diff --git a/build/exe/doliwamp/dolibarr.conf.install b/build/exe/doliwamp/dolibarr.conf.install index 40b8dea7784..4dbb8c62317 100644 --- a/build/exe/doliwamp/dolibarr.conf.install +++ b/build/exe/doliwamp/dolibarr.conf.install @@ -1,6 +1,6 @@ Alias /dolibarr "WAMPROOT/www/dolibarr/htdocs/" -# NOTE: +# NOTE FOR APACHE 2.2: # To restrict access to dolibarr from outside set lines # # Order Deny,Allow @@ -12,10 +12,21 @@ Alias /dolibarr "WAMPROOT/www/dolibarr/htdocs/" # Order Allow,Deny # Allow from all # +# NOTE FOR APACHE 2.3: +# To restrict access to dolibarr from outside set lines +# +# +# Require ip 127.0.0.1 +# Require host localhost +# +# +# instead of +# +# Require all granted +# Options Indexes FollowSymLinks MultiViews AllowOverride all - Order Allow,Deny - Allow from all + Require all granted \ No newline at end of file diff --git a/build/exe/doliwamp/doliwamp.iss b/build/exe/doliwamp/doliwamp.iss index e4cfc326422..3aaf113e679 100644 --- a/build/exe/doliwamp/doliwamp.iss +++ b/build/exe/doliwamp/doliwamp.iss @@ -101,7 +101,7 @@ Source: "build\exe\doliwamp\UsedPort.exe"; DestDir: "{app}\"; Flags: ignoreversi ; Put here path of Wampserver applications ; Value OK: apache 2.2.6, php 5.2.5 (5.2.11, 5.3.0 and 5.3.1 fails if php_exif, php_pgsql, php_zip is on), mysql 5.0.45 or 5.1.36 ; Value OK: apache 2.2.11, php 5.3.0 (if no php_exif, php_pgsql, php_zip), mysql 5.0.45 or 5.1.36 -; Value ???: apache 2.4.19, php 5.5.12, mysql 5.6.17 +; Value ???: apache 2.4.19, php 5.5.12, mysql 5.6.17 (wampserver2.5-Apache-2.4.9-Mysql-5.6.17-php5.5.12-32b.exe) Source: "C:\Program Files\Wamp\apps\phpmyadmin4.1.14\*.*"; DestDir: "{app}\apps\phpmyadmin4.1.14"; Flags: ignoreversion recursesubdirs; Excludes: "config.inc.php,wampserver.conf,*.log,*_log,darkblue_orange" Source: "C:\Program Files\Wamp\bin\apache\apache2.4.9\*.*"; DestDir: "{app}\bin\apache\apache2.4.9"; Flags: ignoreversion recursesubdirs; Excludes: "php.ini,httpd.conf,wampserver.conf,*.log,*_log" Source: "C:\Program Files\Wamp\bin\php\php5.5.12\*.*"; DestDir: "{app}\bin\php\php5.5.12"; Flags: ignoreversion recursesubdirs; Excludes: "php.ini,phpForApache.ini,wampserver.conf,*.log,*_log" @@ -119,8 +119,8 @@ Source: "build\exe\doliwamp\phpmyadmin.conf.install"; DestDir: "{app}\alias"; Fl Source: "build\exe\doliwamp\dolibarr.conf.install"; DestDir: "{app}\alias"; Flags: ignoreversion; Source: "build\exe\doliwamp\config.inc.php.install"; DestDir: "{app}\apps\phpmyadmin4.1.14"; Flags: ignoreversion; Source: "build\exe\doliwamp\httpd.conf.install"; DestDir: "{app}\bin\apache\apache2.4.9\conf"; Flags: ignoreversion; -Source: "build\exe\doliwamp\my.ini.install"; DestDir: "{app}\bin\mysql\mysql5.5.12"; Flags: ignoreversion; -Source: "build\exe\doliwamp\php.ini.install"; DestDir: "{app}\bin\php\php5.6.17"; Flags: ignoreversion; +Source: "build\exe\doliwamp\my.ini.install"; DestDir: "{app}\bin\mysql\mysql5.6.17"; Flags: ignoreversion; +Source: "build\exe\doliwamp\php.ini.install"; DestDir: "{app}\bin\php\php5.5.12"; Flags: ignoreversion; Source: "build\exe\doliwamp\index.php.install"; DestDir: "{app}\www"; Flags: ignoreversion; Source: "build\exe\doliwamp\install.forced.php.install"; DestDir: "{app}\www\dolibarr\htdocs\install"; Flags: ignoreversion; Source: "build\exe\doliwamp\openssl.conf"; DestDir: "{app}"; Flags: ignoreversion; @@ -338,11 +338,11 @@ begin // Test if VC11Redist has been installed //---------------------------------------------- - if not FileExists ('c:/windows/system32/msvcr70.dll') and not FileExists ('c:/windows/sysWOW64/msvcr70.dll') and not