Koha-community/Koha
13
7
Fork 0
Code Issues Releases Wiki Activity
Main Koha release repository https://koha-community.org
22802 commits 35 branches 616 tags 1.8 GiB
Perl 45.6%
JavaScript 39.3%
HTML 7.2%
XSLT 3.7%
Vue 1.4%
Other 2.3%
Find a file
Martin Renvoize 229a3b329c Bug 12954: Failed login should retain anonymous session 
A failed login should not leave the user in a half logged authenticated
state, but rather return them to an anonymouse session as per the
pre-login attempt state.

To replicate error:
1. Try to log in with some nonexisting user id or wrong password in the
   OPAC
2. Go directly to /opac-user.pl (e.g., enter it in the browser address
   bar, or just click on the "Log in" link)
3. Observe a DBI error displayed on the screen
4. You are now in the "deadloop" of sorts (opac/opac-user.pl refuses to
   display the login screen, no matter how many times you try to reload
   it); to break the deadloop, one needs to:
   - remove session cookie from the browser (or cause the session to
     expire in some other way - closing browser window would be probably
     enough for that)
   - remove offending session on the server (from mysql sessions table,
    ..)
   - log in with proper credentials using some other page (like
     opac/opac-main.pl right-side panel), which does not involve
     opac/opac-user.pl being called without "userid" CGI parameter.

To test:
1. Test as above, the DBI error should no longer be present
2. Check that search history works across failed and sucessful login
   attempts

Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>

Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
2015-01-22 18:37:03 -03:00
acqui Bug 13001: The total for received order should be based on the unitprice 2015-01-21 11:26:04 -03:00
admin Revert "Bug 12279: Diacritics in system preference editor broken" 2015-01-13 13:07:37 -03:00
authorities Bug 11944: use CGI( -utf8 ) everywhere 2015-01-13 13:07:21 -03:00
basket Bug 11944: Fix encoding on sending emails 2015-01-13 13:07:24 -03:00
C4 Bug 12954: Failed login should retain anonymous session 2015-01-22 18:37:03 -03:00
catalogue Bug 11944: decode uri_unescape data 2015-01-13 13:07:43 -03:00
cataloguing Bug 13204: Plugin housekeeping: Remove labs_theses.pl plugin 2015-01-14 21:26:42 -03:00
circ Bug 11944: use CGI( -utf8 ) everywhere 2015-01-13 13:07:21 -03:00
course_reserves Bug 11944: use CGI( -utf8 ) everywhere 2015-01-13 13:07:21 -03:00
debian Bug 11927 - Add gr install option 2015-01-21 10:58:58 -03:00
docs Bug 7143: Adding releases to history file 2015-01-21 11:04:09 -03:00
errors Bug 11944: use CGI( -utf8 ) everywhere 2015-01-13 13:07:21 -03:00
etc Bug 11927 - Add greek support to CHR (followup) 2015-01-22 18:22:04 -03:00
install_misc GRS-1 deprecation leftover used by jenkins 2015-01-13 15:30:31 -03:00
installer Bug 13577: Add the utf8_unicode_ci COLLATE to all tables 2015-01-17 10:28:44 -03:00
Koha Bug 12973: Allow passing code to XSLT_Handler instead of filename 2015-01-18 10:29:10 -03:00
koha-tmpl Bug 13609: Cross Site Scripting problem in authority search result list paging 2015-01-22 16:39:14 -03:00
labels Bug 11944: use CGI( -utf8 ) everywhere 2015-01-13 13:07:21 -03:00
members Bug 13525 - Date sorting on accounts (fines) tab doesn't work correctly 2015-01-21 11:23:42 -03:00
misc Bug 13530: Typo in bulkmarcimport 2015-01-14 10:28:30 -03:00
offline_circ Bug 11944: use CGI( -utf8 ) everywhere 2015-01-13 13:07:21 -03:00
opac Bug 13526 - Mandatory fields should not be able to be hidden in borrower self-registration 2015-01-18 10:45:10 -03:00
OpenILS Bug 9239 QA follow-up: remove stray debug code 2013-03-16 21:32:34 -04:00
patron_lists Bug 11944: use CGI( -utf8 ) everywhere 2015-01-13 13:07:21 -03:00
patroncards Bug 11944: use CGI( -utf8 ) everywhere 2015-01-13 13:07:21 -03:00
plugins Bug 11944: use CGI( -utf8 ) everywhere 2015-01-13 13:07:21 -03:00
reports Bug 11944: Remove bad FIXME in guided_report 2015-01-13 13:07:31 -03:00
reserve Bug 11944: use CGI( -utf8 ) everywhere 2015-01-13 13:07:21 -03:00
reviews Bug 11944: use CGI( -utf8 ) everywhere 2015-01-13 13:07:21 -03:00
rotating_collections Bug 11944: use CGI( -utf8 ) everywhere 2015-01-13 13:07:21 -03:00
selenium Adding selenium tests for filterMembers 2009-09-30 11:30:37 +02:00
serials Bug 11944: use CGI( -utf8 ) everywhere 2015-01-13 13:07:21 -03:00
services Bug 11944: use CGI( -utf8 ) everywhere 2015-01-13 13:07:21 -03:00
skel Bug 11078: Add locking to rebuild_zebra 2014-02-28 22:21:41 +00:00
sms Bug 11944: use CGI( -utf8 ) everywhere 2015-01-13 13:07:21 -03:00
suggestion Bug 11944: use CGI( -utf8 ) everywhere 2015-01-13 13:07:21 -03:00
svc Bug 11944: use CGI( -utf8 ) everywhere 2015-01-13 13:07:21 -03:00
t Bug 12973: (QA followup) warnings are features, test them 2015-01-18 10:29:19 -03:00
tags Bug 11944: use CGI( -utf8 ) everywhere 2015-01-13 13:07:21 -03:00
test Bug 11944: use CGI( -utf8 ) everywhere 2015-01-13 13:07:21 -03:00
tmp/modified_authorities
tools Bug 11944: use CGI( -utf8 ) everywhere 2015-01-13 13:07:21 -03:00
virtualshelves Bug 11944: Fix encoding on sending emails 2015-01-13 13:07:24 -03:00
xt Bug 13199: follow up to fix Licence and some koha-qa errors 2014-11-20 09:47:54 -03:00
.editorconfig Bug 12545: Add EditorConfig.org file to the source tree 2014-08-22 11:07:45 -03:00
.htaccess Fix file permissions: if it is not a script, it should not be executable. 2010-04-16 00:40:34 -04:00
.mailmap Bug 13314: Follow-up for m.de.rooy in .mailmap 2014-11-26 11:16:18 -03:00
about.pl Bug 13579: Open history.txt using utf-8 encoding 2015-01-14 12:24:48 -03:00
changelanguage.pl Bug 11944: use CGI( -utf8 ) everywhere 2015-01-13 13:07:21 -03:00
edithelp.pl Bug 11944: use CGI( -utf8 ) everywhere 2015-01-13 13:07:21 -03:00
fix-perl-path.PL installer: improvements to fix-path-perl.PL on Win32 2007-12-20 19:20:12 -06:00
help.pl Bug 11944: use CGI( -utf8 ) everywhere 2015-01-13 13:07:21 -03:00
INSTALL Bug 7759, update of install files to use background indexing (and some whitespace tidy) 2012-04-20 16:11:52 +02:00
install-CPAN.pl Bug 5370: Fix all the references to koha.org 2010-11-08 09:41:49 +13:00
INSTALL.debian Bug 8092 follow-up: Add optional dependency on CHI 2012-06-09 13:08:18 +02:00
INSTALL.fedora7 Bug 11757: remove dependency on POE 2014-02-15 01:38:15 +00:00
INSTALL.opensuse Bug 11757: remove dependency on POE 2014-02-15 01:38:15 +00:00
INSTALL.ubuntu Bug 7764: (follow-up) editorial tweaks 2013-10-04 16:27:55 +00:00
koha_perl_deps.pl bug 10548: fix count of missing required dependencies by koha_perl_deps.pl 2013-07-11 14:03:32 +00:00
kohaversion.pl Bug 11944: DBRev 3.19.00.006 2015-01-13 13:13:02 -03:00
LICENSE Bug 9440 - update Koha's LICENSE file from GPL2 to GPL3 2013-02-12 08:52:10 -05:00
mainpage.pl Bug 11944: use CGI( -utf8 ) everywhere 2015-01-13 13:07:21 -03:00
Makefile.PL Bug 11927 - Add gr install option 2015-01-21 10:58:58 -03:00
MANIFEST.SKIP Bug 9546 : Updating make manifest tardist 2013-02-06 23:54:46 -05:00
README Bug 9440 - update Koha's LICENSE file from GPL2 to GPL3 2013-02-12 08:52:10 -05:00
README.robots Bug 6411 add another example to README.robots 2011-07-05 14:48:05 +12:00
rewrite-config.PL Bug 12031: [QA Follow-up] Undefined routine and change to koha-conf.xml 2014-10-27 10:38:11 -03:00

README 

Koha is a free software integrated library system.

Koha is distributed under the GNU GPL version 3 or later.
Please read the file LICENSE for more details.

To install or upgrade Koha, please see the INSTALL file appropriate
to your platform.

Report bugs at http://bugs.koha-community.org/

Visit the Koha Project website at http://www.koha-community.org/