700b7dfa09
To reproduce warns: 1) Go to Tools -> Notices & slips 2) Create a new notice of any module Notice these warns: Use of uninitialized value $code in regexp compilation at /home/vagrant/kohaclone/tools/letter.pl line 265. Use of uninitialized value $code in regexp compilation at /home/vagrant/kohaclone/tools/letter.pl line 265. Use of uninitialized value $code in regexp compilation at /home/vagrant/kohaclone/tools/letter.pl line 265. CGI::param called in list context from package CGI::Compile::ROOT::home_vagrant_kohaclone_svc_letters_get line 50, this can lead to vulnerabilities. See the warning in "Fetching the value or values of a single named parameter" at /usr/share/perl5/CGI.pm line 436. CGI::param called in list context from package CGI::Compile::ROOT::home_vagrant_kohaclone_svc_letters_get line 50, this can lead to vulnerabilities. See the warning in "Fetching the value or values of a single named parameter" at /usr/share/perl5/CGI.pm line 436. 3) Create a new notice of the Circulation module Notice this additional warn: Use of uninitialized value $code in pattern match (m//) at /home/vagrant/kohaclone/tools/letter.pl line 258. To test: 4) Apply patch and refresh page 5) Run steps 1-3 again and confirm no warns show Sponsored-by: Catalyst IT Signed-off-by: Maryse Simard <maryse.simard@inlibro.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
59 lines
1.5 KiB
Perl
Executable file
59 lines
1.5 KiB
Perl
Executable file
#!/usr/bin/perl
|
|
|
|
# This file is part of Koha.
|
|
#
|
|
# Copyright 2014 BibLibre
|
|
#
|
|
# Koha is free software; you can redistribute it and/or modify it
|
|
# under the terms of the GNU General Public License as published by
|
|
# the Free Software Foundation; either version 3 of the License, or
|
|
# (at your option) any later version.
|
|
#
|
|
# Koha is distributed in the hope that it will be useful, but
|
|
# WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU General Public License
|
|
# along with Koha; if not, see <http://www.gnu.org/licenses>.
|
|
|
|
use Modern::Perl;
|
|
|
|
use C4::Service;
|
|
use C4::Letters qw( GetLetters );
|
|
|
|
=head1 NAME
|
|
|
|
svc/letters/get - Web service for getting letters
|
|
|
|
=head1 SYNOPSIS
|
|
|
|
GET /svc/letters/get
|
|
|
|
=head1 DESCRIPTION
|
|
|
|
For the moment, this service is only used to get a letter from a letter code.
|
|
|
|
=head1 METHODS
|
|
|
|
=cut
|
|
|
|
=head2 get_letters
|
|
|
|
Used to get letters with a given letter code.
|
|
|
|
=cut
|
|
|
|
our ( $query, $response ) = C4::Service->init( tools => 'edit_notices' );
|
|
|
|
sub get_letters {
|
|
my $code = scalar $query->param('code');
|
|
my $branchcode = scalar $query->param('branchcode');
|
|
my $letters = GetLetters({ code => $code, branchcode => $branchcode });
|
|
$response->param( letters => $letters );
|
|
C4::Service->return_success( $response );
|
|
}
|
|
|
|
C4::Service->dispatch(
|
|
[ 'GET /', [ 'code' ], \&get_letters ],
|
|
);
|