[Koha-bugs] [Bug 15438] Checking out an on-hold item sends holder' s borrowernumber in AF (screen message) field.
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Tue Jun 13 19:38:38 CEST 2017
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15438
Kyle M Hall <kyle at bywatersolutions.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #61738|0 |1
is obsolete| |
--- Comment #23 from Kyle M Hall <kyle at bywatersolutions.com> ---
Created attachment 64264
-->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=64264&action=edit
Bug 15438: Stop leaking data into SIP screen message
The returns from C4::Circulation::CanBookBeIssued used
to be structured as a hashref of entries like
REASON => {
data => 'foo',
moredata => 'bar',
};
Some entries still are. But many are now
REASON => 1,
data => 'foo',
moredata => 'bar',
The sip Checkout routine still assumed the former, as it
reports any causes it was not aware of (to maintain support for
a changing api) The data fields could leak into the screen message
field of the response. e.g. the borrowernumber or surname of the
borrower who has a hold on an issued title. Some real messages were
getting obscured by this
This patch sanatizes the return from from CanBookBeIssued
by removing keys which are not all uppercase
It also fixes a case where the key's data element was used
for the screen message when we should use the key itself
Updated the documentation of CanBookBeIssued to flag up
the assumption re case and the fact that 3 elements rather
than two may be returned
The loop through the returned keys was a bit bogus
so we now explicitly jump out if noerror is unset
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list