Wavyzz/dolibarr
2
0
Fork 1
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-12-11 03:51:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
78,589 Commits 36 Branches 190 Tags
594d9e321e8c7753932ca8ee98491036a3b51ec9
Commit Graph

1621 Commits

Author SHA1 Message Date
Florian HENRY
77a9d4eb71 Start fix [ bug #1437 ] Securitu Issue 
Some of them can be fix, because GETPOST even with 'alpha' test do not
warn if input is
"2%2F0%2F1234%3cscript%3ealert%2893275%29%3c%2fscript%3e"
for exemple

I don't have magical solution for this kind of security issue
 2014-06-09 12:34:10 +02:00
Laurent Destailleur
9bc1a6b4f5 Fix: favicon must use dol_buildpath and not hardcoded path 
Conflicts:
	htdocs/core/lib/security2.lib.php
 2014-05-24 18:29:22 +02:00
Raphaël Doursenaud
55e7862027 Added missing local communities links 2014-05-19 14:37:37 +02:00
Laurent Destailleur
39c0b9e356 Merge 2 tests. Remove checkstyle errors. 2014-05-06 10:44:15 +02:00
Jean-François VIAL
60fd9cf463 Update the test_sql_and_script_inject function to block web-shell drops 
block web-whell SQL injections by blocking INTO {outfile | dumpfile} sequences
 2014-05-05 23:46:21 +02:00
Raphaël Doursenaud
f8f502d013 Removed closing php tag 
http://php.net/manual/en/language.basic-syntax.phptags.php
 2014-05-03 18:18:44 +02:00
Laurent Destailleur
f749ae6052 Fix: With LDAP we refused empty password because some LDAP are "opened" 
for anonymous access so connexion is a success.
 2014-04-28 02:31:11 +02:00
Laurent Destailleur
8c5bc11def Qual: Better error message for LDAP connection 2014-04-27 14:16:29 +02:00
Laurent Destailleur
97fce71218 Merge remote-tracking branch 'origin/3.5' into develop 
Conflicts:
	htdocs/core/lib/functions2.lib.php
	htdocs/install/mysql/migration/repair.sql
	htdocs/langs/en_US/errors.lang
	htdocs/product/fiche.php
	htdocs/projet/tasks/task.php
 2014-04-26 22:35:35 +02:00
Laurent Destailleur
889ed4a49c Fix: div was opened and not close or the oposite. 2014-04-24 01:26:28 +02:00
Raphaël Doursenaud
152fbbd7f6 Qual: Wrong type in method documentation 2014-04-23 18:24:11 +02:00
Laurent Destailleur
caf6712286 Add message on disconnect button when using an authentication mode where 
disconnect has no sense.
 2014-04-23 12:29:41 +02:00
Laurent Destailleur
c1e349d110 Experiment hidden option MAIN_MENU_INVERT 2014-04-23 12:22:01 +02:00
Laurent Destailleur
81b8961dab Qual: Dead code war 2014-03-17 11:13:53 +01:00
Laurent Destailleur
bb3632e90c Fix: Pb with new ckeditor. 2014-03-13 12:45:20 +01:00
Laurent Destailleur
2a853329e5 Merge remote-tracking branch 'origin/3.5' into develop 
Conflicts:
	htdocs/core/class/doleditor.class.php
	htdocs/main.inc.php
	htdocs/product/class/product.class.php
 2014-03-08 14:25:59 +01:00
Laurent Destailleur
c082d7c82e Merge remote-tracking branch 'origin/3.4' into 3.5 
Conflicts:
	htdocs/main.inc.php
 2014-03-08 14:17:49 +01:00
Laurent Destailleur
2e2f86b968 Merge remote-tracking branch 'origin/3.3' into 3.4 
Conflicts:
	htdocs/core/class/doleditor.class.php
	htdocs/main.inc.php
 2014-03-08 14:14:23 +01:00
Laurent Destailleur
a6bb785b5f Fix: Compatibility with v4 of ckeditor (for debian) 2014-03-08 14:06:01 +01:00
Laurent Destailleur
2c0f1340d5 New: Update ckeditor to version 4 (part 2) 2014-03-08 13:17:20 +01:00
Laurent Destailleur
