lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
108,518 Commits 43 Branches 150 Tags 886 MiB
0fd2e91ccc
Commit Graph

2092 Commits

Author SHA1 Message Date
Laurent Destailleur
5c8fb38426 Fix add del* action into list of sensitive actions 2021-09-19 14:41:46 +02:00
Laurent Destailleur
e92a24d5f1 Fix test 2021-09-19 13:49:21 +02:00
Laurent Destailleur
4253b564ba Fix add reopen as sensitive actions 2021-09-18 22:55:23 +02:00
Laurent Destailleur
89e8f24e15 Fix CSRF protection for all massactions 2021-09-18 22:38:25 +02:00
Laurent Destailleur
c3e88579ab Fix add remove_* action as sensitive action 2021-09-18 22:24:51 +02:00
Laurent Destailleur
d760686239 Fix case of newtoken() 2021-09-18 22:24:00 +02:00
Laurent Destailleur
0749d01c5a Fix add action delete* as sensitive action 2021-09-18 22:04:41 +02:00
Laurent Destailleur
8bdc53f469 Fix Add action classify as sensitive actions 2021-09-18 20:49:24 +02:00
Laurent Destailleur
6390f2de6f Fix add all confirm_* action as sensitive actions 2021-09-18 19:47:51 +02:00
Laurent Destailleur
7dfedd242a Fix add confirm_deleteline as sensitive action 2021-09-18 19:43:38 +02:00
Laurent Destailleur
62b721a904 Add deletecontact as sentitive action 
Replace dol_buildpath with DOL_URL_ROOT
 2021-09-18 19:34:46 +02:00
Laurent Destailleur
858a5ab188 Add confirm_validate and confirm_close as sensitive actions 2021-09-18 18:36:45 +02:00
Laurent Destailleur
fa28621709 Merge branch '14.0' of git@github.com:Dolibarr/dolibarr.git into develop 
Conflicts:
	htdocs/reception/list.php
 2021-09-09 16:11:29 +02:00
Laurent Destailleur
5d5b7c3af4 Merge branch '13.0' of git@github.com:Dolibarr/dolibarr.git into 14.0 
Conflicts:
	htdocs/comm/action/peruser.php
	htdocs/main.inc.php
 2021-09-09 15:15:26 +02:00
Laurent Destailleur
70f22f2648 # WARNING: head commit changed in the meantime 
Merge
 2021-09-09 15:12:02 +02:00
Frédéric FRANCE
456f25d57e
fix #17634 2021-09-04 11:30:03 +02:00
Laurent Destailleur
e4cbc2140e Fix doc and token renewal with NOSESSION 2021-08-24 21:48:38 +02:00
Laurent Destailleur
c6774505d8 FIX #18465 2021-08-24 14:05:02 +02:00
Laurent Destailleur
58fa0740c3 Merge branch '14.0' of git@github.com:Dolibarr/dolibarr.git into develop 
Conflicts:
	htdocs/core/lib/functions.lib.php
	htdocs/langs/en_US/errors.lang
 2021-08-22 01:41:18 +02:00
Laurent Destailleur
4cd5a53b63 FIX Recommended session.cookie_samesite must be 'Lax' not 'Strict'. 2021-08-22 00:44:51 +02:00
Laurent Destailleur
335e1ff405 Merge branch '14.0' of git@github.com:Dolibarr/dolibarr.git into develop 2021-08-20 12:45:37 +02:00
Laurent Destailleur
10ddd621ca Fix escape error message 2021-08-20 12:40:49 +02:00
Gurvan Kervern
d2e2dcf27e fix warnings 2 
Fixing PHP8 warnings
 2021-08-16 18:10:04 +08:00
Laurent Destailleur
354d88df23 Merge branch '14.0' of git@github.com:Dolibarr/dolibarr.git into develop 2021-08-06 18:50:39 +02:00
Laurent Destailleur
591b8acd51 FIX show info of company into user dropdown 2021-08-05 15:57:51 +02:00
Laurent Destailleur
841176fdfd Fix set cookie with tag "secure" when https is forced. 2021-08-04 14:38:05 +02:00
Laurent Destailleur
afa6ced6c9 Merge branch '14.0' of git@github.com:Dolibarr/dolibarr.git into develop 
Conflicts:
	htdocs/main.inc.php
