Browse Source

Bug 25898: Prohibit indirect object notation

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
20.11.x
Julian Maurice 1 year ago
committed by Jonathan Druart
parent
commit
96cc447045
  1. 2
      .perlcriticrc
  2. 2
      C4/Auth.pm
  3. 2
      C4/AuthoritiesMarc.pm
  4. 6
      C4/Breeding.pm
  5. 2
      C4/Context.pm
  6. 4
      C4/InstallAuth.pm
  7. 2
      C4/Languages.pm
  8. 2
      C4/Record.pm
  9. 2
      C4/SIP/Sip/Configuration.pm
  10. 2
      C4/SIP/t/SIPtest.pm
  11. 2
      C4/SIP/xmlparse.pl
  12. 12
      C4/Search.pm
  13. 8
      C4/Service.pm
  14. 2
      Koha/Illrequest/Logger.pm
  15. 2
      Koha/OAI/Server/DeletedRecord.pm
  16. 2
      Koha/OAI/Server/GetRecord.pm
  17. 6
      Koha/OAI/Server/ListBase.pm
  18. 2
      Koha/OAI/Server/ListIdentifiers.pm
  19. 2
      Koha/OAI/Server/ListRecords.pm
  20. 2
      Koha/OAI/Server/ListSets.pm
  21. 2
      Koha/OAI/Server/Record.pm
  22. 2
      Koha/OAI/Server/Repository.pm
  23. 2
      Koha/Patron/Discharge.pm
  24. 2
      Koha/SuggestionEngine/Plugin/ExplodedTerms.pm
  25. 2
      Koha/pdfformat/layout2pages.pm
  26. 2
      Koha/pdfformat/layout2pagesde.pm
  27. 4
      Koha/pdfformat/layout3pages.pm
  28. 4
      Koha/pdfformat/layout3pagesfr.pm
  29. 4
      about.pl
  30. 2
      acqui/add_user_search.pl
  31. 2
      acqui/addorder.pl
  32. 2
      acqui/addorderiso2709.pl
  33. 2
      acqui/ajax-getauthvaluedropbox.pl
  34. 2
      acqui/basket.pl
  35. 2
      acqui/basketgroup.pl
  36. 2
      acqui/basketheader.pl
  37. 2
      acqui/cancelorder.pl
  38. 2
      acqui/check_budget_total.pl
  39. 2
      acqui/check_uniqueness.pl
  40. 2
      acqui/duplicate_orders.pl
  41. 2
      acqui/finishreceive.pl
  42. 2
      acqui/histsearch.pl
  43. 2
      acqui/invoice-files.pl
  44. 2
      acqui/invoice.pl
  45. 2
      acqui/lateorders-export.pl
  46. 2
      acqui/lateorders.pl
  47. 2
      acqui/modordernotes.pl
  48. 2
      acqui/neworderempty.pl
  49. 2
      acqui/newordersubscription.pl
  50. 2
      acqui/newordersuggestion.pl
  51. 2
      acqui/ordered.pl
  52. 2
      acqui/orderreceive.pl
  53. 2
      acqui/parcel.pl
  54. 2
      acqui/showorder.pl
  55. 2
      acqui/spent.pl
  56. 2
      acqui/transferorder.pl
  57. 2
      acqui/uncertainprice.pl
  58. 2
      acqui/updatesupplier.pl
  59. 2
      acqui/z3950_search.pl
  60. 2
      admin/add_user_search.pl
  61. 2
      admin/additional-fields.pl
  62. 2
      admin/admin-home.pl
  63. 2
      admin/adveditorshortcuts.pl
  64. 2
      admin/aqbudgetperiods.pl
  65. 2
      admin/aqbudgets.pl
  66. 2
      admin/aqcontract.pl
  67. 2
      admin/aqplan.pl
  68. 2
      admin/audio_alerts.pl
  69. 2
      admin/auth_subfields_structure.pl
  70. 2
      admin/auth_tag_structure.pl
  71. 2
      admin/authorised_values.pl
  72. 2
      admin/authtypes.pl
  73. 2
      admin/biblio_framework.pl
  74. 2
      admin/branch_transfer_limits.pl
  75. 2
      admin/categories.pl
  76. 2
      admin/check_budget_parent.pl
  77. 2
      admin/check_parent_total.pl
  78. 2
      admin/checkmarc.pl
  79. 2
      admin/cities.pl
  80. 2
      admin/classsources.pl
  81. 2
      admin/clone-rules.pl
  82. 2
      admin/columns_settings.pl
  83. 2
      admin/credit_types.pl
  84. 2
      admin/debit_types.pl
  85. 2
      admin/desks.pl
  86. 2
      admin/didyoumean.pl
  87. 2
      admin/import_export_framework.pl
  88. 2
      admin/item_circulation_alerts.pl
  89. 2
      admin/items_search_field.pl
  90. 2
      admin/items_search_fields.pl
  91. 2
      admin/itemtypes.pl
  92. 2
      admin/koha2marclinks.pl
  93. 2
      admin/library_groups.pl
  94. 2
      admin/localization.pl
  95. 2
      admin/marc_subfields_structure.pl
  96. 2
      admin/marctagstructure.pl
  97. 2
      admin/matching-rules.pl
  98. 2
      admin/oai_set_mappings.pl
  99. 2
      admin/oai_sets.pl
  100. 2
      admin/patron-attr-types.pl

