lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
109,623 Commits 43 Branches 150 Tags 886 MiB
develop
Commit Graph

261 Commits

Author SHA1 Message Date
Laurent Destailleur
3075e40f8c Merge branch '10.0' of git@github.com:Dolibarr/dolibarr.git into 11.0 
Conflicts:
	htdocs/comm/remx.php
	htdocs/core/boxes/box_contacts.php
	htdocs/core/lib/functions.lib.php
	htdocs/core/lib/security.lib.php
 2020-02-23 23:37:46 +01:00
Regis Houssin
0ab0bb2e7d FIX wrong test 2020-02-14 19:26:28 +01:00
Regis Houssin
52506ddd05 FIX can be a string or integer 2020-02-13 09:25:36 +01:00
Regis Houssin
f19f706c38 FIX better check 2020-02-13 07:55:52 +01:00
Laurent Destailleur
7931734ecb Merge branch '11.0' of git@github.com:Dolibarr/dolibarr.git into develop 
Conflicts:
	htdocs/core/modules/modUser.class.php
 2020-02-12 20:30:20 +01:00
Laurent Destailleur
e74df397eb FIX #13094 2020-02-12 17:28:18 +01:00
Regis Houssin
275b5d1f77 FIX #10309 2020-02-11 07:32:29 +01:00
Laurent Destailleur
c3beb854a2 Definition of $fields for member and subscriptions 2020-02-08 13:44:31 +01:00
Laurent Destailleur
54414f7bb0 WIP Generic report 2020-02-07 11:53:09 +01:00
Laurent Destailleur
f752551914 WIP Generic stats page 2020-01-31 14:53:47 +01:00
Scrutinizer Auto-Fixer
057ab6a059 Scrutinizer Auto-Fixes 
This commit consists of patches automatically generated for this project on https://scrutinizer-ci.com
 2019-11-26 11:52:04 +00:00
Laurent Destailleur
bc5270ce76 Merge branch '10.0' of git@github.com:Dolibarr/dolibarr.git into develop 
Conflicts:
	htdocs/fourn/facture/card.php
 2019-11-24 18:15:25 +01:00
Laurent Destailleur
cf0311dd6a FIX Hook getAccessForbiddenMessage was missing parameters 2019-11-22 16:13:22 +01:00
Frédéric FRANCE
e93aaa2a75
replace deprecated user->societe_id by user->socid 2019-10-31 20:46:31 +01:00
Frédéric FRANCE
e2afcfb999
clean indent 2019-10-27 11:53:20 +01:00
Alexandre SPANGARO
02dbc11f98 Move Gnu.org to https 2019-09-23 21:55:30 +02:00
Laurent Destailleur
b9ee95314a SEC restrictedArea protects also the 'update' action 2019-08-02 17:12:59 +02:00
Laurent Destailleur
2be5e9615d Fix look and field v10 2019-06-12 19:03:22 +02:00
Laurent Destailleur
e81663ec34 Fix cropping of image files for BOM module was ko 2019-06-12 19:00:34 +02:00
Laurent Destailleur
210b2f37dc Fix error message 2019-06-04 19:18:20 +02:00
Laurent Destailleur
79a3e41418 Hook 'getAccessForbiddenMessage' 2019-06-04 12:48:06 +02:00
Laurent Destailleur
9e91826dea Can set length of random password 2019-04-22 14:12:58 +02:00
Laurent Destailleur
d31b632d96 Merge branch '9.0' of git@github.com:Dolibarr/dolibarr.git into develop 
Conflicts:
	htdocs/core/lib/security.lib.php
 2019-03-15 11:06:49 +01:00
Laurent Destailleur
074ba0729a Merge branch '8.0' of git@github.com:Dolibarr/dolibarr.git into 9.0 2019-03-15 11:00:52 +01:00
Laurent Destailleur
84bff41543 Merge branch '7.0' of git@github.com:Dolibarr/dolibarr.git into 8.0 2019-03-15 11:00:24 +01:00
Laurent Destailleur
6c2cad3d48 Merge branch '6.0' of git@github.com:Dolibarr/dolibarr.git into 7.0 
Conflicts:
