Wavyzz/dolibarr
2
0
Fork 1
mirror of https://github.com/Dolibarr/dolibarr.git synced 2026-03-10 04:16:53 +01:00
Code Issues Packages Projects Releases Wiki Activity
147,673 Commits 39 Branches 192 Tags
00a64df8e47e9643c2b29f26b7304474fe7e79f0
Commit Graph

4533 Commits

Author SHA1 Message Date
Joachim Kueter
7a37ebbeb3 FIX: Clean filenames with double spaces (#37256) 
* Clean filenames with double spaces

If a filename contains double spaces, it can get uploaded in Dolibarr exactly as it is.

When listing the file or trying to download it, the dolibarr functions clear double spaces in the filename. In particular the alpha parameter for GETPOST.

This results in files being uploaded (e.g. attachments for invoices) than can get listed but remain inaccessible and even cannot get deleted via UI. 

We either need to fix all these places to accept double spaces or we change a single location, when we sanitize filenames.

* removed white space
 2026-02-16 20:03:22 +01:00
Benjamin Falière
e2aed0f5c1 FIX: #36989 private mention on ticket pdf (#37079) 
Co-authored-by: Benjamin Falière <benjamin.faliere@altairis.fr>
 2026-02-04 14:41:29 +01:00
Laurent Destailleur
6b73bb78a4 CI 2026-01-30 13:22:02 +01:00
Alexandre SPANGARO
048d71dec3 FIX warnings with GETPOSTDATE and saverestore (#36886) 2026-01-16 02:54:27 +01:00
Laurent Destailleur
39ed2ece8f Backport fix for #36850 2026-01-11 12:48:58 +01:00
Laurent Destailleur
f5cae96280 Complete blacklist. 2025-12-15 17:06:18 +01:00
Laurent Destailleur
89c568ccb7 Fix picto 2025-12-06 13:53:34 +01:00
Laurent Destailleur
78316a577d Merge branch '21.0' of git@github.com:Dolibarr/dolibarr.git into 22.0 2025-12-04 20:26:59 +01:00
Laurent Destailleur
3068a778da Merge branch '20.0' of git@github.com:Dolibarr/dolibarr.git into 21.0 2025-12-04 19:51:48 +01:00
Laurent Destailleur
9d307a4238 Merge branch '19.0' of git@github.com:Dolibarr/dolibarr.git into 20.0 2025-12-04 19:07:33 +01:00
Laurent Destailleur
222cd76799 Merge branch '18.0' of git@github.com:Dolibarr/dolibarr.git into 19.0 2025-12-04 18:53:04 +01:00
atm-florian
0e1c580f11 FIX 18.0: GETPOSTDATE and buildParamDate assumed HTTP param names 'minute' and 'second' instead of 'min' and 'sec' 2025-12-01 13:47:50 +01:00
marc
5c6b4f62c8 FIX #35061 
Signed-off-by: marc <marc.baur@ptmsoft.fr>
 2025-11-28 18:25:00 +01:00
Laurent Destailleur
8facedc1b6 Fix CI 2025-11-23 01:47:00 +01:00
Laurent Destailleur
6e6253f40d Close #36120 2025-11-21 00:16:06 +01:00
MDW
f5d6533c5b Qual: (v22)Change field name to let phan warn about argument order (#36263) 
* FIX wrong $param parameter position

* FIX ok it's good ! ;-)

* Qual: Change field name to let phan warn about argument order

# Qual: Change field name to let phan warn about argument order

Most of the time print_liste_field_titre() is called with $param instead of $moreparam.
By changing the argument name, phan will warn if the position is likely incorrect when '$param' is used - it will not warn for cases where $option or another
name is used.