2
.perlcriticrc

@ -1,5 +1,5 @@
severity = 5
include = ProhibitUnusedVariables
include = ProhibitUnusedVariables Objects::ProhibitIndirectSyntax
exclude = Miscellanea::RequireRcsKeywords
[Perl::Critic::Policy::BuiltinFunctions::ProhibitStringyEval]

2
C4/Auth.pm

@ -1804,7 +1804,7 @@ sub _get_session_params {
sub get_session {
my $sessionID = shift;
my $params = _get_session_params();
return new CGI::Session( $params->{dsn}, $sessionID, $params->{dsn_args} );
return CGI::Session->new( $params->{dsn}, $sessionID, $params->{dsn_args} );
}

2
C4/AuthoritiesMarc.pm

@ -227,7 +227,7 @@ sub SearchAuthorities {
my @oAuth;
my $i;
$oAuth[0]=C4::Context->Zconn("authorityserver" , 1);
my $Anewq= new ZOOM::Query::PQF($query,$oAuth[0]);
my $Anewq= ZOOM::Query::PQF->new($query,$oAuth[0]);
my $oAResult;
$oAResult= $oAuth[0]->search($Anewq) ;
while (($i = ZOOM::event(\@oAuth)) != 0) {

6
C4/Breeding.pm

@ -159,7 +159,7 @@ sub Z3950Search {
$oResult[$s] =
$server->{servertype} eq 'zed'?
$oConnection[$s]->search_pqf( $server_zquery ):
$oConnection[$s]->search(new ZOOM::Query::CQL(
$oConnection[$s]->search(ZOOM::Query::CQL->new(
_translate_query( $server, $squery )));
$s++;
}
@ -430,7 +430,7 @@ sub _isbn_replace {
sub _create_connection {
my ( $server ) = @_;
my $option1= new ZOOM::Options();
my $option1= ZOOM::Options->new();
$option1->option( 'async' => 1 );
$option1->option( 'elementSetName', 'F' );
$option1->option( 'preferredRecordSyntax', $server->{syntax} );
@ -568,7 +568,7 @@ sub Z3950SearchAuth {
}
else {
$oResult[$s] = $oConnection[$s]->search(
new ZOOM::Query::CQL(_translate_query( $server, $squery ))
ZOOM::Query::CQL->new(_translate_query( $server, $squery ))
);
}
$encoding[$s] = ($server->{encoding}?$server->{encoding}:"iso-5426");

2
C4/Context.pm

@ -637,7 +637,7 @@ sub _new_Zconn {
my $password = $context->{"serverinfo"}->{$server}->{"password"};
eval {
# set options
my $o = new ZOOM::Options();
my $o = ZOOM::Options->new();
$o->option(user => $user) if $user && $password;
$o->option(password => $password) if $user && $password;
$o->option(async => 1) if $async;

4
C4/InstallAuth.pm

@ -243,7 +243,7 @@ sub checkauth {
if ( $sessionID = $query->cookie("CGISESSID") ) {
C4::Context->_new_userenv($sessionID);
my $session =
new CGI::Session( "driver:File;serializer:yaml", $sessionID,
CGI::Session->new( "driver:File;serializer:yaml", $sessionID,
{ Directory => $sessdir } );
if ( $session->param('cardnumber') ) {
C4::Context->set_userenv(
@ -283,7 +283,7 @@ sub checkauth {
}
unless ($userid) {
my $session =
new CGI::Session( "driver:File;serializer:yaml", undef, { Directory => $sessdir } );
CGI::Session->new( "driver:File;serializer:yaml", undef, { Directory => $sessdir } );
$sessionID = $session->id;
$userid = $query->param('userid');
C4::Context->_new_userenv($sessionID);

2
C4/Languages.pm

@ -603,7 +603,7 @@ sub getlanguage {
return $cached if $cached;
}
$cgi //= new CGI;
$cgi //= CGI->new;
my $interface = C4::Context->interface;
my $theme = C4::Context->preference( ( $interface eq 'opac' ) ? 'opacthemes' : 'template' );
my $language;

2
C4/Record.pm

@ -375,7 +375,7 @@ sub marc2endnote {
Year => $marc_rec_obj->publication_date,
Abstract => $abstract,
};
my $style = new Biblio::EndnoteStyle();
my $style = Biblio::EndnoteStyle->new();
my $template;
$template.= "DB - DB\n" if C4::Context->preference("LibraryName");
$template.="T1 - Title\n" if $marc_rec_obj->title();

2
C4/SIP/Sip/Configuration.pm

@ -12,7 +12,7 @@ use XML::Simple qw(:strict);
use C4::SIP::Sip qw(siplog);
my $parser = new XML::Simple(
my $parser = XML::Simple->new(
KeyAttr => {
login => '+id',
institution => '+id',

2
C4/SIP/t/SIPtest.pm

@ -263,7 +263,7 @@ sub run_sip_tests {
$Sip::error_detection = 1;
$/ = "\015\012"; # must use correct record separator
$sock = new IO::Socket::INET(PeerAddr => $server,
$sock = IO::Socket::INET->new(PeerAddr => $server,
Type => SOCK_STREAM);
BAIL_OUT('failed to create connection to server') unless $sock;

