lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
109,623 Commits 43 Branches 150 Tags 886 MiB
develop
Commit Graph

261 Commits

Author SHA1 Message Date
Regis Houssin
f998f64db0 Works on use new list engine instead template for canvas 
Conflicts:
	htdocs/product/list.php
 2018-06-30 10:52:26 +02:00
Laurent Destailleur
ef395fc36b Fix scrutinizer bugs 2018-05-16 15:23:52 +02:00
Laurent Destailleur
63b9384ef6 No transmormation of data objectid before calling trigger 2018-05-10 12:34:23 +02:00
Laurent Destailleur
c094a6c43e Reorder permissions 2018-05-10 12:29:58 +02:00
Laurent Destailleur
9077f18dd6
Update security.lib.php 2018-05-10 11:37:22 +02:00
Laurent Destailleur
8837193545
Merge branch 'develop' into permissions_hook 2018-05-10 11:36:08 +02:00
Laurent Destailleur
bc9eaaab84
Update security.lib.php 2018-05-10 11:34:20 +02:00
Laurent Destailleur
7be804dcf5
Update security.lib.php 2018-05-10 11:32:08 +02:00
Laurent Destailleur
0891766a3e
Update security.lib.php 2018-05-10 11:31:27 +02:00
Laurent Destailleur
ea4c48047a
All new hooks must be addreplace hooks 2018-05-10 11:30:27 +02:00
altatof
a8ecce9e6d add hook for more permissions control 2018-05-05 14:31:17 +02:00
Laurent Destailleur
124abd39b6 Code comment 2018-05-01 20:31:57 +02:00
Laurent Destailleur
3cad7c6998 Merge branch '7.0' of git@github.com:Dolibarr/dolibarr.git into develop 2018-05-01 12:51:46 +02:00
jfefe
7cedf55c27 FIX : missing english name for object 
'product' is used by API to check perms and return a 401 error even if user has correct
permissions
 2018-04-27 20:54:48 +02:00
Laurent Destailleur
0f16ccbc4a Enhance dol_encode/dol_decode function 2018-04-19 12:03:42 +02:00
Laurent Destailleur
863cab362f NEW Cat set the encryption algorithm for extrafields of type password 2018-02-23 14:38:41 +01:00
Laurent Destailleur
109c447171 Merge branch '7.0' of git@github.com:Dolibarr/dolibarr.git into develop 2018-02-12 03:21:37 +01:00
Laurent Destailleur
c03ceb2205 Merge branch '6.0' of git@github.com:Dolibarr/dolibarr.git into 7.0 2018-02-12 02:56:51 +01:00
Laurent Destailleur
f88874c1f7 Code comment 2018-02-12 02:53:08 +01:00
Laurent Destailleur
ae1641f4b9
Merge pull request #8063 from Alabate/develop 
NEW : Add password_hash as hash algorithm
 2018-01-26 18:01:13 +01:00
Laurent Destailleur
9cdb7f0f27 Code comment 2018-01-24 14:37:26 +01:00
Laurent Destailleur
26ba0a9ec2 Merge branch '6.0' of git@github.com:Dolibarr/dolibarr.git into develop 
Conflicts:
	htdocs/cashdesk/index.php
	htdocs/compta/index.php
	htdocs/core/lib/security.lib.php
	htdocs/societe/list.php
 2018-01-16 20:23:32 +01:00
Laurent Destailleur
94b1d59f2b Fix missing check on object entity 2018-01-16 19:52:14 +01:00
Aurélien Labate
b86a5d5623 FIX add password_hash compatibility test for PHP < 5.5 2018-01-15 11:02:08 +01:00
Aurélien Labate
8088d92bbb NEW Add password_hash as hash algorithm 2018-01-15 00:33:25 +01:00
KHELIFA
7d824b3ef2 Fix: Access rights for resource in multi-entities 2018-01-04 15:05:11 +01:00
Laurent Destailleur
1351a43a30 FIX Maxi debug of permission for users external or restricted to sales 
representatives
 2017-12-18 16:13:05 +01:00
Laurent Destailleur
dbd96d1ac7 Merge branch '6.0' of git@github.com:Dolibarr/dolibarr.git into develop 
