#
# This file is part of Koha.
#
-# Koha is free software; you can redistribute it and/or modify it under the
-# terms of the GNU General Public License as published by the Free Software
-# Foundation; either version 2 of the License, or (at your option) any later
-# version.
+# Koha is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
#
-# Koha is distributed in the hope that it will be useful, but WITHOUT ANY
-# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
-# A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+# Koha is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
#
-# You should have received a copy of the GNU General Public License along
-# with Koha; if not, write to the Free Software Foundation, Inc.,
-# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+# You should have received a copy of the GNU General Public License
+# along with Koha; if not, see <http://www.gnu.org/licenses>.
-use strict;
-use warnings;
+use Modern::Perl;
use C4::Members;
-use C4::Auth;
-my $query = new CGI;
+use CGI qw ( -utf8 );
+use CGI::Cookie; # need to check cookies before having CGI parse the POST request
+use C4::Auth qw(:DEFAULT check_cookie_auth);
+use Koha::Patron::Images;
-my ( $template, $borrowernumber, $cookie ) = get_template_and_user(
- {
- template_name => "opac-userupdate.tt",
- query => $query,
- type => "opac",
- authnotrequired => 0,
- flagsrequired => { borrow => 1 },
- debug => 1,
- }
-);
+my $query = new CGI;
unless (C4::Context->preference('OPACpatronimages')) {
print $query->header(status => '403 Forbidden - displaying patron images in the OPAC not enabled');
exit;
}
-my ($borrower)=GetMember('borrowernumber' => $borrowernumber);
-my $cardnumber = $borrower->{'cardnumber'};
-my ($imagedata, $dberror) = GetPatronImage($cardnumber);
+my $needed_flags;
+my %cookies = CGI::Cookie->fetch;
+my $sessid = $cookies{'CGISESSID'}->value;
+my ($auth_status, $auth_sessid) = check_cookie_auth($sessid, $needed_flags);
+my $borrowernumber = C4::Context->userenv->{'number'};
-if ($dberror) {
- print $query->header(status => '500 internal error');
-}
+my $patron_image = Koha::Patron::Images->find($borrowernumber);
-if ($imagedata) {
- print $query->header(-type => $imagedata->{'mimetype'},
- -Content_Length => length ($imagedata->{'imagefile'})),
- $imagedata->{'imagefile'};
+if ($patron_image) {
+ print $query->header(
+ -type => $patron_image->mimetype,
+ -Content_Length => length( $patron_image->imagefile )
+ ),
+ $patron_image->imagefile;
} else {
print $query->header(status => '404 patron image not found');
}