From 810168643d02ebb69c2d56a5fa17b811b06d68a8 Mon Sep 17 00:00:00 2001 From: Jonathan Druart Date: Tue, 24 Dec 2013 14:35:36 +0100 Subject: [PATCH] Bug 10453: fix unintended password reset when updating child to adult ModMember supposes the password given in parameter is the password string, so if it receives the encrypted password, it will encrypt it again! By simply deleting the password key from the hash, ModMember leaves the password unchanged. Test plan: 1/ Create or choose a child patron 2/ Update it to an adult category using the "Update child to adult patron" link 3/ Try to log in at the OPAC with this patron: It is not possible, the password has changed 4/ Apply the patch and try again previous steps Signed-off-by: Mark Tompsett Signed-off-by: Katrin Fischer Confirmed the problem and tested the patch fixes it. Passes all tests and QA script. Signed-off-by: Galen Charlton (cherry picked from commit 3c5b4712717d082b66376915c47b6b5880695d31) Signed-off-by: Fridolin SOMERS --- members/update-child.pl | 1 + 1 file changed, 1 insertion(+) diff --git a/members/update-child.pl b/members/update-child.pl index 492219f483..6e7b1da9b8 100755 --- a/members/update-child.pl +++ b/members/update-child.pl @@ -86,6 +86,7 @@ elsif ( $op eq 'update' ) { my $borcat = GetBorrowercategory($catcode); $member->{'category_type'} = $borcat->{'category_type'}; $member->{'description'} = $borcat->{'description'}; + delete $member->{password}; ModMember(%$member); if ( $catcode_multi ) { -- 2.39.5