dolibarr-git
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Dolibarr-git] [Dolibarr/dolibarr] 8dd935: Fix: SQL injection

From: Laurent Destailleur
Subject: [Dolibarr-git] [Dolibarr/dolibarr] 8dd935: Fix: SQL injection
Date: Thu, 18 Sep 2014 01:06:30 -0700 
  Branch: refs/heads/3.5_backported
  Home:   https://github.com/Dolibarr/dolibarr
  Commit: 8dd935821455b81a9f40d806d5f1930f7ab9c2a9
      
https://github.com/Dolibarr/dolibarr/commit/8dd935821455b81a9f40d806d5f1930f7ab9c2a9
  Author: Laurent Destailleur <address@hidden>
  Date:   2014-09-13 (Sat, 13 Sep 2014)

  Changed paths:
    M ChangeLog
    M htdocs/adherents/class/adherent.class.php
    M htdocs/adherents/liste.php
    M htdocs/cashdesk/index.php
    M htdocs/comm/propal/class/propal.class.php
    M htdocs/commande/info.php
    M htdocs/commande/orderstoinvoice.php
    M htdocs/compta/bank/bankid_fr.php
    M htdocs/compta/prelevement/class/bonprelevement.class.php
    M htdocs/compta/prelevement/liste.php
    M htdocs/compta/prelevement/rejets.php
    M htdocs/compta/recap-compta.php
    M htdocs/contact/info.php
    M htdocs/contrat/class/contrat.class.php
    M htdocs/contrat/info.php
    M htdocs/core/class/commonobject.class.php
    M htdocs/fourn/class/fournisseur.commande.class.php
    M htdocs/holiday/index.php
    M htdocs/opensurvey/list.php
    M htdocs/product/index.php
    M htdocs/product/stats/contrat.php
    M htdocs/product/stock/liste.php
    M htdocs/product/stock/massstockmove.php
    M htdocs/product/stock/replenishorders.php
    M htdocs/projet/class/project.class.php
    M htdocs/projet/class/task.class.php
    M htdocs/projet/contact.php
    M htdocs/projet/tasks/index.php

  Log Message:
  -----------
  Fix: SQL injection


  Commit: 09878a3a3210fb2b9db6f7a1b5b0b3e184ff8a89
      
https://github.com/Dolibarr/dolibarr/commit/09878a3a3210fb2b9db6f7a1b5b0b3e184ff8a89
  Author: Laurent Destailleur <address@hidden>
  Date:   2014-09-13 (Sat, 13 Sep 2014)

  Changed paths:
    A htdocs/theme/amarok/img/object_address.png

  Log Message:
  -----------
  Merge branch '3.5' of address@hidden:Dolibarr/dolibarr.git into 3.5


  Commit: ba70c1a08a8793b773729e9e87e9444b5a64623b
      
https://github.com/Dolibarr/dolibarr/commit/ba70c1a08a8793b773729e9e87e9444b5a64623b
  Author: Laurent Destailleur <address@hidden>
  Date:   2014-09-13 (Sat, 13 Sep 2014)

  Changed paths:
    M build/debian/control
    M build/debian/get-orig-source.sh

  Log Message:
  -----------
  Fix: typo on debian files


  Commit: 949ae2f160caf39293fd55918f31ca76c5a11c05
      
https://github.com/Dolibarr/dolibarr/commit/949ae2f160caf39293fd55918f31ca76c5a11c05
  Author: Marcos García de La Fuente <address@hidden>
  Date:   2014-09-14 (Sun, 14 Sep 2014)

  Changed paths:
    M ChangeLog
    M htdocs/comm/propal/tpl/linkedobjectblock.tpl.php
    M htdocs/commande/tpl/linkedobjectblock.tpl.php
    M htdocs/compta/facture/tpl/linkedobjectblock.tpl.php
    M htdocs/expedition/tpl/linkedobjectblock.tpl.php
    M htdocs/fourn/commande/tpl/linkedobjectblock.tpl.php
    M htdocs/fourn/facture/tpl/linkedobjectblock.tpl.php

