Bug 17720: CSRF - Handle unicode characters

[srvgit] / members / deletemem.pl

diff --git a/members/deletemem.pl b/members/deletemem.pl
index b51c721..c764f35 100755 (executable)
--- a/members/deletemem.pl
+++ b/members/deletemem.pl
@@ -26,6 +26,7 @@ use strict;
 
 use CGI qw ( -utf8 );
 use Digest::MD5 qw(md5_base64);
+use Encode qw( encode );
 use C4::Context;
 use C4::Output;
 use C4::Auth;
@@ -148,7 +149,7 @@ if ( $op eq 'delete_confirm' or $countissues > 0 or $flags->{'CHARGES'}  or $is_
             op         => 'delete_confirm',
             csrf_token => Koha::Token->new->generate_csrf(
                 {   id     => C4::Context->userenv->{id},
-                    secret => md5_base64( C4::Context->config('pass') ),
+                    secret => md5_base64( Encode::encode( 'UTF-8', C4::Context->config('pass') ) ),
                 }
             ),
         );
@@ -158,7 +159,7 @@ if ( $op eq 'delete_confirm' or $countissues > 0 or $flags->{'CHARGES'}  or $is_
     die "Wrong CSRF token"
         unless Koha::Token->new->check_csrf({
             id     => C4::Context->userenv->{id},
-            secret => md5_base64( C4::Context->config('pass') ),
+            secret => md5_base64( Encode::encode( 'UTF-8', C4::Context->config('pass') ) ),
             token  => scalar $input->param('csrf_token'),
         });
     my $patron = Koha::Patrons->find( $member );