Jonathan Druart 8edb7f6fb9 Bug 17720: CSRF - Handle unicode characters ... From the pod of Digest::MD5: """ Since the MD5 algorithm is only defined for strings of bytes, it can not be used on strings that contains chars with ordinal number above 255 (Unicode strings). The MD5 functions and methods will croak if you try to feed them such input data. What you can do is calculate the MD5 checksum of the UTF-8 representation of such strings. """ Test plan: - Set a MySQL/MariaDB password with unicode characters: UPDATE user SET password=PASSWORD('❤') WHERE USER='koha_kohadev'; FLUSH PRIVILEGES - Update your $KOHA_CONF file - Restart Memcached - Hit the files modified by this patch => Without this patch, you will get a software error (with "Wide character in subroutine entry" in the logs). => With this patch, everything will go fine Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Edit: removed debugging leftover Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>		2016-12-05 15:20:18 +00:00
..
errors	Bug 15288: Error pages: Code duplication removal and better translatability	2016-01-27 05:57:34 +00:00
rss	adding file just for creating the rss directory	2007-08-02 08:50:43 +00:00
sco	Bug 16873: Improve renewal error messages on self check	2016-11-29 17:44:09 +00:00
svc	Bug 17392 - opac/svc/overdrive_proxy is not plack safe	2016-10-11 16:16:02 +00:00
ilsdi.pl	Bug 16476: Do not call CGI->param in list context, some more	2016-05-16 17:11:46 +00:00
maintenance.pl	Bug 13758: Move the Koha version from kohaversion.pl	2015-05-07 11:39:04 -03:00
oai.pl	Bug 14939: Modularize OAI Server existing classes	2015-12-31 15:15:05 +00:00
opac-account-pay-paypal-return.pl	Bug 16154: CGI->multi_param - Declare a list	2016-04-26 23:16:42 +00:00
opac-account-pay.pl	Bug 16154: CGI->multi_param - Declare a list	2016-04-26 23:16:42 +00:00
opac-account.pl	Bug 16154: CGI->multi_param - Force scalar context	2016-04-26 23:16:43 +00:00
opac-addbybiblionumber.pl	Bug 16519: Replace 'our' with 'my' in [opac-]addbybiblionumbers.pl	2016-09-25 15:42:40 +00:00
opac-alert-subscribe.pl	Bug 14956: C4::Dates from files opac/*.pl	2015-11-06 15:01:28 -03:00
opac-article-request-cancel.pl	Bug 14610 - Add and update scripts	2016-10-26 12:15:14 +00:00
opac-authorities-home.pl	Bug 17048: Fix pagination offset for authority searches	2016-09-02 13:49:51 +00:00
opac-authoritiesdetail.pl	Bug 15550: Fix authority search and detail at the OPAC	2016-01-23 18:34:06 +00:00
opac-basket.pl	Bug 17642: Add and use get_descriptions_by_koha_field	2016-11-18 15:52:00 +00:00
opac-blocked.pl	Bug 11944: use CGI( -utf8 ) everywhere	2015-01-13 13:07:21 -03:00
opac-browser.pl	Bug 5371: Force no caching for private pages at the OPAC	2015-10-02 11:06:17 -03:00
opac-changelanguage.pl	Bug 16776: Do not forget external language choice in language switcher	2016-08-10 13:51:33 +00:00
opac-course-details.pl	Bug 9978: Replace license header with the correct license (GPLv3+)	2015-04-20 09:59:38 -03:00
opac-course-reserves.pl	Bug 9978: Replace license header with the correct license (GPLv3+)	2015-04-20 09:59:38 -03:00
opac-detail.pl	Bug 17642: Add and use get_descriptions_by_koha_field	2016-11-18 15:52:00 +00:00
opac-discharge.pl	Bug 15758: Koha::Libraries - Ultimate duel for C4::Branch	2016-09-08 14:36:04 +00:00
opac-downloadcart.pl	Bug 11592: (QA followup) Add missing framework code to ViewPolicy filter calls	2016-09-08 11:54:22 +00:00
opac-downloadshelf.pl	Bug 17094: Make Koha::Virtualshelf methods return Koha::Objects-based objects	2016-10-11 13:14:46 +00:00
opac-export.pl	Bug 11592: (QA followup) Add missing framework code to ViewPolicy filter calls	2016-09-08 11:54:22 +00:00
opac-ics.pl	Bug 5456 - Create a link to opac-ics.pl	2016-09-02 15:55:32 +00:00
opac-idref.pl	Bug 16447: Remove occurrence of the borrow permission which does no longer exist	2016-05-05 21:28:14 +00:00
opac-image.pl	Bug 16154: CGI->multi_param - Manual changes	2016-04-26 23:16:43 +00:00
opac-imageviewer.pl	Bug 7976: Remove the borrow permission	2015-06-05 13:43:34 -03:00
