Merge remote-tracking branch 'origin/new/bug_7367'

diff --combined C4/Auth.pm
index 0915990,22dc7b5..e4bd119
--- 1/C4/Auth.pm
--- 2/C4/Auth.pm
+++ b/C4/Auth.pm
@@@ -389,10 -389,7 +389,10 @@@ sub get_template_and_user 
              virtualshelves              => C4::Context->preference("virtualshelves"),
              StaffSerialIssueDisplayCount => C4::Context->preference("StaffSerialIssueDisplayCount"),
              NoZebra                     => C4::Context->preference('NoZebra'),
 -              EasyAnalyticalRecords => C4::Context->preference('EasyAnalyticalRecords'),
 +            EasyAnalyticalRecords       => C4::Context->preference('EasyAnalyticalRecords'),
 +            LocalCoverImages            => C4::Context->preference('LocalCoverImages'),
 +            OPACLocalCoverImages        => C4::Context->preference('OPACLocalCoverImages'),
 +            AllowMultipleCovers         => C4::Context->preference('AllowMultipleCovers'),
          );
      }
      else {
@@@ -497,12 -494,10 +497,11 @@@
              SyndeticsAwards              => C4::Context->preference("SyndeticsAwards"),
              SyndeticsSeries              => C4::Context->preference("SyndeticsSeries"),
              SyndeticsCoverImageSize      => C4::Context->preference("SyndeticsCoverImageSize"),
 +            OPACLocalCoverImages         => C4::Context->preference("OPACLocalCoverImages"),
          );
  
          $template->param(OpacPublic => '1') if ($user || C4::Context->preference("OpacPublic"));
      }
-       $template->param(listloop=>[{shelfname=>"Freelist", shelfnumber=>110}]);
      return ( $template, $borrowernumber, $cookie, $flags);
  }
  
@@@ -692,8 -687,7 +691,8 @@@ sub checkauth 
              $userid   = $session->param('id');
                        $sessiontype = $session->param('sessiontype');
          }
 -        if ( ($query->param('koha_login_context')) && ($query->param('userid') ne $session->param('id')) ) {
 +        if ( ( ($query->param('koha_login_context')) && ($query->param('userid') ne $session->param('id')) )
 +          || ( $cas && $query->param('ticket') ) ) {
              #if a user enters an id ne to the id in the current session, we need to log them in...
              #first we need to clear the anonymous session...
              $debug and warn "query id = " . $query->param('userid') . " but session id = " . $session->param('id');
@@@ -756,7 -750,7 +755,7 @@@
                C4::Context->_new_userenv($sessionID);
          $cookie = $query->cookie(CGISESSID => $sessionID);
            $userid    = $query->param('userid');
 -          if ($cas || $userid) {
 +            if (($cas && $query->param('ticket')) || $userid) {
                my $password = $query->param('password');
                my ($return, $cardnumber);
                if ($cas && $query->param('ticket')) {
@@@ -1122,7 -1116,7 +1121,7 @@@ sub check_api_auth 
      unless ($query->param('userid')) {
          $sessionID = $query->cookie("CGISESSID");
      }
 -    if ($sessionID && not $cas) {
 +    if ($sessionID && not ($cas && $query->param('PT')) ) {
          my $session = get_session($sessionID);
          C4::Context->_new_userenv($sessionID);
          if ($session) {