Koha-community/Koha
13
7
Fork 0
Code Issues Releases Wiki Activity
Koha/members/update-child.pl
Jonathan Druart 3c5b471271 Bug 10453: fix unintended password reset when updating child to adult 
ModMember supposes the password given in parameter is the
password string, so if it receives the encrypted password,
it will encrypt it again! By simply deleting the password key
from the hash, ModMember leaves the password unchanged.

Test plan:
1/ Create or choose a child patron
2/ Update it to an adult category using the
   "Update child to adult patron" link
3/ Try to log in at the OPAC with this patron: It is not
   possible, the password has changed
4/ Apply the patch and try again previous steps

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Confirmed the problem and tested the patch fixes it.
Passes all tests and QA script.

Signed-off-by: Galen Charlton <gmc@esilibrary.com>
2013-12-26 15:29:40 +00:00

102 lines
3.3 KiB
Perl
Executable file
Raw Blame History

#!/usr/bin/perl
# Copyright 2000-2002 Katipo Communications
#
# This file is part of Koha.
#
# Koha is free software; you can redistribute it and/or modify it under the
# terms of the GNU General Public License as published by the Free Software
# Foundation; either version 2 of the License, or (at your option) any later
# version.
#
# Koha is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
# A PARTICULAR PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with Koha; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
=head1 updatechild.pl
script to update a child member to (usually) an adult member category
- if called with op=multi, will return all available non child categories, for selection.
- if called with op=update, script will update member record via ModMember().
=cut
use strict;
#use warnings; FIXME - Bug 2505
use CGI;
use C4::Context;
use C4::Auth;
use C4::Output;
use C4::Members;
# use Smart::Comments;
my $dbh = C4::Context->dbh;
my $input = new CGI;
my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
{
template_name => "members/update-child.tmpl",
query => $input,
type => "intranet",
authnotrequired => 0,
flagsrequired => { borrowers => 1 },
debug => 1,
}
);
my $borrowernumber = $input->param('borrowernumber');
my $catcode = $input->param('catcode');
my $cattype = $input->param('cattype');
my $catcode_multi = $input->param('catcode_multi');
my $op = $input->param('op');
if ( $op eq 'multi' ) {
my ( $catcodes, $labels ) =
# FIXME - what are the possible upgrade paths? C -> A , C -> S ...
# currently just allowing C -> A because of limitation of API.
GetborCatFromCatType( 'A', 'WHERE category_type = ?' );
my @rows;
foreach my $k ( keys %$labels ) {
my $row;
$row->{catcode} = $k;
$row->{catdesc} = $labels->{$k};
my $borcat = GetBorrowercategory( $row->{catcode} );
$row->{cattype} = $borcat->{'category_type'};
push @rows, $row;
}
$template->param(
MULTI => 1,
CATCODE_MULTI => 1,
borrowernumber => $borrowernumber,
CAT_LOOP => \@rows,
);
output_html_with_http_headers $input, $cookie, $template->output;
}
elsif ( $op eq 'update' ) {
my $member = GetMember('borrowernumber'=>$borrowernumber);
$member->{'guarantorid'} = 0;
$member->{'categorycode'} = $catcode;
my $borcat = GetBorrowercategory($catcode);
$member->{'category_type'} = $borcat->{'category_type'};
$member->{'description'} = $borcat->{'description'};
delete $member->{password};
ModMember(%$member);
if ( $catcode_multi ) {
$template->param(
SUCCESS => 1,
borrowernumber => $borrowernumber,
);
output_html_with_http_headers $input, $cookie, $template->output;
} else {
print $input->redirect("/cgi-bin/koha/members/moremember.pl?borrowernumber=$borrowernumber");
}
}
View git blame Copy permalink