Conflicts:
	htdocs/core/actions_sendmails.inc.php
	htdocs/loan/card.php
	htdocs/loan/class/loan.class.php
 2017-12-10 21:46:23 +01:00
Laurent Destailleur
f18edd5787
Update security.lib.php 2017-12-10 21:08:13 +01:00
patrick Delcroix
033016da7f fix: unable to remove salaries, plus correct default rights management 2017-12-10 20:02:26 +01:00
Laurent Destailleur
6796c08cb8 Debug/rewrite Blockedlog 2017-11-30 14:21:55 +01:00
Laurent Destailleur
e78406e120 Debug cronjob 2017-11-03 20:04:18 +01:00
Laurent Destailleur
69b131b919 Merge branch '6.0' of git@github.com:Dolibarr/dolibarr.git into develop 
Conflicts:
	htdocs/comm/propal/card.php
	htdocs/societe/class/api_thirdparties.class.php
 2017-10-18 11:28:20 +02:00
Laurent Destailleur
aa1ff189e1 Fix var not correctly initialized when using api + multicompany 2017-10-17 12:58:26 +02:00
Laurent Destailleur
777486d74c Keep usage of function dol_hash to encrypt a non encrypted data 2017-10-06 13:13:51 +02:00
Regis Houssin
8d3ad9ddc8 Merge branch 'develop' of https://github.com/Dolibarr/dolibarr.git into develop_ldap 2017-10-04 08:43:07 +02:00
BENKE Charlene
41ba7af9fe unable to delete salaries 
compta/salaries/cards ask for a salarie/payement/delete right to delete
 2017-10-02 18:49:25 +02:00
Laurent Destailleur
b7810d95b9 Fix permissions 2017-09-30 20:43:15 +02:00
Regis Houssin
46cc23c568 Fix: $this->pass is empty if DATABASE_PWD_ENCRYPTED is used 2017-09-30 10:41:35 +02:00
Laurent Destailleur
4052e15565 Merge branch '5.0' of git@github.com:Dolibarr/dolibarr.git into 6.0 
Conflicts:
	htdocs/comm/action/card.php
 2017-08-26 21:58:29 +02:00
Regis Houssin
982fca541d Fix: (Agenda) Allowed if link to third party is empty 2017-08-24 08:33:40 +02:00
Regis Houssin
9410466d72 Fix: better check and security 2017-06-15 21:51:31 +02:00
Laurent Destailleur
ba3a74576c Merge 5.0 2017-06-12 18:22:51 +02:00
Laurent Destailleur
2916444f6c Fix check on module product for external user 2017-06-12 15:30:00 +02:00
Laurent Destailleur
7f18dfee0d Merge branch '5.0' of git@github.com:Dolibarr/dolibarr.git into develop 
Conflicts:
	dev/skeletons/build_class_from_table.php
	dev/skeletons/skeleton_card.php
	htdocs/compta/facture/class/facture.class.php
	htdocs/core/lib/functions.lib.php
	htdocs/filefunc.inc.php
	htdocs/projet/card.php
 2017-06-03 01:55:05 +02:00
Laurent Destailleur
976c8e0752 Fix security to test access on a task 2017-06-01 19:53:54 +02:00
Laurent Destailleur
76e1438fe6 FIX REST api to get project when user has permission to read all. 2017-06-01 17:29:47 +02:00
Laurent Destailleur
06b37d0e82 Work on dol_check_secure_access_document to support write question 2017-05-19 20:17:33 +02:00
Laurent Destailleur
68e333879f Fix var not sanitized 2017-05-16 13:27:32 +02:00
Regis Houssin
017d73792c Fix: add md5 password for OpenLdap 2017-03-13 15:00:44 +01:00
Laurent Destailleur
8ccc57e70f Fix compatibility with multicompany 2017-03-02 11:46:31 +01:00
Laurent Destailleur
76280f8ae2 Fix #6365 2017-02-03 11:42:49 +01:00
Laurent Destailleur
d7c2bdba38 Fix: link was useless with a nofollow tag. 2017-01-29 16:42:59 +01:00
Laurent Destailleur
2615e02e1e Update doc 2015-10-22 13:18:51 +02:00
Laurent Destailleur
3db021addf Fix Use correct boolean type. 
