[Bug 18740] New: [16.05.12-16.05.13] Cannot modify patron password
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18740 Bug ID: 18740 Summary: [16.05.12-16.05.13] Cannot modify patron password Change sponsored?: --- Product: Koha Version: 16.05 Hardware: All OS: All Status: ASSIGNED Severity: major Priority: P5 - low Component: Patrons Assignee: jonathan.druart@bugs.koha-community.org Reporter: jonathan.druart@bugs.koha-community.org QA Contact: testopia@bugs.koha-community.org CC: gmcharlt@gmail.com, kyle.m.hall@gmail.com -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18740 Jonathan Druart <jonathan.druart@bugs.koha-community.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Depends on| |16992 -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18740 Jonathan Druart <jonathan.druart@bugs.koha-community.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |Needs Signoff -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18740 --- Comment #1 from Jonathan Druart <jonathan.druart@bugs.koha-community.org> --- Created attachment 64067 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=64067&action=edit Bug 18740: (bug 16992 follow-up) Add CSRF token to the template Bug 16992 is in commit 9e74db7b51085f62919e34ab4e5ccdf9da2066a1 Bug 18124: Restrict CSRF token to user's session but template change is missing Test plan: Modify a patron from member-password.pl Without this patch you got Wrong CSRF token at /home/vagrant/kohaclone/members/member-password.pl line 68. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18740 Jonathan Druart <jonathan.druart@bugs.koha-community.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |mtj@kohaaloha.com -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18740 Tomás Cohen Arazi <tomascohen@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Needs Signoff |Signed Off Patch complexity|--- |Trivial patch -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18740 Tomás Cohen Arazi <tomascohen@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #64067|0 |1 is obsolete| | --- Comment #2 from Tomás Cohen Arazi <tomascohen@gmail.com> --- Created attachment 64068 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=64068&action=edit Bug 18740: (bug 16992 follow-up) Add CSRF token to the template Bug 16992 is in commit 9e74db7b51085f62919e34ab4e5ccdf9da2066a1 Bug 18124: Restrict CSRF token to user's session but template change is missing Test plan: Modify a patron from member-password.pl Without this patch you got Wrong CSRF token at /home/vagrant/kohaclone/members/member-password.pl line 68. Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Patch fixes the bug. Passes the qa script. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18740 --- Comment #3 from Mason James <mtj@kohaaloha.com> --- (In reply to Tomás Cohen Arazi from comment #2)
Created attachment 64068 [details] [review] Bug 18740: (bug 16992 follow-up) Add CSRF token to the template
Bug 16992 is in commit 9e74db7b51085f62919e34ab4e5ccdf9da2066a1 Bug 18124: Restrict CSRF token to user's session
but template change is missing
Test plan: Modify a patron from member-password.pl Without this patch you got Wrong CSRF token at /home/vagrant/kohaclone/members/member-password.pl line 68.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Patch fixes the bug. Passes the qa script.
I've tested this as working OK, so I'll include this patch in an early release Thanks Joubu and Tomás for sorting this bug :0) -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18740 --- Comment #4 from Mason James <mtj@kohaaloha.com> --- Pushed to 16.05.x, for 16.05.14 release -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18740 --- Comment #5 from Mason James <mtj@kohaaloha.com> --- Created attachment 64254 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=64254&action=edit work-around without patch -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18740 --- Comment #6 from Mason James <mtj@kohaaloha.com> --- (In reply to Mason James from comment #5)
Created attachment 64254 [details] work-around without patch
i did find a work-around for this bug, without the patch it's possible to change a password using the members/memberentry.pl page -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18740 Jonathan Druart <jonathan.druart@bugs.koha-community.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |FIXED Status|Signed Off |RESOLVED -- You are receiving this mail because: You are watching all bug changes.
participants (1)
-
bugzilla-daemon@bugs.koha-community.org