projects / koha.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f43a735) | patch
Bug 17830: CSRF - Handle unicode characters in userid
authorJonathan Druart <jonathan.druart@bugs.koha-community.org>
Thu, 29 Dec 2016 16:54:40 +0000 (17:54 +0100)
committerKyle M Hall <kyle@bywatersolutions.com>
Fri, 30 Dec 2016 17:47:18 +0000 (17:47 +0000)
commit4e40339db3209c913c79b935067e139b470255cc
tree014cb941a8a8c8dacc41c45bb363c54f78d686c4tree | snapshot
parentf43a73597e17687cfcf3ca0069d621b712eff57ccommit | diff
Bug 17830: CSRF - Handle unicode characters in userid

If the userid of the logged in user contains unicode characters, the token
will not be generated correctly and Koha will crash with:
  Wide character in subroutine entry at /usr/share/perl5/Digest/HMAC.pm line 63.

Test plan:
- Edit a superlibrarian user and set his/her userid to '❤' or any other strings
with unicode characters.
- Login using this patron
- Search for patrons and click on a result.

=> Without this patch, you will get a software error (with "Wide
character in subroutine entry" in the logs).
=> With this patch, everything will go fine

You can also test the other files modified by this patch.

Signed-off-by: Karam Qubsi <karamqubsi@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
basket/sendbasket.pl diff | blob | history
members/deletemem.pl diff | blob | history
members/member-password.pl diff | blob | history
members/memberentry.pl diff | blob | history
members/moremember.pl diff | blob | history
opac/opac-memberentry.pl diff | blob | history
opac/opac-sendbasket.pl diff | blob | history
tools/import_borrowers.pl diff | blob | history
tools/picture-upload.pl diff | blob | history
Main Koha release repository