X-Git-Url: http://koha-dev.rot13.org:8081/gitweb/?a=blobdiff_plain;f=admin%2Fimport_export_framework.pl;h=20729f2c6795ab8843f82ee0ed7c085b79291938;hb=5d6c092921919526ade501facb1220f8a108a08f;hp=8674ebf61962dfc432e453336a5b3e1ec2f7a06d;hpb=f76b9fb42e9ce7b90e3b45f2cc4c68470828e12a;p=koha_fer

diff --git a/admin/import_export_framework.pl b/admin/import_export_framework.pl
index 8674ebf619..20729f2c67 100755
--- a/admin/import_export_framework.pl
+++ b/admin/import_export_framework.pl
@@ -21,11 +21,31 @@
 use strict;
 use warnings;
 use CGI;
+use CGI::Cookie;
 use C4::Context;
+use C4::Auth qw/check_cookie_auth/;
 use C4::ImportExportFramework;
 
+my %cookies = CGI::Cookie->fetch();
+my $authenticated = 0;
+my ($auth_status, $sessionID);
+if (exists $cookies{'CGISESSID'}) {
+    ($auth_status, $sessionID) = check_cookie_auth(
+        $cookies{'CGISESSID'}->value,
+        { parameters => 'parameters_remaining_permissions' },
+    );
+}
+if ($auth_status eq 'ok') {
+    $authenticated = 1;
+}
+
 my $input = new CGI;
 
+unless ($authenticated) {
+    print $input->header(-type => 'text/plain', -status => '403 Forbidden');
+    exit 0;
+}
+
 my $frameworkcode = $input->param('frameworkcode') || '';
 my $action = $input->param('action') || 'export';
 
@@ -34,14 +54,14 @@ if ($action eq 'export' && $input->request_method() eq 'GET') {
     my $strXml = '';
     my $format = $input->param('type_export_' . $frameworkcode);
     ExportFramework($frameworkcode, \$strXml, $format);
+
     if ($format eq 'csv') {
         # CSV file
+
+        # Correctly set the encoding to output plain text in UTF-8
+        binmode(STDOUT,':encoding(UTF-8)');
         print $input->header(-type => 'application/vnd.ms-excel', -attachment => 'export_' . $frameworkcode . '.csv');
         print $strXml;
-    } elsif ($format eq 'sql') {
-        # SQL file
-        print $input->header(-type => 'text/plain', -attachment => 'export_' . $frameworkcode . '.sql');
-        print $strXml;
     } elsif ($format eq 'excel') {
         # Excel-xml file
         print $input->header(-type => 'application/excel', -attachment => 'export_' . $frameworkcode . '.xml');
@@ -59,7 +79,7 @@ if ($action eq 'export' && $input->request_method() eq 'GET') {
     my $fieldname = 'file_import_' . $frameworkcode;
     my $filename = $input->param($fieldname);
     # upload the input file
-    if ($filename && $filename =~ /\.(csv|ods|xml|sql)$/i) {
+    if ($filename && $filename =~ /\.(csv|ods|xml)$/i) {
         my $extension = $1;
         my $uploadFd = $input->upload($fieldname);
         if ($uploadFd && !$input->cgi_error) {