  Log Message:
  -----------
  [ bug #1591 ] Linked object block shows Total HT/TTC even if not having 
permission to read them


  Commit: 74e16db6321a27b4d064af12bb8ef8d2860c8cf3
      
https://github.com/Dolibarr/dolibarr/commit/74e16db6321a27b4d064af12bb8ef8d2860c8cf3
  Author: Marcos García de La Fuente <address@hidden>
  Date:   2014-09-14 (Sun, 14 Sep 2014)

  Changed paths:
    M ChangeLog
    M htdocs/admin/menus/edit.php

  Log Message:
  -----------
  [ bug #1589 ] Menu type in "Edit menu" page is not translated


  Commit: afd631e6e3aa2d36b5af62fc30b0ac6e9d5a9321
      
https://github.com/Dolibarr/dolibarr/commit/afd631e6e3aa2d36b5af62fc30b0ac6e9d5a9321
  Author: Marcos García de La Fuente <address@hidden>
  Date:   2014-09-14 (Sun, 14 Sep 2014)

  Changed paths:
    M ChangeLog
    M htdocs/societe/soc.php

  Log Message:
  -----------
  [ bug #1577 ] When creating new Private individual third, selected third type 
is ignored


  Commit: 7a28f8e4aaf009ae5354565140abdc8d471d2dc4
      
https://github.com/Dolibarr/dolibarr/commit/7a28f8e4aaf009ae5354565140abdc8d471d2dc4
  Author: Marcos García de La Fuente <address@hidden>
  Date:   2014-09-14 (Sun, 14 Sep 2014)

  Changed paths:
    M ChangeLog
    M htdocs/core/class/commonobject.class.php
    M htdocs/product/class/product.class.php
    M htdocs/product/fiche.php

  Log Message:
  -----------
  [ bug #1555 ] Update accountancy code of products does not throw 
PRODUCT_MODIFY trigger


  Commit: 9426298b95db766c055bfb39f5e10ebb9990eac9
      
https://github.com/Dolibarr/dolibarr/commit/9426298b95db766c055bfb39f5e10ebb9990eac9
  Author: Marcos García de La Fuente <address@hidden>
  Date:   2014-09-14 (Sun, 14 Sep 2014)

  Changed paths:
    M ChangeLog
    M htdocs/fourn/class/paiementfourn.class.php
    M htdocs/fourn/paiement/fiche.php

  Log Message:
  -----------
  [ bug #1548 ] Supplier payment card shows type in French


  Commit: 7bac9444e6ef77517905b231a2f81c13efd3d05d
      
https://github.com/Dolibarr/dolibarr/commit/7bac9444e6ef77517905b231a2f81c13efd3d05d
  Author: Marcos García de La Fuente <address@hidden>
  Date:   2014-09-14 (Sun, 14 Sep 2014)

  Changed paths:
    M ChangeLog
    M htdocs/compta/bank/account.php

  Log Message:
  -----------
  [ bug #1546 ] Incorrect page number when searching in the list of bank 
transactions


  Commit: 3daaaadf6542d0d3fa3087aeceed6639da37527d
      
https://github.com/Dolibarr/dolibarr/commit/3daaaadf6542d0d3fa3087aeceed6639da37527d
  Author: Laurent Destailleur <address@hidden>
  Date:   2014-09-14 (Sun, 14 Sep 2014)

  Changed paths:
    M ChangeLog
    M htdocs/comm/propal/tpl/linkedobjectblock.tpl.php
    M htdocs/commande/tpl/linkedobjectblock.tpl.php
    M htdocs/compta/facture/tpl/linkedobjectblock.tpl.php
    M htdocs/expedition/tpl/linkedobjectblock.tpl.php
    M htdocs/fourn/commande/tpl/linkedobjectblock.tpl.php
    M htdocs/fourn/facture/tpl/linkedobjectblock.tpl.php

  Log Message:
  -----------
  Merge pull request #1880 from marcosgdf/bug-1591

[ bug #1591 ] Linked object block shows Total HT/TTC even if not having 
permission to read them


