Wavyzz/dolibarr-fork
2
0
Fork 0
forked from Wavyzz/dolibarr
Code Pull Requests Activity
72,480 Commits 36 Branches 189 Tags
84ec39f043c3d807519b8e4cb1570a01eb47d848
Commit Graph

1532 Commits

Author SHA1 Message Date
Regis Houssin
3723bb350a Fix: on supprime le GET ET POST si la requete ne vient pas du serveur 2009-05-16 07:16:12 +00:00
Laurent Destailleur
3c49c6e5b7 Sec: Make CSRF test at the beginning. No functionnal code must be done if there is a security risk, so use just a return. Add test on a constant to remove test for some pages because this break a lot of features. 2009-05-16 06:31:59 +00:00
Regis Houssin
d3621e4593 Fix: ajout d'un jeton aléatoire dans les requetes POST 2009-05-15 13:59:49 +00:00
Regis Houssin
1ea80f4f57 Fix: protection faille CSRF !!! 2009-05-15 12:59:39 +00:00
Regis Houssin
d73aac6e4e Fix: creation et verification d'un jeton aléatoire afin de valider une requete POST, voici la ligne à ajouter dans une requete POST 
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
 2009-05-15 12:48:13 +00:00
Regis Houssin
df37827eb7 Todo: faille CSRF -- creation d'un jeton aléatoire pour valider les requetes POST 2009-05-15 12:13:23 +00:00
Laurent Destailleur
5615a164fd Use a more specific picto for documentation help 2009-05-10 05:44:35 +00:00
Regis Houssin
f43d69faef Todo: utiliser $user->datelastlogin pour un cryptage aléatoire 2009-05-08 21:17:02 +00:00
Regis Houssin
149e232bd3 Add: /core/cookie.class.php for create and encrypt/decrypt cookie value with personnal key 
configured in conf.php with $dolibarr_main_cookie_cryptkey
 2009-05-08 19:46:07 +00:00
Regis Houssin
865f6198e8 Add: /core/cookie.class.php for create and encrypt/decrypt cookie value with personnal key 
configured in conf.php with $dolibarr_main_cookie_cryptkey
 2009-05-08 19:46:07 +00:00
Laurent Destailleur
b38fb205f6 Fix: Ajax popup now works on IE. 2009-05-08 19:27:39 +00:00
Laurent Destailleur
e007bc6079 Fix: Do no load language file with user choice if lang code is forced on URL 2009-05-08 15:40:33 +00:00
Laurent Destailleur
326cd8b227 All data from conf file are stored into conf->file->xxx 
Multicompany should be ok to logon with no breaking sessions when disabled
 2009-05-08 01:23:33 +00:00
Regis Houssin
81a5393e70 Todo: il faut qu'on trouve une autre solution, il n'y a que comme ca que la multicompany a un fonctionnement correct... 2009-05-07 16:11:57 +00:00
Regis Houssin
f1a5c6fae3 Fix: seul le superadmin peut changer la config de syslog 2009-05-07 09:06:57 +00:00
Laurent Destailleur
1e37d24bf4 Can make a link between a member and a user 2009-05-06 23:30:49 +00:00
Laurent Destailleur
672f75a4d7 Can disable prototype and scriptaculous 2009-04-27 19:50:39 +00:00
Regis Houssin
b33020c86a Fix: entity cookie connection 2009-04-23 15:48:58 +00:00
Regis Houssin
908e408750 Fix: create session and cookie for multi-company 2009-04-23 13:39:39 +00:00
Regis Houssin
260f762e97 Fix: create session and cookie for multi-company 2009-04-23 13:19:28 +00:00
Laurent Destailleur
47f255ea15 Fix: Correct broken install 2009-04-17 18:26:21 +00:00
Regis Houssin
c52636bd38 New: early development of multi-company module 2009-04-17 07:45:00 +00:00
Regis Houssin
94a5df6a2d New: early development of multi-company module 2009-04-15 20:09:43 +00:00
Laurent Destailleur
cd78a8db7b Minor changes 2009-03-13 13:12:43 +00:00
Laurent Destailleur
0cd67ded54 New: Some pages can link to wiki help pages 2009-03-09 11:54:06 +00:00
Laurent Destailleur
2da5a733eb New: Some pages can link to wiki help pages 2009-03-09 11:28:15 +00:00
Laurent Destailleur
77d3821645 New: Some pages can link to wiki help pages 2009-03-09 11:28:12 +00:00
Laurent Destailleur
f3cfea66e1 New: Some pages can link to wiki help pages 2009-03-09 10:51:42 +00:00
Laurent Destailleur
61e2282cb1 Qual: Removed deprecated code 2009-03-02 18:25:51 +00:00
Laurent Destailleur
6a0877fe6a New: Can use absolute url path for help link 2009-02-24 21:54:18 +00:00
Laurent Destailleur
4333e8cb2a Changes to support deposit invoices 2009-02-24 02:41:21 +00:00
Laurent Destailleur
75b738eff9 Added XDebug tools 2009-02-21 01:04:35 +00:00
Laurent Destailleur
0823322ba1 Qual: All call to dolibarr_ functions are made on dol_ functions. 2009-02-20 22:53:15 +00:00
Laurent Destailleur
e83b22b29b Added XDebug tools 2009-02-20 20:28:16 +00:00
Laurent Destailleur
04607575ac Fix: infinite loop if documents directory not writable 2009-02-02 18:33:44 +00:00
Laurent Destailleur
4017a39162 Fix: Do not load language file before user lang has been set. 2009-01-30 22:18:07 +00:00
Laurent Destailleur
df0ef9efe5 New: Can add a bookmark on all dolibarr pages. 2009-01-23 00:47:23 +00:00
Laurent Destailleur
0befb92a12 Removed PHP warnings with E_ALL level 2009-01-21 14:09:42 +00:00
Laurent Destailleur
bdfecdc751 Removed PHP warnings with E_ALL level 2009-01-21 13:06:34 +00:00
Laurent Destailleur
e0a2b51866 Add version of CVS file inside html output. This make debug easier. 2009-01-12 22:18:09 +00:00
Laurent Destailleur
4d7e695d86 Can switch between graph on account or all acounts. 2009-01-12 19:36:40 +00:00
Laurent Destailleur
fa9aee5de4 Fix: Better support of option dolibarr_main_force_https 2008-12-23 20:36:13 +00:00
Laurent Destailleur
aeb1488a56 Reduce memory usage 2008-12-15 20:55:44 +00:00
Laurent Destailleur
d9b7bff2fd Add log inside install pages. 2008-12-15 01:04:32 +00:00
Laurent Destailleur
67e2efcb43 Comment in english 2008-12-13 12:33:00 +00:00
Laurent Destailleur
2444f40202 Fix: search forms not shown 2008-12-10 15:17:04 +00:00
Laurent Destailleur
0cf484630e A better demo home page 2008-12-10 15:02:08 +00:00
Laurent Destailleur
d3283a798a Qual: Replace ereg_replace(",","." by price2num 2008-12-09 21:02:58 +00:00
Laurent Destailleur
51dc0dd01f Add fast search form in menu for member module 2008-12-08 15:07:11 +00:00
Laurent Destailleur
7dcd991215 Change to allow modules to add new tabs 2008-12-07 22:29:44 +00:00