we're in there, silence an uninitialized string warning. Signed-off-by: Bill Erickson --- .../src/perlmods/lib/OpenILS/WWW/EGCatLoader/Account.pm | 10 +++++----- Open-ILS/src/templates/opac/myopac/lists.tt2 | 16 ++++++++-------- Open-ILS/src/templates/opac/parts/myopac/base.tt2 | 2 +- 3 files changed, 14 insertions(+), 14 deletions(-) diff --git a/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader/Account.pm b/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader/Account.pm index 85fee15205..7399f34ba8 100644 --- a/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader/Account.pm +++ b/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader/Account.pm @@ -1649,22 +1649,22 @@ sub load_myopac_bookbags { # If the user wants a specific bookbag's items, load them. # XXX add bookbag item paging support - if ($self->cgi->param("id")) { + if ($self->cgi->param("bbid")) { my ($bookbag) = - grep { $_->id eq $self->cgi->param("id") } @{$ctx->{bookbags}}; + grep { $_->id eq $self->cgi->param("bbid") } @{$ctx->{bookbags}}; if (!$bookbag) { $e->rollback; return Apache2::Const::HTTP_INTERNAL_SERVER_ERROR; } - if ($self->cgi->param("action") eq "editmeta") { + if ( ($self->cgi->param("action") || '') eq "editmeta") { if (!$self->_update_bookbag_metadata($bookbag)) { $e->rollback; return Apache2::Const::HTTP_INTERNAL_SERVER_ERROR; } else { $e->commit; - my $url = $self->ctx->{opac_root} . '/myopac/lists?id=' . + my $url = $self->ctx->{opac_root} . '/myopac/lists?bbid=' . $bookbag->id; foreach my $param (('loc', 'qtype', 'query', 'sort')) { @@ -1821,7 +1821,7 @@ sub load_myopac_bookbag_update { } } elsif ($action eq 'save_notes') { $success = $self->update_bookbag_item_notes; - $url .= "&id=" . uri_escape($cgi->param("id")) if $cgi->param("id"); + $url .= "&bbid=" . uri_escape($cgi->param("bbid")) if $cgi->param("bbid"); } return $self->generic_redirect($url) if $success; diff --git a/Open-ILS/src/templates/opac/myopac/lists.tt2 b/Open-ILS/src/templates/opac/myopac/lists.tt2 index c9ee72014c..9bdbc087ea 100644 --- a/Open-ILS/src/templates/opac/myopac/lists.tt2 +++ b/Open-ILS/src/templates/opac/myopac/lists.tt2 @@ -57,11 +57,11 @@
[% baseurl = ctx.opac_root _ '/myopac/lists'; - IF bbag.id != CGI.param("id"); - url = mkurl(baseurl,{id => bbag.id},['edit_notes','sort']); + IF bbag.id != CGI.param("bbid"); + url = mkurl(baseurl,{bbid => bbag.id},['edit_notes','sort']); ltitle = l("Show items in list"); ELSE; - url = mkurl(baseurl, {}, ['id', 'edit_notes', 'sort']); + url = mkurl(baseurl, {}, ['bbid', 'edit_notes', 'sort']); ltitle = l("Hide items in list"); END %]

[% bbag.name | html %]

@@ -116,7 +116,7 @@
- [% IF CGI.param("id") == bbag.id %] + [% IF CGI.param("bbid") == bbag.id %]
@@ -125,7 +125,7 @@ [% INCLUDE "opac/parts/filtersort.tt2" value=CGI.param('sort') mode='bookbag' %] + value="[% CGI.param('bbid') | html %]" />
@@ -213,12 +213,12 @@ - [% attrs.title | html %] + [% attrs.title | html %] [% attrs.author | html %] [% IF CGI.param("edit_notes") == bbag.id %] @@ -241,7 +241,7 @@ [%- INCLUDE "opac/parts/preserve_params.tt2"; %] - + diff --git a/Open-ILS/src/templates/opac/parts/myopac/base.tt2 b/Open-ILS/src/templates/opac/parts/myopac/base.tt2 index 9c11f132e5..763e65b44a 100644 --- a/Open-ILS/src/templates/opac/parts/myopac/base.tt2 +++ b/Open-ILS/src/templates/opac/parts/myopac/base.tt2 @@ -23,7 +23,7 @@ ELSE; cls_which = "acct-tab-off"; END -%] - [% page.name; %] [% END %]
-- 2.11.0