use Koha::Authority::Types;
use Koha::SearchEngine::Search;
use Koha::SearchEngine::QueryBuilder;
+use Koha::Token;
my $query = new CGI;
my $dbh = C4::Context->dbh;
debug => 1,
}
);
+
+ die "Wrong CSRF token" unless Koha::Token->new->check_csrf({
+ session_id => scalar $query->cookie('CGISESSID'),
+ token => scalar $query->param('csrf_token'),
+ });
+
&DelAuthority( $authid, 1 );
if ( $query->param('operator') ) {
}
);
+ $template->param(
+ csrf_token => Koha::Token->new->generate_csrf({
+ session_id => scalar $query->cookie('CGISESSID'),
+ }),
+ );
+
# search history
if (C4::Context->preference('EnableSearchHistory')) {
if ( $startfrom == 1) {
+ "&orderby=[% orderby %]"
+ "&value=[% value |url %]"
+ "&startfrom=[% startfrom %]"
- + "&resultsperpage=[% resultsperpage %]";
+ + "&resultsperpage=[% resultsperpage %]"
+ + "&csrf_token=[% csrf_token %]";
}
}