Skip to main content

ABCD 3.8.4

· 3 min read
Roger C. Guilherme
Programmer and librarian at ABCD

ABCD v3.8.4 brings crucial improvements to system stability, PHP 8.x compatibility, and user experience. This release focuses on hardening input validation, fixing MARC database saving mechanisms, and refining OPAC functionalities.

Below is a detailed summary of the changes and enhancements included in this update:

Search & OPAC Enhancements

  • Alphabetical Indexes & UX: Fixed bugs related to the "Alphabetical Indexes" button. Added a new UX feature allowing the index submenu to open by default via URL parameters (open_index=Y), ensuring integrated searches navigate correctly while preserving context (base, ctx).
  • Strict Mode Enforcement: Added a strict-mode guard in central/config_opac.php to explicitly deny access if opac_strict_mode is enabled and no database (?base) is provided.
  • Topbar Refactoring: Reorganized the OPAC topbar (topbar.php) to improve the HTML markup, simplify authentication logic (detecting online services, showing logged-in users, or the login modal), and consistently preserve context parameters when navigating to the home link.
  • Search Pagination Stability: Enhanced input validation in buscar_integrada.php to handle edge cases and prevent bot-induced runtime errors. Pagination parameters (desde and count) are now strictly validated and cast with numeric fallbacks.

Data Entry & MARC Handling

  • MARC Indicators Fix: Resolved broken saving functions in MARC databases. The system now correctly respects MARC indicators by detecting definitions from the FDT, extracting/padding the first two characters, and separating implicit from explicit subfields during client-side assembly.
  • Picklist Selection Logic: Fixed picklist selection mismatches by properly casting and sanitizing option values to strings before comparison, preventing PHP numeric mismatch errors.
  • Editor Improvements: Updated the clear_field.js editor script to use English standard text ("Clear field" instead of "Limpar campo"). Added a new mover action.
  • Formatting Script (fmt.php) Cleanup: Streamlined record display logic, ensured PlantillaDeIngreso() and ColocarMfn() are called in the correct branches, and standardized the use of $arrHttp['login'] instead of maintaining separate login variables.

Security & PHP 8.1+ Compatibility

  • Session & Redirect Hardening: Guarded access to session/login variables with isset() to prevent PHP 8.1+ undefined session errors. Added strict die; statements following header redirects to ensure script execution completely stops when $_SESSION["permiso"] is missing.
  • Undefined Variables & Array Keys: Resolved multiple PHP warnings across the system (e.g., undefined $hasta, undefined Diccio index, and foreach() null arguments in c_global_ex.php).
  • Expression Handling: Hardened logic in PresentarExpresion.php to handle missing expressions safely, defaulting to an empty string to avoid "Undefined array key" errors.
  • Input Whitelisting: Whitelisted the new open_index parameter in is_malicious.php to allow the URL-driven UX flag through security validations.

System & Maintenance

  • Update Manager: Fixed the behavior of the "Update" button to ensure smooth upgrades.
  • File Cleanup: Removed misplaced duplicate files from the repository to keep the architecture clean.
  • Version Bump: Updated version.php to reflect version 3.8.4.

Details:

Full Changelog: https://github.com/ABCD-DEVCOM/ABCD/compare/v3.8.3...v3.8.4