From 0f9fcfcaab668b2da300d0ae43aa77a752558f00 Mon Sep 17 00:00:00 2001 From: Marcel de Rooy Date: Tue, 7 Nov 2023 13:57:42 +0100 Subject: [PATCH] Bug 35276: Remove authentication params from suggestion hash These would be forwarded to Koha::Objects->as_list and crash on unknown column. Test plan: Logout from staff. Enter URL /suggestion/suggestion.pl Without this patch, it crashes. Now it does not. Note: The crash may show auth_forwarded_hash but I also saw koha_login_context passing by. Same issue. Signed-off-by: Marcel de Rooy Signed-off-by: David Nind Signed-off-by: Katrin Fischer Signed-off-by: Tomas Cohen Arazi (cherry picked from commit e2821c7962ca7594f029f4c7fdb0c2f70028eb9b) Signed-off-by: Fridolin Somers (cherry picked from commit 898e0d79793e8ff9450242e8e6b2f1f97e2873f8) Signed-off-by: Matt Blenkinsop --- suggestion/suggestion.pl | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/suggestion/suggestion.pl b/suggestion/suggestion.pl index 72cbfa9cd9..1b1269ada4 100755 --- a/suggestion/suggestion.pl +++ b/suggestion/suggestion.pl @@ -107,7 +107,9 @@ my $columns = ' '.join(' ', $schema->source('Suggestion')->columns).' '; my $suggestion_only = { map { $columns =~ / $_ / ? ($_ => $suggestion_ref->{$_}) : () } keys %$suggestion_ref }; $suggestion_only->{STATUS} = $suggestion_ref->{STATUS}; -delete $$suggestion_ref{$_} foreach qw( suggestedbyme op displayby tabcode notify filter_archived ); +delete $$suggestion_ref{$_} + foreach + qw( suggestedbyme op displayby tabcode notify filter_archived koha_login_context auth_forwarded_hash password userid ); foreach (keys %$suggestion_ref){ delete $$suggestion_ref{$_} if (!$$suggestion_ref{$_} && ($op eq 'else' )); } -- 2.39.5