From c4cabd5fa0c7466829c41c7894ba6e6a58c039eb Mon Sep 17 00:00:00 2001 From: Jonathan Druart Date: Fri, 17 May 2024 09:17:04 +0200 Subject: [PATCH] Bug 36883: Fix club enrollment in the OPAC The CSRF tokens were missing in the POST requests. Signed-off-by: Owen Leonard Signed-off-by: Nick Clemens Signed-off-by: Katrin Fischer --- koha-tmpl/opac-tmpl/bootstrap/en/modules/clubs/clubs-tab.tt | 2 +- koha-tmpl/opac-tmpl/bootstrap/en/modules/clubs/enroll.tt | 4 +++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/koha-tmpl/opac-tmpl/bootstrap/en/modules/clubs/clubs-tab.tt b/koha-tmpl/opac-tmpl/bootstrap/en/modules/clubs/clubs-tab.tt index 25c1e0363b..d3a5dd222d 100644 --- a/koha-tmpl/opac-tmpl/bootstrap/en/modules/clubs/clubs-tab.tt +++ b/koha-tmpl/opac-tmpl/bootstrap/en/modules/clubs/clubs-tab.tt @@ -88,7 +88,7 @@ function cancelEnrollment( id ) { $.ajax({ type: "POST", url: '/cgi-bin/koha/svc/club/cancel_enrollment', - data: { id: id }, + data: { id: id, csrf_token: $('meta[name="csrf-token"]').attr('content'), }, success: function( data ) { if ( data.success ) { $('#opac-user-clubs_panel').load('/cgi-bin/koha/clubs/clubs-tab.pl?borrowernumber=[% borrower.borrowernumber | html %]', function() { diff --git a/koha-tmpl/opac-tmpl/bootstrap/en/modules/clubs/enroll.tt b/koha-tmpl/opac-tmpl/bootstrap/en/modules/clubs/enroll.tt index 653498aea6..f7ba2767bc 100644 --- a/koha-tmpl/opac-tmpl/bootstrap/en/modules/clubs/enroll.tt +++ b/koha-tmpl/opac-tmpl/bootstrap/en/modules/clubs/enroll.tt @@ -38,10 +38,12 @@