2
C4/SIP/xmlparse.pl

@ -13,7 +13,7 @@ use English;
use XML::Simple qw(:strict);
use Data::Dumper;
my $parser = new XML::Simple( KeyAttr => { login => '+id',
my $parser = XML::Simple->new( KeyAttr => { login => '+id',
institution => '+id',
service => '+port', },
GroupTags => { listeners => 'service',

12
C4/Search.pm

@ -224,7 +224,7 @@ sub SimpleSearch {
eval {
$zconns[$i] = C4::Context->Zconn( $servers[$i], 1 );
$query =~ s/:/=/g unless $options{skip_normalize};
$zoom_queries[$i] = new ZOOM::Query::CCL2RPN( $query, $zconns[$i]);
$zoom_queries[$i] = ZOOM::Query::CCL2RPN->new( $query, $zconns[$i]);
$tmpresults[$i] = $zconns[$i]->search( $zoom_queries[$i] );
# error handling
@ -337,18 +337,18 @@ sub getRecords {
if ($query_type) {
if ($query_type =~ /^ccl/) {
$query_to_use =~ s/\:/\=/g; # change : to = last minute (FIXME)
$results[$i] = $zconns[$i]->search(new ZOOM::Query::CCL2RPN($query_to_use, $zconns[$i]));
$results[$i] = $zconns[$i]->search(ZOOM::Query::CCL2RPN->new($query_to_use, $zconns[$i]));
} elsif ($query_type =~ /^cql/) {
$results[$i] = $zconns[$i]->search(new ZOOM::Query::CQL($query_to_use, $zconns[$i]));
$results[$i] = $zconns[$i]->search(ZOOM::Query::CQL->new($query_to_use, $zconns[$i]));
} elsif ($query_type =~ /^pqf/) {
$results[$i] = $zconns[$i]->search(new ZOOM::Query::PQF($query_to_use, $zconns[$i]));
$results[$i] = $zconns[$i]->search(ZOOM::Query::PQF->new($query_to_use, $zconns[$i]));
} else {
warn "Unknown query_type '$query_type'. Results undetermined.";
}
} elsif ($scan) {
$results[$i] = $zconns[$i]->scan( new ZOOM::Query::CCL2RPN($query_to_use, $zconns[$i]));
$results[$i] = $zconns[$i]->scan( ZOOM::Query::CCL2RPN->new($query_to_use, $zconns[$i]));
} else {
$results[$i] = $zconns[$i]->search(new ZOOM::Query::CCL2RPN($query_to_use, $zconns[$i]));
$results[$i] = $zconns[$i]->search(ZOOM::Query::CCL2RPN->new($query_to_use, $zconns[$i]));
}
};
if ($@) {

8
C4/Service.pm

@ -86,7 +86,7 @@ passed to C<return_success()>.
sub init {
my ( $class, %needed_flags ) = @_;
our $query = new CGI;
our $query = CGI->new;
my ( $status, $cookie_, $sessionID ) = check_api_auth( $query, \%needed_flags );
@ -94,7 +94,7 @@ sub init {
$class->return_error( 'auth', $status ) if ( $status ne 'ok' );
return ( $query, new C4::Output::JSONStream );
return ( $query, C4::Output::JSONStream->new );
}
=head2 return_error
@ -119,7 +119,7 @@ param => value pairs.
sub return_error {
my ( $class, $type, $error, %flags ) = @_;
my $response = new C4::Output::JSONStream;
my $response = C4::Output::JSONStream->new;
$response->param( message => $error ) if ( $error );
$response->param( type => $type, %flags );
@ -152,7 +152,7 @@ structure verbatim.
sub return_multi {
my ( $class, $responses, @flags ) = @_;
my $response = new C4::Output::JSONStream;
my $response = C4::Output::JSONStream->new;
if ( !@$responses ) {
$class->return_success( $response );

2
Koha/Illrequest/Logger.pm

@ -65,7 +65,7 @@ sub new {
}
};
my $query = new CGI; # To keep C4::Templates::_get_template_file() from complaining
my $query = CGI->new; # To keep C4::Templates::_get_template_file() from complaining
my ( $htdocs, $theme, $lang, $base ) =
C4::Templates::_get_template_file('ill/log/', 'intranet', $query);

2
Koha/OAI/Server/DeletedRecord.pm

@ -30,7 +30,7 @@ sub new {
my $self = $class->SUPER::new(%args);
$timestamp =~ s/ /T/, $timestamp .= 'Z';
$self->header( new HTTP::OAI::Header(
$self->header( HTTP::OAI::Header->new(
status => 'deleted',
identifier => $args{identifier},
datestamp => $timestamp,

2
Koha/OAI/Server/GetRecord.pm

@ -92,7 +92,7 @@ sub new {
{
return HTTP::OAI::Response->new(
requestURL => $repository->self_url(),
errors => [ new HTTP::OAI::Error(
errors => [ HTTP::OAI::Error->new(
code => 'idDoesNotExist',
message => "There is no biblio record with this identifier",
) ],

