[Koha-patches] [PATCH 2/2] Bug 6679: More style errors, plus fixing a security issue
Chris Cormack
chrisc at catalyst.net.nz
Mon Aug 8 11:02:01 CEST 2011
---
acqui/basketgroup.pl | 35 ++++++++++++++++++++++++++++++-----
1 files changed, 30 insertions(+), 5 deletions(-)
diff --git a/acqui/basketgroup.pl b/acqui/basketgroup.pl
index 08356f8..e1622ee 100755
--- a/acqui/basketgroup.pl
+++ b/acqui/basketgroup.pl
@@ -184,9 +184,21 @@ sub printbasketgrouppdf{
my ($basketgroupid) = @_;
my $pdfformat = C4::Context->preference("OrderPdfFormat");
- eval "use $pdfformat";
- # FIXME consider what would happen if $pdfformat does not
- # contain the name of a valid Perl module.
+ if ($pdfformat eq 'pdfformat::layout3pages' || $pdfformat eq 'pdfformat::layout2pages'){
+ eval {
+ require $pdfformat;
+ import $pdfformat;
+ };
+ if ($@){
+ }
+ }
+ else {
+ print $input->header;
+ print $input->start_html; # FIXME Should do a nicer page
+ print "<h1>Invalid PDF Format set</h1>";
+ print "Please go to the systempreferences and set a valid pdfformat";
+ exit;
+ }
my $basketgroup = GetBasketgroup($basketgroupid);
my $bookseller = GetBookSellerFromId($basketgroup->{'booksellerid'});
@@ -202,8 +214,20 @@ sub printbasketgrouppdf{
#isbn, itemtype, author, title, publishercode, quantity, listprice ecost discount gstrate
my @ba_order;
if ( $ord->{biblionumber} && $ord->{quantity}> 0 ) {
- eval "use C4::Biblio";
- eval "use C4::Koha";
+ eval {
+ require C4::Biblio;
+ import C4::Biblio;
+ };
+ if ($@){
+ croak $@;
+ }
+ eval {
+ require C4::Koha;
+ import C4::Koha;
+ };
+ if ($@){
+ croak $@;
+ }
my $bib = GetBiblioData($ord->{biblionumber});
my $itemtypes = GetItemTypes();
if($ord->{isbn}){
@@ -246,6 +270,7 @@ sub printbasketgrouppdf{
);
my $pdf = printpdf($basketgroup, $bookseller, $baskets, \%orders, $bookseller->{gstrate} // C4::Context->preference("gist")) || die "pdf generation failed";
print $pdf;
+
}
my $op = $input->param('op');
--
1.7.4.1
More information about the Koha-patches
mailing list