diff --git a/.travis.yml b/.travis.yml index 688d706331d..9958556d42d 100644 --- a/.travis.yml +++ b/.travis.yml @@ -404,6 +404,10 @@ script: php upgrade.php 11.0.0 12.0.0 ignoredbversion > $TRAVIS_BUILD_DIR/upgrade11001200.log php upgrade2.php 11.0.0 12.0.0 > $TRAVIS_BUILD_DIR/upgrade11001200-2.log php step5.php 11.0.0 12.0.0 > $TRAVIS_BUILD_DIR/upgrade11001200-3.log + php upgrade.php 12.0.0 13.0.0 ignoredbversion > $TRAVIS_BUILD_DIR/upgrade12001300.log + php upgrade2.php 12.0.0 13.0.0 > $TRAVIS_BUILD_DIR/upgrade12001300-2.log + php step5.php 12.0.0 13.0.0 > $TRAVIS_BUILD_DIR/upgrade12001300-3.log + # Enable modules not enabled into original dump php upgrade2.php 0.0.0 0.0.0 MAIN_MODULE_API,MAIN_MODULE_SUPPLIERPROPOSAL,MAIN_MODULE_WEBSITE,MAIN_MODULE_TICKETSUP,MAIN_MODULE_ACCOUNTING > $TRAVIS_BUILD_DIR/enablemodule.log echo $? diff --git a/ChangeLog b/ChangeLog index dafa90b9632..20a1748af6b 100644 --- a/ChangeLog +++ b/ChangeLog @@ -78,7 +78,7 @@ FIX: we must export company mail address on contact vcard only if contact email FIX: when we filter a list on a view status, we want this filter to be on bookmark that we create FIX: Wrong Sql on getListOfTowns api method FIX: wrong user right's name to top menu "commercial" -FIX: XSS Vulnerability +FIX: XSS Vulnerability reported by Mehmet Kelepçe / Gais Cyber Security ***** ChangeLog for 12.0.0 compared to 11.0.0 ***** For Users: diff --git a/htdocs/accountancy/bookkeeping/balance.php b/htdocs/accountancy/bookkeeping/balance.php index b2a25b00ce2..4de2be6fcbb 100644 --- a/htdocs/accountancy/bookkeeping/balance.php +++ b/htdocs/accountancy/bookkeeping/balance.php @@ -55,7 +55,7 @@ $pagenext = $page + 1; //if (! $sortfield) $sortfield="p.date_fin"; //if (! $sortorder) $sortorder="DESC"; - +$show_subgroup = GETPOST('show_subgroup', 'alpha'); $search_date_start = dol_mktime(0, 0, 0, GETPOST('date_startmonth', 'int'), GETPOST('date_startday', 'int'), GETPOST('date_startyear', 'int')); $search_date_end = dol_mktime(23, 59, 59, GETPOST('date_endmonth', 'int'), GETPOST('date_endday', 'int'), GETPOST('date_endyear', 'int')); @@ -130,10 +130,11 @@ if (!empty($search_accountancy_code_end)) { if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter.x', 'alpha') || GETPOST('button_removefilter', 'alpha')) // All tests are required to be compatible with all browsers { - $search_accountancy_code_start = ''; - $search_accountancy_code_end = ''; + $show_subgroup = ''; $search_date_start = ''; $search_date_end = ''; + $search_accountancy_code_start = ''; + $search_accountancy_code_end = ''; $filter = array(); } @@ -223,6 +224,12 @@ if ($action != 'export_csv') $moreforfilter .= $form->selectDate($search_date_start ? $search_date_start : -1, 'date_start', 0, 0, 1, '', 1, 0); $moreforfilter .= $langs->trans('DateEnd').': '; $moreforfilter .= $form->selectDate($search_date_end ? $search_date_end : -1, 'date_end', 0, 0, 1, '', 1, 0); + + $moreforfilter .= ' - '; + $moreforfilter .= $langs->trans('ShowSubtotalByGroup').': '; + $moreforfilter .= ''; + + $moreforfilter .= ''; if (!empty($moreforfilter)) { @@ -289,26 +296,31 @@ if ($action != 'export_csv') } print '
';
@@ -306,16 +303,16 @@ class Dolistore
//.'