To reproduce warns:
1) Go to Tools -> Notices & slips
2) Create a new notice of any module
Notice these warns:
Use of uninitialized value $code in regexp compilation at
/home/vagrant/kohaclone/tools/letter.pl line 265.
Use of uninitialized value $code in regexp compilation at
/home/vagrant/kohaclone/tools/letter.pl line 265.
Use of uninitialized value $code in regexp compilation at
/home/vagrant/kohaclone/tools/letter.pl line 265.
CGI::param called in list context from package
CGI::Compile::ROOT::home_vagrant_kohaclone_svc_letters_get line 50, this
can lead to vulnerabilities. See the warning in "Fetching the value or
values of a single named parameter" at /usr/share/perl5/CGI.pm line 436.
CGI::param called in list context from package
CGI::Compile::ROOT::home_vagrant_kohaclone_svc_letters_get line 50, this
can lead to vulnerabilities. See the warning in "Fetching the value or
values of a single named parameter" at /usr/share/perl5/CGI.pm line 436.
3) Create a new notice of the Circulation module
Notice this additional warn:
Use of uninitialized value $code in pattern match (m//) at
/home/vagrant/kohaclone/tools/letter.pl line 258.
To test:
4) Apply patch and refresh page
5) Run steps 1-3 again and confirm no warns show
Sponsored-by: Catalyst IT
Signed-off-by: Maryse Simard <maryse.simard@inlibro.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
our ( $query, $response ) = C4::Service->init( tools => 'edit_notices' );
sub get_letters {
- my $letters = GetLetters({ code => $query->param('code'), branchcode => $query->param('branchcode') });
+ my $code = scalar $query->param('code');
+ my $branchcode = scalar $query->param('branchcode');
+ my $letters = GetLetters({ code => $code, branchcode => $branchcode });
$response->param( letters => $letters );
C4::Service->return_success( $response );
}
push @{$field_selection}, add_fields('issues');
}
- if ( $module eq 'circulation' and $code =~ /^AR_/ ) {
+ if ( $module eq 'circulation' and $code and $code =~ /^AR_/ ) {
push @{$field_selection}, add_fields('article_requests');
}
}
- my $preview_is_available = grep {/^$code$/} qw(
- CHECKIN CHECKOUT HOLD_SLIP
- );
+ my $preview_is_available = 0;
+
+ if ($code) {
+ $preview_is_available = grep {/^$code$/} qw( CHECKIN CHECKOUT HOLD_SLIP );
+ }
+
$template->param(
module => $module,
SQLfieldnames => $field_selection,