Complete doxygen
 2015-08-26 11:24:31 +02:00
Laurent Destailleur
e992a959cd Fix dbt_select 2015-07-16 10:59:00 +02:00
Laurent Destailleur
01aad8516d Merge remote-tracking branch 'origin/3.7' into develop 
Conflicts:
	htdocs/adherents/list.php
	htdocs/compta/dons/card.php
	htdocs/compta/dons/class/don.class.php
	htdocs/contact/list.php
	htdocs/contrat/list.php
	htdocs/core/class/html.form.class.php
	htdocs/core/lib/security.lib.php
	htdocs/main.inc.php
	htdocs/product/stock/massstockmove.php
	htdocs/public/test/test_arrays.php
	htdocs/public/test/test_forms.php
	htdocs/societe/societe.php
 2015-05-31 03:30:38 +02:00
Laurent Destailleur
11d4a945b0 Merge remote-tracking branch 'origin/3.6' into 3.7 
Conflicts:
	htdocs/adherents/liste.php
	htdocs/comm/propal.php
	htdocs/compta/facture.php
	htdocs/contact/list.php
	htdocs/contrat/liste.php
	htdocs/product/liste.php
 2015-05-25 18:08:23 +02:00
Alexis Algoud
bc672c2c23 FIX event for restricted user was restricted if company null 2015-05-21 11:49:10 +02:00
Laurent Destailleur
b327b5fb9d Save regressions 2015-05-13 09:32:54 +02:00
jfefe
46ce77c571 Refactor function to use it into API 
New function checkUserAccessToObject() is a piece of restrictedArea() function.
 2015-05-03 14:41:51 +02:00
Laurent Destailleur
13590a876b Fix: A little clean of dol_hash usage. 2014-10-18 16:08:15 +02:00
Laurent Destailleur
cbbe909bc5 Fix: Pb in management of "or" ("|") for permission check. 2014-10-12 15:22:07 +02:00
Laurent Destailleur
166853dd56 Fix: miscellaneous bugs 2014-10-03 12:15:21 +02:00
Marcos García de La Fuente
7e7958cf73 Removed SQL errors as they are logged by the database handler 2014-06-12 13:49:05 +02:00
Laurent Destailleur
1557d8973f Fix: [ bug #1403 ] suppression d'une fiche produit impossible 2014-05-26 23:12:47 +02:00
Laurent Destailleur
f95c87f1d6 Fix: [ bug #1374 ] Salaries module requires "Special costs" module to 
work but it does not enable it
 2014-05-10 18:57:04 +02:00
Raphaël Doursenaud
f8f502d013 Removed closing php tag 
http://php.net/manual/en/language.basic-syntax.phptags.php
 2014-05-03 18:18:44 +02:00
Laurent Destailleur
7ac193bb80 Merge remote-tracking branch 'origin/3.5' into develop 
Conflicts:
	htdocs/core/lib/company.lib.php
	htdocs/opensurvey/public/choix_autre.php
 2014-04-02 11:41:55 +02:00
Laurent Destailleur
46e46507ec Merge remote-tracking branch 'origin/3.4' into 3.5 
Conflicts:
	htdocs/comm/action/index.php
	htdocs/compta/bank/class/account.class.php
	htdocs/compta/bank/index.php
 2014-04-02 11:33:47 +02:00
Marcos García de La Fuente
09e02f807f Even better improvement 2014-03-22 19:01:19 +01:00
Marcos García de La Fuente
e2f51d0df2 Removed duplicate line 2014-03-22 19:00:37 +01:00
Marcos García de La Fuente
c8c77dbdcf Fix: Agenda and Banks module were not working with multicompany module 2014-03-22 18:59:48 +01:00
philippe
e2b29bb108 fix english misspelling 2014-03-05 09:57:36 +01:00
Laurent Destailleur
4d379e572a Fix: Bugs into permissions for module category 2014-01-07 15:35:26 +01:00
Laurent Destailleur
89c772459f Fix: Bugs into permissions for module category 2014-01-07 14:55:03 +01:00
Laurent Destailleur
4a29431b69 New: Add hidden option MAIN_SECURITY_HASH_ALGO to choose hash function 2013-11-06 16:32:25 +01:00
Laurent Destailleur
32983b79ee Sec: Add option to salt password 2013-11-04 10:47:24 +01:00
Laurent Destailleur
e5fd19ffc0 Add option to salt hash passwords 2013-11-04 10:45:43 +01:00
Laurent Destailleur
890c96355d Check parameter to make bug detection seasier 2013-09-23 19:53:21 +02:00
fhenry
3b6efd569d Fix bug [ bug #861 ] Erreur de droit groupe et utilisateur 2013-05-01 17:09:08 +02:00
Regis Houssin
d25687276e Fix: bypass the second test if the first is ok 2013-04-26 16:29:29 +02:00
Regis Houssin
3684271627 Fix: avoid error 2013-04-26 16:21:48 +02:00
Regis Houssin
34036c2a5c Fix: big security problem with multicompany 2013-04-26 16:07:35 +02:00
Laurent Destailleur
4e029bf2ca Fix: Security does not need special case 2013-03-24 21:06:45 +01:00
Laurent Destailleur
8d206fdfb0 Prepare move to other licence. For the moment all answers for licence 
upgrade were not yet received. So we prepare for GPL by uniformizing
licence text keys to GPL-3+. Will move later to AGPL if all answers are
positive.