  Commit: fcbb388a72e7ce9fe12a900669435b236e09ede8
      
https://github.com/Dolibarr/dolibarr/commit/fcbb388a72e7ce9fe12a900669435b236e09ede8
  Author: Laurent Destailleur <address@hidden>
  Date:   2014-09-14 (Sun, 14 Sep 2014)

  Changed paths:
    M ChangeLog
    M htdocs/admin/menus/edit.php

  Log Message:
  -----------
  Merge branch 'marcosgdf-bug-1589' into 3.5


  Commit: f0d4ebe41704e8e1c3f7a35aa6f8fb774a4828bf
      
https://github.com/Dolibarr/dolibarr/commit/f0d4ebe41704e8e1c3f7a35aa6f8fb774a4828bf
  Author: Laurent Destailleur <address@hidden>
  Date:   2014-09-14 (Sun, 14 Sep 2014)

  Changed paths:
    M ChangeLog
    M htdocs/comm/propal/tpl/linkedobjectblock.tpl.php
    M htdocs/commande/tpl/linkedobjectblock.tpl.php
    M htdocs/compta/facture/tpl/linkedobjectblock.tpl.php
    M htdocs/expedition/tpl/linkedobjectblock.tpl.php
    M htdocs/fourn/commande/tpl/linkedobjectblock.tpl.php
    M htdocs/fourn/facture/tpl/linkedobjectblock.tpl.php

  Log Message:
  -----------
  Merge branch '3.5' of address@hidden:Dolibarr/dolibarr.git into 3.5

Conflicts:
        ChangeLog


  Commit: 2704f50bd4e5bc26de52ac45aefd529a4343a34a
      
https://github.com/Dolibarr/dolibarr/commit/2704f50bd4e5bc26de52ac45aefd529a4343a34a
  Author: Laurent Destailleur <address@hidden>
  Date:   2014-09-14 (Sun, 14 Sep 2014)

  Changed paths:
    M ChangeLog
    M htdocs/societe/soc.php

  Log Message:
  -----------
  Merge branch 'bug-1577' of github.com:marcosgdf/dolibarr into
marcosgdf-bug-1577

Conflicts:
        ChangeLog


  Commit: 85338bacb4cac3ba8d41ccf943396f0215fe932c
      
https://github.com/Dolibarr/dolibarr/commit/85338bacb4cac3ba8d41ccf943396f0215fe932c
  Author: Laurent Destailleur <address@hidden>
  Date:   2014-09-14 (Sun, 14 Sep 2014)

  Changed paths:
    M ChangeLog
    M htdocs/societe/soc.php

  Log Message:
  -----------
  Merge branch 'marcosgdf-bug-1577' into 3.5


  Commit: ef99de4e843e67bc343a6fcec84255ab7ae6c185
      
https://github.com/Dolibarr/dolibarr/commit/ef99de4e843e67bc343a6fcec84255ab7ae6c185
  Author: Laurent Destailleur <address@hidden>
  Date:   2014-09-14 (Sun, 14 Sep 2014)

  Changed paths:
    M ChangeLog
    M htdocs/core/class/commonobject.class.php
    M htdocs/product/class/product.class.php
    M htdocs/product/fiche.php

  Log Message:
  -----------
  Merge branch 'bug-1555' of github.com:marcosgdf/dolibarr into
marcosgdf-bug-1555

Conflicts:
        ChangeLog


  Commit: e93d4743936679cbb938c29516f43555a820e569
      
https://github.com/Dolibarr/dolibarr/commit/e93d4743936679cbb938c29516f43555a820e569
  Author: Laurent Destailleur <address@hidden>
  Date:   2014-09-14 (Sun, 14 Sep 2014)

  Changed paths:
    M ChangeLog
    M htdocs/core/class/commonobject.class.php
    M htdocs/product/class/product.class.php
    M htdocs/product/fiche.php

  Log Message:
  -----------
  Merge branch 'marcosgdf-bug-1555' into 3.5


  Commit: 822a3ebe7ef03ce7f624df0713c52646648a2480
      
https://github.com/Dolibarr/dolibarr/commit/822a3ebe7ef03ce7f624df0713c52646648a2480
  Author: Laurent Destailleur <address@hidden>
  Date:   2014-09-14 (Sun, 14 Sep 2014)

