[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

SF.net SVN: ledger-smb:[4473] trunk

Revision: 4473
          http://ledger-smb.svn.sourceforge.net/ledger-smb/?rev=4473&view=rev
Author:   einhverfr
Date:     2012-03-15 09:42:13 +0000 (Thu, 15 Mar 2012)
Log Message:
-----------
Merging from branches/1.3

Modified Paths:
--------------
    trunk/Changelog
    trunk/LedgerSMB/AM.pm
    trunk/bin/am.pl
    trunk/sql/modules/Roles.sql

Property Changed:
----------------
    trunk/
    trunk/LedgerSMB/Scripts/account.pm
    trunk/LedgerSMB/Scripts/admin.pm
    trunk/LedgerSMB/Scripts/customer.pm
    trunk/LedgerSMB/Scripts/employee.pm
    trunk/LedgerSMB/Scripts/file.pm
    trunk/LedgerSMB/Scripts/journal.pm
    trunk/LedgerSMB/Scripts/login.pm
    trunk/LedgerSMB/Scripts/menu.pm
    trunk/LedgerSMB/Scripts/payment.pm
    trunk/LedgerSMB/Scripts/recon.pm
    trunk/LedgerSMB/Scripts/setup.pm
    trunk/LedgerSMB/Scripts/taxform.pm
    trunk/LedgerSMB/Scripts/vendor.pm
    trunk/sql/upgrade/1.2-1.3-manual.sql


Property changes on: trunk
___________________________________________________________________
Modified: svn:mergeinfo
   - /branches/1.3:3711-4466
   + /branches/1.3:3711-4472

Modified: trunk/Changelog
===================================================================
--- trunk/Changelog	2012-03-15 09:35:22 UTC (rev 4472)
+++ trunk/Changelog	2012-03-15 09:42:13 UTC (rev 4473)
@@ -39,6 +39,10 @@
 Changelog for 1.3.14
 * Argentina (Spanish) translation and charts of accounts added. (Andres B)
 * Fixed errors saving when duedate is blank, bug 3503463 (Chris T)
+* Corrected editing pos_invoice.txt whitelisting in front-end (Chris T)
+* Corrected erroneous directory transversal denial (Chris T, bug 3504924)
+* Added recon data to Norwegian chart of accounts (h/t H. Sorli) (Chris T)
+* Fixed some menu items disappearing after upgrade (Chris T, bug 3504934)
 
 Andres B is Andres Basile
 

Modified: trunk/LedgerSMB/AM.pm
===================================================================
--- trunk/LedgerSMB/AM.pm	2012-03-15 09:35:22 UTC (rev 4472)
+++ trunk/LedgerSMB/AM.pm	2012-03-15 09:42:13 UTC (rev 4473)
@@ -1199,7 +1199,7 @@
     my ( $self, $myconfig, $form ) = @_;
 
     my @allowedsuff = qw(css tex txt html xml);
-    if ( $form->{file} =~ /^(.:)*?\/|:|\.\.\/|^\// ) {
+    if ( $form->{file} =~ /^(.:)*?\/|:|\.\.\// ) {
         $form->error("Directory transversal not allowed.");
     }
     if ( $form->{file} =~ /^${LedgerSMB::Sysconfig::backuppath}\// ) {


Property changes on: trunk/LedgerSMB/Scripts/account.pm
___________________________________________________________________
Modified: svn:mergeinfo
   - /branches/1.3/LedgerSMB/Scripts/account.pm:4369-4466
/branches/1.3/scripts/account.pl:3711-4368
   + /branches/1.3/LedgerSMB/Scripts/account.pm:4369-4472
/branches/1.3/scripts/account.pl:3711-4368


Property changes on: trunk/LedgerSMB/Scripts/admin.pm
___________________________________________________________________
Modified: svn:mergeinfo
   - /branches/1.3/LedgerSMB/Scripts/admin.pm:3901-4466
/branches/1.3/scripts/admin.pl:3711-3903,4273-4287
   + /branches/1.3/LedgerSMB/Scripts/admin.pm:3901-4472
/branches/1.3/scripts/admin.pl:3711-3903,4273-4287


