Koha-community/Koha
13
7
Fork 0
Code Issues Releases Wiki Activity
Main Koha release repository https://koha-community.org
28131 commits 35 branches 612 tags 1.8 GiB
Perl 45.3%
JavaScript 39.4%
HTML 7.2%
XSLT 3.9%
Vue 1.4%
Other 2.3%
Find a file
Jonathan Druart 4e40339db3 Bug 17830: CSRF - Handle unicode characters in userid 
If the userid of the logged in user contains unicode characters, the token
will not be generated correctly and Koha will crash with:
  Wide character in subroutine entry at /usr/share/perl5/Digest/HMAC.pm line 63.

Test plan:
- Edit a superlibrarian user and set his/her userid to '❤' or any other strings
with unicode characters.
- Login using this patron
- Search for patrons and click on a result.

=> Without this patch, you will get a software error (with "Wide
character in subroutine entry" in the logs).
=> With this patch, everything will go fine

You can also test the other files modified by this patch.

Signed-off-by: Karam Qubsi <karamqubsi@gmail.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-12-30 17:47:18 +00:00
acqui Bug 13726 - (QA followup) Fix vendor retrieval in invoices.pl 2016-12-30 11:54:33 +00:00
admin Bug 13726: Make Koha::Acq::Bookseller using Koha::Object 2016-12-30 11:54:32 +00:00
api/v1 Bug 17086: Reword borrowers to patrons in Swagger tags for holds 2016-11-22 11:31:08 +00:00
authorities Bug 17118: (follow-up 15381) Fix regression when clearing a linked authority 2016-09-02 14:01:34 +00:00
basket Bug 17830: CSRF - Handle unicode characters in userid 2016-12-30 17:47:18 +00:00
C4 Bug 17569: Remove C4::Members::GetUpcomingMembershipExpires 2016-12-30 11:55:14 +00:00
catalogue Bug 13726: Make Koha::Acq::Bookseller using Koha::Object 2016-12-30 11:54:32 +00:00
cataloguing Bug 16203: Convert item plugins to new style (see bug 10480) 2016-12-16 11:55:27 +00:00
circ Bug 17578: GetMemberDetails - Remove GetMemberDetails 2016-12-16 13:12:44 +00:00
course_reserves Bug 15758: Koha::Libraries - Remove GetBranchesLoop 2016-09-08 14:36:02 +00:00
debian Bug 17520: add serialsUpdate.pl to the list of regular cron jobs 2016-12-28 13:33:23 +00:00
docs Bug 7143 : More new devs 2016-07-22 17:14:08 +00:00
errors Bug 15288: Error pages: Code duplication removal and better translatability 2016-01-27 05:57:34 +00:00
etc Bug 13029 : Follow up 2016-12-16 11:33:39 +00:00
install_misc Bug 16770: Remove 2 other occurrences of libmemoize-memcached-perl 2016-06-24 14:05:56 +00:00
installer Bug 17767 - DBRev 16.12.00.001 2016-12-28 13:59:03 +00:00
Koha Bug 17569: [QA Follow-up] Small changes 2016-12-30 11:55:15 +00:00
koha-tmpl Bug 17209: Remove use of onclick from masthead 2016-12-28 13:47:15 +00:00
labels Bug 17301: Follow-up - Standardize headings 2016-09-25 15:49:10 +00:00
members Bug 17830: CSRF - Handle unicode characters in userid 2016-12-30 17:47:18 +00:00
misc Bug 17569: Do not limit by branch if option is not passed 2016-12-30 11:55:14 +00:00
offline_circ Bug 15902 [QA Followup] - Use Koha::Patrons instead of Koha::Borrowers 2016-09-27 13:53:23 +00:00
opac Bug 17830: CSRF - Handle unicode characters in userid 2016-12-30 17:47:18 +00:00
OpenILS Bug 9239 QA follow-up: remove stray debug code 2013-03-16 21:32:34 -04:00
patron_lists Bug 16154: CGI->multi_param - Force scalar context 2016-04-26 23:16:43 +00:00
patroncards Bug 15415 [QA Followup] - Make code more readable 2016-12-23 11:31:00 +00:00
plugins Bug 16586: Koha Plugins: Limit results of GetPlugins by metadata 2016-09-09 12:13:39 +00:00
reports Bug 17642: [QA Follow-up] Issues_stats.pl is not plack safe 2016-11-18 15:52:01 +00:00
reserve Bug 17556: Koha::Patrons - Remove GetHideLostItemsPreference 2016-12-09 18:53:40 +00:00
reviews Bug 15839: Koha::Reviews - Remove C4::Review residue 2016-09-09 10:31:00 +00:00
rotating_collections Bug 15758: Koha::Libraries - Remove GetBranches 2016-09-08 14:36:03 +00:00
