[Koha-bugs] [Bug 35276] Posting a suggestion crashes on Unknown column 'auth_forwarded_hash'

bugzilla-daemon at bugs.koha-community.org bugzilla-daemon at bugs.koha-community.org
Tue Nov 7 14:05:19 CET 2023 

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=35276

--- Comment #2 from Marcel de Rooy <m.de.rooy at rijksmuseum.nl> ---
Fix is underway.

When you login on the suggestion/suggestion.pl url, Auth will add a few params
which are copied into the Koha Objects->as_list call. We need to remove them.

The fact that this only happens when directly hitting the URL when not logged
in, makes me keep the current severity.

Some crash details:
DBIx::Class::Storage::DBI::_dbh_execute(): DBI Exception: DBD::mysql::st
execute failed: Unknown column 'auth_forwarded_hash' in 'where clause' at
/usr/share/koha/Koha/Objects.pm line 394
 at /usr/share/perl5/DBIx/Class/Exception.pm line 77
   
DBIx::Class::Storage::DBI::_dbh_execute('DBIx::Class::Storage::DBI::mysql=HASH(0x5564b8285490)',
'DBI::db=HASH(0x5564baa26de0)', 'SELECT `me`.`suggestionid`,
`me`.`suggestedby`, `me`.`suggesteddate`, `me`.`managedby`, `me`.`manageddate`,
`me`.`acceptedby`, `me`.`accepteddate`, `me`.`rejectedby`, `me`.`rejecteddate`,
`me`.`lastmodificationby`, `me`.`lastmodificationdate`, `me`.`STATUS`,
`me`.`archived`, `me`.`note`, `me`.`staff_note`, `me`.`author`, `me`.`title`,
`me`.`copyrightdate`, `me`.`publishercode`, `me`.`date`, `me`.`volumedesc`,
`me`.`publicationyear`, `me`.`place`, `me`.`isbn`, `me`.`biblionumber`,
`me`.`reason`, `me`.`patronreason`, `me`.`budgetid`, `me`.`branchcode`,
`me`.`collectiontitle`, `me`.`itemtype`, `me`.`quantity`, `me`.`currency`,
`me`.`price`, `me`.`total` FROM `suggestions` `me` WHERE ( ( `STATUS` = ? AND
`archived` = ? AND `auth_forwarded_hash` = ? AND `branchcode` = ? AND
`koha_login_context` = ? AND `password` = ? AND `userid` = ? ) )',
'ARRAY(0x5564b85a9e98)', 'ARRAY(0x5564bb7fc430)') called at
/usr/share/perl5/DBIx/Class/Storage/DBI.pm line 856
        Koha::Objects::as_list('Koha::Suggestions=HASH(0x5564bd270de8)') called
at /usr/share/koha/suggestion/suggestion.pl line 426
        eval {...} at /usr/share/koha/suggestion/suggestion.pl line 564

=> Look at the WHERE clause and note the presence of auth_forwarded_hash,
koha_login_context, password and userid.

Actually, the suggestion code could be improved further. This should not be
done really:
my $suggestion_ref  = { %{$input->Vars} }; # Copying, otherwise $input will be
modified
Here we get the additional cruft from Auth into our suggestion hash.

The fix simply removes them without a complete refactor of the script.

-- 
You are receiving this mail because:
You are watching all bug changes.

More information about the Koha-bugs mailing list