Bug 15035: Anti-spam for opac-suggestions - FOLLOW-UP

to test this patch... 1/ enable 'suggestion' and 'AnonSuggestions' sysprefs 2/ edit the koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-suggestions.tt file, to reveal the hidden 'negcap' field replace line 87 opac-suggestions.tt, from... <li id="negcap" style="position: absolute; left: -2000px;"> to ... <li id="negcap"> 3/ attempt to add another suggestion, and populate the 'negcap' field adding the suggestion is supposed to fail, but actually succeeds!? :/ 4/ apply patch 5/ repeat step 3, suggestion attempt should fail as expected modified: opac-suggestions.pl Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com> Confirmed insertion with negcap before patch. With negcap value suggestion fails silently Without negcap suggestion is inserted No errors Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
9 years ago · 6b31947c3b
1 changed files with 4 additions and 1 deletions
--- a/opac/opac-suggestions.pl
+++ b/opac/opac-suggestions.pl
@ -35,7 +35,6 @@ use Koha::DateUtils qw( dt_from_string );
 my $input           = new CGI;
 my $op              = $input->param('op');
 my $suggestion      = $input->Vars;
-delete $suggestion->{negcap};
 my $negcaptcha      = $input->param('negcap');
 my $suggested_by_anyone = $input->param('suggested_by_anyone') || 0;

@ -43,6 +42,10 @@ my $suggested_by_anyone = $input->param('suggested_by_anyone') || 0;
 if ($negcaptcha ) {
    print $input->redirect("/cgi-bin/koha/opac-suggestions.pl");
    exit;
+} else {
+    # don't pass 'negcap' column to DB, else DBI::Class will error
+    # DBIx::Class::Row::store_column(): No such column 'negcap' on Koha::Schema::Result::Suggestion at  Koha/C4/Suggestions.pm
+    delete $suggestion->{negcap};
 }

 #If suggestions are turned off we redirect to 404 error. This will also redirect guest suggestions