X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=CHANGELOG.txt;h=2787166d30338ca73ab9edd68567442be44e1274;hb=ab7ef36ac4dc1d5187c86345de6706c7481b959f;hp=619b82fef8197bcf3bff030b7c9eda59987f5c41;hpb=46d3debec422c5ad5ee99c4acfe42bfa60308afb;p=fa-stable.git

diff --git a/CHANGELOG.txt b/CHANGELOG.txt
index 619b82fe..2787166d 100644
--- a/CHANGELOG.txt
+++ b/CHANGELOG.txt
@@ -19,8 +19,80 @@ Legend:
 ! -> Note
 $ -> Affected files
 
+24-Apr-2008 Joe Hunt
+# Wrong include file path in /includes/ui/items_cart.inc changed /inventory/includes/prefs/sysprefs.inc to
+  /includes/prefs/sysprefs.inc
+$ /includes/ui/items_cart.inc  
+# Wrong include file in /reporting/includes/pdf_report.inc. Changed header2a.inc to header2.inc
+$ /reporting/includes/pdf_report.inc
+
+23-Apr-2008 Joe Hunt
+! Removed the content of function header2 in pdf_report.inc to a separate file, header2.inc.
+  It will make it easier to design your own document layouts.
+$ /reporting/includes/pdf_report.inc
+  /reporting/includes/header2.inc (new file)
+  
+20-Apr-2008 Janusz Dobrowolski
+# Checking uniqueness of company settings, fixed creating database with prefix 0 when none was selected.
+$ /admin/create_coy.php
+! Added missing include_once directives.
+$ /includes/ui/items_cart.inc
+  /includes/ui/ui_lists.inc
+  /includes/ui/ui_view.inc
++ Added ini default_charset unnecessary for planned ajax calls.
+$ /includes/lang/language.inc
+
+19-Apr.2008 Joe Hunt
+# Bug (right to left text was done if price decimals were 3). A test sentense from a while
+  ago wasn't removed.
+$ /reporting/includes/pdf_report.inc
+
+18-Apr-2008 Janusz Dobrowolski
+# Additional checks on provisions and break point entry.
+$ /sales/manage/sales_people.php
+! Modules purchasing, sales and taxes sealed against XSS attacks
+$ /install/save.php
+  /admin/db/maintenance_db.inc
+  /purchasing/includes/db/grn_db.inc
+  /purchasing/includes/db/invoice_items_db.inc
+  /purchasing/includes/db/po_db.inc
+  /purchasing/includes/db/supp_trans_db.inc
+  /purchasing/manage/suppliers.php
+  /sales/includes/db/credit_status_db.inc
+  /sales/includes/db/cust_trans_db.inc
+  /sales/includes/db/cust_trans_details_db.inc
+  /sales/includes/db/sales_order_db.inc
+  /sales/includes/db/sales_types_db.inc
+  /sales/manage/customer_branches.php
+  /sales/manage/customers.php
+  /sales/manage/sales_areas.php
+  /sales/manage/sales_people.php
+  /taxes/db/item_tax_types_db.inc
+  /taxes/db/tax_groups_db.inc
+  /taxes/db/tax_types_db.inc
+
 18-Apr-2008 Joe Hunt
-! Changed db_escape function to avoid XSS attacks via js db injection
+! Module gl sealed against XSS Attacks
+$ /gl/includes/db/gl_db_accounts.inc
+  /gl/includes/db/gl_db_account_types.inc
+  /gl/includes/db/gl_db_bank_accounts.inc
+  /gl/includes/db/gl_db_bank_trans.inc
+  /gl/includes/db/gl_db_bank_trans_types.inc
+  /gl/includes/db/gl_db_currencies.inc
+  /gl/includes/db/gl_db_trans.inc
+  
+18-Apr-2008 Janusz Dobrowolski
+! Modules admin and dimensions sealed against XSS attacks
+$ /admin/payment_terms.php
+  /admin/shipping_companies.php
+  /admin/db/company_db.inc
+  /admin/db/maintenance_db.inc
+  /admin/db/users_db.inc
+  /admin/db/voiding_db.inc
+  /dimensions/includes/dimensions_db.inc
+
+18-Apr-2008 Joe Hunt
+! Modules includes, inventory and manufacturing sealed against XSS attacks
 $ /includes/db/comments_db.inc
   /includes/db/inventory_db.inc
   /includes/db/references_db.inc
@@ -35,7 +107,7 @@ $ /includes/db/comments_db.inc
   /manufacturing/includes/db/work_order_issues_db.inc
   /manufacturing/includes/db/work_order_produce_items_db.inc
   
-18-Apr-2008 Janusz Dobrwolski
+18-Apr-2008 Janusz Dobrowolski
 ! Changed db_escape function to avoid XSS attacks via js db injection
 $ /includes/db/connect_db.inc
 # Database inserts/updates secured against js injection