6
Koha/OAI/Server/ListBase.pm

@ -39,7 +39,7 @@ use MARC::File::XML;
sub GetRecords {
my ($class, $self, $repository, $metadata, %args) = @_;
my $token = new Koha::OAI::Server::ResumptionToken( %args );
my $token = Koha::OAI::Server::ResumptionToken->new( %args );
my $dbh = C4::Context->dbh;
my $set;
if ( defined $token->{'set'} ) {
@ -127,7 +127,7 @@ sub GetRecords {
$count++;
if ( $count > $max ) {
$self->resumptionToken(
new Koha::OAI::Server::ResumptionToken(
Koha::OAI::Server::ResumptionToken->new(
metadataPrefix => $token->{metadata_prefix},
from => $token->{from},
until => $token->{until},
@ -165,7 +165,7 @@ sub GetRecords {
} else {
$timestamp =~ s/ /T/;
$timestamp .= 'Z';
$self->identifier( new HTTP::OAI::Header(
$self->identifier( HTTP::OAI::Header->new(
identifier => $repository->{ koha_identifier} . ':' . $biblionumber,
datestamp => $timestamp,
status => $deleted ? 'deleted' : undef

2
Koha/OAI/Server/ListIdentifiers.pm

@ -35,7 +35,7 @@ sub new {
unless ($count) {
return HTTP::OAI::Response->new(
requestURL => $repository->self_url(),
errors => [ new HTTP::OAI::Error( code => 'noRecordsMatch' ) ],
errors => [ HTTP::OAI::Error->new( code => 'noRecordsMatch' ) ],
);
}

2
Koha/OAI/Server/ListRecords.pm

@ -35,7 +35,7 @@ sub new {
unless ($count) {
return HTTP::OAI::Response->new(
requestURL => $repository->self_url(),
errors => [ new HTTP::OAI::Error( code => 'noRecordsMatch' ) ],
errors => [ HTTP::OAI::Error->new( code => 'noRecordsMatch' ) ],
);
}

2
Koha/OAI/Server/ListSets.pm

@ -54,7 +54,7 @@ sub new {
}
$self->resumptionToken(
new Koha::OAI::Server::ResumptionToken(
Koha::OAI::Server::ResumptionToken->new(
metadataPrefix => $token->{metadata_prefix},
offset => $pos
)

2
Koha/OAI/Server/Record.pm

@ -32,7 +32,7 @@ sub new {
my $self = $class->SUPER::new(%args);
$timestamp =~ s/ /T/, $timestamp .= 'Z';
$self->header( new HTTP::OAI::Header(
$self->header( HTTP::OAI::Header->new(
identifier => $args{identifier},
datestamp => $timestamp,
) );

2
Koha/OAI/Server/Repository.pm

@ -127,7 +127,7 @@ sub new {
# Is metadataPrefix supported by the repository?
my $mdp = param('metadataPrefix') || '';
if ( $mdp && !grep { $_ eq $mdp } @{$self->{ koha_metadata_format }} ) {
push @errs, new HTTP::OAI::Error(
push @errs, HTTP::OAI::Error->new(
code => 'cannotDisseminateFormat',
message => "Dissemination as '$mdp' is not supported",
);

2
Koha/Patron/Discharge.pm

@ -118,7 +118,7 @@ sub generate_as_pdf {
$letter->{'title'} =~ s/<<today>>/$today/g;
$letter->{'content'} =~ s/<<today>>/$today/g;
my $tmpl = C4::Templates::gettemplate('batch/print-notices.tt', 'intranet', new CGI);
my $tmpl = C4::Templates::gettemplate('batch/print-notices.tt', 'intranet', CGI->new);
$tmpl->param(
stylesheet => C4::Context->preference("NoticeCSS"),
today => $today,

2
Koha/SuggestionEngine/Plugin/ExplodedTerms.pm

@ -79,7 +79,7 @@ sub get_suggestions {
'su-br',
'su-rl'
);
my $cgi = new CGI;
my $cgi = CGI->new;
my $template = C4::Templates::gettemplate('text/explodedterms.tt', 'opac', $cgi);
my @results;
foreach my $index (@indexes) {

2
Koha/pdfformat/layout2pages.pm

@ -57,7 +57,7 @@ sub printorders {
$pdf->mediabox($height/mm, $width/mm);
my $page = $pdf->page();
my $pdftable = new PDF::Table();
my $pdftable = PDF::Table->new();
my $abaskets;
my $arrbasket;

2
Koha/pdfformat/layout2pagesde.pm

@ -57,7 +57,7 @@ sub printorders {
$pdf->mediabox($height/mm, $width/mm);
my $page = $pdf->page();
my $pdftable = new PDF::Table();
my $pdftable = PDF::Table->new();
my $abaskets;
my $arrbasket;

4
Koha/pdfformat/layout3pages.pm

@ -82,7 +82,7 @@ sub printorders {
. ( $delivery_library ? "delivery at " . $delivery_library->branchname : "" )
);
my $pdftable = new PDF::Table();
my $pdftable = PDF::Table->new();
my $abaskets;
my $arrbasket;
my @keys = ('Document', 'Qty', 'RRP tax exc.', 'RRP tax inc.', 'Discount', 'Discount price', 'Tax rate', 'Total tax exc.', 'Total tax inc.');
@ -200,7 +200,7 @@ sub printbaskets {
$text->font( $pdf->corefont("Times", -encoding => "utf8"), 6/mm );
$text->translate(30/mm, ($height-28.5)/mm);
$text->text($libraryname);
my $pdftable = new PDF::Table();
my $pdftable = PDF::Table->new();
my $abaskets;
my $arrbasket;
# header of the table

