Patch security hole in vestigial report.

IMHO, this report should be removed in entirity because of its faulty
construction and total inability to distinguish between register "tills".
That is, it appears to be a valid accounting measure but isn't.
In any case, it let's not let just anybody run it!

Signed-off-by: Galen Charlton <galen.charlton@liblime.com>

diff --git a/reports/stats.screen.pl b/reports/stats.screen.pl
index b15a50a..ed38459 100755 (executable)
--- a/reports/stats.screen.pl
+++ b/reports/stats.screen.pl
@@ -25,11 +25,6 @@ use C4::Accounts;
 use C4::Debug;
 use Date::Manip;
 
-#use HTML::Template;
-#use Text::CSV_XS;
-#use Data::Dumper;
-
-
 my $input = new CGI;
 my $time  = $input->param('time');
 my $time2 = $input->param('time2');
@@ -41,7 +36,7 @@ my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
         query           => $input,
         type            => "intranet",
         authnotrequired => 1,
-        flagsrequired   => { borrowers => 1 },
+        flagsrequired   => { reports => 1 },
         debug           => 1,
     }
 );