[Koha-cvs] koha pay.pl [R_2-2-7-1]
paul poulain
paul at koha-fr.org
Tue Mar 6 16:17:18 CET 2007
CVSROOT: /sources/koha
Module name: koha
Branch: R_2-2-7-1
Changes by: paul poulain <tipaul> 07/03/06 15:17:18
Modified files:
. : pay.pl
Log message:
security hole fix : checking perms before paying !
CVSWeb URLs:
http://cvs.savannah.gnu.org/viewcvs/koha/pay.pl?cvsroot=koha&only_with_tag=R_2-2-7-1&r1=1.9.2.5&r2=1.9.2.5.6.1
Patches:
Index: pay.pl
===================================================================
RCS file: /sources/koha/koha/Attic/pay.pl,v
retrieving revision 1.9.2.5
retrieving revision 1.9.2.5.6.1
diff -u -b -r1.9.2.5 -r1.9.2.5.6.1
--- pay.pl 5 Feb 2006 21:59:20 -0000 1.9.2.5
+++ pay.pl 6 Mar 2007 15:17:18 -0000 1.9.2.5.6.1
@@ -2,7 +2,7 @@
# WARNING: Not enough context to figure out the correct tabstop size
# WARNING: Assume that this file uses 4-character tabs
-# $Id: pay.pl,v 1.9.2.5 2006/02/05 21:59:20 kados Exp $
+# $Id: pay.pl,v 1.9.2.5.6.1 2007/03/06 15:17:18 tipaul Exp $
#written 11/1/2000 by chris at katipo.oc.nz
#part of the koha library system, script to facilitate paying off fines
@@ -37,6 +37,15 @@
my $input=new CGI;
+my($template, $loggedinuser, $cookie)
+ = get_template_and_user ({ template_name => "members/pay.tmpl",
+ query => $input,
+ type => "intranet",
+ authnotrequired => 0,
+ flagsrequired => {borrowers => 1},
+ debug => 1,
+ });
+
#print $input->header;
my $bornum=$input->param('bornum');
if ($bornum eq ''){
@@ -80,14 +89,6 @@
$env{'branchcode'}=$user;
my $total=$input->param('total');
if ($check ==0){
- my($template, $loggedinuser, $cookie)
- = get_template_and_user ({ template_name => "members/pay.tmpl",
- query => $input,
- type => "intranet",
- authnotrequired => 0,
- flagsrequired => {borrowers => 1},
- debug => 1,
- });
if ($total ne ''){
recordpayment(\%env,$bornum,$total);
}
More information about the Koha-cvs
mailing list