Koha-community/Koha
13
7
Fork 0
Code Issues Releases Wiki Activity
Main Koha release repository https://koha-community.org
49616 commits 35 branches 616 tags 1.8 GiB
Perl 45.6%
JavaScript 39.3%
HTML 7.2%
XSLT 3.7%
Vue 1.4%
Other 2.3%
Find a file
Jonathan Druart b5cae12aef
Bug 33702: Prevent ILL requests to be modified by somebody else 
Same as previous patch, but for 'update' and 'cancreq'.
We remove the redirect, but here we only want to focus on the security
fix.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Confirmed. Without this patch a patron can modify and cancel any ILL
request in the OPAC. With this patch the patron is redirected to the
404 page if modification or cancellation is attempted.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-05-29 09:21:50 -03:00
acqui Bug 8179: Add vendor id on breadcrumb link 2023-05-17 14:44:42 -03:00
admin Bug 33594: Only sort on title main heading 2023-05-18 11:03:28 -03:00
api Bug 33708: Provide non-public endpoint for OAuth/OIDC for staff interface 2023-05-18 11:35:15 -03:00
authorities Bug 32484: (QA follow-up) Few typos 2023-04-21 10:36:30 -03:00
basket Bug 33223: Replace 'first_valid' with 'notice' for email addresses 2023-05-16 15:17:35 -03:00
bin
C4 Bug 33815: Do not explode if logged in user modify their own userid 2023-05-26 09:50:05 -03:00
catalogue Bug 33167: Cleanup staff detail page 2023-05-12 11:22:45 -03:00
cataloguing Bug 32959: Don't store results of autobarcode in item editor templates 2023-05-18 11:35:13 -03:00
circ Bug 31212: (follow-up) Fix datelastseen when returning item 2023-05-12 17:49:57 -03:00
clubs
course_reserves
debian Bug 33371: Add 'koha-common.service' systemd service 2023-05-19 09:20:55 -03:00
docs
erm Bug 32922: Remove space in shebang 2023-02-20 09:44:06 -03:00
errors
etc Bug 33580: Bring back ability to mark item as seen via SIP2 item information request 2023-05-12 11:22:47 -03:00
ill
installer Bug 29046: DBRev 22.12.00.048 2023-05-18 12:13:44 -03:00
Koha Bug 33362: Allow return claims to be resolved even if the issue has since been delete from the database 2023-05-24 11:21:31 -03:00
koha-tmpl Bug 33829: Fix add patron to patron list if PatronAutoComplete is off 2023-05-26 09:50:06 -03:00
labels
lib/CGI/Session/Serialize
members Bug 33010: Do not filter checkins with logged in patrons branch in printslip.pl 2023-05-18 11:35:11 -03:00
misc Bug 23773: Send membership expiry notices by sms too 2023-05-18 11:35:14 -03:00
offline_circ
opac Bug 33702: Prevent ILL requests to be modified by somebody else 2023-05-29 09:21:50 -03:00
patron_lists
patroncards Bug 24001: Fix patron card template edition 2022-04-28 10:49:20 -10:00
plugins Bug 30367: (follow-up) Same adjustment for gitlab 2023-05-05 10:18:57 -03:00
pos
recalls Bug 33220: Fix recalls to pull to not show in transit or allocated items 2023-05-16 15:17:29 -03:00
reports Bug 23824: Add a "Save and run" button to reports 2023-04-17 09:39:45 -03:00
reserve Bug 30687: Allow pickup location to be forced when override is allowed 2023-05-12 11:22:49 -03:00
reviews
rotating_collections
serials Bug 11844: Use additional fields for order lines 2023-05-16 12:58:38 +02:00
services
skel
suggestion Bug 33421: Fix filtering suggestions by status 2023-05-18 11:03:27 -03:00
svc Bug 31735: Avoid re-fetcing objects from database by passing them directly instead of ids to various subroutines 2023-05-12 12:40:21 -03:00
t Bug 33815: Regression tests 2023-05-26 09:50:04 -03:00
tags
tools Bug 33595: (bug 26628 follow-up) Fix authorization for tools-home.pl 2023-05-16 11:47:15 +02:00
virtualshelves Bug 33223: Fix sendshelf 2023-05-16 15:17:36 -03:00
xt Bug 33625: Adjust test to deal with cypress tests 2023-05-17 10:24:59 -03:00
.editorconfig
.eslintrc.json
.gitignore Bug 33710: Ignore how-to related files 2023-05-12 17:50:01 -03:00
.htaccess
.mailmap
.perlcriticrc
.proverc.dist
.stylelintrc.json
about.pl Bug 28267: Simplify things 2023-05-05 10:18:36 -03:00
app.psgi
build-resources.PL
changelanguage.pl
cpanfile
cypress.json Bug 33408: Extend defaultCommandTimeout for cypress 2023-04-13 11:48:00 -03:00
fix-perl-path.PL
gulpfile.js
help.pl
INSTALL
Koha.pm Bug 29046: DBRev 22.12.00.048 2023-05-18 12:13:44 -03:00
koha_perl_deps.pl
kohaversion.pl
LICENSE
mainpage.pl
Makefile.PL
MANIFEST.SKIP
package.json Bug 33066: Introduce a KohaTable Vue component 2023-04-10 07:38:28 -03:00
README
README.md
README.robots
rewrite-config.PL
tsconfig.json
webpack.config.js
yarn.lock Bug 33066: Introduce a KohaTable Vue component 2023-04-10 07:38:28 -03:00

README.md

Koha is a free software integrated library system (ILS).

Koha is distributed under the GNU GPL version 3 or later.

Note: Koha does not accept pull requests from git hosting sites.

Note: This project has its own bug tracker, to report a bug or submit a patch visit http://bugs.koha-community.org.

For guidelines on submitting patches for Koha please visit https://wiki.koha-community.org/wiki/SubmitingAPatch

The developers handbook can be found at https://wiki.koha-community.org/wiki/Developer_handbook

http://koha-community.org/

Koha Logo