Merge remote-tracking branch 'origin/new/bug_7367'

[koha.git] / C4 / Auth.pm

diff --git a/C4/Auth.pm b/C4/Auth.pm
index 22dc7b5..e4bd119 100755 (executable)
--- a/C4/Auth.pm
+++ b/C4/Auth.pm
@@ -389,7 +389,10 @@ sub get_template_and_user {
             virtualshelves              => C4::Context->preference("virtualshelves"),
             StaffSerialIssueDisplayCount => C4::Context->preference("StaffSerialIssueDisplayCount"),
             NoZebra                     => C4::Context->preference('NoZebra'),
-               EasyAnalyticalRecords => C4::Context->preference('EasyAnalyticalRecords'),
+            EasyAnalyticalRecords       => C4::Context->preference('EasyAnalyticalRecords'),
+            LocalCoverImages            => C4::Context->preference('LocalCoverImages'),
+            OPACLocalCoverImages        => C4::Context->preference('OPACLocalCoverImages'),
+            AllowMultipleCovers         => C4::Context->preference('AllowMultipleCovers'),
         );
     }
     else {
@@ -494,6 +497,7 @@ sub get_template_and_user {
             SyndeticsAwards              => C4::Context->preference("SyndeticsAwards"),
             SyndeticsSeries              => C4::Context->preference("SyndeticsSeries"),
             SyndeticsCoverImageSize      => C4::Context->preference("SyndeticsCoverImageSize"),
+            OPACLocalCoverImages         => C4::Context->preference("OPACLocalCoverImages"),
         );
 
         $template->param(OpacPublic => '1') if ($user || C4::Context->preference("OpacPublic"));
@@ -687,7 +691,8 @@ sub checkauth {
             $userid   = $session->param('id');
                        $sessiontype = $session->param('sessiontype');
         }
-        if ( ($query->param('koha_login_context')) && ($query->param('userid') ne $session->param('id')) ) {
+        if ( ( ($query->param('koha_login_context')) && ($query->param('userid') ne $session->param('id')) )
+          || ( $cas && $query->param('ticket') ) ) {
             #if a user enters an id ne to the id in the current session, we need to log them in...
             #first we need to clear the anonymous session...
             $debug and warn "query id = " . $query->param('userid') . " but session id = " . $session->param('id');
@@ -750,7 +755,7 @@ sub checkauth {
                C4::Context->_new_userenv($sessionID);
         $cookie = $query->cookie(CGISESSID => $sessionID);
            $userid    = $query->param('userid');
-           if ($cas || $userid) {
+            if (($cas && $query->param('ticket')) || $userid) {
                my $password = $query->param('password');
                my ($return, $cardnumber);
                if ($cas && $query->param('ticket')) {
@@ -1116,7 +1121,7 @@ sub check_api_auth {
     unless ($query->param('userid')) {
         $sessionID = $query->cookie("CGISESSID");
     }
-    if ($sessionID && not $cas) {
+    if ($sessionID && not ($cas && $query->param('PT')) ) {
         my $session = get_session($sessionID);
         C4::Context->_new_userenv($sessionID);
         if ($session) {