lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
24,215 Commits 43 Branches 150 Tags 886 MiB
df032c618b
Commit Graph

656 Commits

Author SHA1 Message Date
Laurent Destailleur
be52d8b46f Work on memcached server 2010-05-26 11:22:10 +00:00
Laurent Destailleur
10f0b0997e Work on memcached server 2010-05-25 22:55:56 +00:00
Laurent Destailleur
55a2b9f04b Can disable JQUERY 2010-05-22 11:27:29 +00:00
Laurent Destailleur
38b924b85c Use unique id 2010-05-13 00:32:16 +00:00
Laurent Destailleur
f39d3cf574 On the fly GZIP compression is done only if bit 3 of constant is set (this is to allow to choose wich optimization we enabled among the 3 actually available). 2010-05-12 00:40:18 +00:00
Regis Houssin
5fef42452e Fix: optimize speed 
Qual: update scriptaculous en protoype
 2010-05-10 20:59:18 +00:00
Regis Houssin
635b44b906 Fix: if you rename a module, rename all 2010-05-10 04:50:39 +00:00
Philippe Grand
7f13eb0d4e according to new tree directory 2010-05-03 08:22:35 +00:00
Philippe Grand
b6bc9223df according to new tree directory 2010-04-28 10:33:16 +00:00
Philippe Grand
b68a359265 according to new tree directory 2010-04-28 10:02:54 +00:00
Laurent Destailleur
a4f144f24d Qual: Uniformise code. user class use id in first param of fetch 2010-04-28 07:31:34 +00:00
Regis Houssin
8b28989e8a Fix: problem with php5.3 2010-04-23 09:30:47 +00:00
Regis Houssin
89eb657f5d Fix: regression, problem with php5.3 2010-04-23 07:42:57 +00:00
Regis Houssin
335c038dd8 Fix: regression 2010-04-21 22:14:11 +00:00
Regis Houssin
621bd68e3b Fix: workflow module is enabled by default 
Fix: integration of triggers in the workflow module
!!! we now call "call_workflow" instead of "run_triggers" !!!
 2010-04-21 16:29:37 +00:00
Laurent Destailleur
b33b1c56b8 Fix: Default language on login page 2010-04-13 21:56:06 +00:00
Philippe Grand
011ea91f81 move interfaces class to core directory 2010-04-08 13:09:00 +00:00
Laurent Destailleur
d456c92553 Some code for compatibility 2010-04-06 21:56:03 +00:00
Laurent Destailleur
143acdc3f0 Move agenda menu into module 2010-04-05 18:41:34 +00:00
Laurent Destailleur
fbc31d9cb5 Qual: Separate function of html header from menu header 2010-04-03 15:08:09 +00:00
Laurent Destailleur
6910dd0b62 Remove deprecated code 2010-04-03 14:39:24 +00:00
Regis Houssin
25b12337e9 Fix: move core class to core directory 2010-03-23 08:58:15 +00:00
Regis Houssin
2337235f7e Fix: create Smarty directory if not exist 2010-03-19 11:20:29 +00:00
Laurent Destailleur
5077734b00 Remove warning 2010-03-17 21:50:31 +00:00
Laurent Destailleur
e3f4dddf02 Add favicon in html header 2010-03-17 21:41:06 +00:00
Laurent Destailleur
d38f72f50a Fix: Fix regression after removing pre.inc.php 2010-03-16 01:18:25 +00:00
Regis Houssin
72d0b60bbe Add JQuery for test 2010-03-04 08:28:30 +00:00
Laurent Destailleur
43b69e1da0 Qual: Clean a lot of code to prepare remove of pre.inc.php 2010-02-28 14:49:39 +00:00
Laurent Destailleur
99e6134e82 Qual: Clean a lot of code to prepare remove of pre.inc.php 2010-02-28 14:16:46 +00:00
Laurent Destailleur
40d42b56de Qual: First change to remove pre.inc.php 2010-02-28 04:32:18 +00:00
Laurent Destailleur
2fba5c03f3 Try to change memory limit dynamically 2010-02-28 02:01:46 +00:00
Regis Houssin
5e65d811a9 Fix: same session name on some installations 2010-02-26 11:30:35 +00:00
Laurent Destailleur
2a53d4d2de Comments 2010-02-21 03:14:26 +00:00
Laurent Destailleur
ae3cfce7cc New: Add patch from meos to resize images 2010-02-21 01:45:58 +00:00
Laurent Destailleur
3acd11c13c Move conf file information into page of dolibarr conf information. 
New: Enhance https forcing.
