projects
/
srvgit
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Bug 17720: CSRF - Handle unicode characters
[srvgit]
/
members
/
memberentry.pl
diff --git
a/members/memberentry.pl
b/members/memberentry.pl
index
27e6687
..
61ebed9
100755
(executable)
--- a/
members/memberentry.pl
+++ b/
members/memberentry.pl
@@
-26,6
+26,7
@@
use warnings;
use CGI qw ( -utf8 );
use List::MoreUtils qw/uniq/;
use Digest::MD5 qw(md5_base64);
use CGI qw ( -utf8 );
use List::MoreUtils qw/uniq/;
use Digest::MD5 qw(md5_base64);
+use Encode qw( encode );
# internal modules
use C4::Auth;
# internal modules
use C4::Auth;
@@
-290,7
+291,7
@@
if ($op eq 'save' || $op eq 'insert'){
die "Wrong CSRF token"
unless Koha::Token->new->check_csrf({
id => C4::Context->userenv->{id},
die "Wrong CSRF token"
unless Koha::Token->new->check_csrf({
id => C4::Context->userenv->{id},
- secret => md5_base64(
C4::Context->config('pass'
) ),
+ secret => md5_base64(
Encode::encode( 'UTF-8', C4::Context->config('pass')
) ),
token => scalar $input->param('csrf_token'),
});
token => scalar $input->param('csrf_token'),
});
@@
-752,7
+753,7
@@
$template->param(
$template->param(
csrf_token => Koha::Token->new->generate_csrf(
{ id => C4::Context->userenv->{id},
$template->param(
csrf_token => Koha::Token->new->generate_csrf(
{ id => C4::Context->userenv->{id},
- secret => md5_base64(
C4::Context->config('pass'
) ),
+ secret => md5_base64(
Encode::encode( 'UTF-8', C4::Context->config('pass')
) ),
}
),
);
}
),
);