lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
89,550 Commits 43 Branches 150 Tags 886 MiB
720a113125
Commit Graph

89550 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Cédric
720a113125
Update api_invoices.class.php 2020-09-19 14:16:17 +02:00
Laurent Destailleur
b1985950a6 Use POST to make the ajax set/del constant 2020-09-19 12:50:47 +02:00
Laurent Destailleur
46eb78cd41 Fix escape 2020-09-19 04:18:51 +02:00
Laurent Destailleur
e142b42f19 Clean code 2020-09-19 04:14:49 +02:00
Laurent Destailleur
4a5ee7f04d Better testSqlAndScriptInject (deal htmlentities encoded signatures) 
More phpunits on GETPOST
 2020-09-19 03:25:25 +02:00
Laurent Destailleur
eb36c3f144 Fix must use GETPOST 2020-09-19 02:27:32 +02:00
Laurent Destailleur
93b7956156 Fix sanitizing of backtopage 2020-09-19 02:12:08 +02:00
Laurent Destailleur
a0b230fa46 Fix #yogosha4534 2020-09-19 01:58:46 +02:00
Laurent Destailleur
6a45545ec1 Prepare for fix 2020-09-19 01:53:22 +02:00
Laurent Destailleur
b7a97b2c81 Prepare for fix 2020-09-19 01:45:40 +02:00
Laurent Destailleur
99c05f0923 Fix rss 2020-09-19 00:51:09 +02:00
Laurent Destailleur
f62d52f89a Fix tooltip for linkto object. 
Fix security of ajax selectobject.php
 2020-09-19 00:44:47 +02:00
Laurent Destailleur
63bc3aa48a Better sanitizing 2020-09-19 00:05:29 +02:00
Laurent Destailleur
6d2d5d7cae Fix #yogosha4529 2020-09-19 00:02:38 +02:00
Laurent Destailleur
d21c2f0d61 Better sanitizing 2020-09-18 23:38:45 +02:00
Laurent Destailleur
4f2d3176f5 Fix #yogosha4533 2020-09-18 23:26:05 +02:00
Laurent Destailleur
4710fedda6 Try another fix for #yogosha4514 2020-09-18 23:06:08 +02:00
Laurent Destailleur
11bf662c38 Fix regression 2020-09-18 17:49:51 +02:00
Laurent Destailleur
b6c6473cce Fix sql injection when forging requests with IN 2020-09-18 17:47:40 +02:00
Laurent Destailleur
4e2aff2cdc Fix sql injection when forging requests with IN 2020-09-18 17:28:02 +02:00
Laurent Destailleur
2d38644ae1 Sanitize sortfield 2020-09-18 17:13:01 +02:00
Laurent Destailleur
d75e1e5771 Fix #yogosha4525 2020-09-18 16:10:11 +02:00
Laurent Destailleur
72d5850a5f Fix regression 2020-09-18 15:45:26 +02:00
Laurent Destailleur
2697f604d5 Merge branch '12.0' of git@github.com:Dolibarr/dolibarr.git into develop 
Conflicts:
	htdocs/document.php
 2020-09-18 14:58:16 +02:00
Laurent Destailleur
4decf20aaa Merge branch '11.0' of git@github.com:Dolibarr/dolibarr.git into 12.0 2020-09-18 14:56:38 +02:00
Laurent Destailleur
5d3168c2a0 Merge branch '10.0' of git@github.com:Dolibarr/dolibarr.git into 11.0 2020-09-18 14:55:58 +02:00
Laurent Destailleur
37c9afebd9 Fix regression 2020-09-18 14:55:32 +02:00
Laurent Destailleur
cf8e8ee68b Merge branch '12.0' of git@github.com:Dolibarr/dolibarr.git into develop 
Conflicts:
	htdocs/contact/card.php
	htdocs/core/lib/functions.lib.php
	htdocs/document.php
 2020-09-18 14:54:20 +02:00
Laurent Destailleur
8740778aa8 Merge branch '11.0' of git@github.com:Dolibarr/dolibarr.git into 12.0 2020-09-18 14:51:26 +02:00
Laurent Destailleur
f09aea90df Fix bad test 2020-09-18 14:51:04 +02:00
Laurent Destailleur
56a9f5c48b Fix 2020-09-18 14:49:20 +02:00
Laurent Destailleur
0b2aa2b01d Merge branch '11.0' of git@github.com:Dolibarr/dolibarr.git into 12.0 
Conflicts:
	htdocs/core/lib/functions.lib.php
 2020-09-18 14:48:40 +02:00
Laurent Destailleur
07556e061d Merge branch '10.0' of git@github.com:Dolibarr/dolibarr.git into 11.0 
Conflicts:
	htdocs/contact/card.php
	htdocs/core/lib/functions.lib.php
	htdocs/document.php
 2020-09-18 14:46:23 +02:00
Laurent Destailleur
4e56115d2d Fix No CSRF for install module using GET 2020-09-18 14:35:30 +02:00
Laurent Destailleur
2fe9514b6b Doc 2020-09-18 14:01:00 +02:00
Laurent Destailleur
9134892c71 Fix remove useless code 2020-09-18 13:58:09 +02:00
Laurent Destailleur
cc5d648888 Enhance the anti injection layer 2020-09-18 13:41:50 +02:00
Laurent Destailleur
cddec2f4dc Fix XSS 2020-09-18 13:25:56 +02:00
Laurent Destailleur
1ad6461ade Fix #yogosha4500 2020-09-18 06:10:41 +02:00
Laurent Destailleur
a7a8ca0a6b Fix phpcs 2020-09-18 06:03:59 +02:00
Laurent Destailleur
b35db6b9dd Clean code managing canvas 2020-09-18 06:02:52 +02:00
Laurent Destailleur
b49211b278 Phpcs 2020-09-18 05:37:20 +02:00
Laurent Destailleur
ca2e79395c typo 2020-09-18 05:35:37 +02:00
Laurent Destailleur
05d85ee4c1 Update scope 2020-09-18 05:34:50 +02:00
Laurent Destailleur
bb55572abf Update scope of security 2020-09-18 05:11:29 +02:00
Laurent Destailleur
234b9f1f57 Fix CSRF 2020-09-18 05:07:58 +02:00
Laurent Destailleur
aa3f906370 Standardize code 2020-09-18 04:53:43 +02:00
Laurent Destailleur
534846c5c7 NEW Framework is ready for CSRF token protection on explicit GET URLs. 2020-09-18 04:30:24 +02:00
Laurent Destailleur
8d77bfacd2 Fix #yogosha4490 2020-09-18 03:07:13 +02:00
Laurent Destailleur
c94b3f6584 Fix transversal URL #yogosha4513 2020-09-18 01:57:23 +02:00