use Koha;
use Koha::Caches;
use Koha::AuthUtils qw(get_script_name hash_password);
+use Koha::Checkouts;
use Koha::DateUtils qw(dt_from_string);
use Koha::Library::Groups;
use Koha::Libraries;
use Koha::Patrons;
+use Koha::Patron::Consents;
use POSIX qw/strftime/;
use List::MoreUtils qw/ any /;
use Encode qw( encode is_utf8);
The C<template_name> is then used to find the correct template for
the page. The authenticated users details are loaded onto the
-template in the HTML::Template LOOP variable C<USER_INFO>. Also the
+template in the logged_in_user variable (which is a Koha::Patron object). Also the
C<sessionID> is passed to the template. This can be used in templates
if cookies are disabled. It needs to be put as and input to every
authenticated page.
);
}
+ # If we enforce GDPR and the user did not consent, redirect
+ if( $in->{type} eq 'opac' && $user &&
+ $in->{'template_name'} !~ /opac-patron-consent/ &&
+ C4::Context->preference('GDPR_Policy') eq 'Enforced' )
+ {
+ my $consent = Koha::Patron::Consents->search({
+ borrowernumber => getborrowernumber($user),
+ type => 'GDPR_PROCESSING',
+ given_on => { '!=', undef },
+ })->next;
+ if( !$consent ) {
+ print $in->{query}->redirect(-uri => '/cgi-bin/koha/opac-patron-consent.pl', -cookie => $cookie);
+ safe_exit;
+ }
+ }
+
if ( $in->{type} eq 'opac' && $user ) {
my $kick_out;
}
# user info
- $template->param( loggedinusername => $user ); # FIXME Should be replaced with something like patron-title.inc
+ $template->param( loggedinusername => $user ); # OBSOLETE - Do not reuse this in template, use logged_in_user.userid instead
$template->param( loggedinusernumber => $borrowernumber ); # FIXME Should be replaced with logged_in_user.borrowernumber
$template->param( logged_in_user => $patron );
$template->param( sessionID => $sessionID );
);
}
- $template->param( "USER_INFO" => $patron->unblessed ) if $borrowernumber != 0;
-
my $all_perms = get_all_subpermissions();
my @flagroots = qw(circulate catalogue parameters borrowers permissions reserveforothers borrow
EnableBorrowerFiles => C4::Context->preference('EnableBorrowerFiles'),
UseKohaPlugins => C4::Context->preference('UseKohaPlugins'),
UseCourseReserves => C4::Context->preference("UseCourseReserves"),
- useDischarge => C4::Context->preference('useDischarge')
+ useDischarge => C4::Context->preference('useDischarge'),
+ pending_checkout_notes => scalar Koha::Checkouts->search({ noteseen => 0 }),
);
}
else {
$session->param( 'search_history', $anon_search_history );
}
- my $sessionID = $session->id;
+ $sessionID = $session->id;
C4::Context->_new_userenv($sessionID);
$cookie = $query->cookie(
-name => 'CGISESSID',
my @inputs = ();
foreach my $name ( param $query) {
(next) if ( $name eq 'userid' || $name eq 'password' || $name eq 'ticket' );
- my $value = $query->param($name);
- push @inputs, { name => $name, value => $value };
+ my @value = $query->multi_param($name);
+ push @inputs, { name => $name, value => $_ } for @value;
}
my $patron = Koha::Patrons->find({ userid => $q_userid }); # Not necessary logged in!
if ( $patron and $patron->account_locked ) {
# Nothing to check, account is locked
- } elsif ($ldap) {
+ } elsif ($ldap && defined($password)) {
$debug and print STDERR "## checkpw - checking LDAP\n";
my ( $retval, $retcard, $retuserid ) = checkpw_ldap(@_); # EXTERNAL AUTH
if ( $retval == 1 ) {