diff options
-rw-r--r-- | Changelog | 11 | ||||
-rwxr-xr-x | LedgerSMB/Form.pm | 37 | ||||
-rw-r--r-- | TODO | 28 | ||||
-rwxr-xr-x | templates/Brazilian_Portuguese-logo.png | bin | 12716 -> 15928 bytes | |||
-rwxr-xr-x | templates/Danish-logo.png | bin | 12716 -> 15928 bytes | |||
-rwxr-xr-x | templates/Default-logo.png | bin | 12716 -> 15928 bytes | |||
-rwxr-xr-x | templates/Dutch-logo.png | bin | 12716 -> 15928 bytes | |||
-rwxr-xr-x | templates/Estonian-logo.png | bin | 12716 -> 15928 bytes | |||
-rwxr-xr-x | templates/Estonian_UTF8-logo.png | bin | 12716 -> 15928 bytes | |||
-rwxr-xr-x | templates/French-logo.png | bin | 12716 -> 15928 bytes | |||
-rwxr-xr-x | templates/German-logo.png | bin | 12716 -> 15928 bytes | |||
-rwxr-xr-x | templates/Hungarian-logo.png | bin | 12716 -> 15928 bytes | |||
-rwxr-xr-x | templates/Italian-logo.png | bin | 12716 -> 15928 bytes | |||
-rwxr-xr-x | templates/Norwegian-logo.png | bin | 12716 -> 15928 bytes | |||
-rwxr-xr-x | templates/Russian-logo.png | bin | 12716 -> 15928 bytes | |||
-rwxr-xr-x | templates/Service-logo.png | bin | 12716 -> 15928 bytes | |||
-rwxr-xr-x | templates/Spanish_A4-logo.png | bin | 12716 -> 15928 bytes | |||
-rwxr-xr-x | templates/Spanish_Letter-logo.png | bin | 12716 -> 15928 bytes | |||
-rwxr-xr-x | templates/Swedish-logo.png | bin | 12716 -> 15928 bytes | |||
-rwxr-xr-x | templates/Traditional_Chinese_Big5-logo.png | bin | 12716 -> 15928 bytes | |||
-rwxr-xr-x | templates/Traditional_Chinese_UTF8-logo.png | bin | 12716 -> 15928 bytes | |||
-rw-r--r-- | templates/demo/ar_transaction.tex | 27 | ||||
-rw-r--r-- | templates/demo/logo.png | bin | 3970 -> 15928 bytes |
23 files changed, 72 insertions, 31 deletions
diff --git a/Changelog b/Changelog new file mode 100644 index 00000000..e9ce8cb4 --- /dev/null +++ b/Changelog @@ -0,0 +1,11 @@ +Changelog for LedgerSMB v 2.6.17 + +(Changes relative to the pre-fork SQL-Ledger 2.6.17) + +* Corrected sessionid security hole allowing bypass of login to main application +* Corrected sessionid security hole allowing one to list logins and more. +* Changed acc_trans.amount to NUMERIC +* Tightened browser caching rules to prevent problems with back button. +* Added an open content manual to the main distribution. +* New logo. +* Began whitespace reformatting of main application. diff --git a/LedgerSMB/Form.pm b/LedgerSMB/Form.pm index 8b736e5c..73d9f4c5 100755 --- a/LedgerSMB/Form.pm +++ b/LedgerSMB/Form.pm @@ -1083,23 +1083,26 @@ sub format_string { $format = 'tex'; } - my %replace = ( 'order' => { html => [ '<', '>', '\n', '\r' ], - txt => [ '\n', '\r' ], - tex => [ quotemeta('\\'), '&', '\n', - '\r', '\$', '%', '_', '#', - quotemeta('^'), '{', '}', '<', '>', - '?' ], - utf => [ quotemeta('\\'), '&', quotemeta('\n'), - '\r', '\$', '%', '_', '#', - quotemeta('^'), '{', '}', '<', '>' ] }, - html => { '<' => '<', '>' => '>', - '\n' => '<br />', '\r' => '<br />' }, - txt => { '\n' => "\n", '\r' => "\r" }, - tex => {'&' => '\&', '\$' => '\$', '%' => '\%', '_' => '\_', - '#' => '\#', quotemeta('^') => '\^\\', '{' => '\{', '}' => '\}', - '<' => '$<$', '>' => '$>$', - '\n' => '\newline ', '\r' => '\newline ', - '?' => '\pounds ', quotemeta('\\') => '/' } ); + my %replace = ( + 'order' => { + html => [ '<', '>', '\n', '\r' ], + txt => [ '\n', '\r' ], + tex => [ quotemeta('\\'), '&', '\n','\r', + '\$', '%', '_', '#', + quotemeta('^'), '{', '}', '<', '>', '£' + ], + utf => [ quotemeta('\\'), '&', quotemeta('\n'), + '\r', '\$', '%', '_', '#', quotemeta('^'), + '{', '}', '<', '>' ] }, + html => { '<' => '<', '>' => '>','\n' => '<br />', + '\r' => '<br />' }, + txt => { '\n' => "\n", '\r' => "\r" }, + tex => {'&' => '\&', '\$' => '\$', '%' => '\%', '_' => '\_', + '#' => '\#', quotemeta('^') => '\^\\', '{' => '\{', + '}' => '\}', '<' => '$<$', '>' => '$>$', + '\n' => '\newline ', '\r' => '\newline ', + '£' => '\pounds ', quotemeta('\\') => '/'} + ); my $key; @@ -8,29 +8,33 @@ Near immediate items (release-delaying?). * indicates completed. - *fix the session security problem in the main application - *Tightened browser caching rules so that the back button is no problem. - *hosting, Sourceforge import SVN (almost done) -- *solve security problem for admin.pl (central db?) (Pending testing) +- *solve security problem for admin.pl (central db?) Suggest starting with a simple server-side cookie. Then when we add authentication abstraction, this problem can be permanently solved in a modular fashion. - * finish removing references to sql-ledger -- write upgrade/crossgrade script from SL -> LedgerSMB +- write upgrade/crossgrade script from SL -> LedgerSMB (mostly done) Database script is done. Just untar over the top? If so, then this is done. - write press release - *write SL List announcement -- SPI membership +- SPI membership (Just time the request to Josh for proposal) - *CONTRIBUTORS/AUTHORS file. - Delete setup.pl file for released versions. (not in SVN). -- Test db upgrade +- Run final tests on applications + - crossgrade script-- missing SL directory unlink logic. + - *templates + - db upgrade (not working) +- *Fix printing bug with LaTeX templates. Error: + Quantifier follows nothing in regex; + marked by <-- HERE in m/? <-- HERE / at LedgerSMB/Form.pm line 1107. -Short term items +Higher priorities - update setup.pl, which has a lot of SL specific code. - make utf-8 default -- Add protection against duplicate id values. +- Add protection against duplicate id values. - Prevent printing without posting. - Add last cost field to laber/overhead creation screen. -- drop lynx support? (no, not short term anyway) - I think it is better to abandon Lynx support than drop it. - drop Oracle support? (ibidem) Oracle support is already largely abandoned. Not sure if we should the code though... @@ -45,6 +49,8 @@ Short term items - Remove Dieter's sessionid timestamp since it serves no purpose. - authentication abstraction for Kerberos, LDAP authentication, and the like. - Authentication module for PostgreSQL databases. +- Account transactions available from Balance Sheets and Income Statements via +links. Medium-longer term - Port SL-POS functionality into the fork. @@ -56,3 +62,9 @@ Medium-longer term a single insert and adding foreign keys. - Fix printing for Windows. - Portable Data Terminal integration. +- Merge web directories so that maintaining frames and no-frames browsers + is not a problem. +- Move to a template-based display system with main application logic being in + a separate Perl module. +- Convert to use persistant database connections. +- Basic payroll module diff --git a/templates/Brazilian_Portuguese-logo.png b/templates/Brazilian_Portuguese-logo.png Binary files differindex 5edcdfe5..e8c8b84f 100755 --- a/templates/Brazilian_Portuguese-logo.png +++ b/templates/Brazilian_Portuguese-logo.png diff --git a/templates/Danish-logo.png b/templates/Danish-logo.png Binary files differindex 5edcdfe5..e8c8b84f 100755 --- a/templates/Danish-logo.png +++ b/templates/Danish-logo.png diff --git a/templates/Default-logo.png b/templates/Default-logo.png Binary files differindex 5edcdfe5..e8c8b84f 100755 --- a/templates/Default-logo.png +++ b/templates/Default-logo.png diff --git a/templates/Dutch-logo.png b/templates/Dutch-logo.png Binary files differindex 5edcdfe5..e8c8b84f 100755 --- a/templates/Dutch-logo.png +++ b/templates/Dutch-logo.png diff --git a/templates/Estonian-logo.png b/templates/Estonian-logo.png Binary files differindex 5edcdfe5..e8c8b84f 100755 --- a/templates/Estonian-logo.png +++ b/templates/Estonian-logo.png diff --git a/templates/Estonian_UTF8-logo.png b/templates/Estonian_UTF8-logo.png Binary files differindex 5edcdfe5..e8c8b84f 100755 --- a/templates/Estonian_UTF8-logo.png +++ b/templates/Estonian_UTF8-logo.png