	htdocs/core/lib/security.lib.php
 2019-03-15 11:00:00 +01:00
Laurent Destailleur
e326c4d579 Look and feel v10 2019-03-15 10:48:10 +01:00
gauthier
8375b47e74 FIX : in fact expensereport must be in $check array 2019-03-15 10:21:50 +01:00
gauthier
3fb6978bc8 FIX : no need to test anything to display documents tabs on expense report 2019-03-14 17:36:49 +01:00
Laurent Destailleur
fac329e637 Clean code 2019-03-11 01:01:15 +01:00
Frédéric FRANCE
b10558bacd
Merge remote-tracking branch 'upstream/develop' into nospaceaftercomma 2019-01-27 23:23:38 +01:00
Laurent Destailleur
4f9f0fd7b5
Merge branch 'develop' into elseif 2019-01-27 17:54:06 +01:00
Frédéric FRANCE
f0cdf300d1
Squiz.Functions.FunctionDeclarationArgumentSpacing 2019-01-27 15:20:16 +01:00
Frédéric FRANCE
7ee086b402
PSR2 space after comma in function call 2019-01-27 11:55:16 +01:00
Frédéric FRANCE
6e91b3cefc
PSR2 usage of else if is discouraged 2019-01-27 10:49:34 +01:00
Laurent Destailleur
fd192f10c4
Merge pull request #10341 from hregis/8.0_bug 
FIX security broken with Multicompany
 2019-01-26 14:28:13 +01:00
Regis Houssin
d5b66eeffb FIX $user is already in parameters 2019-01-19 18:12:48 +01:00
Regis Houssin
c4b9bdd569 FIX remove var_dump 2019-01-16 19:15:02 +01:00
Regis Houssin
45a7e03562 FIX a user can always read its own card 2019-01-16 19:13:21 +01:00
Laurent Destailleur
e7943ae844 Merge branch '9.0' of git@github.com:Dolibarr/dolibarr.git into develop 2019-01-16 16:48:52 +01:00
Laurent Destailleur
d3828130ab Merge branch '8.0' of git@github.com:Dolibarr/dolibarr.git into 9.0 
Conflicts:
	htdocs/adherents/class/adherent.class.php
 2019-01-16 16:48:21 +01:00
Regis Houssin
7c9d85d091 FIX problem with multicompany transverse mode 
Signed-off-by: Regis Houssin <regis.houssin@inodbox.com>
 2019-01-15 12:18:04 +01:00
Laurent Destailleur
6d093b03f6 Code comment 2018-12-04 18:07:02 +01:00
Regis Houssin
9589f69574 Merge branch 'develop' of https://github.com/Dolibarr/dolibarr.git into 
develop_email

Conflicts:
	htdocs/core/modules/facture/doc/doc_generic_invoice_odt.modules.php
 2018-10-30 18:29:28 +01:00
Laurent Destailleur
68f6ebd0ff Merge branch '8.0' of git@github.com:Dolibarr/dolibarr.git into develop 
Conflicts:
	htdocs/commande/class/commande.class.php
	htdocs/core/lib/security.lib.php
	htdocs/modulebuilder/template/myobject_card.php
 2018-10-30 14:47:39 +01:00
Laurent Destailleur
0266db7aa8 FIX deletion on draft is allowed if we are allwoed to create 2018-10-29 18:19:40 +01:00
Regis Houssin
569d59d251 FIX change my deprecated email 2018-10-27 14:43:12 +02:00
Laurent Destailleur
d9eeb43118 FIX translation no visible for access forbidden 2018-09-09 11:59:38 +02:00
Laurent Destailleur
12c43d7722 Merge branch '8.0' of git@github.com:Dolibarr/dolibarr.git into develop 2018-07-03 12:33:17 +02:00
Regis Houssin
df718cca5c Fix: better sql request with multicompany transverse mode 2018-07-02 10:09:56 +02:00
Regis Houssin
f998f64db0 Works on use new list engine instead template for canvas 
Conflicts:
	htdocs/product/list.php
 2018-06-30 10:52:26 +02:00
Laurent Destailleur
