[koha-commits] main Koha release repository branch 3.10.x updated. v3.10.07-33-gc0cb1f8

Git repo owner gitmaster at git.koha-community.org
Tue Jul 16 13:33:09 CEST 2013 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "main Koha release repository".

The branch, 3.10.x has been updated
       via  c0cb1f8b0e8aa53707447ee7c27fd15fc0a7b80c (commit)
      from  de921f9315b490f1d592c2eb5b9c883087e97df8 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit c0cb1f8b0e8aa53707447ee7c27fd15fc0a7b80c
Author: Fridolyn SOMERS <fridolyn.somers at biblibre.com>
Date:   Mon Jul 15 13:00:18 2013 +0200

    Bug 10590 - in opac-topissues limit param is not protected
    
    In opac-topissues page, the limit URL argument is directly added to SQL query.
    
    This patch adds protections : limit must only contain digits and must be lower than 100.
    
    Test plan :
    - Edit URL to : /cgi-bin/koha/opac-topissues.pl?limit=10&branch=&itemtype=&timeLimit=999&do_it=1
    => You get the results of 10 most cheched-out of all time
    - Edit URL to : /cgi-bin/koha/opac-topissues.pl?limit=&branch=&itemtype=&timeLimit=999&do_it=1
    => You get the results of 10 most cheched-out of all time
    - Edit URL to : /cgi-bin/koha/opac-topissues.pl?limit=9999&branch=&itemtype=&timeLimit=999&do_it=1
    => You get the results of 100 most cheched-out of all time
    - Edit URL to : /cgi-bin/koha/opac-topissues.pl?limit=WHERE&branch=&itemtype=&timeLimit=999&do_it=1
    => You get the results of 10 most cheched-out of all time
    
    Signed-off-by: Robin Sheat <robin at catalyst.net.nz>
    Signed-off-by: Galen Charlton <gmc at esilibrary.com>
    Signed-off-by: Jonathan Druart <jonathan.druart at biblibre.com>
    Signed-off-by: Katrin Fischer <katrin.fischer at bsz-bw.de>
    Signed-off-by: Galen Charlton <gmc at esilibrary.com>
    (cherry picked from commit 57866d6b67c3f8b29290150f21c71395315a73fe)
    Signed-off-by: Tomas Cohen Arazi <tomascohen at gmail.com>
    (cherry picked from commit 5867909f8866b4e68340b88817bfb95f51bc3c9e)
    Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel at gmail.com>
    (cherry picked from commit 5867909f8866b4e68340b88817bfb95f51bc3c9e)

-----------------------------------------------------------------------

Summary of changes:
 opac/opac-topissues.pl |    4 +++-
 1 files changed, 3 insertions(+), 1 deletions(-)


hooks/post-receive
-- 
main Koha release repository

More information about the koha-commits mailing list