$tmplbase=~ s/\.tmpl$/.tt/;
my $filename = "$path/modules/" . $tmplbase;
my $interface = 'intranet';
- my $template = C4::Templates->new( $interface, $filename, $tmplbase);
+ my $template = C4::Templates->new( $interface, $filename, $tmplbase, $query);
my ( $user, $cookie, $sessionID, $flags ) = checkauth(
$in->{'query'},
}
sub _get_template_language {
- #verify if opac language exists in staff (bug 5660)
- #conditions are 1) dir exists and 2) enabled in prefs
- my ($opaclang)= @_;
- return 'en' unless $opaclang;
- my $path= C4::Context->config('intrahtdocs')."/prog/$opaclang";
- -d $path ? $opaclang : 'en';
+
+ #verify if opac language exists in staff (bug 5660)
+ #conditions are 1) dir exists and 2) enabled in prefs
+ my ($opaclang) = @_;
+ return 'en' unless $opaclang;
+ $opaclang =~ s/[^a-zA-Z_-]*//g;
+ my $path = C4::Context->config('intrahtdocs') . "/prog/$opaclang";
+ -d $path ? $opaclang : 'en';
}
=item checkauth
$session->param('emailaddress'),
$session->param('branchprinter')
);
- $cookie = $query->cookie( CGISESSID => $session->id );
+ $cookie = $query->cookie(
+ -name => 'CGISESSID',
+ -value => $session->id,
+ -HttpOnly => 1,
+ );
$loggedin = 1;
$userid = $session->param('cardnumber');
}
C4::Context->_unset_userenv($sessionID);
$sessionID = undef;
$userid = undef;
- open L, ">>/tmp/sessionlog";
- my $time = localtime( time() );
- printf L "%20s from %16s logged out at %30s (manually).\n", $userid,
- $ip, $time;
- close L;
+ # Commented out due to its lack of usefulness
+ # open L, ">>/tmp/sessionlog";
+ # my $time = localtime( time() );
+ # printf L "%20s from %16s logged out at %30s (manually).\n", $userid,
+ # $ip, $time;
+ # close L;
}
}
unless ($userid) {
my ( $return, $cardnumber ) = checkpw( $userid, $password );
if ($return) {
$loggedin = 1;
- open L, ">>/tmp/sessionlog";
- my $time = localtime( time() );
- printf L "%20s from %16s logged in at %30s.\n", $userid,
- $ENV{'REMOTE_ADDR'}, $time;
- close L;
- $cookie = $query->cookie( CGISESSID => $sessionID );
+ # open L, ">>/tmp/sessionlog";
+ # my $time = localtime( time() );
+ # printf L "%20s from %16s logged in at %30s.\n", $userid,
+ # $ENV{'REMOTE_ADDR'}, $time;
+ # close L;
+ $cookie = $query->cookie(
+ -name => 'CGISESSID',
+ -value => $sessionID,
+ -HttpOnly => 1,
+ );
if ( $return == 2 ) {
#Only superlibrarian should have access to this page.
$cookie = $query->cookie(
-name => 'CGISESSID',
-value => '',
+ -HttpOnly => 1,
-expires => ''
);
}
my $filename = "$path/modules/$template_name";
$filename =~ s/\.tmpl$/.tt/;
my $interface = 'intranet';
- my $template = C4::Templates->new( $interface, $filename);
+ my $template = C4::Templates->new( $interface, $filename, '', $query);
$template->param(
INPUTS => \@inputs,
$cookie = $query->cookie(
-name => 'CGISESSID',
-value => $sessionID,
+ -HttpOnly => 1,
-expires => ''
);
print $query->header(
projects / koha.git / blobdiff