Property changes on: trunk/LedgerSMB/Scripts/customer.pm
___________________________________________________________________
Modified: svn:mergeinfo
   - /branches/1.3/LedgerSMB/Scripts/customer.pm:4288-4466
/branches/1.3/scripts/customer.pl:4273-4287
   + /branches/1.3/LedgerSMB/Scripts/customer.pm:4288-4472
/branches/1.3/scripts/customer.pl:4273-4287


Property changes on: trunk/LedgerSMB/Scripts/employee.pm
___________________________________________________________________
Modified: svn:mergeinfo
   - /branches/1.3/LedgerSMB/Scripts/employee.pm:3712-4466
/branches/1.3/scripts/employee.pl:3842-3843,4273-4287,4289-4310
   + /branches/1.3/LedgerSMB/Scripts/employee.pm:3712-4472
/branches/1.3/scripts/employee.pl:3842-3843,4273-4287,4289-4310


Property changes on: trunk/LedgerSMB/Scripts/file.pm
___________________________________________________________________
Modified: svn:mergeinfo
   - /branches/1.3/LedgerSMB/Scripts/file.pm:3711-4466
/branches/1.3/scripts/file.pl:3711-4138
   + /branches/1.3/LedgerSMB/Scripts/file.pm:3711-4472
/branches/1.3/scripts/file.pl:3711-4138


Property changes on: trunk/LedgerSMB/Scripts/journal.pm
___________________________________________________________________
Modified: svn:mergeinfo
   - /branches/1.3/LedgerSMB/Scripts/journal.pm:4288-4466
/branches/1.3/scripts/journal.pl:3711-4328
   + /branches/1.3/LedgerSMB/Scripts/journal.pm:4288-4472
/branches/1.3/scripts/journal.pl:3711-4328


Property changes on: trunk/LedgerSMB/Scripts/login.pm
___________________________________________________________________
Modified: svn:mergeinfo
   - /branches/1.3/LedgerSMB/Scripts/login.pm:4193-4466
/branches/1.3/scripts/login.pl:3711-4192
   + /branches/1.3/LedgerSMB/Scripts/login.pm:4193-4472
/branches/1.3/scripts/login.pl:3711-4192


Property changes on: trunk/LedgerSMB/Scripts/menu.pm
___________________________________________________________________
Modified: svn:mergeinfo
   - /branches/1.3/LedgerSMB/Scripts/menu.pm:4155-4466
/branches/1.3/scripts/menu.pl:3711-4192,4273-4287
   + /branches/1.3/LedgerSMB/Scripts/menu.pm:4155-4472
/branches/1.3/scripts/menu.pl:3711-4192,4273-4287


Property changes on: trunk/LedgerSMB/Scripts/payment.pm
___________________________________________________________________
Modified: svn:mergeinfo
   - /branches/1.3/LedgerSMB/Scripts/payment.pm:4010-4466
/branches/1.3/scripts/payment.pl:3711-4310
   + /branches/1.3/LedgerSMB/Scripts/payment.pm:4010-4472
/branches/1.3/scripts/payment.pl:3711-4310


Property changes on: trunk/LedgerSMB/Scripts/recon.pm
___________________________________________________________________
Modified: svn:mergeinfo
   - /branches/1.3/LedgerSMB/Scripts/recon.pm:3711-4466
/branches/1.3/scripts/recon.pl:4194-4271,4273-4287,4393-4438
   + /branches/1.3/LedgerSMB/Scripts/recon.pm:3711-4472
/branches/1.3/scripts/recon.pl:4194-4271,4273-4287,4393-4438


Property changes on: trunk/LedgerSMB/Scripts/setup.pm
___________________________________________________________________
Modified: svn:mergeinfo
   - /branches/1.3/LedgerSMB/Scripts/setup.pm:3937-4466
/branches/1.3/scripts/setup.pl:3711-4438
   + /branches/1.3/LedgerSMB/Scripts/setup.pm:3937-4472
/branches/1.3/scripts/setup.pl:3711-4438