diff --git a/templates/French-logo.png b/templates/French-logo.png Binary files differindex 5edcdfe5..e8c8b84f 100755 --- a/templates/French-logo.png +++ b/templates/French-logo.png diff --git a/templates/German-logo.png b/templates/German-logo.png Binary files differindex 5edcdfe5..e8c8b84f 100755 --- a/templates/German-logo.png +++ b/templates/German-logo.png diff --git a/templates/Hungarian-logo.png b/templates/Hungarian-logo.png Binary files differindex 5edcdfe5..e8c8b84f 100755 --- a/templates/Hungarian-logo.png +++ b/templates/Hungarian-logo.png diff --git a/templates/Italian-logo.png b/templates/Italian-logo.png Binary files differindex 5edcdfe5..e8c8b84f 100755 --- a/templates/Italian-logo.png +++ b/templates/Italian-logo.png diff --git a/templates/Norwegian-logo.png b/templates/Norwegian-logo.png Binary files differindex 5edcdfe5..e8c8b84f 100755 --- a/templates/Norwegian-logo.png +++ b/templates/Norwegian-logo.png diff --git a/templates/Russian-logo.png b/templates/Russian-logo.png Binary files differindex 5edcdfe5..e8c8b84f 100755 --- a/templates/Russian-logo.png +++ b/templates/Russian-logo.png diff --git a/templates/Service-logo.png b/templates/Service-logo.png Binary files differindex 5edcdfe5..e8c8b84f 100755 --- a/templates/Service-logo.png +++ b/templates/Service-logo.png diff --git a/templates/Spanish_A4-logo.png b/templates/Spanish_A4-logo.png Binary files differindex 5edcdfe5..e8c8b84f 100755 --- a/templates/Spanish_A4-logo.png +++ b/templates/Spanish_A4-logo.png diff --git a/templates/Spanish_Letter-logo.png b/templates/Spanish_Letter-logo.png Binary files differindex 5edcdfe5..e8c8b84f 100755 --- a/templates/Spanish_Letter-logo.png +++ b/templates/Spanish_Letter-logo.png diff --git a/templates/Swedish-logo.png b/templates/Swedish-logo.png Binary files differindex 5edcdfe5..e8c8b84f 100755 --- a/templates/Swedish-logo.png +++ b/templates/Swedish-logo.png diff --git a/templates/Traditional_Chinese_Big5-logo.png b/templates/Traditional_Chinese_Big5-logo.png Binary files differindex 5edcdfe5..e8c8b84f 100755 --- a/templates/Traditional_Chinese_Big5-logo.png +++ b/templates/Traditional_Chinese_Big5-logo.png diff --git a/templates/Traditional_Chinese_UTF8-logo.png b/templates/Traditional_Chinese_UTF8-logo.png Binary files differindex 5edcdfe5..e8c8b84f 100755 --- a/templates/Traditional_Chinese_UTF8-logo.png +++ b/templates/Traditional_Chinese_UTF8-logo.png diff --git a/templates/demo/ar_transaction.tex b/templates/demo/ar_transaction.tex index 1c3c44f3..31e20fdb 100644 --- a/templates/demo/ar_transaction.tex +++ b/templates/demo/ar_transaction.tex @@ -1,18 +1,32 @@ \documentclass{scrartcl} \usepackage[latin1]{inputenc} \usepackage{tabularx} -\usepackage[letterpaper,top=2cm,bottom=-3cm,left=1.1cm,right=1.5cm]{geometry} +\usepackage[top=2cm,bottom=-1cm,left=2cm,right=1cm]{geometry} \usepackage{graphicx} \setlength{\parindent}{0pt} \begin{document} -\pagestyle{myheadings} -\thispagestyle{empty} +\pagestyle{empty} \fontfamily{cmss}\fontsize{10pt}{12pt}\selectfont -<%include letterhead.tex%> +\parbox{\textwidth}{% + \parbox[b]{.42\textwidth}{% + <%company%> + + <%address%> + } + \parbox[b]{.2\textwidth}{ + \includegraphics[scale=0.3]{ledger-smb} + }\hfill + \begin{tabular}[b]{rr@{}} + Tel: & <%tel%>\\ + Fax: & <%fax%> + \end{tabular} + + \rule[1.5em]{\textwidth}{0.5pt} +} \centerline{\textbf{A R} \hspace{0.3cm} \textbf{T R A N S A C T I O N}} @@ -27,7 +41,7 @@ <%city%> <%if state%> -\hspace{-0.1cm}, <%state%> +, <%state%> <%end state%> <%zipcode%> @@ -37,9 +51,10 @@ <%if contact%> <%contact%> -\vspace{0.2cm} <%end contact%> +\vspace{0.2cm} + <%if customerphone%> Tel: <%customerphone%> <%end customerphone%> diff --git a/templates/demo/logo.png b/templates/demo/logo.png Binary files differindex e3a4ac13..e8c8b84f 100644 --- a/templates/demo/logo.png +++ b/templates/demo/logo.png |