From 39b1653348fd450ded9406a35b567042bf36d886 Mon Sep 17 00:00:00 2001 From: Jonathan Druart Date: Wed, 15 Feb 2017 17:14:13 +0100 Subject: [PATCH] Bug 18124: Change the calls to generate and check CSRF tokens The parameter change in Koha::Token should be applied to the calling scripts. Test plan: Confirm that the different forms of the scripts modified by this patch still work correctly. Test the problematic behavior: Open 2 tabs with in same user's session, go on the edit patron page (memberentry.pl). Log out and log in from the other tab. Submit the form => Wrong CSRF token should be raised Signed-off-by: Marcel de Rooy Signed-off-by: Julian Maurice --- members/member-password.pl | 3 +++ 1 file changed, 3 insertions(+) diff --git a/members/member-password.pl b/members/member-password.pl index b8035fdffa..257883ed9f 100755 --- a/members/member-password.pl +++ b/members/member-password.pl @@ -17,6 +17,9 @@ use C4::Circulation; use CGI qw ( -utf8 ); use C4::Members::Attributes qw(GetBorrowerAttributes); use Koha::Patron::Images; +use Koha::Token; + +use Koha::Patron::Categories; my $input = new CGI; -- 2.39.5