4
Koha/pdfformat/layout3pagesfr.pm

@ -82,7 +82,7 @@ sub printorders {
. ( $delivery_library ? "livraison à " . $delivery_library->branchname : "" )
);
my $pdftable = new PDF::Table();
my $pdftable = PDF::Table->new();
my $abaskets;
my $arrbasket;
my @keys = ('Document', 'Qté', 'Prix', 'Prix net', '% Remise', 'Remise', 'Taux TVA', 'Total HT', 'Total TTC');
@ -201,7 +201,7 @@ sub printbaskets {
$text->font( $pdf->corefont("Times", -encoding => "utf8"), 6/mm );
$text->translate(30/mm, ($height-28.5)/mm);
$text->text($libraryname);
my $pdftable = new PDF::Table();
my $pdftable = PDF::Table->new();
my $abaskets;
my $arrbasket;
# header of the table

4
about.pl

@ -60,7 +60,7 @@ use C4::Members::Statistics;
#use Smart::Comments '####';
my $query = new CGI;
my $query = CGI->new;
my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
{
template_name => "about.tt",
@ -208,7 +208,7 @@ my $warnNoActiveCurrency = (! defined Koha::Acquisition::Currencies->get_active)
my @xml_config_warnings;
my $context = new C4::Context;
my $context = C4::Context->new;
if ( C4::Context->config('zebra_bib_index_mode')
and C4::Context->config('zebra_bib_index_mode') eq 'grs1' )

2
acqui/add_user_search.pl

@ -26,7 +26,7 @@ use C4::Members;
use Koha::Patron::Categories;
my $input = new CGI;
my $input = CGI->new;
my $dbh = C4::Context->dbh;

2
acqui/addorder.pl

@ -135,7 +135,7 @@ use C4::Barcodes;
# FIXME: This needs to do actual error checking and possibly return user to the same form,
# not just blindly call C4 functions and print a redirect.
my $input = new CGI;
my $input = CGI->new;
my $use_ACQ_framework = $input->param('use_ACQ_framework');
# Check if order total amount exceed allowed budget

2
acqui/addorderiso2709.pl

@ -50,7 +50,7 @@ use Koha::Acquisition::Orders;
use Koha::Acquisition::Booksellers;
use Koha::Patrons;
my $input = new CGI;
my $input = CGI->new;
my ($template, $loggedinuser, $cookie, $userflags) = get_template_and_user({
template_name => "acqui/addorderiso2709.tt",
query => $input,

2
acqui/ajax-getauthvaluedropbox.pl

@ -62,7 +62,7 @@ unless ($status eq "ok") {
exit 0;
}
my $input = new CGI;
my $input = CGI->new;
my $name = $input->param('name');
my $category = $input->param('category');
my $default = $input->param('default');

2
acqui/basket.pl

@ -74,7 +74,7 @@ the supplier this script have to display the basket.
=cut
our $query = new CGI;
our $query = CGI->new;
our $basketno = $query->param('basketno');
our $ean = $query->param('ean');
our $booksellerid = $query->param('booksellerid');

2
acqui/basketgroup.pl

@ -59,7 +59,7 @@ use Koha::Acquisition::Booksellers;
use Koha::ItemTypes;
use Koha::Patrons;
our $input=new CGI;
our $input=CGI->new;
our ($template, $loggedinuser, $cookie)
= get_template_and_user({template_name => "acqui/basketgroup.tt",

2
acqui/basketheader.pl

@ -57,7 +57,7 @@ use Koha::Acquisition::Booksellers;
use Koha::Acquisition::Baskets;
use Koha::AdditionalFields;
my $input = new CGI;
my $input = CGI->new;
my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
{
template_name => "acqui/basketheader.tt",

2
acqui/cancelorder.pl

@ -37,7 +37,7 @@ use C4::Output;
use C4::Acquisition;
use Koha::Acquisition::Baskets;
my $input = new CGI;
my $input = CGI->new;
my ($template, $loggedinuser, $cookie, $flags) = get_template_and_user( {
template_name => 'acqui/cancelorder.tt',
query => $input,

2
acqui/check_budget_total.pl

@ -30,7 +30,7 @@ fetches the budget amount fron the DB
=cut
my $input = new CGI;
my $input = CGI->new;
my $budget_id = $input->param('budget_id');
my $total = $input->param('total');

2
acqui/check_uniqueness.pl

@ -36,7 +36,7 @@ use JSON;
use C4::Output;
use C4::Items;
my $input = new CGI;
my $input = CGI->new;
my @field = $input->multi_param('field[]');
my @value = $input->multi_param('value[]');

2
acqui/duplicate_orders.pl

@ -30,7 +30,7 @@ use Koha::Acquisition::Currencies;
use Koha::Acquisition::Orders;
use Koha::DateUtils qw(dt_from_string output_pref);
my $input = new CGI;
my $input = CGI->new;
my $basketno = $input->param('basketno');
my $op = $input->param('op') || 'search'; # search, select, batch_edit

