git.koha-community.org Git - koha.git/commit

Bug 17830: CSRF - Handle unicode characters in userid

If the userid of the logged in user contains unicode characters, the token
will not be generated correctly and Koha will crash with:
Wide character in subroutine entry at /usr/share/perl5/Digest/HMAC.pm line 63.

Test plan:
- Edit a superlibrarian user and set his/her userid to '❤' or any other strings
with unicode characters.
- Login using this patron
- Search for patrons and click on a result.

=> Without this patch, you will get a software error (with "Wide
character in subroutine entry" in the logs).
=> With this patch, everything will go fine

You can also test the other files modified by this patch.

Signed-off-by: Karam Qubsi <karamqubsi@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 4e40339db3209c913c79b935067e139b470255cc)
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

author	Jonathan Druart <jonathan.druart@bugs.koha-community.org>
	Thu, 29 Dec 2016 16:54:40 +0000 (17:54 +0100)
committer	Katrin Fischer <katrin.fischer.83@web.de>
	Wed, 4 Jan 2017 22:01:53 +0000 (23:01 +0100)
commit	9a22ae4fc5dfe3be8bdb5f5de2ef5a0377709c1a
tree	4d7a13f827109c478ac22020d0e9cea4ae683be4	tree \| snapshot
parent	9e6108965aff24d4d59496b6f5137e241e5e7e3e	commit \| diff

basket/sendbasket.pl		diff \| blob \| history
members/deletemem.pl		diff \| blob \| history
members/member-password.pl		diff \| blob \| history
members/memberentry.pl		diff \| blob \| history
members/moremember.pl		diff \| blob \| history
opac/opac-memberentry.pl		diff \| blob \| history
opac/opac-sendbasket.pl		diff \| blob \| history
tools/import_borrowers.pl		diff \| blob \| history
tools/picture-upload.pl		diff \| blob \| history