X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=CHANGELOG.txt;h=da6f5bba79773e86638410a26da6cd45bd404449;hb=5928cc0bb4164cfd1dfc77f279f6b12d7806294f;hp=ca67337f6a2a0968035b54e0da56aef2e46e3880;hpb=4763f9316d59363edaffd38e49655ad5ff29611d;p=fa-stable.git

diff --git a/CHANGELOG.txt b/CHANGELOG.txt
index ca67337f..da6f5bba 100644
--- a/CHANGELOG.txt
+++ b/CHANGELOG.txt
@@ -19,6 +19,188 @@ Legend:
 ! -> Note
 $ -> Affected files
 
+18-Apr-2008 Joe Hunt
+! Module gl sealed against XSS Attacks
+$ /gl/includes/db/gl_db_accounts.inc
+  /gl/includes/db/gl_db_account_types.inc
+  /gl/includes/db/gl_db_bank_accounts.inc
+  /gl/includes/db/gl_db_bank_trans.inc
+  /gl/includes/db/gl_db_bank_trans_types.inc
+  /gl/includes/db/gl_db_currencies.inc
+  /gl/includes/db/gl_db_trans.inc
+  
+18-Apr-2008 Janusz Dobrowolski
+! Modules admin and dimensions sealed against XSS attacks
+$ /admin/payment_terms.php
+  /admin/shipping_companies.php
+  /admin/db/company_db.inc
+  /admin/db/maintenance_db.inc
+  /admin/db/users_db.inc
+  /admin/db/voiding_db.inc
+  /dimensions/includes/dimensions_db.inc
+
+18-Apr-2008 Joe Hunt
+! Modules includes, inventory and manufacturing sealed against XSS attacks
+$ /includes/db/comments_db.inc
+  /includes/db/inventory_db.inc
+  /includes/db/references_db.inc
+  /inventory/includes/db/items_category_db.inc
+  /inventory/includes/db/items_db.inc
+  /inventory/includes/db/items_locations_db.inc
+  /inventory/includes/db/items_units_db.inc
+  /inventory/includes/db/movement_types_db.inc
+  /manufacturing/includes/db/work_centres_db.inc
+  /manufacturing/includes/db/work_orders_db.inc
+  /manufacturing/includes/db/work_orders_quick_db.inc
+  /manufacturing/includes/db/work_order_issues_db.inc
+  /manufacturing/includes/db/work_order_produce_items_db.inc
+  
+18-Apr-2008 Janusz Dobrowolski
+! Changed db_escape function to avoid XSS attacks via js db injection
+$ /includes/db/connect_db.inc
+# Database inserts/updates secured against js injection
+$ /admin/db/maintenance_db.inc
+  /gl/includes/db/gl_db_accounts.inc
+  /purchasing/includes/db/po_db.inc
+  /sales/sales_order_entry.php
+  /sales/includes/db/sales_order_db.inc
+
+16-Apr-2008 Joe Hunt
+# Bug in /includes/ui/ui_lists.inc:914. Sql clause was cut.
+$ /includes/ui/ui_lists.inc
+
+09-Apr-2008 Janusz Dobrowolski
+# Fixed number formatting bug in standard cost update.
+$ /inventory/cost_update.php
+
+-------------------- 2,0 Beta - released ----------------------------
+
+06-Apr-2008 Joe Hunt
+! Changed install.html and update.html to fit the new unstable release 2.0
+! Changed demo sql script to fit the 2.0 unstable.
+$ install.html
+  update.html
+  /sql/en_US-demo.sql
+  
+06-Apr-2008 Janusz Dobrowolski
+# Sales invoice edition denied for documents created in FA 1.xx because of nonportable differences in gl posting/db schema.
+  /sales/customer_invoice.php
+# Fixed typo causing error while adding new tax type.
+  /taxes/tax_types.php
+  
+05-Apr-2008 Joe Hunt
+# Fixed a bug when creating subfolder for new companies. Should be company id and not the table pref counter.
+$ /admin/create_coy.php
+
+05-Apr-2008 Joe Hunt
+# Removed annoying warnings in several reports. 
+$ config.php 
+  /reporting/rep102.php
+  /reporting/rep104.php
+  /reporting/rep201.php
+  /reporting/rep203.php
+  /reporting/rep705.php
+  /reporting/rep706.php
+  /reporting/rep707.php
+  /reporting/rep709.php
+  /reporting/reports_main.php
+  /reporting/includes/pdf_report.inc
+  
+04-Apr-2008 Janusz Dobrowolski
+# Javascript bugfix in selecting orders for template.
