my ( $user, $cookie, $sessionID, $flags );
my $safe_chars = 'a-zA-Z0-9_\-\/';
- die "bad template path" unless $in->{'template_name'} =~ m/^[$safe_chars]+.tt?$/ig; #sanitize input
+ die "bad template path" unless $in->{'template_name'} =~ m/^[$safe_chars]+\.(tt$|tmpl$)/ig; #sanitize input
$in->{'authnotrequired'} ||= 0;
my $template = C4::Templates::gettemplate(
use CGI;
use Test::MockModule;
use List::MoreUtils qw/all any none/;
-use Test::More tests => 6;
+use Test::More tests => 10;
use Test::Warn;
use C4::Members;
use Koha::AuthUtils qw/hash_password/;