git.koha-community.org Git - koha.git/commit

Bug 17830: CSRF - Handle unicode characters in userid

If the userid of the logged in user contains unicode characters, the token
will not be generated correctly and Koha will crash with:
Wide character in subroutine entry at /usr/share/perl5/Digest/HMAC.pm line 63.

Test plan:
- Edit a superlibrarian user and set his/her userid to '❤' or any other strings
with unicode characters.
- Login using this patron
- Search for patrons and click on a result.

=> Without this patch, you will get a software error (with "Wide
character in subroutine entry" in the logs).
=> With this patch, everything will go fine

You can also test the other files modified by this patch.

Signed-off-by: Karam Qubsi <karamqubsi@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

author	Jonathan Druart <jonathan.druart@bugs.koha-community.org>
	Thu, 29 Dec 2016 16:54:40 +0000 (17:54 +0100)
committer	Kyle M Hall <kyle@bywatersolutions.com>
	Fri, 30 Dec 2016 17:47:18 +0000 (17:47 +0000)
commit	4e40339db3209c913c79b935067e139b470255cc
tree	014cb941a8a8c8dacc41c45bb363c54f78d686c4	tree \| snapshot
parent	f43a73597e17687cfcf3ca0069d621b712eff57c	commit \| diff

basket/sendbasket.pl		diff \| blob \| history
members/deletemem.pl		diff \| blob \| history
members/member-password.pl		diff \| blob \| history
members/memberentry.pl		diff \| blob \| history
members/moremember.pl		diff \| blob \| history
opac/opac-memberentry.pl		diff \| blob \| history
opac/opac-sendbasket.pl		diff \| blob \| history
tools/import_borrowers.pl		diff \| blob \| history
tools/picture-upload.pl		diff \| blob \| history