[Koha-bugs] [Bug 16514] Force scalar cotext where param assumes a list incorrectly in admin/ edi scripts
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Mon Aug 29 06:31:24 CEST 2016
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=16514
Aleisha Amohia <aleishaamohia at hotmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #51475|0 |1
is obsolete| |
--- Comment #3 from Aleisha Amohia <aleishaamohia at hotmail.com> ---
Created attachment 54965
-->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=54965&action=edit
[SIGNED-OFF] Bug 16514: Force scalar context reading cgi variables
CGI's param method will default to returning in list context
if it cant determine context from the lvalue
This generates log warnings in newer versions of CGI that support
multi_param. Force scalar context in the places where param
can't ascertain its context correctly
Signed-off-by: Aleisha Amohia <aleishaamohia at hotmail.com>
Patch works - no longer seeing warn "edi_accounts.pl: CGI::param called
in list context from package main line 105, this can lead to
vulnerabilities. See the warning in "Fetching the value or values of a
single named parameter" at /usr/share/perl5/CGI.pm line 436., referer:
http://localhost:8081/cgi-bin/koha/admin/edi_accounts.pl?op=delete_confirm&id=2"
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list