3 # Copyright 2009 LibLime
5 # This file is part of Koha.
7 # Koha is free software; you can redistribute it and/or modify it
8 # under the terms of the GNU General Public License as published by
9 # the Free Software Foundation; either version 3 of the License, or
10 # (at your option) any later version.
12 # Koha is distributed in the hope that it will be useful, but
13 # WITHOUT ANY WARRANTY; without even the implied warranty of
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 # GNU General Public License for more details.
17 # You should have received a copy of the GNU General Public License
18 # along with Koha; if not, see <http://www.gnu.org/licenses>.
21 use C4
::Auth
qw(in_iprange);
24 use Koha
::Patron
::Images
;
28 my ( $query, $response ) = C4
::Service
->init( self_check
=> 'self_checkout_module' );
30 unless (C4
::Context
->preference('WebBasedSelfCheck')) {
31 print $query->header(status
=> '403 Forbidden - web-based self-check not enabled');
34 unless (C4
::Context
->preference('ShowPatronImageInWebBasedSelfCheck')) {
35 print $query->header(status
=> '403 Forbidden - displaying patron images in self-check not enabled');
39 unless ( in_iprange
(C4
::Context
->preference('SelfCheckAllowByIPRanges')) ) {
40 print $query->header(status
=> '403 Forbidden - functionality not available from your location');
44 my ($borrowernumber) = C4
::Service
->require_params('borrowernumber');
45 my ($csrf_token) = C4
::Service
->require_params('csrf_token');
47 my $patron = Koha
::Patrons
->find( $borrowernumber );
48 my $patron_image = $patron->image;
53 Koha
::Token
->new->check_csrf(
55 session_id
=> scalar $query->cookie('CGISESSID')
56 . $patron->cardnumber,
57 id
=> $patron->userid,
64 print $query->header(-type
=> 'text/plain', -status
=> '403 Forbidden');
68 -type
=> $patron_image->mimetype,
69 -Content_Length
=> length( $patron_image->imagefile )
71 $patron_image->imagefile;
73 print $query->header(status
=> '404 patron image not found');