Bug 35290: Sanitize field input on cataloguing/ysearch.pl
This change sanitizies the field input on cataloguing/ysearch.pl Test plan: 0. Apply the patch and restart/reload Koha 1a. "Add marc21_field_260b.pl plugin to 260$b in the Default framework" 1b. Go to http://localhost:8081/cgi-bin/koha/admin/marc_subfields_structure.pl? op=add_form&tagfield=260&frameworkcode=#subbfield 1c. Choose "marc21_field_260b.pl" from the dropdown next to "Plugin" 1d. Click "Save changes" 2a. "Add new record" 2b. Go to http://localhost:8081/cgi-bin/koha/cataloguing/addbiblio.pl?frameworkcode= 3. Click on tab "2" and scroll down to 260 "b" 4. Type in "Ori" into 260 subfield b 5. Some autocomplete suggestions should appear Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This commit is contained in:
parent
fb1c01452d
commit
4160afa3d7
1 changed files with 2 additions and 1 deletions
|
@ -37,7 +37,8 @@ my $table = $input->param('table');
|
|||
my $field = $input->param('field');
|
||||
|
||||
# Prevent from disclosing data
|
||||
die() unless ($table eq "biblioitems");
|
||||
die() unless ($table eq "biblioitems");
|
||||
die() unless ($field eq 'publishercode' || $field eq 'collectiontitle');
|
||||
|
||||
binmode STDOUT, ":encoding(UTF-8)";
|
||||
print $input->header( -type => 'text/plain', -charset => 'UTF-8' );
|
||||
|
|
Loading…
Reference in a new issue