https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=28660 Jonathan Druart <jonathan.druart+koha@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |rel_21_05_candidate --- Comment #15 from Jonathan Druart <jonathan.druart+koha@gmail.com> --- So, what do we do? I don't think it's a good idea to revert bug 21325 (we announced that we prevented auth by GET and now we will accept it again?). I don't see how an additional check would be helpful, but we can add it if needed (please provide a patch). Note that if AutoSelfCheckAllowed is off, the CGI param won't be set from sco-main.pl and so $q_userid won't be == AutoSelfCheckID. Additionally if we are not coming from the sco page and the user CGI param is AutoSelfCheckID we are getting kicked out earlier. -- You are receiving this mail because: You are watching all bug changes.