 2010-02-20 11:40:36 +00:00
r2gnl
a1874eb10a lang: english comments only 2010-02-19 13:50:49 +00:00
Laurent Destailleur
7e6e9604cc Fix: Autodetect if upgrade is required was not working just after a first installation. 2010-02-15 21:22:04 +00:00
Laurent Destailleur
c7e4c33878 More flexible usage of option MAIN_OPTIMIZE_SPEED 2010-02-02 08:07:30 +00:00
Regis Houssin
b2a265a1a8 Works on enhancement of project tasks 2010-01-27 07:58:31 +00:00
Laurent Destailleur
ee3cae8c38 CSRF chek is not done on GET methods as this breaks way to have links to a direct page. 2010-01-16 11:53:50 +00:00
Regis Houssin
3d3923a22f Add: Product remaining to be delivered 
Fix: move deprecated function
 2010-01-15 10:07:20 +00:00
Laurent Destailleur
1374e7eeab Fix: Css relative url must start with / as it means relative to DOL_URL_ROOT. 2010-01-13 13:11:32 +00:00
Laurent Destailleur
194cc07396 Rename the dol_loginfunction2 into dol_loginfunction to keep only one function. This function can support smarty templates and php template. 2010-01-10 23:54:42 +00:00
Laurent Destailleur
fe64eb07eb Fix: All output page must include main.inc.php 2009-12-29 18:10:48 +00:00
Laurent Destailleur
d4e89552e3 Fix: Code to manage view output must be stored or initialized into main and not into master (dedicated to all script included command line scripts). 2009-12-28 01:53:45 +00:00
Regis Houssin
ba091af947 Test: smarty integration and iphone template 2009-12-27 05:50:46 +00:00
Regis Houssin
16145ca7ce Test: smarty integration and iphone template 2009-12-26 02:03:04 +00:00
Laurent Destailleur
8924f1104a New: Serious speed optimizations (time to show a page is reduced by 40%) when using the hidden option MAIN_OPTIMIZE_SPEED. 2009-12-17 15:44:51 +00:00
Laurent Destailleur
987f4452b5 New: Optimize speed of loading lang files ith hidden option MAIN_OPTIMIZE_SPEED 2009-12-16 21:42:42 +00:00
Laurent Destailleur
0dc16a426b Fix: W3C 2009-11-07 13:57:47 +00:00
Laurent Destailleur
8922b93395 Fix: Bad W3C 
New: Add link to download skin page
 2009-11-02 18:53:26 +00:00
Regis Houssin
d94f48112b Fix: functions "ereg", "ereg_replace", "eregi", "eregi_replace" is deprecated since php 5.3.0 2009-10-24 06:18:56 +00:00
Regis Houssin
960afb50ed Fix: functions "ereg", "ereg_replace", "eregi", "eregi_replace" is deprecated since php 5.3.0 2009-10-24 06:10:00 +00:00
Regis Houssin
c226de4f00 Fix: functions "ereg", "ereg_replace", "eregi", "eregi_replace" is deprecated since php 5.3.0 2009-10-21 14:02:14 +00:00
Laurent Destailleur
6e43cda408 Remove deprecated code. Now usage of smarty is simpler (no need to declare things in config file) 2009-10-20 17:34:17 +00:00
Regis Houssin
01291c4a7c Fix: function "split" is deprecated since php 5.3.0 2009-10-20 13:14:44 +00:00
Laurent Destailleur
192fea4164 Add useragent in llx_events 2009-10-20 12:45:52 +00:00
Laurent Destailleur
a34de44b79 Add hidden options MAIN_HTML_HEADER and MAIN_HTML_FOOTER 2009-10-16 17:24:18 +00:00
Laurent Destailleur
0ce52bad02 Add hidden options MAIN_HTML_HEADER and MAIN_HTML_FOOTER 2009-10-16 17:15:32 +00:00
Laurent Destailleur
28993e7dcd Move artichow and smarty libs into includes directory with other libraries. 2009-10-07 17:51:15 +00:00
Laurent Destailleur
98b83f5554 Better look for smartphone 2009-10-07 17:36:51 +00:00
Laurent Destailleur
e682f3f83b Work on import module 2009-10-03 22:32:10 +00:00
Regis Houssin
ab93a4ef8c Fix: limit to company name for a server with multiple instance of dolibarr 2009-09-15 16:05:58 +00:00
Laurent Destailleur
7036c67414 New: First change to test how to optimize for smartphone. 2009-09-15 01:22:19 +00:00
Laurent Destailleur
5d9e35a3ed Fix: CSRF protection is enabled only if MAIN_SECURITY_CSRF is set. 2009-09-14 01:56:24 +00:00
Laurent Destailleur
070b160450 New: Add option MAIN_ONLY_LOGIN_ALLOWED to lock login to any user that is not value of constant. 
