From f1acb5615d0cbcba5db5b84e12fbad3d41454347 Mon Sep 17 00:00:00 2001 From: Fridolin Somers Date: Tue, 23 Jun 2015 17:45:30 +0200 Subject: [PATCH] Bug 14440: get_template_and_user can not have an empty template_name (opac-ratings.pl) Since Bug 14408, the method get_template_and_user can not have an empty template_name. Pages calling with an empty value should use C4::Auth::checkauth() This patch corrects opac/opac-ratings.pl Test plan : - Apply patch - Set sysopref OpacStarRatings to 'results and details' - Disable Javascipt on your browser (otherwise it will use ajax) - Login at OPAC - Go to a record - Click on a button left of 'Rate me' to choose a rating, ie 4 - Click on 'Rate me' => The page is reloaded and you see 'your rating: 4' - Loggout from OPAC - Try to access URL : http:///cgi-bin/koha/opac-ratings.pl => You see the loggin page Signed-off-by: Indranil Das Gupta (L2C2 Technologies) Signed-off-by: Tomas Cohen Arazi Signed-off-by: Katrin Fischer Signed-off-by: Tomas Cohen Arazi --- .../bootstrap/en/modules/opac-detail.tt | 1 - opac/opac-ratings.pl | 22 +++++-------------- 2 files changed, 6 insertions(+), 17 deletions(-) diff --git a/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-detail.tt b/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-detail.tt index 5e7591d4f7..d79a51cbca 100644 --- a/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-detail.tt +++ b/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-detail.tt @@ -498,7 +498,6 @@ - diff --git a/opac/opac-ratings.pl b/opac/opac-ratings.pl index bb1297e200..2ad0cb0861 100755 --- a/opac/opac-ratings.pl +++ b/opac/opac-ratings.pl @@ -28,27 +28,17 @@ note: there is currently no 'delete rating' functionality in this script use strict; use warnings; use CGI qw ( -utf8 ); -use CGI::Cookie; -use C4::Auth qw(:DEFAULT check_cookie_auth); + +use C4::Auth; use C4::Context; -use C4::Output; -use C4::Dates qw(format_date); -use C4::Biblio; use C4::Ratings; use C4::Debug; my $query = CGI->new(); -my $a = $query->Vars; -#### $a -my ( $template, $loggedinuser, $cookie ) = get_template_and_user( - { - template_name => "", - query => $query, - type => "opac", - authnotrequired => 0, # auth required to add tags - debug => 0, - } -); + +# auth required to add ratings +my ($userid, $cookie, $sessionID) = checkauth( $query, 0, {}, 'opac' ); +my $loggedinuser = C4::Context->userenv->{'number'}; my $biblionumber = $query->param('biblionumber'); my $rating_old_value = $query->param('rating_value'); -- 2.39.5