Bug 6643 -- Able to download patron card batches as an unauthorized user

author Liz Rea <lrea@nekls.org>

Thu, 28 Jul 2011 20:59:15 +0000 (15:59 -0500)

committer Chris Cormack <chrisc@catalyst.net.nz>

Mon, 1 Aug 2011 09:15:45 +0000 (21:15 +1200)
author Liz Rea <lrea@nekls.org>
Thu, 28 Jul 2011 20:59:15 +0000 (15:59 -0500)
committer Chris Cormack <chrisc@catalyst.net.nz>
Mon, 1 Aug 2011 09:15:45 +0000 (21:15 +1200)
diff --git a/patroncards/create-pdf.pl b/patroncards/create-pdf.pl

index f063e9b..961dfbf 100755 (executable)
--- a/patroncards/create-pdf.pl
+++ b/patroncards/create-pdf.pl
@@ -21,6 +21,7 @@ use strict;
 use warnings;
 
 use CGI;
+use C4::Auth;
 use Graphics::Magick;
 use XML::Simple;
 use POSIX qw(ceil);
@@ -34,6 +35,16 @@ use C4::Patroncards 1.000000;
 
 my $cgi = new CGI;
 
+my ( $template, $loggedinuser, $cookie ) = get_template_and_user({
+                                                                     template_name   => "labels/label-home.tt",
+                                                                     query           => $cgi,
+                                                                     type            => "intranet",
+                                                                     authnotrequired => 0,
+                                                                     flagsrequired   => { tools => 'label_creator' },
+                                                                     debug           => 1,
+                                                                     });
+
+
 my $batch_id    = $cgi->param('batch_id') if $cgi->param('batch_id');
 my $template_id = $cgi->param('template_id') || undef;
 my $layout_id   = $cgi->param('layout_id') || undef;
author	Liz Rea <lrea@nekls.org>
	Thu, 28 Jul 2011 20:59:15 +0000 (15:59 -0500)
committer	Chris Cormack <chrisc@catalyst.net.nz>
	Mon, 1 Aug 2011 09:15:45 +0000 (21:15 +1200)