use CGI;
use Test::MockModule;
use List::MoreUtils qw/all any none/;
-use Test::More tests => 6;
+use Test::More tests => 9;
use C4::Members;
use Koha::AuthUtils qw/hash_password/;
ok( ( any { $_->name eq 'KohaOpacLanguage' and $_->value eq 'en' } @$cookies ),
'BZ9735: invalid language, then default to en');
+
+ for my $template_name (
+ qw(
+ ../../../../../../../../../../../../../../../etc/passwd
+ test/../../../../../../../../../../../../../../etc/passwd
+ /etc/passwd
+ )
+ ) {
+ my ( $template, $loggedinuser, $cookies ) = get_template_and_user(
+ {
+ template_name => $template_name,
+ query => $query,
+ type => "intranet",
+ authnotrequired => 1,
+ flagsrequired => { catalogue => 1 },
+ }
+ );
+ my $file_exists = ( -f $template->{filename} ) ? 1 : 0;
+ is ( $file_exists, 0, 'The file template_name should have been sanitize' );
+ }
+
}
my $hash1 = hash_password('password');