From 11cc4871b072e64cc2bc2a1345b53da90f92c2fe Mon Sep 17 00:00:00 2001 From: Jonathan Druart Date: Wed, 24 May 2023 09:29:30 +0200 Subject: [PATCH] Bug 33815: Do not explode if logged in user modify their own userid If the logged in librarian modifies their own userid they will get the following error when submitting the form: Can't call method "password_expired" on an undefined value at /kohadevbox/koha/C4/Auth.pm line 1780 We could handle this situation and flag the session as expired. Better would be to deal with this specific user case and update the cookie (?) Signed-off-by: Owen Leonard Signed-off-by: David Cook Signed-off-by: Tomas Cohen Arazi (cherry picked from commit 5da81cde99983768f627417c6c267d51cc0d908d) Signed-off-by: Matt Blenkinsop --- C4/Auth.pm | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/C4/Auth.pm b/C4/Auth.pm index 8b0b567a83..fbf3ed0513 100644 --- a/C4/Auth.pm +++ b/C4/Auth.pm @@ -1773,6 +1773,15 @@ sub check_cookie_auth { } elsif ( $userid ) { $session->param( 'lasttime', time() ); my $patron = Koha::Patrons->find({ userid => $userid }); + + # If the user modify their own userid + # Better than 500 but we could do better + unless ( $patron ) { + $session->delete(); + $session->flush; + return ("expired", undef); + } + $patron = Koha::Patrons->find({ cardnumber => $userid }) unless $patron; return ("password_expired", undef ) if $patron->password_expired; -- 2.39.5