+ $csrf_err = 1 unless Koha::Token->new->check_csrf({
+ id => C4::Context->userenv->{id},
+ secret => md5_base64( C4::Context->config('pass') ),
+ token => scalar $query->param('csrf_token'),
+ });
+}
+
+if( $csrf_err ) {
+ $template->param( csrf_error => 1, email_add => 1 );
+ output_html_with_http_headers $query, $cookie, $template->output;
+} elsif ( $email_add ) {
+ my $email = Koha::Email->new();
+ my $user = GetMember(borrowernumber => $borrowernumber);
+ my $user_email = GetFirstValidEmailAddress($borrowernumber)
+ || C4::Context->preference('KohaAdminEmailAddress');
+
+ my $email_replyto = "$user->{firstname} $user->{surname} <$user_email>";