 2013-01-16 15:36:08 +01:00
Laurent Destailleur
96416735df Fix: [ bug #618 ] External accounts can access confidential informations 
(a lot)
 2013-01-02 18:43:59 +01:00
Regis Houssin
b838895db9 Fix: change for a neutral email 2012-12-30 15:13:49 +01:00
Regis Houssin
15db85bc86 Fix: prepare external extended ged 2012-09-03 21:00:46 +02:00
Regis Houssin
1abc87f642 Fix: can delete an import file with dialog confirm 2012-09-03 17:14:33 +02:00
Marcos García
9b3c89ac47 Removed parenthesis from all include and include_once and replaced with single quotes 2012-08-23 02:40:41 +02:00
Laurent Destailleur
77e4b088ac Doc 2012-07-29 18:27:53 +02:00
Regis Houssin
66b2f630ac Fix: big avoid strict mode errors 2012-07-09 12:31:21 +02:00
Regis Houssin
887f210618 Fix: avoid warning with php 5.4 and strict mode 2012-07-08 23:22:22 +02:00
Regis Houssin
0bb3aced2f Fix: access problem if thirdparty module is disable 2012-07-02 20:04:28 +02:00
Regis Houssin
6f1651309e Fix: global converting lines delimiter 2012-07-02 19:30:37 +02:00
Laurent Destailleur
7e46ddd5b0 Fix: Permissions for click2dial tab 2012-06-16 00:07:24 +02:00
Laurent Destailleur
1fec3b56d9 Fix: Permissions to see project 
Conflicts:
	htdocs/projet/fiche.php
 2012-05-23 14:34:44 +02:00
Regis Houssin
1b350fafd1 Fix: missing entity field in contract 
Fix: multicompany compatibility
 2012-05-03 18:42:46 +02:00
Laurent Destailleur
5759523c7a Qual: removed useless tests 2012-03-19 16:16:04 +01:00
Laurent Destailleur
d7cc1bdc88 Uniformize code 2012-02-19 19:14:17 +01:00
Laurent Destailleur
447922c218 More phpunit tests 2012-02-12 18:30:50 +01:00
Laurent Destailleur
036e578e0f Move security function into security.lib.php 
Split security.lib.php into 2 files: One always loaded, the other for
rare functions.
 2012-02-12 17:41:28 +01:00
Regis Houssin
72304505cb Fix: add htmlname parameter 2012-01-12 04:18:25 +08:00
Regis Houssin
199e22fd70 Fix: remove useless code 2012-01-11 23:02:01 +08:00
Regis Houssin
033b290ed3 Qual: add $mc global object (multicompany) 2012-01-11 17:41:46 +08:00
Laurent Destailleur
896cfe62ba Fix: conf file corrupted when using password with special char 2012-01-07 23:42:36 +01:00
Regis Houssin
d8e8d047f4 Fix: bug #232 
Multiple Cross-Site-Scripting vulnerabilities
 2011-11-08 14:44:27 +01:00
Regis Houssin
b861f3596b Fix: multicompany login combobox problem 2011-10-27 17:40:45 +08:00
Regis Houssin
3338649316 [task #217] Move core files in core directory 2011-10-24 14:11:49 +02:00
Regis Houssin
c65238b773 [task #216] Move lib in core directory 2011-10-24 10:45:06 +02:00