Changed db_escape function to avoid XSS attacks via js db injection

[fa-stable.git] / CHANGELOG.txt

/**
* @version $Id$
* @package FrontAccounting
* @copyright (C) 2005 - 2008 FrontAccounting
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL
* FrontAccounting is Free Software
*/

1. Changelog
------------
This is a changelog for FrontAccounting All releases.

Legend:

# -> Bug Fix
+ -> Addition
! -> Change
- -> Removed
! -> Note
$ -> Affected files

18-Apr-2008 Joe Hunt
! Changed db_escape function to avoid XSS attacks via js db injection
$ /includes/db/comments_db.inc
  /includes/db/inventory_db.inc
  /includes/db/references_db.inc
  /inventory/includes/db/items_category_db.inc
  /inventory/includes/db/items_db.inc
  /inventory/includes/db/items_locations_db.inc
  /inventory/includes/db/items_units_db.inc
  /inventory/includes/db/movement_types_db.inc
  /manufacturing/includes/db/work_centres_db.inc
  /manufacturing/includes/db/work_orders_db.inc
  /manufacturing/includes/db/work_orders_quick_db.inc
  /manufacturing/includes/db/work_order_issues_db.inc
  /manufacturing/includes/db/work_order_produce_items_db.inc
  
18-Apr-2008 Janusz Dobrwolski
! Changed db_escape function to avoid XSS attacks via js db injection
$ /includes/db/connect_db.inc
# Database inserts/updates secured against js injection
$ /admin/db/maintenance_db.inc
  /gl/includes/db/gl_db_accounts.inc
  /purchasing/includes/db/po_db.inc
  /sales/sales_order_entry.php
  /sales/includes/db/sales_order_db.inc

16-Apr-2008 Joe Hunt
# Bug in /includes/ui/ui_lists.inc:914. Sql clause was cut.
$ /includes/ui/ui_lists.inc

09-Apr-2008 Janusz Dobrowolski
# Fixed number formatting bug in standard cost update.
$ /inventory/cost_update.php

-------------------- 2,0 Beta - released ----------------------------

06-Apr-2008 Joe Hunt
! Changed install.html and update.html to fit the new unstable release 2.0
! Changed demo sql script to fit the 2.0 unstable.
$ install.html
  update.html
  /sql/en_US-demo.sql
  
06-Apr-2008 Janusz Dobrowolski
# Sales invoice edition denied for documents created in FA 1.xx because of nonportable differences in gl posting/db schema.
  /sales/customer_invoice.php
# Fixed typo causing error while adding new tax type.
  /taxes/tax_types.php
  
05-Apr-2008 Joe Hunt
# Fixed a bug when creating subfolder for new companies. Should be company id and not the table pref counter.
$ /admin/create_coy.php

05-Apr-2008 Joe Hunt
# Removed annoying warnings in several reports. 
$ config.php 
  /reporting/rep102.php
  /reporting/rep104.php
  /reporting/rep201.php
  /reporting/rep203.php
  /reporting/rep705.php
  /reporting/rep706.php
  /reporting/rep707.php
  /reporting/rep709.php
  /reporting/reports_main.php
  /reporting/includes/pdf_report.inc
  
04-Apr-2008 Janusz Dobrowolski
# Javascript bugfix in selecting orders for template.
$ /sales/inquiry/sales_orders_view.php

04-Apr-2008 Joe Hunt
! Updated chart of accounts for release 2.0 unstable. Set the status to 2.0 Beta in config.php. Minor changes in update.html
+ Preparing for download of release 2.0b on SourceForge.
$ config.php
  update.html
  /sql/en_US-new.sql
  /sql/en_US-demo.sql
  
02-Apr-2008 Janusz Dobrowolski
# Removed selector expansion on space key for multi-line selectors
$ /js/inserts.js
! Hiding search button in combo selectors for javascript enabled browsers
$ /includes/ui/ui_lists.inc
  /js/inserts.js
+ Focus set to invalid form field after submit check fail
$ /admin/company_preferences.php
  /admin/fiscalyears.php
  /admin/gl_setup.php
  /admin/payment_terms.php
  /admin/shipping_companies.php
  /admin/users.php
  /admin/void_transaction.php
  /dimensions/dimension_entry.php
  /gl/bank_transfer.php
  /gl/gl_deposit.php
  /gl/gl_journal.php
  /gl/gl_payment.php
  /gl/manage/bank_accounts.php
  /gl/manage/bank_trans_types.php
  /gl/manage/currencies.php
  /gl/manage/exchange_rates.php
  /gl/manage/gl_account_classes.php
  /gl/manage/gl_account_types.php
  /gl/manage/gl_accounts.php
  /inventory/adjustments.php
  /inventory/cost_update.php
  /inventory/prices.php
  /inventory/purchasing_data.php
  /inventory/transfers.php
  /inventory/manage/item_categories.php
  /inventory/manage/item_units.php
  /inventory/manage/items.php
  /inventory/manage/locations.php
  /inventory/manage/movement_types.php
  /manufacturing/work_order_add_finished.php
  /manufacturing/work_order_entry.php
  /manufacturing/work_order_issue.php
  /manufacturing/work_order_release.php
  /manufacturing/manage/bom_edit.php
  /manufacturing/manage/work_centres.php
  /purchasing/po_entry_items.php
  /purchasing/po_receive_items.php
  /purchasing/supplier_credit.php
  /purchasing/supplier_credit_grns.php
  /purchasing/supplier_invoice.php
  /purchasing/supplier_invoice_grns.php
  /purchasing/supplier_payment.php
  /purchasing/supplier_trans_gl.php
  /purchasing/allocations/supplier_allocate.php
  /purchasing/manage/suppliers.php
  /sales/credit_note_entry.php
  /sales/customer_credit_invoice.php
  /sales/customer_delivery.php
  /sales/customer_invoice.php
  /sales/customer_payments.php
  /sales/sales_order_entry.php
  /sales/allocations/customer_allocate.php
  /taxes/item_tax_types.php
  /taxes/tax_groups.php
  /taxes/tax_types.php
# Set default focus in update_db.php
$ /admin/backups.php

