https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20415 --- Comment #25 from Fridolin SOMERS <fridolin.somers@biblibre.com> --- (In reply to Julian Maurice from comment #22)
(In reply to Jonathan Druart from comment #21)
(In reply to Julian Maurice from comment #20)
(In reply to David Cook from comment #19)
You can already retrieve that information using Perl though. What scenario do you see someone using it maliciously?
Templates can be used in "Tools » Notices & Slips", they can be written by users.
I agree, that's definitely wrong.
Fridolin, you should pass the variable the dirty way, from C4::Auth.
Maybe we can find something better than the dirty way and the security-hole way, like a method ArePluginsEnabled in Koha::Template::Plugin::Koha ?
Exactly what I was going to propose. I'm on a patch. -- You are receiving this mail because: You are watching all bug changes.