For example MAIN_ONLY_LOGIN_ALLOWED=admin will lock login to any login except admin.
This make possible to make maintenance works.
A page to add/remove this constant will be added later in system-tools
 2009-08-30 01:39:40 +00:00
Laurent Destailleur
534c8d8dbf Fix: Can't add product line to supplier order. 2009-08-28 22:46:40 +00:00
Laurent Destailleur
756ca4499a Qual: Ajax code is simpler and now works with IE6 2009-08-27 23:31:50 +00:00
Laurent Destailleur
c296965865 Fix: Some ajax features was broken 2009-08-27 22:20:01 +00:00
Laurent Destailleur
d2e3e207a6 Work on import module 2009-08-23 00:15:30 +00:00
Laurent Destailleur
000e40eb80 Perf: Some speed enhancements 2009-08-22 16:07:46 +00:00
Laurent Destailleur
c7e3ffbadb Typo fix 2009-08-21 20:22:46 +00:00
Laurent Destailleur
2b26eb5b4a Add a print icon to show a page to print without menus. 2009-08-19 20:57:15 +00:00
Laurent Destailleur
061a90ec1d New: Can add parameter &optioncss=print on url to have a page ready to print (menu removed) 2009-08-19 16:51:55 +00:00
Laurent Destailleur
944345b625 New: Can add parameter &optioncss=print on url to have a page ready to print (menu removed) 2009-08-19 16:26:12 +00:00
Laurent Destailleur
f52a4182a4 Fix: Pb with popu calendar in EI8 and security options of IE6 2009-08-13 12:32:22 +00:00
Laurent Destailleur
c11cef6d47 Add help link to online wiki 2009-08-12 12:59:14 +00:00
Laurent Destailleur
b1bb20c1bf New: First try to support right to left languages (ar_AR) 2009-08-11 12:28:30 +00:00
Laurent Destailleur
13a3de8d90 Fix: "Now" link works when date popup is not used. 
New: Add option to hide help in menu.
 2009-08-09 19:25:17 +00:00
Laurent Destailleur
e5475f0b28 Add hidden option MAIN_US_MINI_JS to use minified version of large javascript 2009-08-09 11:37:32 +00:00
Laurent Destailleur
6b8d5ae8a2 Add hidden option MAIN_US_MINI_JS to use minified version of large javascript 2009-08-09 11:22:19 +00:00
Laurent Destailleur
863b83c4db Look: Try an enhancement in background in eldy theme 
Look: Link to online help is more clear.
 2009-08-09 00:35:17 +00:00
Laurent Destailleur
b1ff004e6f Enhancement of install/upgrade process: If database version differs from programs version, the install page is automatically called. 2009-08-08 16:26:06 +00:00
Laurent Destailleur
1d600dd2f8 Qual: Usage of smarty templates by some modules is now cleaner. 2009-08-02 17:13:59 +00:00
Laurent Destailleur
378b96d504 Removed deprecated option. Use the conf->module->enabled instead. 2009-08-02 16:47:06 +00:00
Laurent Destailleur
5652291f8b Fix: W3C 2009-07-07 15:34:55 +00:00
Laurent Destailleur
8dc1e4ec30 Doc 2009-07-06 13:20:52 +00:00
Regis Houssin
32915db864 Security: just one token 2009-07-03 09:04:29 +00:00
Laurent Destailleur
b9971792ff Perf: Several speed optimizing after using the Google Page Speed plugin for firebug 2009-06-15 14:26:34 +00:00
Laurent Destailleur
f5a2f6eaaa Fix: Pb with the token post protection 2009-06-15 12:15:51 +00:00
Laurent Destailleur
28dd72e17a New: Prepare correct management of timezones 
Fix: Bad support of timeouts.
