Koha/members at d6f99f0df11e824353fa051b595b01bf8b4ac28d - Koha-community/Koha - Koha: The world's first free and open source library system

History

Nick Clemens d6f99f0df1 Bug 20701: Add csrf protection to maninvoice.pl TO test: 1 - Be signed in to Koha 2 - Add a manual invoice to an account, works fine 3 - Now do it via url: http://localhost:8081/cgi-bin/koha/members/maninvoice.pl?borrowernumber=5&type=test&amount=5&add=Save 4 - Apply patches 5 - Test that everything continues to work as expected (but more securely) 6 - Try adding a new invoice via URL 7 - Should get 'internal server error' and wrong csrf token in logs Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>		2018-05-23 12:19:33 -03:00
..
accountline-details.pl	Bug 20666: Correct executable permissions	2018-05-03 13:26:48 -03:00
apikeys.pl	Bug 20624: Make staff client respect RESTOAuth2ClientCredentials	2018-05-09 12:56:02 -03:00
boraccount.pl	Bug 18790: Add ability to void payments	2018-04-19 12:32:21 -03:00
default_messageprefs.pl	Bug 18403: Update permissions - borrowers => 1\|* becomes borrowers => 'edit_borrowers'	2018-02-12 15:41:37 -03:00
deletemem.pl	Bug 19935: Use ->checkouts when ->pending_checkouts->count was used	2018-04-03 11:43:39 -03:00
discharge.pl	Bug 18789: Use Koha::Patron->image from the templates	2018-02-16 13:03:58 -03:00
discharges.pl	Bug 18403: Patron discharges	2018-02-12 15:41:41 -03:00
files.pl	Bug 18789: Use Koha::Patron->is_adult where needed	2018-02-16 13:03:58 -03:00
guarantor_search.pl	Bug 18403: Update permissions - borrowers => 1\|* becomes borrowers => 'edit_borrowers'	2018-02-12 15:41:37 -03:00
holdshistory.pl	Bug 18789: (QA follow-up) Update holdshistory.pl, fix is_child, is_adult, patron->image, clear template params	2018-02-16 13:03:58 -03:00
housebound.pl	Bug 18789: (follow-up) Fix perlcritic issue - housebound.pl	2018-02-16 15:05:34 -03:00
mancredit.pl	Bug 18789: Update other occurences where is_child should be used	2018-02-16 13:03:58 -03:00
maninvoice.pl	Bug 20701: Add csrf protection to maninvoice.pl	2018-05-23 12:19:33 -03:00
member-flags.pl	Bug 20100: (QA follow-up) Pref description and improve code in member-flags	2018-04-25 10:23:53 -03:00
member-password.pl	Bug 18789: Update other occurences where is_child should be used	2018-02-16 13:03:58 -03:00
member.pl	Bug 18403: Update permissions - borrowers => 1\|* becomes borrowers => 'edit_borrowers'	2018-02-12 15:41:37 -03:00
memberentry.pl	Bug 20489: Prevent DB user login	2018-04-20 12:24:00 -03:00
members-home.pl	Bug 18403: Update permissions - borrowers => 1\|* becomes borrowers => 'edit_borrowers'	2018-02-12 15:41:37 -03:00
members-update-do.pl	Bug 18403: Add sub output_and_exit_if_error - unknown_patron & cannot_see_patron_infos	2018-02-12 15:41:38 -03:00
members-update.pl	Bug 18403: Update permissions - borrowers => 1\|* becomes borrowers => 'edit_borrowers'	2018-02-12 15:41:37 -03:00
merge-patrons.pl	Bug 9302: Add error message if keeper patron is invalid	2018-04-20 13:34:41 -03:00
mod_debarment.pl	Bug 18403: Fix few errors found with hit_pages.t	2018-02-12 15:41:43 -03:00
moremember.pl	Bug 19855: Remove getalert from moremember.pl	2018-04-23 14:22:14 -03:00
nl-search.pl	Bug 18403: Update permissions - borrowers => 1\|* becomes borrowers => 'edit_borrowers'	2018-02-12 15:41:37 -03:00
notices.pl	Bug 18789: Use Koha::Patron->is_adult where needed	2018-02-16 13:03:58 -03:00
patronimage.pl	Bug 17423 - patronimage.pl permission is too restrictive	2016-10-17 23:44:25 +00:00
pay.pl	Bug 12001: Move GetMemberAccountRecords to the Koha namespace	2018-02-23 10:57:30 -03:00
paycollect.pl	Bug 18786: Add ability to create custom payment types	2018-04-19 12:32:21 -03:00
print_overdues.pl	Bug 17553: Move GetOverduesForPatron to Koha::Patron->get_overdues	2018-04-03 11:43:06 -03:00
printfeercpt.pl	Bug 12001: Move GetMemberAccountRecords to the Koha namespace	2018-02-23 10:57:30 -03:00
printinvoice.pl	Bug 12001: (QA follow-up) Fix printinvoice page	2018-02-23 10:57:30 -03:00
printslip.pl	Bug 18403: Add sub output_and_exit_if_error - unknown_patron & cannot_see_patron_infos	2018-02-12 15:41:38 -03:00
purchase-suggestions.pl	Bug 18789: Use Koha::Patron->image from the templates	2018-02-16 13:03:58 -03:00
readingrec.pl	Bug 18789: Update other occurences where is_child should be used	2018-02-16 13:03:58 -03:00
routing-lists.pl	Bug 18789: Update other occurences where is_child should be used	2018-02-16 13:03:58 -03:00
setstatus.pl	Bug 18403: Fix few errors found with hit_pages.t	2018-02-12 15:41:43 -03:00
statistics.pl	Bug 18789: Use Koha::Patron->is_adult where needed	2018-02-16 13:03:58 -03:00
summary-print.pl	Bug 19935: Replace GetPendingIssues - summary-print	2018-04-03 11:43:38 -03:00
update-child.pl	Bug 18403: Add sub output_and_exit_if_error - unknown_patron & cannot_see_patron_infos	2018-02-12 15:41:38 -03:00