ef395fc36b Fix scrutinizer bugs 2018-05-16 15:23:52 +02:00
Laurent Destailleur
63b9384ef6 No transmormation of data objectid before calling trigger 2018-05-10 12:34:23 +02:00
Laurent Destailleur
c094a6c43e Reorder permissions 2018-05-10 12:29:58 +02:00
Laurent Destailleur
9077f18dd6
Update security.lib.php 2018-05-10 11:37:22 +02:00
Laurent Destailleur
8837193545
Merge branch 'develop' into permissions_hook 2018-05-10 11:36:08 +02:00
Laurent Destailleur
bc9eaaab84
Update security.lib.php 2018-05-10 11:34:20 +02:00
Laurent Destailleur
7be804dcf5
Update security.lib.php 2018-05-10 11:32:08 +02:00
Laurent Destailleur
0891766a3e
Update security.lib.php 2018-05-10 11:31:27 +02:00
Laurent Destailleur
ea4c48047a
All new hooks must be addreplace hooks 2018-05-10 11:30:27 +02:00
altatof
a8ecce9e6d add hook for more permissions control 2018-05-05 14:31:17 +02:00
Laurent Destailleur
124abd39b6 Code comment 2018-05-01 20:31:57 +02:00
Laurent Destailleur
3cad7c6998 Merge branch '7.0' of git@github.com:Dolibarr/dolibarr.git into develop 2018-05-01 12:51:46 +02:00
jfefe
7cedf55c27 FIX : missing english name for object 
'product' is used by API to check perms and return a 401 error even if user has correct
permissions
 2018-04-27 20:54:48 +02:00
Laurent Destailleur
0f16ccbc4a Enhance dol_encode/dol_decode function 2018-04-19 12:03:42 +02:00
Laurent Destailleur
863cab362f NEW Cat set the encryption algorithm for extrafields of type password 2018-02-23 14:38:41 +01:00
Laurent Destailleur
109c447171 Merge branch '7.0' of git@github.com:Dolibarr/dolibarr.git into develop 2018-02-12 03:21:37 +01:00
Laurent Destailleur
c03ceb2205 Merge branch '6.0' of git@github.com:Dolibarr/dolibarr.git into 7.0 2018-02-12 02:56:51 +01:00
Laurent Destailleur
f88874c1f7 Code comment 2018-02-12 02:53:08 +01:00
Laurent Destailleur
ae1641f4b9
Merge pull request #8063 from Alabate/develop 
NEW : Add password_hash as hash algorithm
 2018-01-26 18:01:13 +01:00
Laurent Destailleur
9cdb7f0f27 Code comment 2018-01-24 14:37:26 +01:00
Laurent Destailleur
26ba0a9ec2 Merge branch '6.0' of git@github.com:Dolibarr/dolibarr.git into develop 
Conflicts:
	htdocs/cashdesk/index.php
	htdocs/compta/index.php
	htdocs/core/lib/security.lib.php
	htdocs/societe/list.php
 2018-01-16 20:23:32 +01:00
Laurent Destailleur
94b1d59f2b Fix missing check on object entity 2018-01-16 19:52:14 +01:00
Aurélien Labate
b86a5d5623 FIX add password_hash compatibility test for PHP < 5.5 2018-01-15 11:02:08 +01:00
Aurélien Labate
8088d92bbb NEW Add password_hash as hash algorithm 2018-01-15 00:33:25 +01:00
KHELIFA
7d824b3ef2 Fix: Access rights for resource in multi-entities 2018-01-04 15:05:11 +01:00
Laurent Destailleur
1351a43a30 FIX Maxi debug of permission for users external or restricted to sales 
representatives
 2017-12-18 16:13:05 +01:00
Laurent Destailleur
dbd96d1ac7 Merge branch '6.0' of git@github.com:Dolibarr/dolibarr.git into develop 
Conflicts:
	htdocs/core/actions_sendmails.inc.php
	htdocs/loan/card.php
	htdocs/loan/class/loan.class.php
 2017-12-10 21:46:23 +01:00
Laurent Destailleur