29-Mar-2008 Janusz Dobrowolski
# Changed gl_all_accounts_list() API
$ /includes/ui/ui_lists.inc
+ Enhanced list accessability in kbd usage via space key
$ js/inserts.js

28-Mar-2008 Janusz Dobrowolski
# Fixed headers for various display mode
$ /sales/inquiry/sales_orders_view.php

28-Mar-2008 Joe Hunt
+ Added print document options in inquiries.
$ /sales/inquiry/customer_inquiry.php
  /sales/inquiry/sales_orders_view.php
  /sales/inquiry/sales_deliveries_view.php
  /purchasing/inquiry/po_search.php
  /purchasing/inquiry/po_search_completed.php
  
28-Mar-2008 Joe Hunt
# Fixed a minor bug in customers_db.inc (should include type == 2 - Bank Deposits)
$ /sales/includes/db/customers_db.inc
# Fixed a PHP vers. 5.xx bug. No need for & operator in function calls, only in declaration. Gives a warning.
$ /sales/includes/db/sales_credit_db.inc
# Fixed a wrong variabel declaration doc_Document_no to doc_Invoice_no
$ /reporting/includes/doctext.inc
  /reporting/includes/doctext2.inc
# Fixed so Customer Balances and Aged Customer Analysis reports presents correct sign.  
$ /reporting/rep101.php
  /reporting/rep102.php

28-Mar-2008 Janusz Dobrowolski
# Layout/focus fixes for no_[customer/supplier/item]_list option on
$  /includes/ui/ui_lists.inc
   /purchasing/includes/ui/po_ui.inc
   /sales/credit_note_entry.php
   /sales/sales_order_entry.php
   /sales/includes/ui/sales_credit_ui.inc
   /sales/includes/ui/sales_order_ui.inc

27-Mar-2008 Janusz Dobrowolski
+ Automatic first field focus on page start, focus order preserved between form updates
$  /gl/inquiry/gl_account_inquiry.php
   /includes/page/footer.inc
   /includes/ui/ui_controls.inc
   /includes/ui/ui_input.inc
   /includes/ui/ui_lists.inc
   /includes/ui/ui_view.inc
   /js/inserts.js
   /sales/sales_order_entry.php
   /sales/credit_note_entry.php
   /sales/includes/ui/sales_credit_ui.inc
   /sales/includes/ui/sales_order_ui.inc
+ Data picker omitted in keyboard tabbing sequence (FF,IE, not old mozilla)
$  /includes/ui/ui_input.inc
! Javascript recalcAccount() superseded by class='combo' behaviour binding
$  /gl/gl_deposit.php
   /gl/gl_journal.php
   /gl/gl_payment.php
   /gl/includes/ui/gl_deposit_ui.inc
   /gl/includes/ui/gl_journal_ui.inc
   /gl/includes/ui/gl_payment_ui.inc
   /includes/ui/ui_view.inc
   /purchasing/po_entry_items.php
   /purchasing/includes/ui/po_ui.inc
   /sales/sales_order_entry.php
   /sales/includes/ui/sales_credit_ui.inc
   /sales/includes/ui/sales_order_ui.inc
   /js/inserts.js
! get_js_set_focus moved from ui_view (this is only standalone form).
   /update_db.php
# Fixed debit/credit entry check 
$  /gl/gl_journal.php
# Restored GET/POST security check on path_to_root
$  /config.php

26-Mar-2008 Janusz Dobrowolski
# Bug fixes in purchase module related to tax structure changes.
$  /purchasing/includes/supp_trans_class.inc
   /purchasing/includes/db/invoice_db.inc
   /purchasing/includes/db/invoice_items_db.inc
   /purchasing/includes/ui/invoice_ui.inc
   /reporting/rep105.php

25-Mar-2008 Janusz Dobrowolski
! Per company pdf, backup and graphics directories in 'company' dir.
$  /company (new dir)
   /company/0 (new dir)
   /company/0/images/ (new dir)
   /company/0/images/102.jpg    (moved from inventory/manage/image)
   /company/0/images/103.jpg    (moved from inventory/manage/image)
   /company/0/images/104.jpg    (moved from inventory/manage/image)
   /company/0/images/logo_frontaccounting.jpg   (moved from themes/default/images)
   /company/0/images/logo_frontaccounting.png   (moved from themes/default/images)
   /admin/backups.php
   /admin/create_coy.php
   /admin/db/maintenance_db.inc
   /install/index.php
   /reporting/rep102.php
   /reporting/rep104.php
   /reporting/rep202.php
   /reporting/rep303.php
   /reporting/rep706.php
   /reporting/rep707.php
   /reporting/includes/pdf_report.inc
   /inventory/manage/items.php

+ jscript component caching (enables browser caching and future compression)
$  /includes/session.inc
   /includes/main.inc
   /includes/page/header.inc
   /includes/ui/ui_view.inc
   /admin/display_prefs.php
   /config.php

- Removed obsolete file
$  /sales/includes/ui/print_invoice.inc

21-Mar-2008 Janusz Dobrowolski
! Total Allocation/Left to Allocate update without page submit.
$  /includes/ui/ui_view.inc
   /purchasing/allocations/supplier_allocate.php
   /sales/allocations/customer_allocate.php
# Fixed unvisable under IE editbutton
$  /themes/aqua/default.css
   /themes/cool/default.css
   /themes/default/default.css

20-Mar-2008 Janusz Dobrowolski
# Excluding delivery notes from Customer Balances, removed warnings. 
$  /reporting/rep101.php 
# Divide by zero fix on order_price==0 in new supplier invoice
$  /purchasing/supplier_invoice_grns.php
# Database bug fix in new customer entry
$  /sales/manage/customers.php
# Small bug fix (warnings) in is_date() function.
$  /includes/date_functions.inc