 2021-07-21 01:29:22 +02:00
Laurent Destailleur
23f708c0d4 Fix phpcs 2021-07-21 01:27:14 +02:00
Laurent Destailleur
dbed6bc0da Fix #yogosha6678 2021-07-21 01:18:48 +02:00
Laurent Destailleur
e02fbadcd7 Merge branch '14.0' of git@github.com:Dolibarr/dolibarr.git into develop 
Conflicts:
	htdocs/main.inc.php
 2021-07-21 00:41:40 +02:00
Laurent Destailleur
e4bb5ed008 Fix phpcs 2021-07-21 00:35:08 +02:00
Laurent Destailleur
c2f1781fae Fix #huntr5bb5a52-3b1c-40ad-9c64-61735f886736 2021-07-21 00:14:03 +02:00
Laurent Destailleur
219a2a860b Merge branch '14.0' of git@github.com:Dolibarr/dolibarr.git into develop 
Conflicts:
	htdocs/langs/en_US/main.lang
	htdocs/main.inc.php
 2021-07-20 23:59:33 +02:00
Laurent Destailleur
dc7ff07517 Fix #huntr7144bb4b-338f-45f0-a70e-088ef1f4c037 2021-07-20 23:54:22 +02:00
Laurent Destailleur
08e06f9789 Fix #hunter2c606116-f212-49e0-967c-11f8666be43b 2021-07-20 23:28:57 +02:00
Laurent Destailleur
0e18bd4be1 Fix #hunter2cd3fc73-65a1-4615-9143-9e7febd81a15 2021-07-20 23:15:31 +02:00
Laurent Destailleur
a916f668f9 Fix param of include js 2021-07-08 22:16:47 +02:00
Laurent Destailleur
ddc37ef38c Fix missing lang param 2021-07-08 20:58:19 +02:00
Laurent Destailleur
1380344fdb Fix PHP 8 2021-07-08 12:17:32 +02:00
Laurent Destailleur
16ee47b12c Fix warning. 
Reduce memory need for getmin/max on large graphs.
 2021-07-08 11:13:15 +02:00
Laurent Destailleur
2f25079981 Fix CSRF token generation must be fast, can have low entropy. 2021-07-07 14:40:47 +02:00
Laurent Destailleur
d97a95aa2a Fix CSRF token generation must be fast, can have low entropy. 2021-07-07 14:38:52 +02:00
Francis Appels
5d824899e5 Fix php 8 warning on home page 2021-07-05 13:44:05 +02:00
Laurent Destailleur
0f020d5b20 Fix for phpv8 2021-06-29 19:05:18 +02:00
Laurent Destailleur
796b2d201a Enhance the sanitizing. 2021-06-29 18:17:27 +02:00
Laurent Destailleur
cc65e4bb38 FIX #18030 2021-06-26 12:00:25 +02:00
Laurent Destailleur
720ea16bb1 css 2021-06-26 02:00:30 +02:00
Laurent Destailleur
c4e9e1c8df Comment 2021-06-25 10:50:58 +02:00
Laurent Destailleur
46ae7180f8 Fix phpunit. Refused @@ char in sql. 2021-06-25 10:47:31 +02:00
Laurent Destailleur
c46097ccd9 Merge branch '13.0' of git@github.com:Dolibarr/dolibarr.git into develop 
Conflicts:
	htdocs/main.inc.php
 2021-06-23 11:39:17 +02:00
Laurent Destailleur
ac8564dc34 Fix disable token renewal on .css.php, .js.php and .json.php 2021-06-21 13:06:40 +02:00
ATM john
8cc2cec560 Fix search drop down 2021-06-19 16:56:08 +02:00
Laurent Destailleur
61bd572a9c Fix token for ajax call 2021-06-17 03:37:52 +02:00
Laurent Destailleur
5372912b0b
Merge pull request #17642 from Givriz/dev 
Compatibility phpv8
 2021-05-26 18:22:46 +02:00
Laurent Destailleur
714334c585
Merge pull request #17698 from OPEN-DSI/new-translate-order-supplier 
NEW translate supplier order menus and button
 2021-05-25 20:34:17 +02:00
lvessiller
38bd595ebd NEW translate supplier order menus and button 2021-05-21 14:18:46 +02:00
Laurent Destailleur
b5af3b17d5 Update doc 2021-05-21 14:03:52 +02:00
Laurent Destailleur
fbe491c4da FIX CWE-79 huntr 2021-05-21 12:17:56 +02:00
Laurent Destailleur
ba0e95a4ff FIX huntr CWE-79 2021-05-17 23:47:16 +02:00
Givriz
6bbd6db84b Compatibility phpv8 2021-05-17 18:39:08 +02:00
