This patch only fix a "security" failure that permit a user to renew his loan using directly the opac-renew.pl url.
Now, we check that opacrenewalallowed is set to on to permit the renewal in opac.
Signed-off-by: Galen Charlton <galen.charlton@liblime.com>
);
my @items = $query->param('item');
my $borrowernumber = $query->param('borrowernumber') || $query->param('bornum');
);
my @items = $query->param('item');
my $borrowernumber = $query->param('borrowernumber') || $query->param('bornum');
+my $opacrenew = C4::Context->preference("OpacRenewalAllowed");
for my $itemnumber ( @items ) {
my ($status,$error) = CanBookBeRenewed( $borrowernumber, $itemnumber );
for my $itemnumber ( @items ) {
my ($status,$error) = CanBookBeRenewed( $borrowernumber, $itemnumber );
+ if ( $status == 1 && $opacrenew == 1 ) {
AddRenewal( $borrowernumber, $itemnumber );
}
}
AddRenewal( $borrowernumber, $itemnumber );
}
}
my ($status,$renewerror) = CanBookBeRenewed( $borrowernumber, $issue->{'itemnumber'} );
($issue->{'renewcount'},$issue->{'renewsallowed'},$issue->{'renewsleft'}) = GetRenewCount($borrowernumber, $issue->{'itemnumber'});
my ($status,$renewerror) = CanBookBeRenewed( $borrowernumber, $issue->{'itemnumber'} );
($issue->{'renewcount'},$issue->{'renewsallowed'},$issue->{'renewsleft'}) = GetRenewCount($borrowernumber, $issue->{'itemnumber'});
- $issue->{'status'} = $status;
+ $issue->{'status'} = $status || C4::Context->preference("OpacRenewalAllowed");
if ( $issue->{'overdue'} ) {
push @overdues, $issue;
if ( $issue->{'overdue'} ) {
push @overdues, $issue;