18-Mar-2008 Janusz Dobrowolski
# Line items editor uses POST method - no disappearing shippment info.
$  /sales/credit_note_entry.php
   /sales/sales_order_entry.php
   /sales/includes/ui/sales_credit_ui.inc
   /sales/includes/ui/sales_order_ui.inc
+ Added edit_button_cell() function
$  /includes/ui/ui_controls.inc
+ Helper function for finding indexed submit $_POST vars.
$  /includes/ui/ui_input.inc
+ New class .editbutton for buttons. Default view is link alike.
$  /themes/aqua/default.css
   /themes/cool/default.css
   /themes/default/default.css

17-Mar-2008 Janusz Dobrowolski
# Added rounding when needed to avoid document non cosistent documents.
$  /includes/banking.inc
   /purchasing/supplier_credit_grns.php
   /purchasing/supplier_invoice_grns.php
   /purchasing/includes/supp_trans_class.inc
   /purchasing/includes/ui/invoice_ui.inc
   /purchasing/includes/ui/po_ui.inc
   /reporting/rep107.php
   /reporting/rep109.php
   /reporting/rep110.php
   /reporting/rep209.php
   /sales/includes/cart_class.inc
   /sales/includes/ui/sales_credit_ui.inc
   /sales/includes/ui/sales_order_ui.inc
   /sales/view/view_credit.php
   /sales/view/view_dispatch.php
   /sales/view/view_invoice.php
   /sales/view/view_sales_order.php
   /taxes/tax_calc.inc
# Sign bug for customer transactions
$  /reporting/rep709.php
# Include file conflict fix
$ /purchasing/includes/ui/invoice_ui.inc
  /gl/manage/bank_accounts.php
  /manufacturing/inquiry/where_used_inquiry.php
  /purchasing/manage/suppliers.php
  
16-Mar-2008 Janusz Dobrowolski
+ Added javascript add-on for unobtrusive apply javascript handlers to html elements.
$  /js/behaviour.js
   /js/inserts.js
+ Added javascript source collecting functions
$  /includes/main.inc
! Moved check_page_security(); for safe start in case of broken wa_current_user var.
+ Added global js code collecting arrays  $js_lib, $js_static
$  /includes/session.inc
! Changed get_js_user num to add_js_user_num; extended for percent/qty/price formatting
$  /includes/ui/ui_view.inc
+ Added including javascript source colections from $js_lib, $js_static; conditional display for ajax calls
$  /includes/page/footer.inc
   /includes/page/header.inc
! Added including of data_checks.inc
$  /includes/ui.inc
+ User side percent/exrate/qty/price input formatting via onblur handler.
$  /admin/gl_setup.php
   /gl/gl_budget.php
   /gl/manage/exchange_rates.php
   /includes/ui/ui_input.inc
   /inventory/purchasing_data.php
   /inventory/reorder_level.php
   /inventory/includes/item_adjustments_ui.inc
   /inventory/includes/stock_transfers_ui.inc
   /manufacturing/work_order_entry.php
   /manufacturing/manage/bom_edit.php
   /purchasing/po_entry_items.php
   /purchasing/po_receive_items.php
   /purchasing/supplier_credit.php
   /purchasing/supplier_credit_grns.php
   /purchasing/supplier_invoice_grns.php
   /purchasing/supplier_trans_gl.php
   /purchasing/allocations/supplier_allocate.php
   /purchasing/includes/ui/po_ui.inc
   /sales/customer_delivery.php
   /sales/customer_invoice.php
   /sales/allocations/customer_allocate.php
   /sales/includes/ui/sales_credit_ui.inc
   /sales/includes/ui/sales_order_ui.inc
   /taxes/tax_groups.php
   /taxes/tax_types.php

14-Mar-2008 Janusz Dobrowolski
 + All forms fixed to accept user native numeric format.
 $ /admin/gl_setup.php
   /gl/bank_transfer.php
   /gl/gl_budget.php
   /gl/gl_deposit.php
   /gl/gl_journal.php
   /gl/gl_payment.php
   /gl/includes/db/gl_db_banking.inc
   /gl/includes/ui/gl_deposit_ui.inc
   /gl/includes/ui/gl_journal_ui.inc
   /gl/includes/ui/gl_payment_ui.inc
   /gl/manage/exchange_rates.php
   /inventory/adjustments.php
   /inventory/cost_update.php
   /inventory/prices.php
   /inventory/purchasing_data.php
   /inventory/reorder_level.php
   /inventory/transfers.php
   /inventory/includes/item_adjustments_ui.inc
   /inventory/includes/stock_transfers_ui.inc
   /inventory/manage/item_units.php
   /manufacturing/work_order_entry.php
   /manufacturing/inquiry/where_used_inquiry.php
   /manufacturing/manage/bom_edit.php
   /purchasing/po_entry_items.php
   /purchasing/po_receive_items.php
   /purchasing/supplier_credit_grns.php
   /purchasing/supplier_invoice_grns.php
   /purchasing/supplier_payment.php
   /purchasing/supplier_trans_gl.php
   /purchasing/allocations/supplier_allocate.php
   /purchasing/includes/ui/po_ui.inc
   /purchasing/inquiry/po_search.php
   /sales/credit_note_entry.php
   /sales/customer_credit_invoice.php
   /sales/customer_delivery.php
   /sales/customer_invoice.php
   /sales/customer_payments.php
   /sales/sales_order_entry.php
   /sales/allocations/customer_allocate.php
   /sales/includes/ui/sales_credit_ui.inc
   /sales/includes/ui/sales_order_ui.inc
   /sales/manage/customers.php
   /sales/manage/sales_people.php
   /sales/view/view_credit.php
   /sales/view/view_dispatch.php
   /sales/view/view_invoice.php
   /sales/view/view_receipt.php
   /sales/view/view_sales_order.php
   /taxes/item_tax_types.php
   /taxes/tax_groups.php
   /taxes/tax_types.php
 + User format functions for percent/price/exrate amounts display.
 $ /includes/current_user.inc
 + Input checking functions for numeric input fields in user native format
 $ /includes/data_checks.inc
 + Numeric input fields in user native format
 $ /includes/ui/ui_input.inc
 + Javascript function for conversion to/from user native numeric format.
 $ /includes/ui/ui_view.inc
 + New class amount for numeric input
 $ /themes/aqua/default.css
   /themes/cool/default.css
   /themes/default/default.css
 # Removed warning on adding component
   /manufacturing/manage/bom_edit.php
 # Quantity display correction
   /manufacturing/inquiry/where_used_inquiry.php
 # Fixed add_customer_trans() call
   /gl/includes/db/gl_db_banking.inc