stickler-ci
67fc5bce5f Fixing style errors. 2021-05-17 06:30:30 +00:00
Laurent Destailleur
6308c17c5f
Update main.inc.php 2021-05-17 08:30:12 +02:00
Maxime Kohlhaas
c8b725165e Fix use img_picto in quick create dropdown 2021-05-16 11:16:07 +02:00
Maxime Kohlhaas
3c3613a71a Fix missing quick create holiday and expense report 2021-05-16 11:06:49 +02:00
Maxime Kohlhaas
baf0dda19c Fix missing load langs for my company info in user block 2021-05-16 10:52:51 +02:00
Frédéric FRANCE
20724efd44
fix $mysoc not defined (php8 warning) 2021-05-11 00:04:11 +02:00
Laurent Destailleur
575d335374 Debug generation of webp 2021-05-01 15:12:30 +02:00
Alexandre SPANGARO
140f098c79 NEW: Add constant MAIN_BUGTRACK_URL to add possibility to redirect to other service 2021-04-14 23:16:30 +02:00
Alexandre SPANGARO
89281d4875 Merge remote-tracking branch 'upstream/develop' into 14a38 2021-04-14 16:43:16 +02:00
Alexandre SPANGARO
bb74a8b1b5 NEW: Add constant MAIN_BUGTRACK_URL to add possibility to redirect to other service 2021-04-12 22:01:46 +02:00
Alexandre SPANGARO
bbd774f987 Work on split module fournisseur 2021-04-12 05:50:57 +02:00
Laurent Destailleur
5eda49632a Add more accurate information on login and last login date 2021-04-11 15:57:58 +02:00
Laurent Destailleur
f4d56c710b Fix log levels 2021-04-07 12:43:28 +02:00
Laurent Destailleur
bf6ea78211 Better log 2021-04-07 12:22:30 +02:00
Laurent Destailleur
18154d6d21 Standardize log 2021-04-07 12:18:53 +02:00
Laurent Destailleur
b702d2b534 Fix CSRF for more GET 2021-03-29 22:58:44 +02:00
Laurent Destailleur
d93fbcd00b Fix sql error 2021-03-29 21:17:41 +02:00
Laurent Destailleur
0d5c613008 Complete fix 2021-03-29 21:10:21 +02:00
Laurent Destailleur
ae0468e107 FIX #yogosha5765 2021-03-29 21:04:33 +02:00
Laurent Destailleur
715490be0b
Merge pull request #16929 from aspangaro/14a28 
NEW: Add company info in dropdown login menu
 2021-03-29 19:02:12 +02:00
Laurent Destailleur
22da450a96 FIX #yogosha5755 2021-03-29 15:49:34 +02:00
Alexandre SPANGARO
c1ceefb70f Update with new functionality 2021-03-27 04:44:20 +01:00
Alexandre SPANGARO
6809dab2c0 Merge remote-tracking branch 'upstream/develop' into 14a28 2021-03-27 04:12:15 +01:00
Laurent Destailleur
c30c6bcf43 css 2021-03-25 08:37:59 +01:00
Alexandre SPANGARO
34abb53c25 Merge remote-tracking branch 'upstream/develop' into 14a28 2021-03-24 14:09:46 +01:00
Laurent Destailleur
911971c879 FIx #yogosha5728 2021-03-24 13:43:44 +01:00
stickler-ci
db8279b192 Fixing style errors. 2021-03-21 22:06:08 +00:00
Alexandre SPANGARO
ea938f64da NEW: Add company info in dropdown login menu 2021-03-21 22:58:21 +01:00
Laurent Destailleur
e1f23105a6 Finally try to follow install per entity instead of per instance. 2021-03-20 12:49:44 +01:00
Regis Houssin
972380860a FIX use new function getDolGlobalInt() instead 2021-03-20 12:40:24 +01:00
Regis Houssin
29e090b025 FIX force to entity 0 for all entities 2021-03-20 12:35:41 +01:00
Regis Houssin
573ca669da Merge branch 'develop' of git@github.com:Dolibarr/dolibarr.git into fix_warning_php8 2021-03-20 12:11:12 +01:00
Laurent Destailleur
14611f3f7a More complete protection for doprev donext, dvprev, dvnext action. 2021-03-19 12:49:28 +01:00
Laurent Destailleur
