Bugfix für Bug 1127. webpages/ct/get_delivery_master ist nicht customer/vendor sicher...

[mfinanz.git] / SL / Form.pm

diff --git a/SL/Form.pm b/SL/Form.pm
index 9a7c9e1759673c8474dd9ff27aef30d5c6e9aa70..e034a203c197e3bce4f1dbcd5c51e04ca509ad7a 100644 (file)
--- a/SL/Form.pm
+++ b/SL/Form.pm
@@ -57,6 +57,7 @@ use SL::Template;
 use SL::User;
 use Template;
 use List::Util qw(first max min sum);
+use List::MoreUtils qw(any);
 
 my $standard_dbh;
 
@@ -255,7 +256,7 @@ sub _recode_recursively {
   $main::lxdebug->enter_sub();
   my ($iconv, $param) = @_;
 
-  if (ref $param eq 'HASH') {
+  if (any { ref $param eq $_ } qw(Form HASH)) {
     foreach my $key (keys %{ $param }) {
       if (!ref $param->{$key}) {
         $param->{$key} = $iconv->convert($param->{$key});
@@ -305,11 +306,13 @@ sub new {
   my $db_charset   = $main::dbcharset;
   $db_charset    ||= Common::DEFAULT_CHARSET;
 
-  if ($self->{INPUT_ENCODING} && (lc $self->{INPUT_ENCODING} ne $db_charset)) {
-    require Text::Iconv;
-    my $iconv = Text::Iconv->new($self->{INPUT_ENCODING}, $db_charset);
+  if ($self->{INPUT_ENCODING}) {
+    if (lc $self->{INPUT_ENCODING} ne lc $db_charset) {
+      require Text::Iconv;
+      my $iconv = Text::Iconv->new($self->{INPUT_ENCODING}, $db_charset);
 
-    _recode_recursively($iconv, $self);
+      _recode_recursively($iconv, $self);
+    }
 
     delete $self{INPUT_ENCODING};
   }
@@ -606,9 +609,10 @@ sub create_http_response {
     my $session_cookie_value   = $main::auth->get_session_id();
     $session_cookie_value    ||= 'NO_SESSION';
 
-    $session_cookie = $cgi->cookie('-name'  => $main::auth->get_session_cookie_name(),
-                                   '-value' => $session_cookie_value,
-                                   '-path'  => $base_path);
+    $session_cookie = $cgi->cookie('-name'   => $main::auth->get_session_cookie_name(),
+                                   '-value'  => $session_cookie_value,
+                                   '-path'   => $base_path,
+                                   '-secure' => $ENV{HTTPS});
   }
 
   my %cgi_params = ('-type' => $params{content_type});
@@ -1354,6 +1358,7 @@ Content-Length: $numbytes
 
         while (<IN>) {
           print OUT $_;
+
         }
 
         close(OUT);
@@ -1393,6 +1398,7 @@ sub get_formname_translation {
     storno_packing_list     => $main::locale->text('Storno Packing List'),
     sales_delivery_order    => $main::locale->text('Delivery Order'),
     purchase_delivery_order => $main::locale->text('Delivery Order'),
+    dunning                 => $main::locale->text('Dunning'),
   );
 
   $main::lxdebug->leave_sub();
@@ -2015,6 +2021,8 @@ sub get_employee {
 
   my ($self, $dbh) = @_;
 
+  $dbh ||= $self->get_standard_dbh(\%main::myconfig);
+
   my $query = qq|SELECT id, name FROM employee WHERE login = ?|;
   ($self->{"employee_id"}, $self->{"employee"}) = selectrow_query($self, $dbh, $query, $self->{login});
   $self->{"employee_id"} *= 1;
@@ -2057,11 +2065,11 @@ sub get_duedate {
 
   my ($self, $myconfig, $reference_date) = @_;
 
-  my $reference_date = $reference_date ? conv_dateq($reference_date) . '::DATE' : 'current_date';
+  $reference_date = $reference_date ? conv_dateq($reference_date) . '::DATE' : 'current_date';
 
-  my $dbh            = $self->get_standard_dbh($myconfig);
-  my $query          = qq|SELECT ${reference_date} + terms_netto FROM payment_terms WHERE id = ?|;
-  my ($duedate)      = selectrow_query($self, $dbh, $query, $self->{payment_id});
+  my $dbh         = $self->get_standard_dbh($myconfig);
+  my $query       = qq|SELECT ${reference_date} + terms_netto FROM payment_terms WHERE id = ?|;
+  my ($duedate)   = selectrow_query($self, $dbh, $query, $self->{payment_id});
 
   $main::lxdebug->leave_sub();