12-Mar-2008 Joe Hung
 + Added update of Units of Measure and converting of deptor_trans records from release 1.XX
 - Removed default insertion of Units of Measure. Not neccessary.
 $ /sql/alter.sql
   /admin/db/maintenance_db.inc (added support for update)

11-Mar-2008 Janusz Dobrowolski
 + Table of measure moved into new table item_units
 ! Removed $themes[] from config.php, theme list based on directory structure
 $ /config.php
   /includes/ui/ui_lists.inc
   /applications/inventory.php
   /inventory/includes/inventory_db.inc
   /inventory/includes/db/items_units_db.inc
   /inventory/manage/item_units.php
   /inventory/manage/items.php
   /sql/alter.sql

11-Mar-2008 Joe Hunt
 # Small fix for alignment of date and due date label fields in customer_invoice.php and customer_delivery.php
 $ /sales/customer_invoice.php
   /sales/customer_delivery.php
 
10-Mar-2008 Joe Hunt
 # Small fix for Template Invoice in sales_order_entry.php on line 363 (duedate for Invoice).
 $ /sales/sales_order_entry.php
 
10-Mar-2008 Janusz Dobrowolski
 + Added price list selector to sales entry (debtor_master gives only default one)
 + Added optional submit_on_change parameter to sales ui lists
 $ /includes/ui/ui_lists.inc
   /sales/sales_order_entry.php
   /sales/includes/ui/sales_credit_ui.inc
   /sales/includes/ui/sales_order_ui.inc
 # Additional PHP5 fixes, do_clone superseded by local ? : constructs
 $ /sales/includes/cart_class.inc
   /includes/ui/ui_view.inc
   /sales/includes/sales_db.inc
 # Fixed bogus sales_type lists in edition mode
 $ /sales/customer_delivery.php
   /sales/customer_invoice.php
 # Smaller fixes, cart_class.sales_type name change
 $ /sales/includes/ui/sales_credit_db.inc
   /sales/credit_note_entry.php
   /sales/customer_credit_invoice.php
   /sales/includes/cart_class.inc
   /sales/includes/db/sales_credit_db.inc
   /sales/includes/db/sales_delivery_db.inc
   /sales/includes/db/sales_invoice_db.inc
   /sales/includes/db/sales_order_db.inc
   /sales/includes/ui/sales_credit_ui.inc
 # One another pmWiki name conflict removed
 $ /admin/display_prefs.php
 
09-Mar-2008 Joe Hunt
 - Removed redundant form_types functions and the file /reporting/includes/form_types.inc. Removed table form_items
 $ /dimensions/includes/dimensions_db.inc
   /gl/includes/db/gl_db_banking.inc
   /includes/main.inc
   /inventory/includes/db/items_adjust_db.inc
   /manufacturing/includes/db/work_order_issues_db.inc
   /manufacturing/includes/db/work_order_produce_items_db.inc
   /manufacturing/includes/db/work_orders_db.inc
   /manufacturing/includes/db/work_orders_quick_db.inc
   /purchasing/includes/db/grn_db.inc
   /purchasing/includes/db/po_db.inc
   /purchasing/includes/db/supp_payment_db.inc
   /reporting/includes/form_types.inc (File removed)
   /sales/includes/db/sales_delivery_db.inc
   /sales/includes/db/sales_invoice_db.inc
   /sales/includes/db/sales_order_db.inc
   /sql/alter.sql
 # Bug in calculating exchange rates in Reports Supplier Balances and Customer Balances
 $ /reporting/rep101.php
   /reporting/rep201.php
 # clone replacement do_clone() for both PHP 4 and PHP 5.
 $ /includes/ui/ui_view.inc (at the very bottom)
   /sales/includes/cart_class.inc
   
