3 # Copyright 2024 Koha development team
5 # This file is part of Koha.
7 # Koha is free software; you can redistribute it and/or modify it
8 # under the terms of the GNU General Public License as published by
9 # the Free Software Foundation; either version 3 of the License, or
10 # (at your option) any later version.
12 # Koha is distributed in the hope that it will be useful, but
13 # WITHOUT ANY WARRANTY; without even the implied warranty of
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 # GNU General Public License for more details.
17 # You should have received a copy of the GNU General Public License
18 # along with Koha; if not, see <http://www.gnu.org/licenses>.
21 use Test::More tests => 1;
28 push @files, `git ls-files 'koha-tmpl/opac-tmpl/bootstrap/en/*.tt'`;
29 push @files, `git ls-files 'koha-tmpl/opac-tmpl/bootstrap/en/*.inc'`;
32 push @files, `git ls-files 'koha-tmpl/intranet-tmpl/prog/en/*.tt'`;
33 push @files, `git ls-files 'koha-tmpl/intranet-tmpl/prog/en/*.inc'`;
37 for my $file ( @files ) {
39 my @e = check_csrf_in_forms($file);
40 push @errors, sprintf "%s:%s", $file, join (",", @e) if @e;
43 is( @errors, 0, "The <form> in the following files are missing it's corresponding csrf_token include (see bug 22990)" )
44 or diag(Dumper @errors);
46 sub check_csrf_in_forms {
49 my @lines = read_file($file);
51 return @errors unless grep { $_ =~ m|<form| } @lines;
52 my ( $open, $found ) = ( 0, 0 );
54 for my $line (@lines) {
56 $open = $line_number if $line =~ m{<form.*method=('|")post('|")}i;
57 $found++ if $open && $line =~ m{csrf-token\.inc};
58 if ( $open && $line =~ m{</form} ) {
59 push @errors, $open unless $found;