 2009-06-14 16:25:23 +00:00
Laurent Destailleur
25b608c9f6 Fix: Restore the picto title in gif format because the png transparency is not supported on IE6 (54% of users). 2009-06-14 12:38:45 +00:00
Laurent Destailleur
7b68ed8cd5 Qual: Removed deprecated source code 2009-06-10 19:51:00 +00:00
Laurent Destailleur
8732364f01 Qual: Now module services and products are two completely separated modules. 2009-06-08 18:14:37 +00:00
Laurent Destailleur
3c591db844 Restore changes after 27 may due to from savannah Crash. 2009-06-03 23:05:52 +00:00
Laurent Destailleur
b309cd1380 Fix: W3C 2009-05-27 14:32:19 +00:00
Regis Houssin
fa55e65e54 Fix: Disables token renewal in Ajax request 2009-05-26 17:01:18 +00:00
Laurent Destailleur
003208bc96 Disable the CSRF protection if we are in a development instance (to be able to do test and send post from tools). 2009-05-24 19:04:25 +00:00
Laurent Destailleur
e86917a148 Renamed conf->cookie_cryptkey into conf->file->cookie_cryptkey. The goal is to have all parameters defined inside file conf.php to be in $conf->file->xxx. Excep for database that are stored in $conf->db (historic reasons). This make code easier to understand and to know origine of a value (file or database). 2009-05-24 00:19:06 +00:00
Regis Houssin
f45caf216f Add: just used cookie for remind last user and last entity 
Look: use cookie for view logo of last used entity
 2009-05-23 17:44:36 +00:00
Regis Houssin
1420692e53 Add: view last user and last entity in login page if cookie is enabled 2009-05-23 15:35:02 +00:00
Regis Houssin
23ce17b308 Add: entity cookie just used for the login page 2009-05-22 15:38:09 +00:00
Regis Houssin
6f163a94a8 Add: entity cookie just used for the login page 2009-05-22 15:24:32 +00:00
Laurent Destailleur
8e167d3f80 Qual: Now creation of session is done before the loading of conf. This make code much easier to understand. 2009-05-22 00:20:45 +00:00
Laurent Destailleur
fb0e668fc0 Qual: Now creation of session is done before the loading of conf. This make code much easier to understand. 2009-05-21 22:28:05 +00:00
Laurent Destailleur
e4090f63b1 Session name DOLSESSID_databasename is replace with DOLSESSID_dolibarrwebinstance. This remove a key read in conf.class.php used to name session because, to make code simpler, we will need to create session before the conf is loaded. This is also most secure because it is possible to use 2 dolibarr instances even if database names are same on two different mysql server. 
Add also comments on code to remember to simplify things.
 2009-05-21 21:37:45 +00:00
Laurent Destailleur
9d57b9ec71 Add message to avoid to search 2009-05-21 17:45:13 +00:00
Laurent Destailleur
9a38002c46 Session name DOLSESSID_databasename is replace with DOLSESSID_dolibarrwebinstance. This remove a key read in conf.class.php used to name session because, to make code simpler, we will need to create session before the conf is loaded. This is also most secure because it is possible to use 2 dolibarr instances even if database names are same on two different mysql server. 
Add also comments on code to remember to simplify things.
 2009-05-21 13:37:18 +00:00
Regis Houssin
ee350b7352 Fix: ouverture d'une session temporaire de securite pour stocker une de cryptage aléatoire pour 
encryption du cookie
 2009-05-20 18:23:02 +00:00
Regis Houssin
3786711822 Fix: ouverture d'une session temporaire de securite pour stocker une de cryptage aléatoire pour 
encryption du cookie
 2009-05-20 18:18:25 +00:00
Regis Houssin
1437913f39 Fix: remplace rand par mt_rand plus performant 2009-05-19 21:51:08 +00:00
Regis Houssin
572a89e1d3 Fix: protection faille CSRF 2009-05-19 21:08:17 +00:00
Regis Houssin
63cbd5a24e Fix: protection faille CSRF 2009-05-19 20:59:20 +00:00
Regis Houssin
91624baceb Add: a color picker 
Add: define a background color/image in mailing
 2009-05-19 13:27:44 +00:00
Regis Houssin
53d214fbea Fix: just use exit 2009-05-18 14:41:32 +00:00
Laurent Destailleur
0c74892580 New: Better link to help wiki 2009-05-18 11:40:33 +00:00
Laurent Destailleur
7125e40f8e Another try to make the CSRF test before the master.inc.php 2009-05-17 22:40:24 +00:00