07-Mar-2008 Janusz Dobrowolski
 ! Changed name tax type uniqueness constraint to (name, rate)
 $ /includes/ui/ui_lists.inc
   /taxes/items_tax_types.php
 ! Tax included option moved from tax_group to sales_types table
 $ includes/ui/ui_view.inc
   /purchasing/includes/ui/invoice_ui.inc
   /taxes/tax_calc.inc
   /taxes/tax_groups.php
   /taxes/db/tax_groups_db.inc
   /sql/alter.sql
 # Final rewriting of sales module, a lot of bugfixes.
 + Template delivery/invoicing
 + Concurrent document editing control on sql level
 + Most of sales documents are now editable
 + Some links to print documents after entry
 ! Changed javascript helper function for customer allocations
 $ /applications/customers.php
   /includes/ui/ui_input.inc
   /reporting/rep107.php
   /reporting/rep109.php
   /reporting/rep110.php
   /sales/credit_note_entry.php
   /sales/customer_credit_invoice.php
   /sales/customer_delivery.php
   /sales/customer_invoice.php
   /sales/customer_payments.php
   /sales/sales_order_entry.php
   /sales/allocations/customer_allocate.php
   /sales/allocations/customer_allocation_main.php
   /sales/includes/cart_class.inc
   /sales/includes/sales_db.inc
   /sales/includes/sales_ui.inc
   /sales/includes/db/cust_trans_db.inc
   /sales/includes/db/cust_trans_details_db.inc
   /sales/includes/db/custalloc_db.inc
   /sales/includes/db/customers_db.inc
   /sales/includes/db/payment_db.inc
   /sales/includes/db/sales_credit_db.inc
   /sales/includes/db/sales_delivery_db.inc
   /sales/includes/db/sales_invoice_db.inc
   /sales/includes/db/sales_order_db.inc
   /sales/includes/db/sales_types_db.inc
   /sales/includes/ui/print_invoice.inc
   /sales/includes/ui/sales_credit_ui.inc
   /sales/includes/ui/sales_order_ui.inc
   /sales/inquiry/customer_allocation_inquiry.php
   /sales/inquiry/customer_inquiry.php
   /sales/inquiry/sales_deliveries_view.php
   /sales/inquiry/sales_orders_view.php
   /sales/manage/credit_status.php
   /sales/manage/sales_types.php
   /sales/view/view_credit.php
   /sales/view/view_dispatch.php
   /sales/view/view_invoice.php
   /sales/view/view_receipt.php
   /sales/view/view_sales_order.php
# Removed function name conflict with wiki help system
   /includes/lang/language.php
   
06-Mar-2008 Janusz Dobrowolski
 + Wiki help links integration
 $ /config.php
   /includes/page/header.inc
   /includes/lang/language.php
 + Optional debuging with xdebug module
 $ /index.php
   /includes/db/connect_db.inc
 ! Concurrent edition fix
 $  /includes/systypes.inc
 # Table header fix
 $  /manufacturing/manage/bom_edit.php
 # Menu layout fixes
 $ /themes/aqua/renderer.php
   /themes/cool/renderer.php
   /themes/default/renderer.php
 # Removed warning about nonexistent $_GET variable
 $ /dimensions/inquiry/search_dimensions.php
 # MySQL 3.xx CAST bug fix
 $ /includes/db/manufacturing_db.inc
   /manufacturing/includes/db/work_order_requirements_db.inc
   /manufacturing/inquiry/where_used_inquiry.php

04-Mar-2008 Joe Hunt
 ! Changed so that average item material price is automatic updated whenever a PO Delivery is received.
   Changed so that a Bill of Materiel, Parent's material price, is automatic updated from underlying items.
 $ /inventory/cost_update.php
   /purchasing/includes/db/grn_db.inc and
   /manufacturing/manage/bom_edit.php. 
   /manufacturing/includes/db/work_orders_db.inc
   /manufacturing/includes/db/work_orders_quick_db.inc
   /manufacturing/work_order_entry.php
  
21-Feb-2008 Joe Hunt
 + Added Print for documents in /admin/view_print_transaction.php (according to our new routines).
 $ /admin/view_print_transaction.php
   /applications/setup.php
  
17-Feb-2008 Joe Hunt
 ! Minor change in menu and function in view_print_transaction.php
 $ /admin/view_print_transaction.php
   /application/setup.php
 + Preparing for print of single documents
 $ /reporting/includes/reporting.inc
 ! Removing 'out' field in table tax_types
 $ /sql/alter.sql
   /taxes/tax_types.php
   /taxes/db/tax_types_db.inc
 + Added 2 functions in ui_input.inc, button and button_cell
   /includes/ui/ui_input.inc

11-Feb-2008 Joe Hunt
 + Added file, update_db.php, for updating company databases from an SQL script.
 $ update_db.php (New file)
   update.html
  
06-Fef-2008 Joe Hunt
 + Added Report, Salesman Listing, rep106.php. 
 $ /reporting/reports_main.php
   /reporting/rep106.php
  
06-Feb-2008 Janusz Dobrowolski
 + Separation of customer invoice issue and goods delivery.
 + Batch invoicing for more than one delivery
 # Corrected inadequate shipping tax calculations.
 ! Default debugging status changed to off.
 $ /taxes/tax_calc.inc
   /taxes/db/tax_groups_db.inc
   /admin/db/voiding_db.inc
   /applications/customers.php
   /includes/systypes.inc
   /includes/types.inc
   /includes/ui/ui_controls.inc
   /includes/ui/ui_lists.inc
   /includes/ui/ui_view.inc
   /inventory/inquiry/stock_status.php
   /reporting/rep105.php
   /reporting/rep107.php
   /reporting/rep109.php
   /reporting/rep110.php 
   /reporting/rep209.php
   /reporting/reports_main.php
   /reporting/includes/doctext.inc
   /reporting/includes/doctext2.inc
   /reporting/includes/form_types.inc
   /reporting/includes/pdf_report.inc
   /reporting/includes/reports_classes.inc
   /sales/customer_credit_invoice.php
   /sales/customer_invoice.php
   /sales/sales_order_entry.php
   /sales/customer_delivery.php 
   /sales/includes/db/sales_delivery_db.inc 
   /sales/includes/ui/print_invoice.inc 
   /sales/includes/cart_class.inc
   /sales/includes/sales_db.inc
   /sales/includes/db/cust_trans_db.inc
   /sales/includes/db/cust_trans_details_db.inc
   /sales/includes/db/sales_credit_db.inc
   /sales/includes/db/sales_invoice_db.inc
   /sales/includes/db/sales_order_db.inc
   /sales/includes/ui/sales_order_ui.inc
   /sales/inquiry/customer_allocation_inquiry.php
   /sales/inquiry/customer_inquiry.php
   /sales/inquiry/sales_orders_view.php
   /sales/inquiry/sales_deliveries_view.php 
   /sales/view/view_dispatch.php
   /sales/view/view_invoice.php
   /sales/view/view_sales_order.php
   /sql/alter.sql
   config.php
  