opac-ISBDdetail.pl	Bug 15839: Koha::Reviews - Remove getreviews	2016-09-09 10:29:53 +00:00
opac-main.pl	Bug 14305: View arbitrary branch's news	2016-04-29 12:44:08 +00:00
opac-MARCdetail.pl	Bug 11592: (QA followup) Add missing framework code to ViewPolicy filter calls	2016-09-08 11:54:22 +00:00
opac-memberentry.pl	Bug 17720: CSRF - Handle unicode characters	2016-12-05 15:20:18 +00:00
opac-messaging.pl	Bug 15758: Koha::Libraries - Ultimate duel for C4::Branch	2016-09-08 14:36:04 +00:00
opac-modrequest-suspend.pl	Bug 7976: Remove the borrow permission	2015-06-05 13:43:34 -03:00
opac-modrequest.pl	Bug 7976: Remove the borrow permission	2015-06-05 13:43:34 -03:00
opac-mymessages.pl	Bug 5371: Force no caching for private pages at the OPAC	2015-10-02 11:06:17 -03:00
opac-news-rss.pl	Bug 16447: Remove occurrence of the borrow permission which does no longer exist	2016-05-05 21:28:14 +00:00
opac-overdrive-search.pl	Bug 11944: use CGI( -utf8 ) everywhere	2015-01-13 13:07:21 -03:00
opac-passwd.pl	Bug 15344: Remove some other calls of GetMemberDetails from pl scripts	2015-12-30 11:53:18 +00:00
opac-password-recovery.pl	Bug 16853: Move changepassword to Koha::Patron->update_password	2016-07-15 18:09:17 +00:00
opac-patron-image.pl	Bug 15635: Koha::Patron::Images - Remove GetPatronImage	2016-03-04 12:54:15 +00:00
opac-privacy.pl	Bug 15548: Move new patron related code to Patron*	2016-03-03 14:38:26 -07:00
opac-ratings-ajax.pl	Bug 17089: Improve errors handling	2016-09-09 09:31:30 +00:00
opac-ratings.pl	Bug 17089: Improve errors handling	2016-09-09 09:31:30 +00:00
opac-readingrecord.pl	Bug 14100: Fix 3 occurrences more	2015-10-27 12:34:07 -03:00
opac-registration-verify.pl	Bug 17080: borrowers table - use default values defined in the DBIx::Class schema	2016-10-21 17:33:19 +00:00
opac-renew.pl	Bug 16154: CGI->multi_param - Declare a list	2016-04-26 23:16:42 +00:00
opac-request-article.pl	Bug 14610 - Add and update scripts	2016-10-26 12:15:14 +00:00
opac-reserve.pl	Bug 15758: Koha::Libraries - Remove GetBranches	2016-09-08 14:36:03 +00:00
opac-restrictedpage.pl	Bug 16447: Remove occurrence of the borrow permission which does no longer exist	2016-05-05 21:28:14 +00:00
opac-retrieve-file.pl	Bug 14321: Integrate Upload.pm into Koha	2015-09-25 12:02:52 -03:00
opac-review.pl	Bug 15839: [QA Follow-up] Error checking in opac-review.pl	2016-09-09 10:31:06 +00:00
opac-search-history.pl	Bug 16593: Do not allow patrons to delete search history of others patrons	2016-06-24 11:47:29 +00:00
opac-search.pl	Bug_17484 Search with date range limit (lower and upper) does not work	2016-11-18 13:46:00 +00:00
opac-sendbasket.pl	Bug 17720: CSRF - Handle unicode characters	2016-12-05 15:20:18 +00:00
opac-sendshelf.pl	Bug 17094: Make Koha::Virtualshelf methods return Koha::Objects-based objects	2016-10-11 13:14:46 +00:00
opac-serial-issues.pl	Bug 16154: CGI->multi_param - Force scalar context	2016-04-26 23:16:43 +00:00
opac-shareshelf.pl	Bug 16317 - Attempt to share private list results in error	2016-04-22 22:47:34 +00:00
opac-shelves.pl	Bug 17094: Make Koha::Virtualshelf methods return Koha::Objects-based objects	2016-10-11 13:14:46 +00:00
opac-showmarc.pl	Bug 11592: (QA followup) Add missing framework code to ViewPolicy filter calls	2016-09-08 11:54:22 +00:00
opac-showreviews.pl	Bug 15839: [QA Follow-up] Paging on opac-showreviews	2016-09-09 10:31:05 +00:00
opac-suggestions.pl	Bug 17248 - Koha::AuthorisedValues - Remove GetKohaAuthorisedValueLib	2016-10-11 13:11:55 +00:00
opac-tags.pl	Bug 15263: (QA followup) Use the new XSLTParse4Display everywhere	2016-05-04 13:40:35 +00:00
opac-tags_subject.pl	Bug 14412: SQL injection possible	2015-06-22 11:00:10 -03:00
opac-topissues.pl	Bug 15758: Koha::Libraries - Ultimate duel for C4::Branch	2016-09-08 14:36:04 +00:00
opac-user.pl	Bug 15581: Follow-up - suggested change to the OPAC message	2016-11-02 10:28:58 +00:00
tracklinks.pl	Bug 9978: Replace license header with the correct license (GPLv3+)	2015-04-20 09:59:38 -03:00
unapi	Bug 15162 Add for Unimarc XSL trans for RDF-DC & SRW-DC	2016-01-27 06:00:35 +00:00