From c93df0695f7963538689c8091dcd64e2186ce2c9 Mon Sep 17 00:00:00 2001 From: Marcel de Rooy Date: Mon, 24 Jan 2022 13:06:33 +0000 Subject: [PATCH] Bug 29931: (follow-up) Similar thing in opac-patron-image.pl Although less harmful indeed. No borrowernumber, no image. Signed-off-by: Marcel de Rooy Tested: logged in, logged out, prefs toggled. All fine. Signed-off-by: Jonathan Druart Signed-off-by: Kyle M Hall --- opac/opac-patron-image.pl | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/opac/opac-patron-image.pl b/opac/opac-patron-image.pl index df1efdf4ef..dccba229eb 100755 --- a/opac/opac-patron-image.pl +++ b/opac/opac-patron-image.pl @@ -32,13 +32,14 @@ unless (C4::Context->preference('OPACpatronimages')) { exit; } -my $needed_flags; -my %cookies = CGI::Cookie->fetch; -my $sessid = $cookies{'CGISESSID'}->value; -my ($auth_status) = check_cookie_auth($sessid, $needed_flags); -my $borrowernumber = C4::Context->userenv->{'number'}; +my ($auth_status) = check_cookie_auth( $query->cookie('CGISESSID') ); +if( $auth_status ne 'ok' ) { + print CGI::header( '-status' => '401' ); + exit 0; +} -my $patron_image = Koha::Patron::Images->find($borrowernumber); +my $userenv = C4::Context->userenv; +my $patron_image = $userenv ? Koha::Patron::Images->find( $userenv->{number} ) : undef; if ($patron_image) { print $query->header( -- 2.39.5