01-Feb-2008 Joe Hunt
 ! Changed so sales orders can have more than one row with the same stock_id. In alter.sql.
 $ /sales/includes/cart_class.inc
   /sales/includes/db/sales_credit_db.inc
   /sales/includes/db/sales_invoice_db.inc
   /sales/includes/db/sales_order_db.inc
   /sales/includes/db/cust_trans_details_db.inc
   /sales/includes/ui/sales_order_ui.inc
   /sales/includes/ui/sales_credit_ui.inc
   /sales/credit_note_entry.php
   /sales/customer_credit_invoice.php
   /sales/sales_order_entry.php
   /sales/customer_invoice.php

31-Jan-2008 Joe Hunt
 ! New Release 2.0 Pre Alpha
 $ config.php
 # Fixed a release 2 related bug in create_coy.php
 $ /admin/create_coy.php
 + An alter.sql file to use for updating databases. Until the update_db.php is ready, you can use the install/update companies
   and select the companies one by one and upload the alter.sql file to all companies. You can still run the release 2
   with these databases changes without any new files. They are coming as soon as possible.
 $ /sql/alter.sql (New file)  
 # Fixed a release 2 related bug. A field in supp_trans_items were declared as integer(11). Changed to VARCHAR(11) in alter.sql
   and 2 related files
 $ /purchasing/supplier_trans_gl.php
   /purchasing/includes/db/invoice_items_db.inc
 ! Moved variables $no_item_list, $no_customer_list and $no_supplier_list in config.php to company table
 $ /includes/ui/ui_lists.inc
   /purchasing/includes/ui/po_ui.inc
   /sales/includes/ui/sales_order_ui.inc
   /admin/company_preferences.php
   /admin/db/company_db.inc
   config.php
 + Created 3 new fields in salesman table for provision, break point and provision2. Included in alter.sql. 
   Update sales_people.php.Preparing for a new Salesman report with provision etc. Selected with time range. Should be very good.
 $ /sales/manage/sales_people.php
   /includes/ui/ui_input.inc
 
-------------------- 2,0 Pre Alpha - above ----------------------------
31-Jan-2008 Janusz Dobrowolski
 # Minor bugfix in db_import()
 $ /admin/db/maintenance_db.inc
 
30-Jan-2008 Janusz Dobrowolski
 # Minor display fix in tax_types.php
 $ /taxes/tax_types.php
 ! Format cleanup on some files.
 $ /gl/includes/gl_db.inc
   /gl/includes/gl_ui.inc
   /applications/application.php
   frontaccounting.php
   index.php
   
-------------------- 1.16 Stable Released ----------------------
28-Jan-2008 Joe Hunt
 + Added a possibility to replace the normal listboxes for items, customer and/or suppliers with a search box.
   The listboxes can only hold about 1000 items. New variables in config.php, $no_item_list, $no_customer_list 
   and $no_supplier_list. Default is the normal behavior for all listboxes.
 $ /includes/ui/ui_lists.inc
   /sales/includes/ui/sales_orders_ui.inc
   /purchases/includes/ui/po_ui.inc
   /themes/default/images/locate.png (New file)
   config.php

 + Added ALTER TABLE possibility in db_import. For future releases.
 $ /admin/db/maintenence_db.inc  

 # Removed warnings 'Call-time pass-by-reference' in /includes/db/connect_db.inc and /includes/ui/ui_lists.inc
 # Fixed File not found when loading local stylesheet.css (for other languages) in /includes/page/header.inc
 $ /includes/db/connect_db.inc
   /includes/ui/ui_lists.inc
   /includes/page/header.inc
   /access/login.php
   
16-Jan-2008 Joe Hunt
 # When login screen is displayed after session timeout page content is broken. It
   is because of NOT using absolute paths in href attribute theme elements.
 $ /access/login.php
 
30-Dec-2007 Joe Hunt
 # Minor adjustments in function db_export on line 325
 $ /admin/db/maintenance_db.inc
 
29-Dec-2007 Joe Hunt
 + Added a variable, $print_invoice_no, in config.php for printing the invoice number instead of invoice reference.
 $ config.php
 
 # Fixed a bug when exporting database. Exported NULL field values from NO to empty field (from mysql version 5.0.32).
   Also fixed a unneccessary str_replace when importing sql scripts.
 ! Changed the PDF presentation to deleting the Javascript cache before presentation.
 $ /admin/db/maintenance_db.inc
   /reporting/includes/pdf_report.inc
   
13-Dec-2007 Joe Hunt
 # Still bugs in trial balances and account inquiry on screen when selecting non balance accounts. Fixed.
 $ /gl/inquiry/gl_trial_balance.php
   /gl/inquiry/gl_account_inquiry.php

13-Dec-2007 Joe Hunt
 # Fixed a bug when voiding a transaction (Journal Entry). An eventually underlying bank transfer was not voided.
 $ /admin/db/voiding_db.inc
 
06-Dec-2007 Joe Hunt
 # Fixed a bug when adding lines during Payments to suppliers, the supplier was set back to the first.
 $ /gl/gl_payment.php
   /gl/includes/ui/gl_payment_ui.inc
   
 ! Changed $loc_notification to be set to 0 instead of 1.
 $ config.php
 
-------------------- 1.15 Stable Released ----------------------
05-Dec-2007 Joe Hunt
 + Added email notification to stock location when available stock is below reorder level
 $ config.php
   /sales/includes/db/sales_order_db.inc
   
 # Fixed bugs in Open balances when account is not a balance account
 $ /gl/inquiry/gl_trial_balance.php
   /gl/inquiry/gl_account_inquiry.php
   /reporting/rep704.php
   /reporting/rep708.php
   
-------------------- 1.14 Stable Released ----------------------
01-Oct-2007 Joe Hunt
 ! Major change in the installation of modules to also accept an SQL-file for upload.
 $ config.php
   /admin/inst_module.php
   /admin/db/maintenance_db.inc
   