serials Bug 13726: Fix for serials/acqui-search-result.pl 2016-12-30 11:54:32 +00:00
services Bug 9978: Replace license header with the correct license (GPLv3+) 2015-04-20 09:59:38 -03:00
skel Bug 11078: Add locking to rebuild_zebra 2014-02-28 22:21:41 +00:00
sms Bug 15258: Fix Perl scripts declaring unused variables 2015-12-30 17:24:45 -07:00
suggestion Bug 17252 - Koha::AuthorisedValues - Remove GetAuthorisedValueByCode 2016-10-21 15:35:21 +00:00
svc Bug 17375: Search by dateofbirth - handle invalid dates 2016-10-27 13:18:32 +00:00
t Bug 17569: [QA Follow-up] Small changes 2016-12-30 11:55:15 +00:00
tags Bug 16154: CGI->multi_param - Assign a list 2016-04-26 23:16:43 +00:00
test Bug 9819 - 'stopwords'-related code removed 2015-12-30 15:49:35 +00:00
tmp/modified_authorities changing DO_NOT_REMOVE to README.txt 2007-10-21 19:14:41 -05:00
tools Bug 17830: CSRF - Handle unicode characters in userid 2016-12-30 17:47:18 +00:00
virtualshelves Bug 17094: Make Koha::Virtualshelf methods return Koha::Objects-based objects 2016-10-11 13:14:46 +00:00
xt Bug 16174: (QA followup) Fix remaining tests 2016-04-01 19:11:33 +00:00
.editorconfig Bug 12545: Add EditorConfig.org file to the source tree 2014-08-22 11:07:45 -03:00
.htaccess Fix file permissions: if it is not a script, it should not be executable. 2010-04-16 00:40:34 -04:00
.mailmap (RM followup) .mailmap updates 2015-05-22 17:02:21 -03:00
about.pl Bug 17274: Display the place where the memcached is picked 2016-11-02 10:55:54 +00:00
changelanguage.pl Bug 16776: Do not forget external language choice in language switcher 2016-08-10 13:51:33 +00:00
edithelp.pl Bug 16447: Remove occurrence of the borrow permission which does no longer exist 2016-05-05 21:28:14 +00:00
fix-perl-path.PL Bug 9978: (followup) Replace license header with the correct license (GPLv3+) 2015-04-20 09:59:43 -03:00
help.pl Bug 16724: Fix link to the online documentation links 2016-06-24 12:00:42 +00:00
INSTALL Bug 17626: Remove existing install instructions and link to the wiki pages instead 2016-11-22 11:29:07 +00:00
install-CPAN.pl Bug 9978: Replace license header with the correct license (GPLv3+) 2015-04-20 09:59:38 -03:00
Koha.pm Bug 17767 - DBRev 16.12.00.001 2016-12-28 13:59:03 +00:00
koha_perl_deps.pl bug 10548: fix count of missing required dependencies by koha_perl_deps.pl 2013-07-11 14:03:32 +00:00
kohaversion.pl Bug 13758: Move the Koha version from kohaversion.pl 2015-05-07 11:39:04 -03:00
LICENSE Bug 9440 - update Koha's LICENSE file from GPL2 to GPL3 2013-02-12 08:52:10 -05:00
mainpage.pl Bug 14610 - Add and update scripts 2016-10-26 12:15:14 +00:00
Makefile.PL Bug 16952: Czech language definitions for sorting in Zebra 2016-10-28 15:33:00 +00:00
MANIFEST.SKIP Bug 9546 : Updating make manifest tardist 2013-02-06 23:54:46 -05:00
README Bug 9440 - update Koha's LICENSE file from GPL2 to GPL3 2013-02-12 08:52:10 -05:00
README.md Bug 15465 [QA Followup] - Update wording, switch logo, add links 2016-02-24 04:02:26 +00:00
README.robots Bug 6411 add another example to README.robots 2011-07-05 14:48:05 +12:00
rewrite-config.PL Bug 16222: (QA followup) Add /api dir for the API 2016-04-20 21:18:36 +00:00

README.md

Koha is a free software integrated library system (ILS).

Koha is distributed under the GNU GPL version 3 or later.

Note: This is a synced mirror of the official Koha repo.

Note: Koha does not accept pull requests from git hosting sites.

Note: This project has its own bug tracker, to report a bug or submit a patch visit http://bugs.koha-comminity.org.

For guidelines on submitting patches for Koha please visit https://wiki.koha-community.org/wiki/SubmitingAPatch

The developers handbook can be found at https://wiki.koha-community.org/wiki/Developer_handbook

http://koha-community.org/

Koha Logo