Koha-community/Koha
13
7
Fork 0
Code Issues Releases Wiki Activity
Main Koha release repository https://koha-community.org
27325 commits 35 branches 612 tags 1.8 GiB
Perl 45.3%
JavaScript 39.4%
HTML 7.2%
XSLT 3.9%
Vue 1.4%
Other 2.3%
Find a file
Marcel de Rooy dc4617ba3b Bug 17109: Add CSRF token to [opac-]sendbasket 
If you have no (valid) token, you will not be able to send the message.

Test plan:
[1] Verify if you can still send the cart from opac and intranet.
[2] While still being logged in, try to send the cart from opac by
    using the following URL:
    /cgi-bin/koha/opac-sendbasket.pl?email_add=you@somedomain.com&comment=csrf_test&bib_list=doesnotmatter&csrf_token=justsomeguess12345
    This should now result in a csrf error.

Signed-off-by: Marc Véron <veron@veron.ch>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-09-09 13:37:47 +00:00
acqui Bug 16365: Adding additional unsafe call-candidates from Acquisition 2016-09-09 10:43:26 +00:00
admin Bug 16908: Koha::Patrons - Remove GetSortDetails 2016-09-09 13:12:28 +00:00
api/v1 Bug 14868 - Update swagger.min.json 2016-09-02 12:25:59 +00:00
authorities Bug 17118: (follow-up 15381) Fix regression when clearing a linked authority 2016-09-02 14:01:34 +00:00
basket Bug 17109: Add CSRF token to [opac-]sendbasket 2016-09-09 13:37:47 +00:00
C4 Bug 17099: C4::Koha - Remove GetSupportName and GetSupportList 2016-09-09 13:30:45 +00:00
catalogue Bug 15758: [QA Follow-up] Corrections related to GetBranches 2016-09-08 14:36:06 +00:00
cataloguing Bug 15758: Koha::Libraries - Ultimate duel for C4::Branch 2016-09-08 14:36:04 +00:00
circ Bug 16272: Automatically switch an on-site checkout to a regular checkout when checked out 2016-09-09 11:43:56 +00:00
course_reserves Bug 15758: Koha::Libraries - Remove GetBranchesLoop 2016-09-08 14:36:02 +00:00
debian Bug 16822: Make koha-common call koha-plack without --quiet 2016-09-09 09:27:45 +00:00
docs Bug 7143 : More new devs 2016-07-22 17:14:08 +00:00
errors Bug 15288: Error pages: Code duplication removal and better translatability 2016-01-27 05:57:34 +00:00
etc Bug 17228 - Fix whitespace in etc/SIPconfig.xml 2016-09-02 15:48:14 +00:00
install_misc Bug 16770: Remove 2 other occurrences of libmemoize-memcached-perl 2016-06-24 14:05:56 +00:00
installer Bug 16978 - DBRev 16.06.00.022 2016-09-09 13:26:20 +00:00
Koha Bug 16586: [QA Follow-up] Simplify code 2016-09-09 12:13:39 +00:00
koha-tmpl Bug 17109: Add CSRF token to [opac-]sendbasket 2016-09-09 13:37:47 +00:00
labels Bug 16154: CGI->multi_param - Assign a list 2016-04-26 23:16:43 +00:00
members Bug 16908: Koha::Patrons - Remove GetSortDetails 2016-09-09 13:12:28 +00:00
misc Bug 15758: Koha::Libraries - Ultimate duel for C4::Branch 2016-09-08 14:36:04 +00:00
offline_circ Bug 15758: Koha::Libraries - Ultimate duel for C4::Branch 2016-09-08 14:36:04 +00:00
opac Bug 17109: Add CSRF token to [opac-]sendbasket 2016-09-09 13:37:47 +00:00
OpenILS Bug 9239 QA follow-up: remove stray debug code 2013-03-16 21:32:34 -04:00
patron_lists Bug 16154: CGI->multi_param - Force scalar context 2016-04-26 23:16:43 +00:00
patroncards Bug 15758: Koha::Libraries - Remove GetBranches 2016-09-08 14:36:03 +00:00
plugins Bug 16586: Koha Plugins: Limit results of GetPlugins by metadata 2016-09-09 12:13:39 +00:00
reports Bug 16978: Add delete reports user permission 2016-09-09 13:23:52 +00:00
reserve Bug 15758: Koha::Libraries - Remove GetBranches 2016-09-08 14:36:03 +00:00
reviews Bug 15839: Koha::Reviews - Remove C4::Review residue 2016-09-09 10:31:00 +00:00
rotating_collections Bug 15758: Koha::Libraries - Remove GetBranches 2016-09-08 14:36:03 +00:00
serials Bug 15758: Koha::Libraries - Ultimate duel for C4::Branch 2016-09-08 14:36:04 +00:00
services Bug 9978: Replace license header with the correct license (GPLv3+) 2015-04-20 09:59:38 -03:00