Regis Houssin
e5d222b6cc Fix: régression sur l'utilisation des niveau du jeton, on test sur les 2 niveaux car 
comportement aléatoire avec certaines fonctions
 2009-05-17 08:01:54 +00:00
Regis Houssin
9f86fcc443 Fix: niveau aléatoire du jeton sur le confirm_form, on le sécurise que si il contient 
des données POST
 2009-05-16 16:51:09 +00:00
Regis Houssin
36c58c62fc Fix: ajout de log sur le refus du jeton 2009-05-16 16:12:09 +00:00
Regis Houssin
1d719e2317 Fix: ajout debug 2009-05-16 16:00:44 +00:00
Regis Houssin
c1c1f8a4d2 Fix: ajout d'un niveau supplémentaire du cache du jeton 2009-05-16 15:45:26 +00:00
Regis Houssin
7285270f1c Fix: DOL_MAIN_URL_ROOT est défini dans master.inc.php 2009-05-16 12:31:17 +00:00
Regis Houssin
2306a4c305 Fix: obsolete 2009-05-16 07:24:20 +00:00
Regis Houssin
3723bb350a Fix: on supprime le GET ET POST si la requete ne vient pas du serveur 2009-05-16 07:16:12 +00:00
Laurent Destailleur
3c49c6e5b7 Sec: Make CSRF test at the beginning. No functionnal code must be done if there is a security risk, so use just a return. Add test on a constant to remove test for some pages because this break a lot of features. 2009-05-16 06:31:59 +00:00
Regis Houssin
d3621e4593 Fix: ajout d'un jeton aléatoire dans les requetes POST 2009-05-15 13:59:49 +00:00
Regis Houssin
1ea80f4f57 Fix: protection faille CSRF !!! 2009-05-15 12:59:39 +00:00
Regis Houssin
d73aac6e4e Fix: creation et verification d'un jeton aléatoire afin de valider une requete POST, voici la ligne à ajouter dans une requete POST 
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
 2009-05-15 12:48:13 +00:00
Regis Houssin
df37827eb7 Todo: faille CSRF -- creation d'un jeton aléatoire pour valider les requetes POST 2009-05-15 12:13:23 +00:00
Laurent Destailleur
5615a164fd Use a more specific picto for documentation help 2009-05-10 05:44:35 +00:00
Regis Houssin
f43d69faef Todo: utiliser $user->datelastlogin pour un cryptage aléatoire 2009-05-08 21:17:02 +00:00
Regis Houssin
149e232bd3 Add: /core/cookie.class.php for create and encrypt/decrypt cookie value with personnal key 
configured in conf.php with $dolibarr_main_cookie_cryptkey
 2009-05-08 19:46:07 +00:00
Regis Houssin
865f6198e8 Add: /core/cookie.class.php for create and encrypt/decrypt cookie value with personnal key 
configured in conf.php with $dolibarr_main_cookie_cryptkey
 2009-05-08 19:46:07 +00:00
Laurent Destailleur
b38fb205f6 Fix: Ajax popup now works on IE. 2009-05-08 19:27:39 +00:00
Laurent Destailleur
e007bc6079 Fix: Do no load language file with user choice if lang code is forced on URL 2009-05-08 15:40:33 +00:00
Laurent Destailleur
326cd8b227 All data from conf file are stored into conf->file->xxx 
Multicompany should be ok to logon with no breaking sessions when disabled
 2009-05-08 01:23:33 +00:00
Regis Houssin
81a5393e70 Todo: il faut qu'on trouve une autre solution, il n'y a que comme ca que la multicompany a un fonctionnement correct... 2009-05-07 16:11:57 +00:00
Regis Houssin
f1a5c6fae3 Fix: seul le superadmin peut changer la config de syslog 2009-05-07 09:06:57 +00:00
Laurent Destailleur
1e37d24bf4 Can make a link between a member and a user 2009-05-06 23:30:49 +00:00
Laurent Destailleur
672f75a4d7 Can disable prototype and scriptaculous 2009-04-27 19:50:39 +00:00
Regis Houssin
b33020c86a Fix: entity cookie connection 2009-04-23 15:48:58 +00:00
Regis Houssin
908e408750 Fix: create session and cookie for multi-company 2009-04-23 13:39:39 +00:00
Regis Houssin
260f762e97 Fix: create session and cookie for multi-company 2009-04-23 13:19:28 +00:00
Laurent Destailleur
47f255ea15 Fix: Correct broken install 2009-04-17 18:26:21 +00:00
Regis Houssin
c52636bd38 New: early development of multi-company module 2009-04-17 07:45:00 +00:00
Regis Houssin
94a5df6a2d New: early development of multi-company module 2009-04-15 20:09:43 +00:00
Laurent Destailleur
cd78a8db7b Minor changes 2009-03-13 13:12:43 +00:00
Laurent Destailleur
0cd67ded54 New: Some pages can link to wiki help pages 2009-03-09 11:54:06 +00:00
Laurent Destailleur
2da5a733eb New: Some pages can link to wiki help pages 2009-03-09 11:28:15 +00:00