FileExists ('c:/winnt/system32/msvcr70.dll') and not FileExists ('c:/winnt/sysWOW64/msvcr70.dll') then + if not FileExists ('c:/windows/system32/msvcr110.dll') and not FileExists ('c:/windows/sysWOW64/msvcr110.dll') and not FileExists ('c:/winnt/system32/msvcr110.dll') and not FileExists ('c:/winnt/sysWOW64/msvcr110.dll') then begin // TODO Copy file or ask to install package ? //CustomMessage('YouWillInstallDoliWamp')+#13#13 - MsgBox('The package vcredist_x64.exe or vcredist_86.exe must have been installed first. It seems it is not. Please install it first from http://www.microsoft.com/en-us/download/details.aspx?id=30679 then restart DoliWamp installation/upgrade.',mbInformation,MB_OK); + MsgBox('The package vcredist_x86.exe must have been installed first. It seems it is not. Please install it first from http://www.microsoft.com/en-us/download/details.aspx?id=30679 then restart DoliWamp installation/upgrade.',mbInformation,MB_OK); end; @@ -749,6 +749,7 @@ begin LoadStringFromFile (srcFile, srcContents); //version de apache et mysql + StringChangeEx (srcContents, 'WAMPROOT', pathWithSlashes, True); StringChangeEx (srcContents, 'WAMPMYSQLVERSION', mysqlVersion, True); StringChangeEx (srcContents, 'WAMPAPACHEVERSION', apacheVersion, True); @@ -757,27 +758,6 @@ begin - //---------------------------------------------- - // Create file install_services_auto.bat (always) - //---------------------------------------------- - - destFile := pathWithSlashes+'/install_services_auto.bat'; - srcFile := pathWithSlashes+'/install_services_auto.bat.install'; - - if FileExists (srcFile) then - begin - LoadStringFromFile (srcFile, srcContents); - - //version de apache et mysql - StringChangeEx (srcContents, 'WAMPMYSQLVERSION', mysqlVersion, True); - StringChangeEx (srcContents, 'WAMPAPACHEVERSION', apacheVersion, True); - - SaveStringToFile(destFile,srcContents, False); - end - - - - //---------------------------------------------- // Create file uninstall_services.bat (always) //---------------------------------------------- @@ -790,6 +770,7 @@ begin LoadStringFromFile (srcFile, srcContents); //version de apache et mysql + StringChangeEx (srcContents, 'WAMPROOT', pathWithSlashes, True); StringChangeEx (srcContents, 'WAMPMYSQLVERSION', mysqlVersion, True); StringChangeEx (srcContents, 'WAMPAPACHEVERSION', apacheVersion, True); @@ -978,7 +959,6 @@ end; procedure DeinitializeSetup(); begin // DeleteFile(path+'\install_services.bat'); -// DeleteFile(path+'\install_services_auto.bat'); end; diff --git a/build/exe/doliwamp/httpd.conf.install b/build/exe/doliwamp/httpd.conf.install index bfe17b07d42..6519fdd7795 100644 --- a/build/exe/doliwamp/httpd.conf.install +++ b/build/exe/doliwamp/httpd.conf.install @@ -66,19 +66,24 @@ Listen WAMPAPACHEPORT # LoadModule actions_module modules/mod_actions.so LoadModule alias_module modules/mod_alias.so +LoadModule allowmethods_module modules/mod_allowmethods.so LoadModule asis_module modules/mod_asis.so LoadModule auth_basic_module modules/mod_auth_basic.so #LoadModule auth_digest_module modules/mod_auth_digest.so #LoadModule authn_anon_module modules/mod_authn_anon.so #LoadModule authn_dbm_module modules/mod_authn_dbm.so -LoadModule authn_default_module modules/mod_authn_default.so +#LoadModule authn_default_module modules/mod_authn_default.so LoadModule authn_file_module modules/mod_authn_file.so +LoadModule authz_core_module modules/mod_authz_core.so #LoadModule authz_dbm_module modules/mod_authz_dbm.so -LoadModule authz_default_module modules/mod_authz_default.so +#LoadModule authz_default_module