---------

Co-authored-by: Regis Houssin <regis.houssin@inodbox.com>
 2025-11-17 21:49:31 +01:00
Laurent Destailleur
9f2c33aa75 Merge branch '22.0' of git@github.com:Dolibarr/dolibarr.git into 22.0 2025-10-24 19:39:15 +02:00
Regis Houssin
d37cf4b38a FIX wrong socpeople id when multiple assigned + avoid php warnings (#35878) 2025-10-22 02:29:05 +02:00
Laurent Destailleur
5d3c80e0af FIx try a better fo for #35792 2025-10-16 21:19:00 +02:00
ldestailleur
838e6efd5f Merge branch '22.0' of git@github.com:Dolibarr/dolibarr.git into 22.0 2025-09-22 09:56:59 +02:00
ldestailleur
83f1825b63 Fix avoid fatal error 2025-09-22 09:56:32 +02:00
Laurent Destailleur
a2640829ca Better sanitization of url and email 2025-09-22 02:38:48 +02:00
ldestailleur
65336ae956 FIX vat detection when country of buyer is unknown. 2025-09-19 13:43:07 +02:00
ldestailleur
00095c904d FIX vat detection when country of buyer is unknown. 2025-09-19 13:25:33 +02:00
ldestailleur
63c8857be7 FIX vat detection when country of buyer is unknown. 2025-09-19 13:23:46 +02:00
ldestailleur
60f0813520 Merge branch '21.0' of git@github.com:Dolibarr/dolibarr.git into 22.0 2025-09-12 23:05:15 +02:00
Vincent Maury
e541438b7e Fix bug #35330 (#35331) 
in table header, instead of extrafield filters, this message appears
ERROR : selectForForms: Error bad setup of field objectdescorig=
 2025-09-12 18:57:44 +02:00
ldestailleur
8f0d2b1f7b Fix missing __THIRDPARTY_URL__ 2025-09-10 12:59:01 +02:00
ldestailleur
6c0873708a Merge branch '20.0' of git@github.com:Dolibarr/dolibarr.git into 21.0 2025-09-05 15:34:13 +02:00
ldestailleur
c2ed4519b1 Merge branch '19.0' of git@github.com:Dolibarr/dolibarr.git into 20.0 2025-09-05 11:38:30 +02:00
ldestailleur
781adf507b Merge branch '18.0' of git@github.com:Dolibarr/dolibarr.git into 19.0 2025-09-04 20:47:13 +02:00
ThomasNgr-OpenDSI
01aa901f93 18.0 fix CVE 2024 40137 (#34762) 
* Sec: Remove all functions that accept callable params - CVE-2024-40137

* FIX #34746 - More complete fix for CVE-2024-40137

---------

Co-authored-by: ldestailleur <eldy@destailleur.fr>
 2025-09-04 14:59:44 +02:00
boudet jean pascal
9a0e0a53b1 fix bug div added without value (#35178) 
Co-authored-by: jpb <jean-pascal.boudet@atm-consulting>
Co-authored-by: Laurent Destailleur <eldy@destailleur.fr>
 2025-09-03 00:04:54 +02:00
ldestailleur
44ca0a7aff Merge branch '21.0' of git@github.com:Dolibarr/dolibarr.git into 22.0 2025-08-21 15:40:32 +02:00
ldestailleur
165272d0e1 Fix CI 2025-08-21 15:39:06 +02:00
Frédéric FRANCE
ccafcd6f91 fix CI v22 (#34935) 
* fix CI v22

* Update admin.lang
 2025-08-14 00:32:56 +02:00
ldestailleur
0804ebe08a Fix type 2025-08-14 00:14:04 +02:00
ldestailleur
733cbff07a Merge branch '21.0' of git@github.com:Dolibarr/dolibarr.git into 22.0 2025-08-12 13:31:21 +02:00
ldestailleur
e545d224db Merge branch '20.0' of git@github.com:Dolibarr/dolibarr.git into 21.0 2025-08-12 13:29:33 +02:00
ldestailleur
a9c07569fb FIX Logo on company is no more visible. 2025-08-12 13:28:56 +02:00
ldestailleur
f33cc75ead Fix CI 2025-08-09 13:52:31 +02:00
ldestailleur
e33ae1afef Fix look and feel v22 (must use formconsumeproduce for action form) 2025-08-09 13:14:48 +02:00
ldestailleur
eb14f15a5c Fix undef var in CLI context 2025-08-07 13:58:03 +02:00
ldestailleur
aa376fe333 Try fix to solve pb with xml tag with MAIN_RESTRICTHTML_ONLY_VALID_HTML 2025-08-06 11:55:44 +02:00
ldestailleur
53683a6a3a FIX several minor troubles with modulebuilder 2025-08-05 02:44:52 +02:00
ldestailleur
22de4342ad FIX array for arrayofkeyval is lost in module builder edit of property 2025-08-05 01:04:58 +02:00
ldestailleur
ecf73afe86 FIX array for arrayofkeyval is lost in module builder edit of property 2025-08-05 01:04:22 +02:00
Laurent Destailleur
23d0879dde Fix regression on pass encryption in conf 2025-07-29 02:36:19 +02:00
ldestailleur
b03f30c7e2 Sec: Remove functions accepting callable params - Reported by phdwg1410 2025-07-27 13:54:02 +02:00
ldestailleur
3c8be27009 Debug v22 2025-07-26 11:18:48 +02:00