Bug 17720: CSRF - Handle unicode characters

[srvgit] / tools / import_borrowers.pl

diff --git a/tools/import_borrowers.pl b/tools/import_borrowers.pl
index f5a7921..f22f2ef 100755 (executable)
--- a/tools/import_borrowers.pl
+++ b/tools/import_borrowers.pl
@@ -59,8 +59,8 @@ use Text::CSV;
 # č
 
 use CGI qw ( -utf8 );
-# use encoding 'utf8';    # don't do this
 use Digest::MD5 qw(md5_base64);
+use Encode qw( encode );
 
 my (@errors, @feedback);
 my $extended = C4::Context->preference('ExtendedPatronAttributes');
@@ -113,7 +113,7 @@ if ( $uploadborrowers && length($uploadborrowers) > 0 ) {
     die "Wrong CSRF token"
         unless Koha::Token->new->check_csrf({
             id     => C4::Context->userenv->{id},
-            secret => md5_base64( C4::Context->config('pass') ),
+            secret => md5_base64( Encode::encode( 'UTF-8', C4::Context->config('pass') ) ),
             token  => scalar $input->param('csrf_token'),
         });
 
@@ -392,7 +392,7 @@ if ( $uploadborrowers && length($uploadborrowers) > 0 ) {
     $template->param(
         csrf_token => Koha::Token->new->generate_csrf(
             {   id     => C4::Context->userenv->{id},
-                secret => md5_base64( C4::Context->config('pass') ),
+                secret => md5_base64( Encode::encode( 'UTF-8', C4::Context->config('pass') ) ),
             }
         ),
     );