]> git.koha-community.org Git - koha.git/commit
Bug 19258: Prevent warn when reversing a payment
authorAleisha Amohia <aleishaamohia@hotmail.com>
Tue, 5 Sep 2017 22:42:14 +0000 (22:42 +0000)
committerJonathan Druart <jonathan.druart@bugs.koha-community.org>
Thu, 7 Sep 2017 17:39:09 +0000 (14:39 -0300)
commitb56c19528e332381384639ed347d11508086c547
treeef623db4299a08840a182a2599ca36682aecb45b
parentddf494b18f6c422d3654b0a78a63be86f5356065
Bug 19258: Prevent warn when reversing a payment

The following warn is triggered when I click the Reverse button next to
an individual payment on the Account tab:
CGI::param called in list context from package
CGI::Compile::ROOT::home_vagrant_kohaclone_members_boraccount_2epl line
63, this can lead to vulnerabilities. See the warning in "Fetching the
value or values of a single named parameter" at /usr/share/perl5/CGI.pm
line 436.

To test:
1) Go to a members detail page in staff side, create a manual invoice,
pay it
2) Go to the Account tab, click Reverse next to the payment you just
made
3) Notice warns
4) Apply patch and repeat steps 1 & 2
5) Warns should be gone

Sponsored-by: Catalyst IT
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
members/boraccount.pl