Bug 36092: Pass sessionID at the end of get_template_and_user
It seems safer to pass the logged in user and session info at the end of the sub. Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This commit is contained in:
parent
3a053ebdf9
commit
7d95c64048
GPG key ID:
A085E712BEF0E0F0
1 changed files with 7 additions and 9 deletions
16
C4/Auth.pm
16
C4/Auth.pm
|
|
@ -292,12 +292,12 @@ sub get_template_and_user {
|
|||
}
|
||||
|
||||
my $borrowernumber;
|
||||
my $patron;
|
||||
if ($user) {
|
||||
|
||||
# It's possible for $user to be the borrowernumber if they don't have a
|
||||
# userid defined (and are logging in through some other method, such
|
||||
# as SSL certs against an email address)
|
||||
my $patron;
|
||||
$borrowernumber = getborrowernumber($user) if defined($user);
|
||||
if ( !defined($borrowernumber) && defined($user) ) {
|
||||
$patron = Koha::Patrons->find( $user );
|
||||
|
|
@ -313,12 +313,6 @@ sub get_template_and_user {
|
|||
# FIXME What to do if $patron does not exist?
|
||||
}
|
||||
|
||||
# user info
|
||||
$template->param( loggedinusername => $user ); # OBSOLETE - Do not reuse this in template, use logged_in_user.userid instead
|
||||
$template->param( loggedinusernumber => $borrowernumber ); # FIXME Should be replaced with logged_in_user.borrowernumber
|
||||
$template->param( logged_in_user => $patron );
|
||||
$template->param( sessionID => $sessionID );
|
||||
|
||||
if ( $in->{'type'} eq 'opac' ) {
|
||||
require Koha::Virtualshelves;
|
||||
my $some_private_shelves = Koha::Virtualshelves->get_some_shelves(
|
||||
|
|
@ -407,8 +401,6 @@ sub get_template_and_user {
|
|||
}
|
||||
}
|
||||
|
||||
$template->param( sessionID => $sessionID );
|
||||
|
||||
if ( $in->{'type'} eq 'opac' ){
|
||||
require Koha::Virtualshelves;
|
||||
my $some_public_shelves = Koha::Virtualshelves->get_some_shelves(
|
||||
|
|
@ -632,6 +624,12 @@ sub get_template_and_user {
|
|||
$cookie = $cookie_mgr->replace_in_list( $cookie, $languagecookie );
|
||||
}
|
||||
|
||||
# user info
|
||||
$template->param( loggedinusername => $user ); # OBSOLETE - Do not reuse this in template, use logged_in_user.userid instead
|
||||
$template->param( loggedinusernumber => $borrowernumber ); # FIXME Should be replaced with logged_in_user.borrowernumber
|
||||
$template->param( logged_in_user => $patron );
|
||||
$template->param( sessionID => $sessionID );
|
||||
|
||||
return ( $template, $borrowernumber, $cookie, $flags );
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue