! -> Note
$ -> Affected files
+18-Apr-2008 Joe Hunt
+! Module gl sealed against XSS Attacks
+$ /gl/includes/db/gl_db_accounts.inc
+ /gl/includes/db/gl_db_account_types.inc
+ /gl/includes/db/gl_db_bank_accounts.inc
+ /gl/includes/db/gl_db_bank_trans.inc
+ /gl/includes/db/gl_db_bank_trans_types.inc
+ /gl/includes/db/gl_db_currencies.inc
+ /gl/includes/db/gl_db_trans.inc
+
+18-Apr-2008 Janusz Dobrowolski
+! Modules admin and dimensions sealed against XSS attacks
+$ /admin/payment_terms.php
+ /admin/shipping_companies.php
+ /admin/db/company_db.inc
+ /admin/db/maintenance_db.inc
+ /admin/db/users_db.inc
+ /admin/db/voiding_db.inc
+ /dimensions/includes/dimensions_db.inc
+
+18-Apr-2008 Joe Hunt
+! Modules includes, inventory and manufacturing sealed against XSS attacks
+$ /includes/db/comments_db.inc
+ /includes/db/inventory_db.inc
+ /includes/db/references_db.inc
+ /inventory/includes/db/items_category_db.inc
+ /inventory/includes/db/items_db.inc
+ /inventory/includes/db/items_locations_db.inc
+ /inventory/includes/db/items_units_db.inc
+ /inventory/includes/db/movement_types_db.inc
+ /manufacturing/includes/db/work_centres_db.inc
+ /manufacturing/includes/db/work_orders_db.inc
+ /manufacturing/includes/db/work_orders_quick_db.inc
+ /manufacturing/includes/db/work_order_issues_db.inc
+ /manufacturing/includes/db/work_order_produce_items_db.inc
+
+18-Apr-2008 Janusz Dobrowolski
+! Changed db_escape function to avoid XSS attacks via js db injection
+$ /includes/db/connect_db.inc
+# Database inserts/updates secured against js injection
+$ /admin/db/maintenance_db.inc
+ /gl/includes/db/gl_db_accounts.inc
+ /purchasing/includes/db/po_db.inc
+ /sales/sales_order_entry.php
+ /sales/includes/db/sales_order_db.inc
+
+16-Apr-2008 Joe Hunt
+# Bug in /includes/ui/ui_lists.inc:914. Sql clause was cut.
+$ /includes/ui/ui_lists.inc
+
+09-Apr-2008 Janusz Dobrowolski
+# Fixed number formatting bug in standard cost update.
+$ /inventory/cost_update.php
+
+-------------------- 2,0 Beta - released ----------------------------
+
+06-Apr-2008 Joe Hunt
+! Changed install.html and update.html to fit the new unstable release 2.0
+! Changed demo sql script to fit the 2.0 unstable.
+$ install.html
+ update.html
+ /sql/en_US-demo.sql
+
+06-Apr-2008 Janusz Dobrowolski
+# Sales invoice edition denied for documents created in FA 1.xx because of nonportable differences in gl posting/db schema.
+ /sales/customer_invoice.php
+# Fixed typo causing error while adding new tax type.
+ /taxes/tax_types.php
+
+05-Apr-2008 Joe Hunt
+# Fixed a bug when creating subfolder for new companies. Should be company id and not the table pref counter.
+$ /admin/create_coy.php
+
+05-Apr-2008 Joe Hunt
+# Removed annoying warnings in several reports.
+$ config.php
+ /reporting/rep102.php
+ /reporting/rep104.php
+ /reporting/rep201.php
+ /reporting/rep203.php
+ /reporting/rep705.php
+ /reporting/rep706.php
+ /reporting/rep707.php
+ /reporting/rep709.php
+ /reporting/reports_main.php
+ /reporting/includes/pdf_report.inc
+
+04-Apr-2008 Janusz Dobrowolski
+# Javascript bugfix in selecting orders for template.
+$ /sales/inquiry/sales_orders_view.php
+
+04-Apr-2008 Joe Hunt
+! Updated chart of accounts for release 2.0 unstable. Set the status to 2.0 Beta in config.php. Minor changes in update.html
++ Preparing for download of release 2.0b on SourceForge.
+$ config.php
+ update.html
+ /sql/en_US-new.sql
+ /sql/en_US-demo.sql
+
02-Apr-2008 Janusz Dobrowolski
# Removed selector expansion on space key for multi-line selectors
$ /js/inserts.js
projects / fa-stable.git / blobdiff