cd3e56a2d0 Merge pull request #1450 from grandoc/develop 
fix english misspelling
 2014-03-06 18:23:51 +01:00
Laurent Destailleur
6f60755426 New: Add option MAIN_FAVICON_URL 2014-03-05 17:26:59 +01:00
philippe
e2b29bb108 fix english misspelling 2014-03-05 09:57:36 +01:00
Laurent Destailleur
b64a2b2718 Merge remote-tracking branch 'origin/3.5' into develop 
Conflicts:
	htdocs/comm/action/fiche.php
 2014-02-28 21:43:29 +01:00
Laurent Destailleur
0c2ca119d7 Fix: Add a test to avoid the non stable and experimental fuc... 
feature "MAIN_MENU_USE_JQUERY_LAYOUT" to make application hang.
 2014-02-26 16:51:38 +01:00
Grand Philippe
2f2668d41f typo 2014-01-23 12:25:25 +01:00
Grand Philippe
8a0bddf4c5 typo 2014-01-21 18:55:45 +01:00
Laurent Destailleur
c7a73e4e00 Merge remote-tracking branch 'origin/3.5' into develop 2014-01-18 12:57:13 +01:00
Laurent Destailleur
22767bac36 Fix: Missing the version into url 2014-01-18 12:51:27 +01:00
Laurent Destailleur
1fd67807ce Merge remote-tracking branch 'origin/3.5' into develop 2014-01-18 01:13:29 +01:00
Laurent Destailleur
4074547589 Fix;: Pb of caching static resource (js and css). Add a workaround to 
avoid any problems.
 2014-01-18 00:50:21 +01:00
Laurent Destailleur
ac45051b53 Fix: Showing version is wrong when replace by external module 2014-01-15 02:04:44 +01:00
Laurent Destailleur
5f65b2a97f Merge remote-tracking branch 'origin/3.5' into develop 2014-01-12 20:23:24 +01:00
Laurent Destailleur
0f329e72ef Fix: MAIN_FORCETHEME was not working when user set its own theme 2014-01-12 20:22:35 +01:00
Laurent Destailleur
4d298b1891 Update code comments and add log warning to help debug 2014-01-12 20:03:18 +01:00
Laurent Destailleur
0990ef3961 Update code comments and add log warning to help debug 2014-01-12 20:02:41 +01:00
Marcos García de La Fuente
e7d2765fc6 Replaced use of htmlentities with dol_htmlentities 2014-01-05 21:08:37 +01:00
Marcos García de La Fuente
e49f94d02e Fixed XSS problem in title tag 2014-01-05 04:52:45 +01:00
Laurent Destailleur
b6a910cf34 Fix: jmobile is crazy, we can disable it 2013-12-02 12:34:46 +01:00
Laurent Destailleur
4a1f6713ff Merge remote-tracking branch 'origin/3.4' into 3.5 
Conflicts:
	htdocs/langs/en_US/main.lang
	htdocs/langs/fr_FR/main.lang
 2013-11-21 18:45:33 +01:00
Laurent Destailleur
0d853cf73d Fix: [ bug #1118 ] Minor problem on print page link 2013-11-21 02:49:22 +01:00
simnandez
e66371c6d1 New: Link to communities. Add official Support links 2013-11-13 16:35:02 +01:00
Laurent Destailleur
faae93bd03 Fix: Duplicate code 2013-10-22 17:57:22 +02:00
Laurent Destailleur
c9012b498f Fix: Code comment and phpunit test 2013-10-18 17:34:12 +02:00
Laurent Destailleur
12366410e5 Merge remote-tracking branch 'origin/3.4' into develop 2013-10-18 17:30:14 +02:00
Laurent Destailleur
4e637d3121 Fix: Sanitizing PHP_SELF 2013-10-18 17:27:17 +02:00
Laurent Destailleur
2f1340a6c6 Merge remote-tracking branch 'origin/3.4' into develop 
Conflicts:
	htdocs/societe/class/societe.class.php
 2013-10-18 12:19:12 +02:00
Laurent Destailleur
5e35731693 Add debug info to find a bug 2013-10-18 11:41:37 +02:00
Laurent Destailleur
d9106b6e85 Add debug info to find a bug 2013-10-18 11:19:32 +02:00
Laurent Destailleur
b9aac118aa Merge branch 'develop' of git@github.com:Dolibarr/dolibarr.git into develop 2013-09-21 12:31:38 +02:00