d83d005284 FIX #yogosha5674 2021-03-19 12:44:59 +01:00
Laurent Destailleur
ebf409f831 FIX #yogosha5668 2021-03-19 12:08:40 +01:00
Regis Houssin
a8ecdc14dd FIX syntax error 2021-03-19 11:46:57 +01:00
Regis Houssin
5978196e3b FIX missing current entity id 2021-03-19 11:31:46 +01:00
Regis Houssin
43e1dbb9ef FIX avoid php8 warning with multicompany 2021-03-19 11:27:31 +01:00
Laurent Destailleur
4e3e2a23bc More complete fix for #yogosha5644 2021-03-18 21:22:50 +01:00
Laurent Destailleur
11427cd49c Add filter onloadend into WAF 2021-03-17 19:41:59 +01:00
Laurent Destailleur
3fab4696ae Fix test on token is not done for login page. 2021-03-17 19:27:15 +01:00
Laurent Destailleur
9a474602a8 Fix #yogosha5644 2021-03-16 11:58:03 +01:00
Laurent Destailleur
22cdb0ef97
Merge pull request #16657 from frederic34/patch-12 
Fix php8 warning
 2021-03-15 10:52:19 +01:00
Laurent Destailleur
45579edd43 Enhance WAF and dol_sanitizeUrl 2021-03-14 18:57:18 +01:00
Frédéric FRANCE
1b291ea582
Fix php8 warning 2021-03-14 17:58:05 +01:00
Laurent Destailleur
72766c830d FIX #Yogosha5631 2021-03-14 15:06:40 +01:00
Laurent Destailleur
0bd7d28fd9 Better log 2021-03-13 12:13:33 +01:00
Laurent Destailleur
9956373a14 Backport the log to detect module that claim a new token. 2021-03-12 12:42:26 +01:00
Laurent Destailleur
60016cc3f3 Fix phpcs 2021-02-26 11:29:16 +01:00
Frédéric FRANCE
55a5e46527
code syntax comm directory 2021-02-23 20:26:57 +01:00
Laurent Destailleur
2346d8e12d
Merge pull request #16371 from frederic34/patch-2 
add log for token reclaimed
 2021-02-22 14:22:44 +01:00
Frédéric FRANCE
1971f51973
Update main.inc.php 2021-02-22 11:24:21 +01:00
Laurent Destailleur
d6081d7d87 code comment 2021-02-22 11:13:12 +01:00
Frédéric FRANCE
0e96093def
add log for token reclaimed 2021-02-21 21:51:26 +01:00
Laurent Destailleur
6f6352d9c4 Fix syntax 2021-02-20 11:33:25 +01:00
Laurent Destailleur
9a2e99e9e9 Clean packager 2021-02-20 11:09:23 +01:00
Laurent Destailleur
3d1dfccc1d More robust code 2021-02-19 18:12:15 +01:00
Laurent Destailleur
e9f9c46cd6 Clean code. Fix nojs=1 2021-02-19 15:37:42 +01:00
Laurent Destailleur
efb32c7d0b Fix test pages 2021-02-19 15:06:36 +01:00
Laurent Destailleur
d588086c47 Merge branch '13.0' of git@github.com:Dolibarr/dolibarr.git into develop 2021-02-09 21:21:28 +01:00
Laurent Destailleur
032503f397 Merge branch '12.0' of git@github.com:Dolibarr/dolibarr.git into 13.0 
Conflicts:
	htdocs/main.inc.php
 2021-02-09 21:13:54 +01:00
Laurent Destailleur
9c535d6d7e Fix comment in js must be a js comment 2021-02-09 21:09:46 +01:00
Laurent Destailleur
0e2c27d795 Fix javascript error 2021-02-09 21:06:11 +01:00
Laurent Destailleur
2e9656a5b2 Merge branch '13.0' of git@github.com:Dolibarr/dolibarr.git into develop 
Conflicts:
	htdocs/core/class/html.formactions.class.php
	htdocs/filefunc.inc.php
 2021-02-02 03:26:20 +01:00
Laurent Destailleur
daf88944f8 FIX #16118 Timezone problem on some fields 2021-02-02 00:19:41 +01:00
Laurent Destailleur
3473e0a5d0 Exclude include if not required 2021-01-31 17:10:31 +01:00
Laurent Destailleur
13378897a8 FIX Report by Ricardo Matias 
Conflicts:
	test/phpunit/SecurityTest.php
 2021-01-25 22:52:30 +01:00
Laurent Destailleur
6a12de741f FIX Report by Ricardo Matias 2021-01-25 22:46:09 +01:00
