From 18843cabdb1697fda2eb2d9c3c7f96b58f277813 Mon Sep 17 00:00:00 2001 From: Janusz Kaczmarek Date: Mon, 6 May 2024 11:44:26 +0000 Subject: [PATCH] Bug 36791: Koha explodes when trying to edit an authority rec. with an invalid authid When trying to open the authority editor with authid= (e.g. a deleted authid) Koha explodes with a message: Can't call method "authtypecode" on an undefined value at /kohadevbox/koha/authorities/authorities.pl line 556 This this because authtypecode method is called on the result of ->find without verifying that it was succesful. Test plan: ========== 1. Try to edit an auth rec. giving as a authid (in URL) a non-existing authid, e.g. in ktd, with standard ktd test data: http://your_ktd:8081/cgi-bin/koha/authorities/authorities.pl?authid=100000 Koha should explode with the message: Can't call method "authtypecode" on an undefined value at /kohadevbox/koha/authorities/authorities.pl line 556 2. Apply the patch; restart_all. 3. Repeat p. 1. You should get the 404 error page. Sponsored-by: Ignatianum University in Cracow Signed-off-by: Roman Dolny Signed-off-by: Emily Lamancusa Signed-off-by: Katrin Fischer --- authorities/authorities.pl | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/authorities/authorities.pl b/authorities/authorities.pl index e5150f7015..96c599a87f 100755 --- a/authorities/authorities.pl +++ b/authorities/authorities.pl @@ -552,11 +552,15 @@ if ( $op eq 'cud-change-framework' ) { } my $dbh = C4::Context->dbh; +my $authobj = Koha::Authorities->find($authid); +if ( defined $authid && !$authid || $authid && !$authobj ) { + print $input->redirect("/cgi-bin/koha/errors/404.pl"); # escape early + exit; +} if(!$authtypecode) { - $authtypecode = $authid ? Koha::Authorities->find($authid)->authtypecode : ''; + $authtypecode = $authid ? $authobj->authtypecode : ''; } -my $authobj = Koha::Authorities->find($authid); my $count = $authobj ? $authobj->get_usage_count : 0; my ($template, $loggedinuser, $cookie) -- 2.39.5