modules/mod_authz_default.so LoadModule authz_groupfile_module modules/mod_authz_groupfile.so LoadModule authz_host_module modules/mod_authz_host.so LoadModule authz_user_module modules/mod_authz_user.so LoadModule autoindex_module modules/mod_autoindex.so +LoadModule buffer_module modules/mod_buffer.so +LoadModule cache_module modules/mod_cache.so +LoadModule cache_disk_module modules/mod_cache_disk.so #LoadModule cern_meta_module modules/mod_cern_meta.so LoadModule cgi_module modules/mod_cgi.so #LoadModule dav_module modules/mod_dav.so @@ -96,23 +101,23 @@ LoadModule isapi_module modules/mod_isapi.so LoadModule log_config_module modules/mod_log_config.so LoadModule mime_module modules/mod_mime.so #LoadModule mime_magic_module modules/mod_mime_magic.so +LoadModule negotiation_module modules/mod_negotiation.so #LoadModule proxy_module modules/mod_proxy.so #LoadModule proxy_ajp_module modules/mod_proxy_ajp.so #LoadModule proxy_balancer_module modules/mod_proxy_balancer.so #LoadModule proxy_connect_module modules/mod_proxy_connect.so #LoadModule proxy_http_module modules/mod_proxy_http.so #LoadModule proxy_ftp_module modules/mod_proxy_ftp.so -LoadModule negotiation_module modules/mod_negotiation.so LoadModule rewrite_module modules/mod_rewrite.so LoadModule setenvif_module modules/mod_setenvif.so #LoadModule speling_module modules/mod_speling.so +#LoadModule ssl_module modules/mod_ssl.so LoadModule status_module modules/mod_status.so #LoadModule unique_id_module modules/mod_unique_id.so LoadModule userdir_module modules/mod_userdir.so #LoadModule usertrack_module modules/mod_usertrack.so LoadModule vhost_alias_module modules/mod_vhost_alias.so -#LoadModule ssl_module modules/mod_ssl.so -LoadModule php5_module "WAMPROOT/bin/php/phpWAMPPHPVERSION/php5apache2_2.dll" +LoadModule php5_module "WAMPROOT/bin/php/phpWAMPPHPVERSION/php5apache2_4.dll" # # ExtendedStatus controls whether Apache will generate "full" status @@ -123,9 +128,9 @@ ExtendedStatus On SetHandler server-status -Order Deny,Allow -Deny from all -Allow from localhost, 127.0.0.1 +Require local +#Require ip 1.2.3.4 +#Require host 1.2.3.4 @@ -211,9 +216,7 @@ KeepAliveTimeout 30 Options FollowSymLinks AllowOverride None - Order deny,allow - Deny from all - Satisfy all + Require all denied # @@ -253,9 +256,10 @@ KeepAliveTimeout 30 # Controls who can get stuff from this server. # # onlineoffline tag - don't remove - Order Deny,Allow - Deny from all - Allow from 127.0.0.1 + + Require ip 127.0.0.1 + Require host localhost + @@ -272,8 +276,7 @@ KeepAliveTimeout 30 # viewed by Web clients. # - Order allow,deny - Deny from all + Require all denied # @@ -359,8 +362,7 @@ LogLevel warn AllowOverride None Options None - Order allow,deny - Allow from all + Require all granted # diff --git a/build/exe/doliwamp/install_services.bat.install b/build/exe/doliwamp/install_services.bat.install index 991e6f040aa..536a984e26d 100644 --- a/build/exe/doliwamp/install_services.bat.install +++ b/build/exe/doliwamp/install_services.bat.install @@ -8,14 +8,18 @@ echo ---- Execute install_services.bat >> doliwamp.log 2>>&1 REM NET STOP doliwampapache REM NET STOP doliwampmysqld +cd "WAMPROOT" + REM Apache x.x .\bin\apache\apacheWAMPAPACHEVERSION\bin\httpd.exe -k install -n doliwampapache REM reg add HKLM\SYSTEM\CurrentControlSet\Services\doliwampapache /V Start /t REG_DWORD /d 3 /f REM Mysql 5.0- REM .\bin\mysql\mysqlWAMPMYSQLVERSION\bin\mysqld-nt.exe --install-manual doliwampmysqld -.\bin\mysql\mysqlWAMPMYSQLVERSION\bin\mysqld-nt.exe --install doliwampmysqld +REM .