Koha-community/Koha
13
7
Fork 0
Code Issues Releases Wiki Activity
Main Koha release repository https://koha-community.org
54559 commits 35 branches 616 tags 1.8 GiB
Perl 45.6%
JavaScript 39.3%
HTML 7.2%
XSLT 3.7%
Vue 1.4%
Other 2.3%
Find a file
Brendan Lawlor 620dbcde87
Bug 37407: Fix automatic checkout for fast cataloging 
This patch adds a check for the referrer to the circulation page.
If the referrer is from the same origin's additem.pl then get the
barcode from the url parameters, fill the form and submit.

Test plan:
1. Apply patch
2. Enter a barcode not in the system, eg 99999
3. Click '+ Add record using fast cataloging'
4. Fill required bib fields 000, 008 and 245a and click 'Save'
5. Add required item field y - Koha item type and click 'Add item'
6. Notice the barcode is filled and the form is submitted automatically
7. Confirm the item is checked out and the dutedate specified works
8. Add an html customization somewhere else in koha with a link like
   http://localhost:8081/cgi-bin/koha/circ/circulation.pl?borrowernumber=38&barcode=99999&duedatespec=&stickyduedate=
9. Click on the link to simulate a csrf attack
10. Confirm the checkout page is loaded for that patron but no checkout is made

Signed-off-by: Eric Garcia <cubingguy714@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2024-07-26 13:56:32 +01:00
acqui Bug 37343: Fixed search for vendors when transferring an item in acquistions 2024-07-22 07:37:24 +01:00
admin Bug 36547: Added checked out column to Overdue table 2024-07-23 17:01:29 +01:00
api Bug 36480: (follow-up) Add missing library_id parameter 2024-07-22 14:52:29 +01:00
authorities Bug 37235: Fix export of single authority record 2024-07-08 17:49:19 +02:00
basket
bin
bookings
C4 Bug 28762: (follow-up) Fix missed not_for_loan_status rename 2024-07-23 16:04:07 +01:00
catalogue Bug 37425: Check for existence of biblio object before fetching cover images 2024-07-25 11:01:29 +01:00
cataloguing Bug 37371: Move Maskito init to onReady in dateaccessioned.pl 2024-07-22 07:33:18 +01:00
circ Bug 36547: (QA follow-up) Tidy overdue.pl 2024-07-23 17:01:33 +01:00
clubs
course_reserves Bug 28762: Use Koha::Course in course-details controller 2024-07-23 16:04:05 +01:00
debian Bug 29507: Speed up auto renew cronjob via parallel processing 2024-07-05 15:48:11 +02:00
docs Bug 37003: (follow-up) Amend 22.11 RMaint 2024-06-25 18:34:14 +02:00
erm
errors
etc Bug 29507: Speed up auto renew cronjob via parallel processing 2024-07-05 15:48:11 +02:00
ill
installer Bug 35539: DBRev 24.06.00.021 2024-07-25 11:13:12 +01:00
Koha Bug 36362: (QA follow-up) Tidy code 2024-07-25 11:19:04 +01:00
koha-tmpl Bug 37407: Fix automatic checkout for fast cataloging 2024-07-26 13:56:32 +01:00
labels Bug 37206: Removing an item from a label batch should be a CSRF-protected POST operation 2024-07-02 17:20:38 +02:00
lib
members Bug 28924: (QA follow-up) Use $self instead of $patron 2024-07-18 18:25:55 +02:00
misc Bug 37271: Recall status should be 'requested' in overdue_recalls.pl 2024-07-12 10:21:29 +02:00
offline_circ
opac Bug 37339: Set messaging preferences from default on self registration 2024-07-18 17:53:11 +02:00
patron_lists
patroncards Bug 36877: (follow-up) Fix op eq edit to op eq edit_form in edit-batch.pl 2024-05-17 12:03:52 +02:00
plugins
pos
preservation
recalls
reports Bug 37108: Cash register statistics wizard is wrongly sorting payment by manager_id branchcode 2024-07-12 10:21:29 +02:00
reserve
reviews
rotating_collections
serials Bug 37183: Batch edit serial subscriptions sets expiration date to today 2024-07-01 18:55:40 +02:00
services
skel
suggestion Bug 37337: Pass the save $op when biblio_exists 2024-07-18 17:53:12 +02:00
svc Bug 37031: Club enrollment from staff interface fails due to Entrollment typo 2024-07-11 13:40:49 +02:00
t Bug 36936: (QA follow-up) Make the test work on MySQL 8.x 2024-07-25 14:46:41 -03:00
tags
tools Bug 36815: (follow-up) Fix logic for new languages 2024-06-27 14:04:52 +02:00
virtualshelves Bug 13888: (follow-up) fix for create_public_lists 2024-07-22 09:57:14 +01:00
xt Bug 37302: Set test to failed if swagger-cli missing 2024-07-22 10:51:55 +01:00
.editorconfig
.eslintrc.json
.gitignore
.htaccess
.mailmap Bug 36943: (follow-up) 24.05.00 - Update .mailmap 2024-05-24 15:36:40 +02:00
.perlcriticrc
.perltidyrc
.prettierrc.js
.proverc.dist
.stylelintrc.json
about.pl Bug 37260: Check message broker for both 'about' and 'sysinfo' tabs 2024-07-22 07:35:31 +01:00
app.psgi
build-resources.PL
changelanguage.pl
cpanfile
cypress.config.ts
fix-perl-path.PL
gulpfile.js
help.pl
INSTALL
Koha.pm Bug 35539: DBRev 24.06.00.021 2024-07-25 11:13:12 +01:00
kohaversion.pl
LICENSE
mainpage.pl Bug 30493: (QA follow-up) Fix for the only_my_library case as well 2024-06-21 15:02:54 +02:00
Makefile.PL
MANIFEST.SKIP
package.json Bug 37302: Add swagger-cli to devDependancies 2024-07-22 10:52:01 +01:00
README
README.md
README.robots
rewrite-config.PL
tsconfig.json
webpack.config.js
yarn.lock Bug 37302: (follow-up) Update yarn.lock 2024-07-24 07:49:53 +01:00

README.md

Koha is a free software integrated library system (ILS).

Koha is distributed under the GNU GPL version 3 or later.

Note: Koha does not accept pull requests from git hosting sites.

Note: This project has its own bug tracker, to report a bug or submit a patch visit http://bugs.koha-community.org.

For guidelines on submitting patches for Koha please visit https://wiki.koha-community.org/wiki/SubmitingAPatch

The developers handbook can be found at https://wiki.koha-community.org/wiki/Developer_handbook

http://koha-community.org/

Koha Logo