Bug 23852: (QA follow-up) Correct scope of breadcrumb title style
[koha.git] / opac / sco / sco-patron-image.pl
blobe997ab984bf69db858c0a33167cc28167dd0f96f
1 #!/usr/bin/perl
3 # Copyright 2009 LibLime
5 # This file is part of Koha.
7 # Koha is free software; you can redistribute it and/or modify it
8 # under the terms of the GNU General Public License as published by
9 # the Free Software Foundation; either version 3 of the License, or
10 # (at your option) any later version.
12 # Koha is distributed in the hope that it will be useful, but
13 # WITHOUT ANY WARRANTY; without even the implied warranty of
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 # GNU General Public License for more details.
17 # You should have received a copy of the GNU General Public License
18 # along with Koha; if not, see <http://www.gnu.org/licenses>.
20 use Modern::Perl;
21 use C4::Auth qw(in_iprange);
22 use C4::Service;
23 use C4::Members;
24 use Koha::Patron::Images;
25 use Koha::Patrons;
26 use Koha::Token;
28 my ( $query, $response ) = C4::Service->init( self_check => 'self_checkout_module' );
30 unless (C4::Context->preference('WebBasedSelfCheck')) {
31 print $query->header(status => '403 Forbidden - web-based self-check not enabled');
32 exit;
34 unless (C4::Context->preference('ShowPatronImageInWebBasedSelfCheck')) {
35 print $query->header(status => '403 Forbidden - displaying patron images in self-check not enabled');
36 exit;
39 unless ( in_iprange(C4::Context->preference('SelfCheckAllowByIPRanges')) ) {
40 print $query->header(status => '403 Forbidden - functionality not available from your location');
41 exit;
44 my ($borrowernumber) = C4::Service->require_params('borrowernumber');
45 my ($csrf_token) = C4::Service->require_params('csrf_token');
47 my $patron = Koha::Patrons->find( $borrowernumber );
48 my $patron_image = $patron->image;
50 if ($patron_image) {
52 unless (
53 Koha::Token->new->check_csrf(
55 session_id => scalar $query->cookie('CGISESSID')
56 . $patron->cardnumber,
57 id => $patron->userid,
58 token => $csrf_token,
64 print $query->header(-type => 'text/plain', -status => '403 Forbidden');
65 exit;
67 print $query->header(
68 -type => $patron_image->mimetype,
69 -Content_Length => length( $patron_image->imagefile )
71 $patron_image->imagefile;
72 } else {
73 print $query->header(status => '404 patron image not found');