f18edd5787
Update security.lib.php 2017-12-10 21:08:13 +01:00
patrick Delcroix
033016da7f fix: unable to remove salaries, plus correct default rights management 2017-12-10 20:02:26 +01:00
Laurent Destailleur
6796c08cb8 Debug/rewrite Blockedlog 2017-11-30 14:21:55 +01:00
Laurent Destailleur
e78406e120 Debug cronjob 2017-11-03 20:04:18 +01:00
Laurent Destailleur
69b131b919 Merge branch '6.0' of git@github.com:Dolibarr/dolibarr.git into develop 
Conflicts:
	htdocs/comm/propal/card.php
	htdocs/societe/class/api_thirdparties.class.php
 2017-10-18 11:28:20 +02:00
Laurent Destailleur
aa1ff189e1 Fix var not correctly initialized when using api + multicompany 2017-10-17 12:58:26 +02:00
Laurent Destailleur
777486d74c Keep usage of function dol_hash to encrypt a non encrypted data 2017-10-06 13:13:51 +02:00
Regis Houssin
8d3ad9ddc8 Merge branch 'develop' of https://github.com/Dolibarr/dolibarr.git into develop_ldap 2017-10-04 08:43:07 +02:00
BENKE Charlene
41ba7af9fe unable to delete salaries 
compta/salaries/cards ask for a salarie/payement/delete right to delete
 2017-10-02 18:49:25 +02:00
Laurent Destailleur
b7810d95b9 Fix permissions 2017-09-30 20:43:15 +02:00
Regis Houssin
46cc23c568 Fix: $this->pass is empty if DATABASE_PWD_ENCRYPTED is used 2017-09-30 10:41:35 +02:00
Laurent Destailleur
4052e15565 Merge branch '5.0' of git@github.com:Dolibarr/dolibarr.git into 6.0 
Conflicts:
	htdocs/comm/action/card.php
 2017-08-26 21:58:29 +02:00
Regis Houssin
982fca541d Fix: (Agenda) Allowed if link to third party is empty 2017-08-24 08:33:40 +02:00
Regis Houssin
9410466d72 Fix: better check and security 2017-06-15 21:51:31 +02:00
Laurent Destailleur
ba3a74576c Merge 5.0 2017-06-12 18:22:51 +02:00
Laurent Destailleur
2916444f6c Fix check on module product for external user 2017-06-12 15:30:00 +02:00
Laurent Destailleur
7f18dfee0d Merge branch '5.0' of git@github.com:Dolibarr/dolibarr.git into develop 
Conflicts:
	dev/skeletons/build_class_from_table.php
	dev/skeletons/skeleton_card.php
	htdocs/compta/facture/class/facture.class.php
	htdocs/core/lib/functions.lib.php
	htdocs/filefunc.inc.php
	htdocs/projet/card.php
 2017-06-03 01:55:05 +02:00
Laurent Destailleur
976c8e0752 Fix security to test access on a task 2017-06-01 19:53:54 +02:00
Laurent Destailleur
76e1438fe6 FIX REST api to get project when user has permission to read all. 2017-06-01 17:29:47 +02:00
Laurent Destailleur
06b37d0e82 Work on dol_check_secure_access_document to support write question 2017-05-19 20:17:33 +02:00
Laurent Destailleur
68e333879f Fix var not sanitized 2017-05-16 13:27:32 +02:00
Regis Houssin
017d73792c Fix: add md5 password for OpenLdap 2017-03-13 15:00:44 +01:00
Laurent Destailleur
8ccc57e70f Fix compatibility with multicompany 2017-03-02 11:46:31 +01:00
Laurent Destailleur
76280f8ae2 Fix #6365 2017-02-03 11:42:49 +01:00
Laurent Destailleur
d7c2bdba38 Fix: link was useless with a nofollow tag. 2017-01-29 16:42:59 +01:00
Laurent Destailleur
2615e02e1e Update doc 2015-10-22 13:18:51 +02:00
Laurent Destailleur
3db021addf Fix Use correct boolean type. 
