Koha-community/Koha
13
7
Fork 0
Code Issues Releases Wiki Activity

Bug 17526: Change grep to deal with malformed sortfield

Browse source 
Giving sortfield a malformed value when viewing lists results in
Internal Server Error.

eg.
http://localhost:8080/cgi-bin/koha/opac-shelves.pl?op=view&shelfnumber=1&sortfield=title(

Note the trailing (

Before Patch: kaboom
apply patch
restart
After Patch: No kaboom

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This commit is contained in:
Mark Tompsett 2019-06-13 19:27:00 +00:00 committed by Martin Renvoize
parent 6a75f99200
commit 42a26a7580
Signed by: martin.renvoize
GPG key ID: 422B469130441A0F
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
opac/opac-shelves.pl
View file

@ -235,7 +235,7 @@ if ( $op eq 'view' ) {
if ( $shelf->can_be_viewed( $loggedinuser ) ) { if ( $shelf->can_be_viewed( $loggedinuser ) ) {
$category = $shelf->category; $category = $shelf->category;
my $sortfield = $query->param('sortfield') || $shelf->sortfield; # Passed in sorting overrides default sorting my $sortfield = $query->param('sortfield') || $shelf->sortfield; # Passed in sorting overrides default sorting
$sortfield = 'title' unless grep {/^$sortfield$/}qw( title author copyrightdate itemcallnumber dateadded ); $sortfield = 'title' unless grep $_ eq $sortfield, qw( title author copyrightdate itemcallnumber dateadded );
my $direction = $query->param('direction') || 'asc'; my $direction = $query->param('direction') || 'asc';
$direction = 'asc' if $direction ne 'asc' and $direction ne 'desc'; $direction = 'asc' if $direction ne 'asc' and $direction ne 'desc';
my ( $page, $rows ); my ( $page, $rows );