Koha-community/Koha
13
7
Fork 0
Code Issues Releases Wiki Activity

Bug 28947: Prevent OPAC user to create new users

Browse source 
This patch prevents an existing user from exploiting the patron edit form in order to
force create new patrons

To test:
Try all combinations of PatronSelfRegistration and PatronSelfRegistrationVerifyByEmail
with and without this patch.

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This commit is contained in:
Jonathan Druart 2021-09-03 12:01:12 +02:00 committed by Kyle M Hall
parent 5513a5d2ed
commit e4f441cc14
1 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
opac/opac-memberentry.pl
View file

@ -64,6 +64,11 @@ unless ( C4::Context->preference('PatronSelfRegistration') || $borrowernumber )
}
my $action = $cgi->param('action') || q{};
if ( $borrowernumber && ( $action eq 'create' || $action eq 'new' ) ) {
print $cgi->redirect("/cgi-bin/koha/opac-main.pl");
exit;
}
if ( $action eq q{} ) {
if ($borrowernumber) {
$action = 'edit';