[koha-commits] main Koha release repository branch 3.8.x updated. v3.08.12-16-gd2b017a

Git repo owner gitmaster at git.koha-community.org
Thu May 9 09:42:22 CEST 2013 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "main Koha release repository".

The branch, 3.8.x has been updated
       via  d2b017a0f6b7d1ec279a7f0eff77853a184c423e (commit)
      from  07c9a90aa3c15d6de522ca16158b1e932e3921b0 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit d2b017a0f6b7d1ec279a7f0eff77853a184c423e
Author: Fridolyn SOMERS <fridolyn.somers at biblibre.com>
Date:   Fri Apr 12 17:24:17 2013 +0200

    Bug 10033 - dangerous query in _koha_modify_item
    
    The SQL query build in C4::Items::_koha_modify_item performs an update on a row of items table identified by itemnumber.
    Actually the query is build using a hash of datas :
        for my $key ( keys %$item ) {
            $query.="$key=?,";
            push @bind, $item->{$key};
        }
    But this hash contains 'itemnumber' key, so you get an update including the primary key.
    It is actually harmless but may be dangerous.
    
    This patch simply skips itemnumber key in above loop.
    
    Test plan :
    Check you can create and modify items.
    
    Signed-off-by: Kyle M Hall <kyle at bywatersolutions.com>
    Signed-off-by: Marcel de Rooy <m.de.rooy at rijksmuseum.nl>
    Signed-off-by: Jared Camins-Esakov <jcamins at cpbibliography.com>
    (cherry picked from commit 598dfe27224f517fafa06df75521c623992ecbe0)
    
    Signed-off-by: Jared Camins-Esakov <jcamins at cpbibliography.com>
    (cherry picked from commit ba8e383cf6835e204259063e6c18ac9c3892029b)
    
    Signed-off-by: Chris Cormack <chris at bigballofwax.co.nz>

-----------------------------------------------------------------------

Summary of changes:
 C4/Items.pm |    1 +
 1 files changed, 1 insertions(+), 0 deletions(-)


hooks/post-receive
-- 
main Koha release repository

More information about the koha-commits mailing list