Bug 5900: GetAllIssues performance issues

Previously GetAllIssues was called before authenticating. Given how expensive
GetAllIssues is, this is problematic and could be used for used for DOSing the
server. There should be no functional change from this patch.

Signed-off-by: Nicole C. Engard <nengard@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>

diff --git a/members/readingrec.pl b/members/readingrec.pl
index f7631db..3ee6a8f 100755 (executable)
--- a/members/readingrec.pl
+++ b/members/readingrec.pl
@@ -40,6 +40,14 @@ my $data = undef;
 my $borrowernumber = undef;
 my $cardnumber = undef;
 
+my ($template, $loggedinuser, $cookie)= get_template_and_user({template_name => "members/readingrec.tmpl",
+                               query => $input,
+                               type => "intranet",
+                               authnotrequired => 0,
+                               flagsrequired => {borrowers => 1},
+                               debug => 1,
+                               });
+
 if ($input->param('cardnumber')) {
     $cardnumber = $input->param('cardnumber');
     $data = GetMember(cardnumber => $cardnumber);
@@ -54,14 +62,6 @@ my $order = 'date_due desc';
 my $limit = 0;
 my ( $issues ) = GetAllIssues($borrowernumber,$order,$limit);
 
-my ($template, $loggedinuser, $cookie)= get_template_and_user({template_name => "members/readingrec.tmpl",
-                               query => $input,
-                               type => "intranet",
-                               authnotrequired => 0,
-                               flagsrequired => {borrowers => 1},
-                               debug => 1,
-                               });
-
 my @loop_reading;
 
 foreach my $issue (@{$issues}){