Complete doxygen
 2015-08-26 11:24:31 +02:00
Laurent Destailleur
e992a959cd Fix dbt_select 2015-07-16 10:59:00 +02:00
Laurent Destailleur
01aad8516d Merge remote-tracking branch 'origin/3.7' into develop 
Conflicts:
	htdocs/adherents/list.php
	htdocs/compta/dons/card.php
	htdocs/compta/dons/class/don.class.php
	htdocs/contact/list.php
	htdocs/contrat/list.php
	htdocs/core/class/html.form.class.php
	htdocs/core/lib/security.lib.php
	htdocs/main.inc.php
	htdocs/product/stock/massstockmove.php
	htdocs/public/test/test_arrays.php
	htdocs/public/test/test_forms.php
	htdocs/societe/societe.php
 2015-05-31 03:30:38 +02:00
Laurent Destailleur
11d4a945b0 Merge remote-tracking branch 'origin/3.6' into 3.7 
Conflicts:
	htdocs/adherents/liste.php
	htdocs/comm/propal.php
	htdocs/compta/facture.php
	htdocs/contact/list.php
	htdocs/contrat/liste.php
	htdocs/product/liste.php
 2015-05-25 18:08:23 +02:00
Alexis Algoud
bc672c2c23 FIX event for restricted user was restricted if company null 2015-05-21 11:49:10 +02:00
Laurent Destailleur
b327b5fb9d Save regressions 2015-05-13 09:32:54 +02:00
jfefe
46ce77c571 Refactor function to use it into API 
New function checkUserAccessToObject() is a piece of restrictedArea() function.
 2015-05-03 14:41:51 +02:00
Laurent Destailleur
13590a876b Fix: A little clean of dol_hash usage. 2014-10-18 16:08:15 +02:00
Laurent Destailleur
cbbe909bc5 Fix: Pb in management of "or" ("|") for permission check. 2014-10-12 15:22:07 +02:00
Laurent Destailleur
166853dd56 Fix: miscellaneous bugs 2014-10-03 12:15:21 +02:00
Marcos García de La Fuente
7e7958cf73 Removed SQL errors as they are logged by the database handler 2014-06-12 13:49:05 +02:00
Laurent Destailleur
1557d8973f Fix: [ bug #1403 ] suppression d'une fiche produit impossible 2014-05-26 23:12:47 +02:00
Laurent Destailleur
f95c87f1d6 Fix: [ bug #1374 ] Salaries module requires "Special costs" module to 
work but it does not enable it
 2014-05-10 18:57:04 +02:00
Raphaël Doursenaud
f8f502d013 Removed closing php tag 
http://php.net/manual/en/language.basic-syntax.phptags.php
 2014-05-03 18:18:44 +02:00
Laurent Destailleur
7ac193bb80 Merge remote-tracking branch 'origin/3.5' into develop 
Conflicts:
	htdocs/core/lib/company.lib.php
	htdocs/opensurvey/public/choix_autre.php
 2014-04-02 11:41:55 +02:00
Laurent Destailleur
46e46507ec Merge remote-tracking branch 'origin/3.4' into 3.5 
Conflicts:
	htdocs/comm/action/index.php
	htdocs/compta/bank/class/account.class.php
	htdocs/compta/bank/index.php
 2014-04-02 11:33:47 +02:00
Marcos García de La Fuente
09e02f807f Even better improvement 2014-03-22 19:01:19 +01:00
Marcos García de La Fuente
e2f51d0df2 Removed duplicate line 2014-03-22 19:00:37 +01:00
Marcos García de La Fuente
c8c77dbdcf Fix: Agenda and Banks module were not working with multicompany module 2014-03-22 18:59:48 +01:00
philippe
