ffzg/recall_notices.pl: added --interval and --dedup

[koha.git] / basket / sendbasket.pl

diff --git a/basket/sendbasket.pl b/basket/sendbasket.pl
index 802ca33..2076c42 100755 (executable)
--- a/basket/sendbasket.pl
+++ b/basket/sendbasket.pl
@@ -20,7 +20,6 @@ use Modern::Perl;
 use CGI qw ( -utf8 );
 use Encode qw(encode);
 use Carp;
-use Digest::MD5 qw(md5_base64);
 use Mail::Sendmail;
 use MIME::QuotedPrint;
 use MIME::Base64;
@@ -50,29 +49,21 @@ my $email_add    = $query->param('email_add');
 
 my $dbh          = C4::Context->dbh;
 
-my $csrf_err;
 if ( $email_add ) {
-    $csrf_err = 1 unless Koha::Token->new->check_csrf({
-        id     => C4::Context->userenv->{id},
-        secret => md5_base64( C4::Context->config('pass') ),
-        token  => scalar $query->param('csrf_token'),
-    });
-}
-
-if( $csrf_err ) {
-    $template->param( csrf_error => 1, email_add => 1 );
-    output_html_with_http_headers $query, $cookie, $template->output;
-} elsif ( $email_add ) {
+    output_and_exit( $query, $cookie, $template, 'wrong_csrf_token' )
+        unless Koha::Token->new->check_csrf({
+            session_id => scalar $query->cookie('CGISESSID'),
+            token  => scalar $query->param('csrf_token'),
+        });
     my $email = Koha::Email->new();
     my %mail = $email->create_message_headers({ to => $email_add });
     my $comment    = $query->param('comment');
 
     # Since we are already logged in, no need to check credentials again
-    # We only need to add OPACBaseURL
+    # when loading a second template.
     my $template2 = C4::Templates::gettemplate(
         'basket/sendbasket.tt', 'intranet', $query,
     );
-    $template2->param( OPACBaseURL => C4::Context->preference('OPACBaseURL') );
 
     my @bibs = split( /\//, $bib_list );
     my @results;
@@ -83,7 +74,9 @@ if( $csrf_err ) {
 
         my $dat              = GetBiblioData($biblionumber);
         next unless $dat;
-        my $record           = GetMarcBiblio($biblionumber, 1);
+        my $record           = GetMarcBiblio({
+            biblionumber => $biblionumber,
+            embed_items => 1 });
         my $marcauthorsarray = GetMarcAuthors( $record, $marcflavour );
         my $marcsubjctsarray = GetMarcSubjects( $record, $marcflavour );
 
@@ -120,7 +113,7 @@ if( $csrf_err ) {
     if ( $template_res =~ /<SUBJECT>(.*)<END_SUBJECT>/s ) {
         $mail{subject} = $1;
         $mail{subject} =~ s|\n?(.*)\n?|$1|;
-        $mail{subject} = Encode::encode("UTF-8", $mail{subject});
+        $mail{subject} = encode('MIME-Header',$mail{subject});
     }
     else { $mail{'subject'} = "no subject"; }
 
@@ -171,7 +164,7 @@ END_OF_BODY
         $template->param( SENT      => "1" );
     }
     else {
-        # do something if it doesnt work....
+        # do something if it doesn't work....
         carp "Error sending mail: $Mail::Sendmail::error \n";
         $template->param( error => 1 );
     }
@@ -184,11 +177,7 @@ else {
         url            => "/cgi-bin/koha/basket/sendbasket.pl",
         suggestion     => C4::Context->preference("suggestion"),
         virtualshelves => C4::Context->preference("virtualshelves"),
-        csrf_token     => Koha::Token->new->generate_csrf(
-            {   id     => C4::Context->userenv->{id},
-                secret => md5_base64( C4::Context->config('pass') ),
-            }
-        ),
+        csrf_token     => Koha::Token->new->generate_csrf({ session_id => scalar $query->cookie('CGISESSID'), }),
     );
     output_html_with_http_headers $query, $cookie, $template->output;
 }