30-Sep-2007 Joe Hunt
 # The following files were still vulnerable. Fixed
 $ /access/login.php
   /includes/lang/language.php

-------------------- 1.13 Stable Released ----------------------
14-Sep-2007 Joe Hunt
 + Added optional link for electronic payment on invoices (PayPal). 
 ! Better support for install/update languages.  
 ! Minor adjustments
 # Fixed a vulnerable item in config.php
 $ config.php

14-Sep-2007 Joe Hunt
 # We forgot to upload the PO file when installing new language. Used when GETTEXT is not installed on Server.
 # config.php has been vulnerable. Fixed.
 $ /admin/inst_lang.php
 $ config.php
 
10-Sep-2007 Joe Hunt
 ! Changed Bank Address field from text to textarea (multirows)
 $ /gl/manage/bank_accounts.php
 
06-Sep-2007 Joe Hunt
 + Added optional link for electronic payment on invoices (PayPal)
 $ /reporting/reports_main.php
   /reporting/rep107.php
   /reporting/includes/report_classes.inc
   /reporting/includes/pdf_report.inc
   /reporting/includes/doc_text.inc
   /reporting/includes/doc_text2.inc
   
23-Aug-2007 Joe Hunt
 # Unnecessary parameter ($db) in check_for_recursive_bom
 $ /manufacturing/manage/bom_edit.php
 
21-Aug-2007 Joe Hunt
 # Bug in /includes/lang/gettext.php (249) affecting changing language!
 $ /includes/lang/gettext.php
 
08-Aug-2007 Joe Hunt
 # Minor adjustments
 $ config.php
   /access/login.php
   /admin/create_coy.php
   /reporting/includes/pdf_report.inc
   
04-Aug-2007 Joe Hunt
 + Added a default fiscal year in the en_US-new.sql and start references.
 $ /sql/en_US-new.sql
 ! Changed some specific text strings in en_US.po (E.g. TAX instead of VAT)
 $ /lang/en_US/LC_MESSAGES/en_US.mo
 
03-Aug-2007 Joe Hunt
 # A bug in Direct Invoicing (wrong Invoice Date) has been fixed.
 $ /sales/includes/db/sales_order_db.inc
 
23-Jul-2007 Joe Hunt
 # Changed <? in front of 2 files to <?php.
 $ /purchasing/includes/purchasing_ui.inc
   /reporting/includes/class.mail.inc
   
-------------------- 1.12 Stable Released ----------------------
21-Jul-2007 Joe Hunt
 + Added option to handle Jalali and Islamic Calendars
 ! Minor adjustments
 $ config.php
   /gl/includes/db/gl_db_trans.inc
   /includes/date_functions.inc
   /includes/ui/ui_input.inc
   /includes/ui/ui_lists.inc
   /includes/ui/ui_view.inc
   /purchasing/po_receive_items.php
   /purchasing/includes/ui/invoice_ui.inc
   /purchasing/includes/ui/po_ui.inc
   /reporting/rep705.php
   /sales/includes/db/sales_order_db.inc
   /sales/includes/ui/sales_order_ui.inc
   
20-Jul-2007 Joe Hunt
 ! Changed parameters on report Sales Order. Option to print as Quote.
 $ /reporting/reports_main.php
   /reporting/rep109.php
   /reporting/includes/pdf_report.inc
   /reporting/includes/doctext.inc
   /reporting/includes/doctext2.inc
 
19-Jul-2007 Joe Hunt
 + Added Budget Entry in General Ledger. Includes Dimensions.
 $ config.php
   /applications/generalledger.php
   /gl/gl_budget.php (New File!)
   /gl/includes/db/gl_db_trans.inc
   /includes/date_functions.inc
   /reporting/report_classes.inc
   
-------------------- 1.11 Stable Released ----------------------
04-Jul-2007 Joe Hunt
 ! Option for using alpha numeric chart of accounts.
 $ config.php
   /gl/manage/gl_accounts.php
   /gl/includes/db/gl_db_accounts.inc
   /gl/includes/db/gl_db_bank_trans.inc
   /gl/includes/db/gl_db_trans.inc
   /gl/inquiry/gl_trial_balance.inc
   /admin/db/company_db.inc
   /inventory/includes/db/items_db.inc
   /sales/manage/customer_branches.inc

04-Jul-2007 Joe Hunt
 # Problems retrieving language texts for poEdit in long javascripts
 $ /includes/ui/ui_view.inc
 
04-May-2007 Joe Hunt
 # Database error when updating more than one item row in Sales Orders.
 $ /sales/includes/db/sales_order_db.inc
 # Database error when inserting work order issues. Fixed.
 $ /manufacturing/includes/db/work_order_issues_db.inc
 
03-May-2007 Joe Hunt
 # Multiple tables and JOIN's have syntax changes in MySQL 5.0.12. Need parentheses.
 $ /includes/db/manufacturing_db.inc
   /manufacturing/includes/db/work_order_requirements_db.inc

02-May-2007 Joe Hunt
 # Missing details on Purchase Order when emailing and printing
 $ /reporting/rep209.php
 
-------------------- 1.1 Stable Released ----------------------
02-May-2007 Joe Hunt
 + Enabled module addons and all the below bugfixes. No changes in database structure.
 - Removed /sql/basic.sql (included in the other sql files)
 - Removed /themes/default/images/left.gif and /themes/default/images/right.gif 
   (not needed anymore).
 + Addition of update.html  
 $ /admin/inst_module.php (New file!)
   /applications/customers.php
   /applications/dimensions.php
   /applications/generalledger.php
   /applications/inventory.php
   /applications/manufacturing.php
   /applications/setup.php
   /applications/suppliers.php
   /install/index.php
   /install/save.php
   /modules/inst_modules.php (New folder and new file!)
   /modules/index.php (New file!)
   /sql/en_US-demo.sql
   /sql/en_US-new.sql
   install.html
   update.html (New file!)
   
