From 4e1b447b4cd9e4781b03fbf78fe027ca80580a33 Mon Sep 17 00:00:00 2001
From: Fridolin Somers <fridolin.somers@biblibre.com>
Date: Tue, 23 Jun 2015 14:09:06 +0200
Subject: [PATCH] Bug 14408: Allow tmpl and empty in template paths

---
 C4/Auth.pm | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/C4/Auth.pm b/C4/Auth.pm
index 1d3482e87e..851dc69bb0 100644
--- a/C4/Auth.pm
+++ b/C4/Auth.pm
@@ -140,7 +140,7 @@ sub get_template_and_user {
     my ( $user, $cookie, $sessionID, $flags );
 
     my $safe_chars = 'a-zA-Z0-9_\-\/';
-    die "bad template path" unless $in->{'template_name'} =~ m/^[$safe_chars]+.tt?$/ig; #sanitize input
+    die "bad template path" if $in->{'template_name'} && $in->{'template_name'} !~ m/^[$safe_chars]+\.(tt|tmpl)$/ig; #sanitize input
 
     $in->{'authnotrequired'} ||= 0;
     my $template = C4::Templates::gettemplate(
-- 
2.39.5