[Koha-bugs] [Bug 16514] Force scalar context where param assumes a list incorrectly in admin/edi scripts
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Mon Sep 11 17:50:15 CEST 2023
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=16514
Martin Renvoize <martin.renvoize at ptfs-europe.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #155499|0 |1
is obsolete| |
--- Comment #7 from Martin Renvoize <martin.renvoize at ptfs-europe.com> ---
Created attachment 155500
-->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=155500&action=edit
Bug 16514: Force scalar context reading cgi variables
CGI's param method will default to returning in list context
if it cant determine context from the lvalue
This generates log warnings in newer versions of CGI that support
multi_param. Force scalar context in the places where param
can't ascertain its context correctly
Signed-off-by: Aleisha Amohia <aleishaamohia at hotmail.com>
Patch works - no longer seeing warn "edi_accounts.pl: CGI::param called
in list context from package main line 105, this can lead to
vulnerabilities. See the warning in "Fetching the value or values of a
single named parameter" at /usr/share/perl5/CGI.pm line 436., referer:
http://localhost:8081/cgi-bin/koha/admin/edi_accounts.pl?op=delete_confirm&id=2"
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list