]> git.koha-community.org Git - koha.git/commit
Bug 19258: Prevent warn when reversing a payment
authorAleisha Amohia <aleishaamohia@hotmail.com>
Tue, 5 Sep 2017 22:42:14 +0000 (22:42 +0000)
committerFridolin Somers <fridolin.somers@biblibre.com>
Tue, 10 Oct 2017 10:00:18 +0000 (12:00 +0200)
commitb17f7ec7c1c838a2aad84012ae4ee3de5e1b34ed
tree262e4e656de044caffaa228163babc47d455fe5c
parente05e8762ad34cf4cc5b6aa1754f99dc6cf3468bf
Bug 19258: Prevent warn when reversing a payment

The following warn is triggered when I click the Reverse button next to
an individual payment on the Account tab:
CGI::param called in list context from package
CGI::Compile::ROOT::home_vagrant_kohaclone_members_boraccount_2epl line
63, this can lead to vulnerabilities. See the warning in "Fetching the
value or values of a single named parameter" at /usr/share/perl5/CGI.pm
line 436.

To test:
1) Go to a members detail page in staff side, create a manual invoice,
pay it
2) Go to the Account tab, click Reverse next to the payment you just
made
3) Notice warns
4) Apply patch and repeat steps 1 & 2
5) Warns should be gone

Sponsored-by: Catalyst IT
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit b56c19528e332381384639ed347d11508086c547)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
members/boraccount.pl