+$ /sales/inquiry/sales_orders_view.php
+
+04-Apr-2008 Joe Hunt
+! Updated chart of accounts for release 2.0 unstable. Set the status to 2.0 Beta in config.php. Minor changes in update.html
++ Preparing for download of release 2.0b on SourceForge.
+$ config.php
+  update.html
+  /sql/en_US-new.sql
+  /sql/en_US-demo.sql
+  
+02-Apr-2008 Janusz Dobrowolski
+# Removed selector expansion on space key for multi-line selectors
+$ /js/inserts.js
+! Hiding search button in combo selectors for javascript enabled browsers
+$ /includes/ui/ui_lists.inc
+  /js/inserts.js
++ Focus set to invalid form field after submit check fail
+$ /admin/company_preferences.php
+  /admin/fiscalyears.php
+  /admin/gl_setup.php
+  /admin/payment_terms.php
+  /admin/shipping_companies.php
+  /admin/users.php
+  /admin/void_transaction.php
+  /dimensions/dimension_entry.php
+  /gl/bank_transfer.php
+  /gl/gl_deposit.php
+  /gl/gl_journal.php
+  /gl/gl_payment.php
+  /gl/manage/bank_accounts.php
+  /gl/manage/bank_trans_types.php
+  /gl/manage/currencies.php
+  /gl/manage/exchange_rates.php
+  /gl/manage/gl_account_classes.php
+  /gl/manage/gl_account_types.php
+  /gl/manage/gl_accounts.php
+  /inventory/adjustments.php
+  /inventory/cost_update.php
+  /inventory/prices.php
+  /inventory/purchasing_data.php
+  /inventory/transfers.php
+  /inventory/manage/item_categories.php
+  /inventory/manage/item_units.php
+  /inventory/manage/items.php
+  /inventory/manage/locations.php
+  /inventory/manage/movement_types.php
+  /manufacturing/work_order_add_finished.php
+  /manufacturing/work_order_entry.php
+  /manufacturing/work_order_issue.php
+  /manufacturing/work_order_release.php
+  /manufacturing/manage/bom_edit.php
+  /manufacturing/manage/work_centres.php
+  /purchasing/po_entry_items.php
+  /purchasing/po_receive_items.php
+  /purchasing/supplier_credit.php
+  /purchasing/supplier_credit_grns.php
+  /purchasing/supplier_invoice.php
+  /purchasing/supplier_invoice_grns.php
+  /purchasing/supplier_payment.php
+  /purchasing/supplier_trans_gl.php
+  /purchasing/allocations/supplier_allocate.php
+  /purchasing/manage/suppliers.php
+  /sales/credit_note_entry.php
+  /sales/customer_credit_invoice.php
+  /sales/customer_delivery.php
+  /sales/customer_invoice.php
+  /sales/customer_payments.php
+  /sales/sales_order_entry.php
+  /sales/allocations/customer_allocate.php
+  /taxes/item_tax_types.php
+  /taxes/tax_groups.php
+  /taxes/tax_types.php
+# Set default focus in update_db.php
+$ /admin/backups.php
+
+29-Mar-2008 Janusz Dobrowolski
+# Changed gl_all_accounts_list() API
+$ /includes/ui/ui_lists.inc
++ Enhanced list accessability in kbd usage via space key
+$ js/inserts.js
+
+28-Mar-2008 Janusz Dobrowolski
+# Fixed headers for various display mode
+$ /sales/inquiry/sales_orders_view.php
+
+28-Mar-2008 Joe Hunt
++ Added print document options in inquiries.
+$ /sales/inquiry/customer_inquiry.php
+  /sales/inquiry/sales_orders_view.php
+  /sales/inquiry/sales_deliveries_view.php
+  /purchasing/inquiry/po_search.php
+  /purchasing/inquiry/po_search_completed.php
+  
 28-Mar-2008 Joe Hunt
 # Fixed a minor bug in customers_db.inc (should include type == 2 - Bank Deposits)
 $ /sales/includes/db/customers_db.inc
@@ -33,7 +215,7 @@ $ /reporting/rep101.php
 
 28-Mar-2008 Janusz Dobrowolski
 # Layout/focus fixes for no_[customer/supplier/item]_list option on
-   /includes/ui/ui_lists.inc
+$  /includes/ui/ui_lists.inc
    /purchasing/includes/ui/po_ui.inc
    /sales/credit_note_entry.php
    /sales/sales_order_entry.php