  Changed paths:
    M ChangeLog
    M htdocs/fourn/class/paiementfourn.class.php
    M htdocs/fourn/paiement/fiche.php

  Log Message:
  -----------
  Merge branch 'bug-1548' of github.com:marcosgdf/dolibarr into
marcosgdf-bug-1548

Conflicts:
        ChangeLog


  Commit: e8758bc19bbeeb002cf84912c72aeb2f8f6e4760
      
https://github.com/Dolibarr/dolibarr/commit/e8758bc19bbeeb002cf84912c72aeb2f8f6e4760
  Author: Laurent Destailleur <address@hidden>
  Date:   2014-09-14 (Sun, 14 Sep 2014)

  Changed paths:
    M ChangeLog
    M htdocs/fourn/class/paiementfourn.class.php
    M htdocs/fourn/paiement/fiche.php

  Log Message:
  -----------
  Merge branch 'marcosgdf-bug-1548' into 3.5


  Commit: c4facf20e620f2929940e7cc2fced98270a31474
      
https://github.com/Dolibarr/dolibarr/commit/c4facf20e620f2929940e7cc2fced98270a31474
  Author: Laurent Destailleur <address@hidden>
  Date:   2014-09-14 (Sun, 14 Sep 2014)

  Changed paths:
    M ChangeLog
    M htdocs/compta/bank/account.php

  Log Message:
  -----------
  Merge branch 'bug-1546' of github.com:marcosgdf/dolibarr into
marcosgdf-bug-1546

Conflicts:
        ChangeLog


  Commit: 0dcd41ff019b6a64bd117ac69dbea5fb6407b887
      
https://github.com/Dolibarr/dolibarr/commit/0dcd41ff019b6a64bd117ac69dbea5fb6407b887
  Author: Laurent Destailleur <address@hidden>
  Date:   2014-09-14 (Sun, 14 Sep 2014)

  Changed paths:
    M ChangeLog
    M htdocs/compta/bank/account.php

  Log Message:
  -----------
  Merge branch 'marcosgdf-bug-1546' into 3.5


  Commit: d812262ed834a0c5813dd7ac3f31cf6d1dcf4e24
      
https://github.com/Dolibarr/dolibarr/commit/d812262ed834a0c5813dd7ac3f31cf6d1dcf4e24
  Author: Laurent Destailleur <address@hidden>
  Date:   2014-09-14 (Sun, 14 Sep 2014)

  Changed paths:
    A htdocs/includes/jquery/plugins/tablednd/jquery.tablednd.0.6.js

  Log Message:
  -----------
  Fix: Missing source


  Commit: 76ba3301c3041cca2c3cb1cbcdf8341b30aebb22
      
https://github.com/Dolibarr/dolibarr/commit/76ba3301c3041cca2c3cb1cbcdf8341b30aebb22
  Author: Laurent Destailleur <address@hidden>
  Date:   2014-09-14 (Sun, 14 Sep 2014)

  Changed paths:
    M build/debian/copyright

  Log Message:
  -----------
  Fix: Syntax for license key


  Commit: 9493e252c9ff75b06467a881fe23a5cc25093af7
      
https://github.com/Dolibarr/dolibarr/commit/9493e252c9ff75b06467a881fe23a5cc25093af7
  Author: Florian HENRY <address@hidden>
  Date:   2014-09-15 (Mon, 15 Sep 2014)

  Changed paths:
    M htdocs/product/class/product.class.php

  Log Message:
  -----------
  add refext into fecth product


  Commit: 2c0a2937f6d9017b39a51fb13fa3d06410d32562
      
https://github.com/Dolibarr/dolibarr/commit/2c0a2937f6d9017b39a51fb13fa3d06410d32562
  Author: Laurent Destailleur <address@hidden>
  Date:   2014-09-15 (Mon, 15 Sep 2014)

  Changed paths:
    M htdocs/product/class/product.class.php

  Log Message:
  -----------
  Merge pull request #1887 from FHenry/3.5

add refext into fecth product


  Commit: d225d92c0b48f9937fb753eae301742445748f3b
      
https://github.com/Dolibarr/dolibarr/commit/d225d92c0b48f9937fb753eae301742445748f3b
  Author: Regis Houssin <address@hidden>
  Date:   2014-09-17 (Wed, 17 Sep 2014)

  Changed paths:
    M htdocs/core/lib/functions2.lib.php

  Log Message:
  -----------
  Fix: remove hook restriction !


