From 906ef4b28c376254743f948808e8ae47bb6f0a01 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Fr=C3=A9d=C3=A9rick=20Capovilla?=
 <frederick.capovilla@sys-tech.net>
Date: Wed, 7 Sep 2011 14:15:35 -0400
Subject: [PATCH] Bug 6854: Correct a double password encryption problem in
 import_borrowers.pl

When the CSV file has no password column and no default value was set for
the password :
If we try to modify an existing user, the password from the BD is sent
to ModMember, which then encrypts the already-encrypted password a
second time.

http://bugs.koha-community.org/show_bug.cgi?id=6854

Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Confirmed bug on current master.
1) Import new patron with password provided
> OPAC login works
2) Overwrite patron record, password provided
> OPAC login works
3) Overwrite patron record, password not provided
Before patch: OPAC login broken, password in database changed
After patch: OPC login works with same password as before

Signed-off-by: Ian Walls <ian.walls@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
---
 tools/import_borrowers.pl | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/tools/import_borrowers.pl b/tools/import_borrowers.pl
index 74a58895dd..a7e9142d71 100755
--- a/tools/import_borrowers.pl
+++ b/tools/import_borrowers.pl
@@ -243,6 +243,10 @@ if ( $uploadborrowers && length($uploadborrowers) > 0 ) {
             for my $col (keys %borrower) {
                 # use values from extant patron unless our csv file includes this column or we provided a default.
                 # FIXME : You cannot update a field with a  perl-evaluated false value using the defaults.
+
+                # The password is always encrypted, skip it!
+                next if $col eq 'password';
+
                 unless(exists($csvkeycol{$col}) || $defaults{$col}) {
                     $borrower{$col} = $member->{$col} if($member->{$col}) ;
                 }
-- 
2.20.1