From d29660038fa76dc4ba57e4bd6498fbd2fbd90a27 Mon Sep 17 00:00:00 2001 From: Jonathan Druart Date: Thu, 3 Aug 2023 10:01:32 +0200 Subject: [PATCH] Bug 34369: Fix 'Did you mean' Signed-off-by: Jonathan Druart Signed-off-by: Marcel de Rooy Signed-off-by: danyonsewell --- koha-tmpl/intranet-tmpl/prog/en/modules/admin/didyoumean.tt | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/admin/didyoumean.tt b/koha-tmpl/intranet-tmpl/prog/en/modules/admin/didyoumean.tt index 4b6a7ffbaf..687c447773 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/modules/admin/didyoumean.tt +++ b/koha-tmpl/intranet-tmpl/prog/en/modules/admin/didyoumean.tt @@ -1,5 +1,6 @@ [% USE raw %] [% USE Asset %] +[% USE Koha %] [% SET footerjs = 1 %] [% BLOCK pluginlist %]
@@ -67,6 +68,7 @@ plugins that you want to use.
+ [% INCLUDE 'csrf-token.inc' %]
OPAC [% PROCESS pluginlist plugins=OPACpluginlist type='opac' %] @@ -107,7 +109,8 @@ function yesimeant() { var OPACdidyoumean = serialize_plugins('opac'); - var data = "pref_OPACdidyoumean=" + encodeURIComponent(OPACdidyoumean); + const csrf_token = "[% Koha.GenerateCSRF | $raw %]"; + let data = "pref_OPACdidyoumean=%s&csrf_token=%s".format(encodeURIComponent(OPACdidyoumean), csrf_token); $.ajax({ data: data, -- 2.39.5