  Commit: c6b5d0f96ca39d6b6bfbe0ff938873fb60241805
      
https://github.com/Dolibarr/dolibarr/commit/c6b5d0f96ca39d6b6bfbe0ff938873fb60241805
  Author: Regis Houssin <address@hidden>
  Date:   2014-09-17 (Wed, 17 Sep 2014)

  Changed paths:
    M ChangeLog
    M build/debian/control
    M build/debian/copyright
    M build/debian/get-orig-source.sh
    M htdocs/adherents/class/adherent.class.php
    M htdocs/adherents/liste.php
    M htdocs/admin/menus/edit.php
    M htdocs/cashdesk/index.php
    M htdocs/categories/class/categorie.class.php
    M htdocs/categories/fiche.php
    M htdocs/comm/action/class/actioncomm.class.php
    M htdocs/comm/action/listactions.php
    M htdocs/comm/propal/class/propal.class.php
    M htdocs/comm/propal/tpl/linkedobjectblock.tpl.php
    M htdocs/commande/info.php
    M htdocs/commande/orderstoinvoice.php
    M htdocs/commande/tpl/linkedobjectblock.tpl.php
    M htdocs/compta/bank/account.php
    M htdocs/compta/bank/bankid_fr.php
    M htdocs/compta/facture.php
    M htdocs/compta/facture/tpl/linkedobjectblock.tpl.php
    M htdocs/compta/prelevement/class/bonprelevement.class.php
    M htdocs/compta/prelevement/liste.php
    M htdocs/compta/prelevement/rejets.php
    M htdocs/compta/recap-compta.php
    M htdocs/contact/info.php
    M htdocs/contrat/class/contrat.class.php
    M htdocs/contrat/info.php
    M htdocs/core/class/commonobject.class.php
    M htdocs/core/class/html.form.class.php
    M htdocs/expedition/tpl/linkedobjectblock.tpl.php
    M htdocs/fourn/class/fournisseur.commande.class.php
    M htdocs/fourn/class/paiementfourn.class.php
    M htdocs/fourn/commande/tpl/linkedobjectblock.tpl.php
    M htdocs/fourn/facture/fiche.php
    M htdocs/fourn/facture/tpl/linkedobjectblock.tpl.php
    M htdocs/fourn/paiement/fiche.php
    M htdocs/holiday/index.php
    A htdocs/includes/jquery/plugins/tablednd/jquery.tablednd.0.6.js
    M htdocs/opensurvey/list.php
    M htdocs/product/class/product.class.php
    M htdocs/product/fiche.php
    M htdocs/product/index.php
    M htdocs/product/stats/contrat.php
    M htdocs/product/stock/liste.php
    M htdocs/product/stock/massstockmove.php
    M htdocs/product/stock/replenishorders.php
    M htdocs/projet/class/project.class.php
    M htdocs/projet/class/task.class.php
    M htdocs/projet/contact.php
    M htdocs/projet/tasks/index.php
    M htdocs/societe/soc.php
    A htdocs/theme/amarok/img/object_address.png

  Log Message:
  -----------
  Merge branch '3.5' of address@hidden:Dolibarr/dolibarr.git into 3.5


  Commit: f0ebd7721d60185e95b9b403d60185f0b73bcb36
      
https://github.com/Dolibarr/dolibarr/commit/f0ebd7721d60185e95b9b403d60185f0b73bcb36
  Author: Laurent Destailleur <address@hidden>
  Date:   2014-09-17 (Wed, 17 Sep 2014)

  Changed paths:
    M htdocs/core/lib/functions2.lib.php

  Log Message:
  -----------
  Fix: Restore sort feature. Still did not see why previous commit is a
bug fix of dolibarr bug.


