[Koha-patches] [PATCH] [bug #2811][3.2] fix opac-renew.pl part
Nahuel Angelinetti
nahuel.angelinetti at biblibre.com
Thu Nov 20 12:30:28 CET 2008
This patch only fix a "security" failure that permit a user to renew his loan using directly the opac-renew.pl url.
Now, we check that opacrenewalallowed is set to on to permit the renewal.
---
opac/opac-renew.pl | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/opac/opac-renew.pl b/opac/opac-renew.pl
index 5eb9761..88bbacb 100755
--- a/opac/opac-renew.pl
+++ b/opac/opac-renew.pl
@@ -22,10 +22,11 @@ my ( $template, $borrowernumber, $cookie ) = get_template_and_user(
);
my @items = $query->param('item');
my $borrowernumber = $query->param('borrowernumber') || $query->param('bornum');
+my $opacrenew = C4::Context->preference("OpacRenewalAllowed");
for my $itemnumber ( @items ) {
my ($status,$error) = CanBookBeRenewed( $borrowernumber, $itemnumber );
- if ( $status == 1 ) {
+ if ( $status == 1 && $opacrenew == 1 ) {
AddRenewal( $borrowernumber, $itemnumber );
}
}
--
1.5.6.3
More information about the Koha-patches
mailing list