ABCD 3.8.4
· 3 min read
ABCD v3.8.4 brings crucial improvements to system stability, PHP 8.x compatibility, and user experience. This release focuses on hardening input validation, fixing MARC database saving mechanisms, and refining OPAC functionalities.
Below is a detailed summary of the changes and enhancements included in this update:
Search & OPAC Enhancements
- Alphabetical Indexes & UX: Fixed bugs related to the "Alphabetical Indexes" button. Added a new UX feature allowing the index submenu to open by default via URL parameters (
open_index=Y), ensuring integrated searches navigate correctly while preserving context (base,ctx). - Strict Mode Enforcement: Added a strict-mode guard in
central/config_opac.phpto explicitly deny access ifopac_strict_modeis enabled and no database (?base) is provided. - Topbar Refactoring: Reorganized the OPAC topbar (
topbar.php) to improve the HTML markup, simplify authentication logic (detecting online services, showing logged-in users, or the login modal), and consistently preserve context parameters when navigating to the home link. - Search Pagination Stability: Enhanced input validation in
buscar_integrada.phpto handle edge cases and prevent bot-induced runtime errors. Pagination parameters (desdeandcount) are now strictly validated and cast with numeric fallbacks.
Data Entry & MARC Handling
- MARC Indicators Fix: Resolved broken saving functions in MARC databases. The system now correctly respects MARC indicators by detecting definitions from the FDT, extracting/padding the first two characters, and separating implicit from explicit subfields during client-side assembly.
- Picklist Selection Logic: Fixed picklist selection mismatches by properly casting and sanitizing option values to strings before comparison, preventing PHP numeric mismatch errors.
- Editor Improvements: Updated the
clear_field.jseditor script to use English standard text ("Clear field" instead of "Limpar campo"). Added a newmoveraction. - Formatting Script (
fmt.php) Cleanup: Streamlined record display logic, ensuredPlantillaDeIngreso()andColocarMfn()are called in the correct branches, and standardized the use of$arrHttp['login']instead of maintaining separate login variables.
Security & PHP 8.1+ Compatibility
- Session & Redirect Hardening: Guarded access to session/login variables with
isset()to prevent PHP 8.1+ undefined session errors. Added strictdie;statements following header redirects to ensure script execution completely stops when$_SESSION["permiso"]is missing. - Undefined Variables & Array Keys: Resolved multiple PHP warnings across the system (e.g., undefined
$hasta, undefinedDiccioindex, andforeach()null arguments inc_global_ex.php). - Expression Handling: Hardened logic in
PresentarExpresion.phpto handle missing expressions safely, defaulting to an empty string to avoid "Undefined array key" errors. - Input Whitelisting: Whitelisted the new
open_indexparameter inis_malicious.phpto allow the URL-driven UX flag through security validations.
System & Maintenance
- Update Manager: Fixed the behavior of the "Update" button to ensure smooth upgrades.
- File Cleanup: Removed misplaced duplicate files from the repository to keep the architecture clean.
- Version Bump: Updated
version.phpto reflect version 3.8.4.