2
acqui/finishreceive.pl

@ -36,7 +36,7 @@ use Koha::Acquisition::Orders;
use List::MoreUtils qw/any/;
my $input=new CGI;
my $input=CGI->new;
my $flagsrequired = {acquisition => 'order_receive'};
checkauth($input, 0, $flagsrequired, 'intranet');

2
acqui/histsearch.pl

@ -59,7 +59,7 @@ use C4::Koha;
use Koha::AdditionalFields;
use Koha::DateUtils;
my $input = new CGI;
my $input = CGI->new;
my $do_search = $input->param('do_search') || 0;
my $dbh = C4::Context->dbh;

2
acqui/invoice-files.pl

@ -35,7 +35,7 @@ use C4::Output;
use C4::Acquisition;
use Koha::Misc::Files;
my $input = new CGI;
my $input = CGI->new;
my ( $template, $loggedinuser, $cookie, $flags ) = get_template_and_user(
{
template_name => 'acqui/invoice-files.tt',

2
acqui/invoice.pl

@ -40,7 +40,7 @@ use Koha::DateUtils;
use Koha::Misc::Files;
use Koha::Acquisition::Invoice::Adjustments;
my $input = new CGI;
my $input = CGI->new;
my ( $template, $loggedinuser, $cookie, $flags ) = get_template_and_user(
{
template_name => 'acqui/invoice.tt',

2
acqui/lateorders-export.pl

@ -24,7 +24,7 @@ use C4::Acquisition;
use C4::Output;
use C4::Context;
my $input = new CGI;
my $input = CGI->new;
my ($template, $loggedinuser, $cookie) = get_template_and_user({
template_name => "acqui/csv/lateorders.tt",
query => $input,

2
acqui/lateorders.pl

@ -55,7 +55,7 @@ use Koha::DateUtils;
use Koha::Acquisition::Orders;
use Koha::CsvProfiles;
my $input = new CGI;
my $input = CGI->new;
my ($template, $loggedinuser, $cookie) = get_template_and_user(
{
template_name => "acqui/lateorders.tt",

2
acqui/modordernotes.pl

@ -35,7 +35,7 @@ use C4::Acquisition;
use Koha::Acquisition::Booksellers;
my $input = new CGI;
my $input = CGI->new;
my ($template, $loggedinuser, $cookie, $flags) = get_template_and_user( {
template_name => 'acqui/modordernotes.tt',
query => $input,

2
acqui/neworderempty.pl

@ -94,7 +94,7 @@ use Koha::Patrons;
use Koha::RecordProcessor;
use Koha::Subscriptions;
our $input = new CGI;
our $input = CGI->new;
my $booksellerid = $input->param('booksellerid'); # FIXME: else ERROR!
my $budget_id = $input->param('budget_id') || 0;
my $title = $input->param('title');

2
acqui/newordersubscription.pl

@ -27,7 +27,7 @@ use C4::Serials;
use Koha::Acquisition::Booksellers;
my $query = new CGI;
my $query = CGI->new;
my $title = $query->param('title_filter');
my $ISSN = $query->param('ISSN_filter');
my $EAN = $query->param('EAN_filter');

2
acqui/newordersuggestion.pl

@ -99,7 +99,7 @@ use C4::Budgets;
use Koha::Acquisition::Booksellers;
my $input = new CGI;
my $input = CGI->new;
# getting the CGI params
my $basketno = $input->param('basketno');

2
acqui/ordered.pl

@ -36,7 +36,7 @@ use Koha::Acquisition::Invoice::Adjustments;
use C4::Acquisition;
my $dbh = C4::Context->dbh;
my $input = new CGI;
my $input = CGI->new;
my $fund_id = $input->param('fund');
my $fund_code = $input->param('fund_code');

2
acqui/orderreceive.pl

@ -79,7 +79,7 @@ use Koha::DateUtils qw( dt_from_string );
use Koha::ItemTypes;
use Koha::Patrons;
my $input = new CGI;
my $input = CGI->new;
my $dbh = C4::Context->dbh;
my $invoiceid = $input->param('invoiceid');

2
acqui/parcel.pl

@ -74,7 +74,7 @@ use Koha::Biblios;
use JSON;
my $input=new CGI;
my $input=CGI->new;
my $sticky_filters = $input->param('sticky_filters') || 0;
my ($template, $loggedinuser, $cookie)

2
acqui/showorder.pl

@ -24,7 +24,7 @@ use C4::Output;
use Koha::Acquisition::Orders;
use Koha::Patrons;
my $cgi = new CGI;
my $cgi = CGI->new;
my ( $template, $loggedinuser, $cookie ) = get_template_and_user({
template_name => "acqui/showorder.tt",
query => $cgi,

2
acqui/spent.pl

@ -38,7 +38,7 @@ use C4::Acquisition;
use Koha::Acquisition::Invoice::Adjustments;
my $dbh = C4::Context->dbh;
my $input = new CGI;
my $input = CGI->new;
my $bookfund = $input->param('fund');
my $fund_code = $input->param('fund_code');