\bin\mysql\mysqlWAMPMYSQLVERSION\bin\mysqld-nt.exe --install doliwampmysqld REM Mysql 5.1+ -REM .\bin\mysql\mysqlWAMPMYSQLVERSION\bin\mysqld.exe --install doliwampmysqld +.\bin\mysql\mysqlWAMPMYSQLVERSION\bin\mysqld.exe --install doliwampmysqld echo ---- End script >> doliwamp.log 2>>&1 + +REM pause diff --git a/build/exe/doliwamp/phpmyadmin.conf.install b/build/exe/doliwamp/phpmyadmin.conf.install index ff7045835fa..533a5289433 100644 --- a/build/exe/doliwamp/phpmyadmin.conf.install +++ b/build/exe/doliwamp/phpmyadmin.conf.install @@ -1,22 +1,35 @@ Alias /phpmyadmin "WAMPROOT/apps/phpmyadminWAMPPHPMYADMINVERSION/" -# to give access to phpmyadmin from outside -# replace the lines +# NOTE FOR APACHE 2.2: +# To grant access to dolibarr from outside set lines # -# Order Deny,Allow +# Order Allow,Deny +# Allow from all +# +# instead of +# +# Order Deny,Allow # Deny from all # Allow from 127.0.0.1 # -# by +# NOTE FOR APACHE 2.3: +# To grant access to dolibarr from outside set lines # -# Order Allow,Deny -# Allow from all +# Require all granted +# +# instead of +# +# +# Require ip 127.0.0.1 +# Require host localhost +# # Options Indexes FollowSymLinks MultiViews AllowOverride all - Order Deny,Allow - Deny from all - Allow from 127.0.0.1 + + Require ip 127.0.0.1 + Require host localhost + \ No newline at end of file diff --git a/build/exe/doliwamp/uninstall_services.bat.install b/build/exe/doliwamp/uninstall_services.bat.install index 52b166c19d4..b8aa5027b01 100644 --- a/build/exe/doliwamp/uninstall_services.bat.install +++ b/build/exe/doliwamp/uninstall_services.bat.install @@ -3,10 +3,19 @@ REM -------------------------------------------------------- REM This script install Apache and Mysql DoliWamp services REM -------------------------------------------------------- +cd "WAMPROOT" + echo ---- Execute uninstall_services.bat >> doliwamp.log 2>>&1 NET STOP doliwampapache .\bin\apache\apacheWAMPAPACHEVERSION\bin\httpd.exe -k uninstall -n doliwampapache + NET STOP doliwampmysqld -.\bin\mysql\mysqlWAMPMYSQLVERSION\bin\mysqld-nt.exe --remove doliwampmysqld +REM Mysql 5.0- +REM .\bin\mysql\mysqlWAMPMYSQLVERSION\bin\mysqld-nt.exe --remove doliwampmysqld +REM Mysql 5.1+ +.\bin\mysql\mysqlWAMPMYSQLVERSION\bin\mysqld.exe --remove doliwampmysqld + REM wampmanager.exe -quit -id={doliwampserver} echo ---- End script >> doliwamp.log 2>>&1 + +REM pause diff --git a/dev/security/htaccess.txt b/dev/security/htaccess.txt index 7d3aaf1a903..a8364c85a0f 100644 --- a/dev/security/htaccess.txt +++ b/dev/security/htaccess.txt @@ -1,2 +1 @@ -Order allow,deny -Deny from all \ No newline at end of file +Require all granted diff --git a/htdocs/accountancy/class/accountancycategory.class.php b/htdocs/accountancy/class/accountancycategory.class.php index 43b9816c5ed..6211f5752b1 100644 --- a/htdocs/accountancy/class/accountancycategory.class.php +++ b/htdocs/accountancy/class/accountancycategory.class.php @@ -297,7 +297,7 @@ class AccountancyCategory * @param string $year Specific year * @param int $sens Sens of the account 0: credit - debit 1: debit - credit * - * @return array Result in table + * @return integer Result in table */ public function getResult($cpt, $month, $year, $sens) { $sql = "SELECT SUM(t.debit) as debit, SUM(t.credit) as credit"; diff --git a/htdocs/core/boxes/box_actions.php b/htdocs/core/boxes/box_actions.php index 82aacf2d8a0..973738fec11 100644 --- a/htdocs/core/boxes/box_actions.php +++ b/htdocs/core/boxes/box_actions.php @@ -168,7 +168,7 @@ class box_actions extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) {