  Commit: 015b0d80361207ef45fe9b916ec5f2b4f5d0f465
      
https://github.com/Dolibarr/dolibarr/commit/015b0d80361207ef45fe9b916ec5f2b4f5d0f465
  Author: Laurent Destailleur <address@hidden>
  Date:   2014-09-18 (Thu, 18 Sep 2014)

  Changed paths:
    M htdocs/.gitignore
    M htdocs/core/lib/project.lib.php
    M htdocs/langs/en_US/errors.lang
    M htdocs/projet/index.php
    M htdocs/projet/tasks/index.php

  Log Message:
  -----------
  Fix: Bad calculation of total
Fix: Warning message not translated


  Commit: fb94851a9feea1eb91fa08dc0f73b5d1eb8ef741
      
https://github.com/Dolibarr/dolibarr/commit/fb94851a9feea1eb91fa08dc0f73b5d1eb8ef741
  Author: Laurent Destailleur <address@hidden>
  Date:   2014-09-18 (Thu, 18 Sep 2014)

  Changed paths:
    M ChangeLog
    M build/debian/control
    M build/debian/copyright
    M build/debian/get-orig-source.sh
    M htdocs/.gitignore
    M htdocs/adherents/class/adherent.class.php
    M htdocs/adherents/liste.php
    M htdocs/admin/menus/edit.php
    M htdocs/cashdesk/index.php
    M htdocs/comm/propal/class/propal.class.php
    M htdocs/comm/propal/tpl/linkedobjectblock.tpl.php
    M htdocs/commande/info.php
    M htdocs/commande/orderstoinvoice.php
    M htdocs/commande/tpl/linkedobjectblock.tpl.php
    M htdocs/compta/bank/account.php
    M htdocs/compta/bank/bankid_fr.php
    M htdocs/compta/facture/tpl/linkedobjectblock.tpl.php
    M htdocs/compta/prelevement/class/bonprelevement.class.php
    M htdocs/compta/prelevement/liste.php
    M htdocs/compta/prelevement/rejets.php
    M htdocs/compta/recap-compta.php
    M htdocs/contact/info.php
    M htdocs/contrat/class/contrat.class.php
    M htdocs/contrat/info.php
    M htdocs/core/class/commonobject.class.php
    M htdocs/core/lib/functions2.lib.php
    M htdocs/core/lib/project.lib.php
    M htdocs/expedition/tpl/linkedobjectblock.tpl.php
    M htdocs/fourn/class/fournisseur.commande.class.php
    M htdocs/fourn/class/paiementfourn.class.php
    M htdocs/fourn/commande/tpl/linkedobjectblock.tpl.php
    M htdocs/fourn/facture/tpl/linkedobjectblock.tpl.php
    M htdocs/fourn/paiement/fiche.php
    M htdocs/holiday/index.php
    A htdocs/includes/jquery/plugins/tablednd/jquery.tablednd.0.6.js
    M htdocs/langs/en_US/errors.lang
    M htdocs/opensurvey/list.php
    M htdocs/product/class/product.class.php
    M htdocs/product/fiche.php
    M htdocs/product/index.php
    M htdocs/product/stats/contrat.php
    M htdocs/product/stock/liste.php
    M htdocs/product/stock/massstockmove.php
    M htdocs/product/stock/replenishorders.php
    M htdocs/projet/class/project.class.php
    M htdocs/projet/class/task.class.php
    M htdocs/projet/contact.php
    M htdocs/projet/index.php
    M htdocs/projet/tasks/index.php
    M htdocs/societe/soc.php

  Log Message:
  -----------
  Merge remote-tracking branch 'origin/3.5' into 3.5_backported


Compare: 
https://github.com/Dolibarr/dolibarr/compare/7f798303de4b...fb94851a9fee
reply via email to
[Prev in Thread] Current Thread [Next in Thread]