2
acqui/transferorder.pl

@ -28,7 +28,7 @@ use C4::Context;
use C4::Acquisition;
use Koha::Acquisition::Booksellers;
my $input = new CGI;
my $input = CGI->new;
my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
{ template_name => "acqui/transferorder.tt",
query => $input,

2
acqui/uncertainprice.pl

@ -55,7 +55,7 @@ use C4::Biblio qw/GetBiblioData/;
use Koha::Acquisition::Booksellers;
use Koha::Acquisition::Baskets;
my $input=new CGI;
my $input=CGI->new;
my ($template, $loggedinuser, $cookie)
= get_template_and_user({template_name => "acqui/uncertainprice.tt",

2
acqui/updatesupplier.pl

@ -58,7 +58,7 @@ use Koha::Acquisition::Bookseller::Contacts;
use Koha::Acquisition::Booksellers;
use CGI qw ( -utf8 );
my $input=new CGI;
my $input=CGI->new;
checkauth( $input, 0, { acquisition => 'vendors_manage' }, 'intranet' );

2
acqui/z3950_search.pl

@ -31,7 +31,7 @@ use C4::Koha;
use Koha::Acquisition::Booksellers;
use Koha::BiblioFrameworks;
my $input = new CGI;
my $input = CGI->new;
my $biblionumber = $input->param('biblionumber')||0;
my $frameworkcode = $input->param('frameworkcode') || q{};
my $title = $input->param('title');

2
admin/add_user_search.pl

@ -26,7 +26,7 @@ use C4::Members;
use Koha::Patron::Categories;
my $input = new CGI;
my $input = CGI->new;
my $dbh = C4::Context->dbh;

2
admin/additional-fields.pl

@ -23,7 +23,7 @@ use C4::Koha;
use C4::Output;
use Koha::AdditionalFields;
my $input = new CGI;
my $input = CGI->new;
my %flagsrequired;
$flagsrequired{parameters} = 'manage_additional_fields';

2
admin/admin-home.pl

@ -22,7 +22,7 @@ use C4::Auth;
use C4::Output;
use Koha::Plugins;
my $query = new CGI;
my $query = CGI->new;
my $plugins_enabled = C4::Context->config("enable_plugins");
my $mana_url = C4::Context->config('mana_config');

2
admin/adveditorshortcuts.pl

@ -43,7 +43,7 @@ use CGI qw ( -utf8 );
use C4::Koha;
use Koha::KeyboardShortcuts;
my $input = new CGI;
my $input = CGI->new;
my $op = $input->param('op') || 'list';
my ( $template, $loggedinuser, $cookie ) = get_template_and_user(

2
admin/aqbudgetperiods.pl

@ -61,7 +61,7 @@ use Koha::Acquisition::Currencies;
my $dbh = C4::Context->dbh;
my $input = new CGI;
my $input = CGI->new;
my $searchfield = $input->param('searchfield') // '';
my $budget_period_id = $input->param('budget_period_id');

2
admin/aqbudgets.pl

@ -36,7 +36,7 @@ use C4::Debug;
use Koha::Acquisition::Currencies;
use Koha::Patrons;
my $input = new CGI;
my $input = CGI->new;
my $dbh = C4::Context->dbh;
my ($template, $borrowernumber, $cookie, $staffflags ) = get_template_and_user(

2
admin/aqcontract.pl

@ -30,7 +30,7 @@ use Koha::DateUtils;
use Koha::Acquisition::Booksellers;
my $input = new CGI;
my $input = CGI->new;
my $contractnumber = $input->param('contractnumber');
my $booksellerid = $input->param('booksellerid');
my $op = $input->param('op') || 'list';

2
admin/aqplan.pl

@ -36,7 +36,7 @@ use C4::Auth;
use C4::Debug;
use Koha::Acquisition::Currencies;
our $input = new CGI;
our $input = CGI->new;
#### $input
my $dbh = C4::Context->dbh;

2
admin/audio_alerts.pl

@ -25,7 +25,7 @@ use C4::Output;
use Koha::AudioAlert;
use Koha::AudioAlerts;
my $cgi = new CGI;
my $cgi = CGI->new;
my $selector = $cgi->param('selector');
my $sound = $cgi->param('sound');

2
admin/auth_subfields_structure.pl

@ -48,7 +48,7 @@ sub auth_subfield_structure_exists {
return @$rows > 0;
}
my $input = new CGI;
my $input = CGI->new;
my $tagfield = $input->param('tagfield');
my $tagsubfield = $input->param('tagsubfield');
my $authtypecode = $input->param('authtypecode');

2
admin/auth_tag_structure.pl

@ -29,7 +29,7 @@ use C4::Context;
use Koha::Authority::Types;
# retrieve parameters
my $input = new CGI;
my $input = CGI->new;
my $authtypecode = $input->param('authtypecode') || ''; # set to select framework
my $existingauthtypecode = $input->param('existingauthtypecode') || ''; # set when we have to create a new framework (in authtype) by copying an old one (in existingauthtype)

2
admin/authorised_values.pl

@ -31,7 +31,7 @@ use Koha::AuthorisedValues;
use Koha::AuthorisedValueCategories;
use Koha::Libraries;
my $input = new CGI;
my $input = CGI->new;
my $id = $input->param('id');
my $op = $input->param('op') || 'list';
my $searchfield = $input->param('searchfield');

