foreach my $key (@names) {
if (defined $input->param($key)) {
$newdata{$key} = $input->param($key);
- $newdata{$key} =~ s/\"/"/g unless $key eq 'borrowernotes' or $key eq 'opacnote';
}
}
my $extended_patron_attributes = ();
if ($op eq 'save' || $op eq 'insert'){
- die "Wrong CSRF token"
+ output_and_exit( $input, $cookie, $template, 'wrong_csrf_token' )
unless Koha::Token->new->check_csrf({
session_id => scalar $input->cookie('CGISESSID'),
token => scalar $input->param('csrf_token'),
# which can happen if we're only editing the
# patron attributes or messaging preferences sections
- $patron->update_password($newdata{userid}, $newdata{password});
+ # should never raise an exception as password validity is checked above
+ my $password = $newdata{password};
+ if ( $password and $password ne '****' ) {
+ $patron->set_password({ password => $password });
+ }
if (C4::Context->preference('ExtendedPatronAttributes') and $input->param('setting_extended_patron_attributes')) {
C4::Members::Attributes::SetBorrowerAttributes($borrowernumber, $extended_patron_attributes);
$guarantorid = $borrower_data->{'guarantorid'} || $guarantorid;
my $guarantor = $guarantorid ? Koha::Patrons->find( $guarantorid ) : undef;
$template->param(
- patron => $patron, # Used by address include templates now
+ patron => $patron ? $patron : \%newdata, # Used by address include templates now
nodouble => $nodouble,
borrowernumber => $borrowernumber, #register number
guarantor => $guarantor,