skel Bug 11078: Add locking to rebuild_zebra 2014-02-28 22:21:41 +00:00
sms Bug 15258: Fix Perl scripts declaring unused variables 2015-12-30 17:24:45 -07:00
suggestion Bug 15758: Koha::Libraries - Remove GetBranches 2016-09-08 14:36:03 +00:00
svc Bug 15758: [QA Follow-up] Some corrections related to GetBranchName 2016-09-08 14:36:05 +00:00
t Bug 17099: C4::Koha - Remove GetSupportName and GetSupportList 2016-09-09 13:30:45 +00:00
tags Bug 16154: CGI->multi_param - Assign a list 2016-04-26 23:16:43 +00:00
test Bug 9819 - 'stopwords'-related code removed 2015-12-30 15:49:35 +00:00
tmp/modified_authorities
tools Bug 16586: Koha Plugins: Limit results of GetPlugins by metadata 2016-09-09 12:13:39 +00:00
virtualshelves Bug 15451: (followup) fix filename extension for csv file 2016-07-22 17:18:37 +00:00
xt Bug 16174: (QA followup) Fix remaining tests 2016-04-01 19:11:33 +00:00
.editorconfig Bug 12545: Add EditorConfig.org file to the source tree 2014-08-22 11:07:45 -03:00
.htaccess
.mailmap (RM followup) .mailmap updates 2015-05-22 17:02:21 -03:00
about.pl Revert Bug 17177 - This bug was for 3.20.x only 2016-09-02 13:54:47 +00:00
changelanguage.pl Bug 16776: Do not forget external language choice in language switcher 2016-08-10 13:51:33 +00:00
edithelp.pl Bug 16447: Remove occurrence of the borrow permission which does no longer exist 2016-05-05 21:28:14 +00:00
fix-perl-path.PL Bug 9978: (followup) Replace license header with the correct license (GPLv3+) 2015-04-20 09:59:43 -03:00
help.pl Bug 16724: Fix link to the online documentation links 2016-06-24 12:00:42 +00:00
INSTALL Bug 7759, update of install files to use background indexing (and some whitespace tidy) 2012-04-20 16:11:52 +02:00
install-CPAN.pl Bug 9978: Replace license header with the correct license (GPLv3+) 2015-04-20 09:59:38 -03:00
INSTALL.debian Bug 8092 follow-up: Add optional dependency on CHI 2012-06-09 13:08:18 +02:00
INSTALL.fedora7 Bug 13642 - Remove MARC::Crosswalk::DublinCore from Koha 2016-01-27 06:23:08 +00:00
INSTALL.opensuse Bug 11757: remove dependency on POE 2014-02-15 01:38:15 +00:00
INSTALL.ubuntu Bug 7764: (follow-up) editorial tweaks 2013-10-04 16:27:55 +00:00
Koha.pm Bug 16978 - DBRev 16.06.00.022 2016-09-09 13:26:20 +00:00
koha_perl_deps.pl bug 10548: fix count of missing required dependencies by koha_perl_deps.pl 2013-07-11 14:03:32 +00:00
kohaversion.pl Bug 13758: Move the Koha version from kohaversion.pl 2015-05-07 11:39:04 -03:00
LICENSE Bug 9440 - update Koha's LICENSE file from GPL2 to GPL3 2013-02-12 08:52:10 -05:00
mainpage.pl Bug 15839: Koha::Reviews - Remove getnumberofreviews 2016-09-09 10:29:58 +00:00
Makefile.PL Bug 17044: Fix wrong destination for 'api' directory 2016-08-05 04:32:36 +00:00
MANIFEST.SKIP Bug 9546 : Updating make manifest tardist 2013-02-06 23:54:46 -05:00
README Bug 9440 - update Koha's LICENSE file from GPL2 to GPL3 2013-02-12 08:52:10 -05:00
README.md Bug 15465 [QA Followup] - Update wording, switch logo, add links 2016-02-24 04:02:26 +00:00
README.robots Bug 6411 add another example to README.robots 2011-07-05 14:48:05 +12:00
rewrite-config.PL Bug 16222: (QA followup) Add /api dir for the API 2016-04-20 21:18:36 +00:00

README.md

Koha is a free software integrated library system (ILS).

Koha is distributed under the GNU GPL version 3 or later.

Note: This is a synced mirror of the official Koha repo.

Note: Koha does not accept pull requests from git hosting sites.

Note: This project has its own bug tracker, to report a bug or submit a patch visit http://bugs.koha-comminity.org.

For guidelines on submitting patches for Koha please visit https://wiki.koha-community.org/wiki/SubmitingAPatch

The developers handbook can be found at https://wiki.koha-community.org/wiki/Developer_handbook

http://koha-community.org/

Koha Logo