2
admin/authtypes.pl

@ -28,7 +28,7 @@ use C4::Output;
use Koha::Authorities;
use Koha::Authority::Types;
my $input = new CGI;
my $input = CGI->new;
my $authtypecode = $input->param('authtypecode');
my $op = $input->param('op') || 'list';
my @messages;

2
admin/biblio_framework.pl

@ -28,7 +28,7 @@ use Koha::BiblioFramework;
use Koha::BiblioFrameworks;
use Koha::Caches;
my $input = new CGI;
my $input = CGI->new;
my $frameworkcode = $input->param('frameworkcode') || q||;
my $op = $input->param('op') || q|list|;
my $cache = Koha::Caches->get_instance();

2
admin/branch_transfer_limits.pl

@ -27,7 +27,7 @@ use C4::Output;
use C4::Koha;
use C4::Circulation qw{ IsBranchTransferAllowed DeleteBranchTransferLimits CreateBranchTransferLimit };
my $input = new CGI;
my $input = CGI->new;
my ($template, $loggedinuser, $cookie)
= get_template_and_user({template_name => "admin/branch_transfer_limits.tt",

2
admin/categories.pl

@ -31,7 +31,7 @@ use Koha::DateUtils;
use Koha::Patron::Categories;
use Koha::Libraries;
my $input = new CGI;
my $input = CGI->new;
my $searchfield = $input->param('description') // q||;
my $categorycode = $input->param('categorycode');
my $op = $input->param('op') // 'list';

2
admin/check_budget_parent.pl

@ -31,7 +31,7 @@ called by aqbudgets.pl and neworderempty.pl
=cut
my $input = new CGI;
my $input = CGI->new;
my $budget_id = $input->param('budget_id');
my $new_parent_id = $input->param('new_parent');

2
admin/check_parent_total.pl

@ -34,7 +34,7 @@ to determine whether the new parent budget (or period) has enough unallocated fu
=cut
my $dbh = C4::Context->dbh;
my $input = new CGI;
my $input = CGI->new;
my $total = $input->param('total');
my $budget_id = $input->param('budget_id');

2
admin/checkmarc.pl

@ -26,7 +26,7 @@ use C4::Context;
use C4::Biblio;
my $input = new CGI;
my $input = CGI->new;
my ($template, $borrowernumber, $cookie)
= get_template_and_user({template_name => "admin/checkmarc.tt",

2
admin/cities.pl

@ -26,7 +26,7 @@ use C4::Output;
use Koha::Cities;
my $input = new CGI;
my $input = CGI->new;
my $city_name_filter = $input->param('city_name_filter') // q||;
my $cityid = $input->param('cityid');
my $op = $input->param('op') || 'list';

2
admin/classsources.pl

@ -33,7 +33,7 @@ use Koha::ClassSplitRules;
my $script_name = "/cgi-bin/koha/admin/classsources.pl";
my $input = new CGI;
my $input = CGI->new;
my $op = $input->param('op') || 'list';
my $cn_source = $input->param('cn_source');
my $class_sort_rule = $input->param('class_sort_rule');

2
admin/clone-rules.pl

@ -34,7 +34,7 @@ use C4::Koha;
use C4::Debug;
use Koha::CirculationRules;
my $input = new CGI;
my $input = CGI->new;
my ($template, $loggedinuser, $cookie)
= get_template_and_user({template_name => "admin/clone-rules.tt",

2
admin/columns_settings.pl

@ -7,7 +7,7 @@ use C4::Auth;
use C4::Context;
use C4::Output;
use C4::Utils::DataTables::TablesSettings qw( get_modules );
my $input = new CGI;
my $input = CGI->new;
my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
{

2
admin/credit_types.pl

@ -28,7 +28,7 @@ use C4::Output;
use Koha::Account::CreditType;
use Koha::Account::CreditTypes;
my $input = new CGI;
my $input = CGI->new;
my $code = $input->param('code');
my $op = $input->param('op') || 'list';
my @messages;

2
admin/debit_types.pl

@ -28,7 +28,7 @@ use C4::Output;
use Koha::Account::DebitType;
use Koha::Account::DebitTypes;
my $input = new CGI;
my $input = CGI->new;
my $code = $input->param('code');
my $op = $input->param('op') || 'list';
my @messages;

2
admin/desks.pl

@ -26,7 +26,7 @@ use C4::Output;
use Koha::Desks;
my $input = new CGI;
my $input = CGI->new;
my $searchfield = $input->param('desk_name') // q||;
my $desk_id = $input->param('desk_id') || '';
my $op = $input->param('op') || 'list';

2
admin/didyoumean.pl

@ -9,7 +9,7 @@ use Koha::SuggestionEngine;
use Module::Load::Conditional qw(can_load);
use JSON;
my $input = new CGI;
my $input = CGI->new;
my ($template, $loggedinuser, $cookie)
= get_template_and_user({template_name => "admin/didyoumean.tt",

2
admin/import_export_framework.pl

@ -38,7 +38,7 @@ if ($auth_status eq 'ok') {
$authenticated = 1;
}
my $input = new CGI;
my $input = CGI->new;
unless ($authenticated) {