Property changes on: trunk/LedgerSMB/Scripts/taxform.pm
___________________________________________________________________
Modified: svn:mergeinfo
   - /branches/1.3/LedgerSMB/Scripts/taxform.pm:4193-4466
/branches/1.3/scripts/taxform.pl:3711-4192,4273-4287
   + /branches/1.3/LedgerSMB/Scripts/taxform.pm:4193-4472
/branches/1.3/scripts/taxform.pl:3711-4192,4273-4287


Property changes on: trunk/LedgerSMB/Scripts/vendor.pm
___________________________________________________________________
Modified: svn:mergeinfo
   - /branches/1.3/LedgerSMB/Scripts/vendor.pm:4288-4466
/branches/1.3/scripts/vendor.pl:4273-4287
   + /branches/1.3/LedgerSMB/Scripts/vendor.pm:4288-4472
/branches/1.3/scripts/vendor.pl:4273-4287

Modified: trunk/bin/am.pl
===================================================================
--- trunk/bin/am.pl	2012-03-15 09:35:22 UTC (rev 4472)
+++ trunk/bin/am.pl	2012-03-15 09:42:13 UTC (rev 4473)
@@ -1120,7 +1120,7 @@
         $form->{file} = "$form->{template}.tex";
     } elsif (uc($form->{format}) eq 'HTML') {
         $form->{file} = "$form->{template}.html";
-    } elsif (uc($form->{format}) eq 'TXT'){
+    } elsif (uc($form->{format}) eq 'TEXT'){
         $form->{file} = "$form->{template}.txt";
     }
 

Modified: trunk/sql/modules/Roles.sql
===================================================================
--- trunk/sql/modules/Roles.sql	2012-03-15 09:35:22 UTC (rev 4472)
+++ trunk/sql/modules/Roles.sql	2012-03-15 09:42:13 UTC (rev 4473)
@@ -183,7 +183,10 @@
 INSERT INTO menu_acl (node_id, acl_type, role_name) 
 values (48, 'allow', 'lsmb_<?lsmb dbname ?>__employees_manage');
 
+INSERT INTO menu_acl (node_id, acl_type, role_name) 
+values (49, 'allow', 'lsmb_<?lsmb dbname ?>__employees_manage');
 
+
 CREATE ROLE "lsmb_<?lsmb dbname ?>__contact_edit"
 WITH INHERIT NOLOGIN
 IN ROLE "lsmb_<?lsmb dbname ?>__contact_read";
@@ -232,6 +235,10 @@
  WHERE node_id in (206, 210) 
        AND role_name = 'lsmb_<?lsmb dbname ?>__contact_create';
 
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (206, 'allow', 'lsmb_<?lsmb dbname ?>__batch_post'),
+       (210, 'allow', 'lsmb_<?lsmb dbname ?>__batch_post');
+
 -- AR
 CREATE ROLE "lsmb_<?lsmb dbname ?>__ar_transaction_create"
 WITH INHERIT NOLOGIN
@@ -1739,6 +1746,9 @@
 -- Roles with no db permissions:
 CREATE ROLE "lsmb_<?lsmb dbname ?>__draft_edit" WITH INHERIT NOLOGIN;
 
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (210, 'allow', 'lsmb_<?lsmb dbname ?>__draft_edit');
+
 -- CT:  The following grant is required for now, but will hopefully become less 
 -- important when we get to 1.4 and can more sensibly lock things down.
 GRANT ALL ON dpt_trans TO public;


Property changes on: trunk/sql/upgrade/1.2-1.3-manual.sql
___________________________________________________________________
Modified: svn:mergeinfo
   - /branches/1.3/sql/upgrade/1.2-1.3-manual.sql:3712-4466
/branches/1.3/sql/upgrade/1.2-1.3.sql:3711-3851
/trunk/sql/upgrade/1.2-1.3.sql:858-3710
   + /branches/1.3/sql/upgrade/1.2-1.3-manual.sql:3712-4472
/branches/1.3/sql/upgrade/1.2-1.3.sql:3711-3851
/trunk/sql/upgrade/1.2-1.3.sql:858-3710

This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.