From bb69578db04f4d7fe545e450bef823a21911e3ea Mon Sep 17 00:00:00 2001 From: Jonathan Druart Date: Fri, 4 Aug 2023 11:06:16 +0200 Subject: [PATCH] Bug 34478: Add 'op' to opac-user.tt Bug 34478: [TO SQUASH] Add 'op' to opac-user.tt Bug 34478: [TO SQUASH] Add 'op' to opac-user.tt Signed-off-by: Jonathan Druart --- koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-user.tt | 6 ++++-- opac/opac-renew.pl | 3 +++ opac/opac-user.pl | 4 +++- 3 files changed, 10 insertions(+), 3 deletions(-) diff --git a/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-user.tt b/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-user.tt index dca48f11d1..d9920dc14a 100644 --- a/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-user.tt +++ b/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-user.tt @@ -216,6 +216,7 @@ [% IF Koha.Preference('AllowPatronToControlAutorenewal') %]
+ [% INCLUDE 'csrf-token.inc' %] Auto-renewal [% END %] - [% INCLUDE 'csrf-token.inc' %] - +
[% END %] @@ -544,6 +544,7 @@ [% IF ( canrenew && !userdebarred && OpacRenewalAllowed && !( logged_in_user.is_expired && logged_in_user.category.effective_BlockExpiredPatronOpacActions ) ) %] + [% END %] @@ -553,6 +554,7 @@ [% INCLUDE 'csrf-token.inc' %] Renew + [% FOREACH ISSUE IN ISSUES %] [% IF ISSUE.status %] diff --git a/opac/opac-renew.pl b/opac/opac-renew.pl index db70a16716..dff4d5b21f 100755 --- a/opac/opac-renew.pl +++ b/opac/opac-renew.pl @@ -31,6 +31,9 @@ use C4::Members; use Koha::Items; use Koha::Patrons; my $query = CGI->new; +my $op = $query->param('op') || q{}; + +die "op must be set" unless $op eq 'renew'; my ( $template, $borrowernumber, $cookie ) = get_template_and_user( { diff --git a/opac/opac-user.pl b/opac/opac-user.pl index f053ed65e6..3d44e9828f 100755 --- a/opac/opac-user.pl +++ b/opac/opac-user.pl @@ -57,6 +57,8 @@ use Date::Calc qw( Date_to_Days Today ); my $query = CGI->new; +my $op = $query->param('op') || q{}; + # CAS single logout handling # Will print header and exit if ( C4::Context->preference('casAuthentication') ) { @@ -87,7 +89,7 @@ $template->param( shibbolethAuthentication => C4::Context->config('useshibboleth # get borrower information .... my $patron = Koha::Patrons->find( $borrowernumber ); -if( $query->param('update_arc') && C4::Context->preference("AllowPatronToControlAutorenewal") ){ +if( $op eq 'cud-update_arc' && C4::Context->preference("AllowPatronToControlAutorenewal") ){ die "Wrong CSRF token" unless Koha::Token->new->check_csrf({ session_id => scalar $query->cookie('CGISESSID'), -- 2.39.5