Laurent Destailleur
820ab1a110 Better error message 2021-01-16 13:03:34 +01:00
Laurent Destailleur
199b46cfaf Merge branch '13.0' of git@github.com:Dolibarr/dolibarr.git into 13.0 
Conflicts:
	htdocs/langs/en_US/modulebuilder.lang
 2020-12-27 16:53:15 +01:00
Laurent Destailleur
02daf09928 Fix for php8 2020-12-23 23:06:34 +01:00
Laurent Destailleur
4fcf606d04 Error management on emailcollector edition 2020-12-22 17:22:24 +01:00
Laurent Destailleur
5f476e7e7e Compatibility of nusoap with PHP8 2020-12-12 15:37:15 +01:00
Regis Houssin
37193557df FIX rename hook to be more explicit and $test = false 2020-12-09 08:56:39 +01:00
Laurent Destailleur
a92ad1484a
Merge pull request #15709 from hregis/fix_add_hook_for_security 
NEW add hook "loginCheckSecurityAccess" (eg for external captcha)
 2020-12-08 23:08:17 +01:00
Laurent Destailleur
e987e6e093 Context for hook showSocinfoOnPrint has been moved from 
"showsocinfoonprint" to "main"
 2020-12-08 22:16:38 +01:00
Regis Houssin
3836e5685a FIX same context of others 2020-12-08 19:30:40 +01:00
Regis Houssin
724d03c754 NEW add hook "loginCheckSecurityAccess" (eg for external captcha) 2020-12-08 19:26:24 +01:00
Laurent Destailleur
3b55eb1d82 FIX master must be after session_start but dol_getprefix must be before 
and after filefunc.inc.php.
 2020-12-05 13:26:58 +01:00
Laurent Destailleur
613ed8bcfa FIX No use of $_SESSION into master.inc.php 2020-12-04 23:50:55 +01:00
Laurent Destailleur
34679c3bc1 Fix warning in phpunit 2020-12-04 13:22:47 +01:00
Scrutinizer Auto-Fixer
6df4954b20 Scrutinizer Auto-Fixes 
This commit consists of patches automatically generated for this project on https://scrutinizer-ci.com
 2020-12-01 01:41:19 +00:00
Laurent Destailleur
6c65ebef0d Look and feel v13 2020-11-29 15:16:53 +01:00
Laurent Destailleur
9147c85d9f Fix size of roboto font 2020-11-28 03:35:32 +01:00
Laurent Destailleur
e4128bad80 Fix management of Robot font 2020-11-28 03:32:25 +01:00
Laurent Destailleur
574919de52 Merge branch '12.0' of git@github.com:Dolibarr/dolibarr.git into develop 
Conflicts:
	.travis.yml
	htdocs/accountancy/bookkeeping/balance.php
	htdocs/adherents/class/subscription.class.php
	htdocs/compta/bank/categ.php
	htdocs/compta/facture/class/facture.class.php
	htdocs/core/boxes/box_task.php
	htdocs/core/class/commondocgenerator.class.php
	htdocs/core/class/interfaces.class.php
	htdocs/core/lib/project.lib.php
	htdocs/core/modules/modCategorie.class.php
	htdocs/expensereport/class/expensereport.class.php
	htdocs/fichinter/class/fichinterrec.class.php
	htdocs/fourn/class/fournisseur.commande.class.php
	htdocs/fourn/class/fournisseur.facture.class.php
	htdocs/install/repair.php
	htdocs/main.inc.php
	htdocs/product/price.php
	htdocs/projet/tasks/time.php
	htdocs/reception/card.php
 2020-11-27 15:45:12 +01:00
Laurent Destailleur
ac3c129735 Clean code 2020-11-27 14:24:15 +01:00
Laurent Destailleur
b6640da281 Fix javascript obfuscating with HTML comments 2020-11-26 23:37:35 +01:00
Laurent Destailleur
d2f8b65dbf Prepare use of session in db 2020-11-24 12:26:32 +01:00
Givriz
dca4cf5987 Feature : ajout de la class "button-cancel" 
Ajout de la class "button-cancel" suite à l'issue #3756 et achèvement de ma tâche Dolibarr.
 2020-11-23 15:12:52 +01:00