01-May-2007 Joe Hunt
 # Missing measure of units when printing sales orders
 # Update of Sales People caused a database error
 $ /sales/manage/sales_people.php
   /reporting/rep109.php
 
30-Apr-2007 Joe Hunt
 + The selected menu tab is now shown with same background as hover color.
 $ config.php (default tab line 77. Change if you want)
   /includes/page/header.inc
   
28-Apr-2007 Joe Hunt
 # When saving work order entries a lot of debug boxes appeared. Fixed
 # When clicking on the link, Issue, on work order inquires an empty screen appeared. Fixed
 # When retrieving work centres id's there was a database error. Fixed by casting string to unsigned
 $ /includes/db/manufacturing_db.inc
   /manufacturing/work_order_entry.php
   /manufacturing/includes/work_order_issue_ui.inc
   /manufacturing/includes/db/work_order_requirements_db.inc
   /manufacturing/includes/db/work_orders_quick_db.inc
   /manufacturing/inquiry/where_used_inquiry.php
   
25-Apr-2007 Joe Hunt
 # Missing Date Picker
 $ /sales/customer_invoice.php
 # No JS popup window
 $ /sales/view/view_invoice.php
 
24-Apr-2007 Joe Hunt
 ! New and better Date Picker, better cool theme.
 $ /includes/ui/ui_input.inc
   /includes/ui/ui_view.inc
   /reporting/includes/reports_classes.inc
   /themes/cool/default.css

-------------------- 1.0.1 Stable Released ----------------------
23-Apr-2007 Joe Hunt
 ! Release 1.0.1 established on SourceForge, fixing the bugs and including a Date Picker,
   the changes for selection lists customers/suppliers and the Audit Trail.

22-Apr-2007 Joe Hunt
 ! Changed the two selection lists for customers/suppliers in reports to a single one with
   No Filter
 ! Changed the sort order in these selection lists from id to name.
 + Added Audit Trail in GL trans. A switch in config.php, $use_audit_trail, must be set to 1.
 $ /reporting/reports_main.php
   /reporting/rep101.php
   /reporting/rep102.php
   /reporting/rep201.php
   /reporting/rep202.php
   /reporting/rep203.php
   /reporting/rep204.php
   /reporting/includes/reports_classes.inc
   /includes/ui/ui_lists.inc
   /gl/includes/db/gl_db_trans.inc
   config.php
   
22-Apr-2007 Joe Hunt
 + Date Picker for all date fields.
 $ config.php
   /admin/fiscalyears.php
   /admin/void_transaction.php
   /includes/ui/ui_view.inc
   /includes/ui/ui_input.inc
   /dimensions/dimension_entry.php
   /dimensions/inquiry/search_dimensions.php
   /gl/gl_journal.php
   /gl/gl_deposit.php
   /gl/gl_payment.php
   /gl/bank_transfer.php
   /gl/inquiry/bank_inquiry.php
   /gl/inquiry/gl_account_inquiry.php
   /gl/inquiry/gl_trial_balance.php
   /gl/manage/exchange_rates.php
   /inventory/adjustments.php
   /inventory/transfers.php
   /inventory/inquiry/stock_movements.php
   /inventory/manage/items.php
   /manufacturing/work_order_add_finished.php
   /manufacturing/work_order_entry.php
   /manufacturing/work_order_issue.php
   /manufacturing/work_order_release.php
   /purchasing/supplier_payment.php
   /purchasing/po_entry_items.php
   /purchasing/po_receive_items.php
   /purchasing/supplier_credit.php
   /purchasing/supplier_credit_grns.php
   /purchasing/supplier_invoice.php
   /purchasing/supplier_invoice_grns.php
   /purchasing/supplier_trans_gl.php
   /purchasing/includes/ui/po_ui.inc
   /purchasing/inquity/po_search.php
   /purchasing/inquiry/po_search_completed.php
   /purchasing/inquiry/supplier_allocation_inquiry.php
   /purchasing/inquiry/supplier_inquiry.php
   /reporting/reports_main.php
   /reporting/includes/reports_classes.inc
   /sales/credit_note_entry.php
   /sales/customer_credit_invoice.php
   /sales/customer_payments.php
   /sales/sales_order_entry.php
   /sales/includes/ui/sales_order_ui.inc
   /sales/inquiry/customer_allocation_inquiry.php
   /sales/inquiry/customer_inquiry.php
   /sales/inquiry/sales_orders_view.php
   New image files:
   /themes/default/images/cal.gif
   /themes/default/images/next.gif
   /themes/default/images/prev.gif

19-Apr-2007 Joe Hunt
 # Bug no 1703895, Account numbers are varchars, need quotes, fixed
 # Bug no 1703891, Reserved MySQL words used as column names, fixed
 $ /taxes/db/tax_types_db.inc

 # Bug no 1703888, Apostrophes and other unescaped characters, fixed
 $ /gl/manage/gl_accounts.php
   /gl/includes/db/gl_db_accounts.inc
   /includes/ui/ui_input.inc

18-Apr-2007 Joe Hunt
 # Bug no 1702594, Logon Loop, fixed
 $ config.php

-------------------- 1.0a Stable Released ----------------------
10-Apr-2007 Joe Hunt
 ! Release 1.0a established on SourceForge, fixing the bugs.

11-Apr-2007 Joe Hunt
 # Bug No 1698214, Creating Items, fixed
 $ /includes/ui/ui_lists.inc
 # Bug no 1698216, Item Movements, fixed
 $ /inventory/manage/items.php

-------------------- 1.0 Stable Released ----------------------
10-Apr-2007 Joe Hunt
 ! Release 1.0 established on SourceForge.

2. Copyright and disclaimer
---------------------------
This application is opensource software released under the GPL.  Please
see source code and the LICENSE file