e2b29bb108 fix english misspelling 2014-03-05 09:57:36 +01:00
Laurent Destailleur
4d379e572a Fix: Bugs into permissions for module category 2014-01-07 15:35:26 +01:00
Laurent Destailleur
89c772459f Fix: Bugs into permissions for module category 2014-01-07 14:55:03 +01:00
Laurent Destailleur
4a29431b69 New: Add hidden option MAIN_SECURITY_HASH_ALGO to choose hash function 2013-11-06 16:32:25 +01:00
Laurent Destailleur
32983b79ee Sec: Add option to salt password 2013-11-04 10:47:24 +01:00
Laurent Destailleur
e5fd19ffc0 Add option to salt hash passwords 2013-11-04 10:45:43 +01:00
Laurent Destailleur
890c96355d Check parameter to make bug detection seasier 2013-09-23 19:53:21 +02:00
fhenry
3b6efd569d Fix bug [ bug #861 ] Erreur de droit groupe et utilisateur 2013-05-01 17:09:08 +02:00
Regis Houssin
d25687276e Fix: bypass the second test if the first is ok 2013-04-26 16:29:29 +02:00
Regis Houssin
3684271627 Fix: avoid error 2013-04-26 16:21:48 +02:00
Regis Houssin
34036c2a5c Fix: big security problem with multicompany 2013-04-26 16:07:35 +02:00
Laurent Destailleur
4e029bf2ca Fix: Security does not need special case 2013-03-24 21:06:45 +01:00
Laurent Destailleur
8d206fdfb0 Prepare move to other licence. For the moment all answers for licence 
upgrade were not yet received. So we prepare for GPL by uniformizing
licence text keys to GPL-3+. Will move later to AGPL if all answers are
positive.
 2013-01-16 15:36:08 +01:00
Laurent Destailleur
96416735df Fix: [ bug #618 ] External accounts can access confidential informations 
(a lot)
 2013-01-02 18:43:59 +01:00
Regis Houssin
b838895db9 Fix: change for a neutral email 2012-12-30 15:13:49 +01:00
Regis Houssin
15db85bc86 Fix: prepare external extended ged 2012-09-03 21:00:46 +02:00
Regis Houssin
1abc87f642 Fix: can delete an import file with dialog confirm 2012-09-03 17:14:33 +02:00
Marcos García
9b3c89ac47 Removed parenthesis from all include and include_once and replaced with single quotes 2012-08-23 02:40:41 +02:00
Laurent Destailleur
77e4b088ac Doc 2012-07-29 18:27:53 +02:00
Regis Houssin
66b2f630ac Fix: big avoid strict mode errors 2012-07-09 12:31:21 +02:00
Regis Houssin
887f210618 Fix: avoid warning with php 5.4 and strict mode 2012-07-08 23:22:22 +02:00
Regis Houssin
0bb3aced2f Fix: access problem if thirdparty module is disable 2012-07-02 20:04:28 +02:00
Regis Houssin
6f1651309e Fix: global converting lines delimiter 2012-07-02 19:30:37 +02:00
Laurent Destailleur
7e46ddd5b0 Fix: Permissions for click2dial tab 2012-06-16 00:07:24 +02:00
Laurent Destailleur
1fec3b56d9 Fix: Permissions to see project 
Conflicts:
	htdocs/projet/fiche.php
 2012-05-23 14:34:44 +02:00
Regis Houssin
1b350fafd1 Fix: missing entity field in contract 
Fix: multicompany compatibility
 2012-05-03 18:42:46 +02:00
Laurent Destailleur
5759523c7a Qual: removed useless tests 2012-03-19 16:16:04 +01:00