[Koha-bugs] [Bug 18442] Permission error when logging into staff interface as db user

Thu Apr 20 16:07:33 CEST 2017

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18442

Jonathan Druart <jonathan.druart at bugs.koha-community.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Severity|major                       |critical
            Version|16.11                       |unspecified
                 CC|                            |kyle at bywatersolutions.com,
                   |                            |martin.renvoize at ptfs-europe
                   |                            |.com, tomascohen at gmail.com

--- Comment #7 from Jonathan Druart <jonathan.druart at bugs.koha-community.org> ---
I had more or less the same fix, but it was:

  $userid ||= $q_userid if $return == 2;

It makes thing safer I *think* because it will only affect behaviours for DB
user ($return == 2).
On the other hand if does not really make sense because if $return == 2,
$userid should not be set.
So maybe just
  $userid ||= $q_userid;
Could be enough.
And especially it will not erase $userid if one of the checkpw calls return a
userid different than the one we passed (possible??).

Martin? Tomas? Kyle?

-- 
You are receiving this mail because:
You are watching all bug changes.