composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-02-13 07:24:13 +01:00
Code Issues Packages Projects Releases Wiki Activity
7,644 Commits 151 Branches 134 Tags
8e972794013bdd991eff0735b21fcc1a915bc09f
Commit Graph

1739 Commits

Author SHA1 Message Date
Benjamin Dalsass
8e97279401 N°4899 - Reflected XSS on revert_dashboard operation 2022-05-17 09:27:06 +02:00
Benjamin Dalsass
562dd8fc21 N°4900 - Stored XSS in dashlets failed OQL query 2022-05-17 08:20:26 +02:00
Pierre Goiffon
8e6e2432d3 Extensibility : iPortalUIExtension and AbstractPortalUIExtension aren't experimental anymore 2022-04-21 17:29:40 +02:00
acognet
6fa2d47780 N°4538 - Dashlet Groupby on ExternalKey with special character, bad display 2022-04-15 10:03:04 +02:00
Pierre Goiffon
809ea2eb49 💡 N°4854 Add phpdoc to utils::*Module* methods 2022-03-02 09:42:09 +01:00
acognet
35165568af N°4057 - Custom Translation for Custom Tab is not inherited by instanciable Classes 2022-02-14 09:10:18 +01:00
Molkobain
4a67819f87 N°4714 - Revert rename of utils::GetItopVersionWikiSyntax as it is used in cached packages in the ITSM Designer 2022-02-11 20:00:39 +01:00
Pierre Goiffon
b494ff2ce6 N°4488 Remove cmdbAbstractObject methods used in export.php from API methods and add comment in export.php 
`@deprecated` was added in 03e9bcd4 but as none of those will be removed in a near future, we are using `@internal`instead !
 2022-02-11 16:15:35 +01:00
acognet
03e9bcd47a N°4488 - deprecate cmdbAbstractObject::GetSetAsHTMLSpreadsheet() used only by the old export.php 2022-02-10 15:04:59 +01:00
Pierre Goiffon
299ad7e753 N°4714 Fix \utils::GetCoreVersionWikiSyntax throwing Exception when 2nd version digit is "0" (for example in 3.0.1) 2022-02-08 14:48:02 +01:00
Pierre Goiffon
b4fc647845 N°4714 Rename \utils::GetItopVersionWikiSyntax to GetCoreVersionWikiSyntax 
Will avoid confusion between core or product version !
 2022-02-01 15:40:43 +01:00
Pierre Goiffon
17612f88d3 N°4714 utils version method refactoring 
- removes utils::GetItopPatchVersion and GetItopMinorVersion : unused and badly named :/
- GetItopVersionWikiSyntax now uses core version constant
- iTopModulesPhpVersionIntegrationTest::testiTopModulesPhpVersion now uses ITOP_CORE_VERSION constant
 2022-02-01 15:24:56 +01:00
Pierre Goiffon
fcfcf85e0d N°4714 fix constant version usages in utils methods 2022-02-01 11:39:57 +01:00
Pierre Goiffon
45b5c39af7 N°3129 PHP 8.0 compat : code review modifications 
Many thanks @Molkobain & @Hipska !
 2022-01-31 16:41:35 +01:00
Pierre Goiffon
75dbad7406 N°3129 PHP 8.0 compat: Fix "Deprecated: Required parameter ... follows optional parameter ..." 
* \SQLObjectQuery::PrepareSingleTable
* \HistoryBlock::GetRenderContent
* \MenuBlock::GetRenderContent
* \UILinksWidgetDirect::DisplayAsBlock
* \UILinksWidgetDirect::Display
* \UILinksWidgetDirect::DisplayEditInPlace
* \UIExtKeyWidget::AutoComplete
* \UIExtKeyWidget::DisplayFromAttCode
 2022-01-28 17:01:07 +01:00
Pierre Goiffon
02b09c2535 Merge remote-tracking branch 'origin/support/2.6' into support/2.7 2021-12-10 13:38:42 +01:00
Pierre Goiffon
10cfb373f2 N°4481 Fix badly escaped dialog tooltip 
Was commited to develop first (99a0e0c5 and 4f27f3ac)
 2021-12-10 13:38:24 +01:00
Pierre Goiffon
e6d61d1ebd Merge remote-tracking branch 'origin/support/2.6' into support/2.7 2021-12-08 17:16:33 +01:00
Pierre Goiffon
f916f9cde8 N°4289 Allow to use privUITransactionFile when no user logged 
Before we were throwing a SecurityException, which was blocking for combodo-unauthenticated-form for example
 2021-12-08 17:16:12 +01:00
Stephen Abello
b6b17733bf N°4491 Security hardening 2021-12-01 10:29:29 +01:00
Pierre Goiffon
d0fade9ce1 Merge remote-tracking branch 'origin/support/2.6' into support/2.7 
# Conflicts:
#	pages/ajax.render.php
#	setup/wizardsteps.class.inc.php
 2021-11-17 17:39:36 +01:00
Pierre Goiffon
75450ded1d N°4359 Security hardening 2021-11-15 16:38:11 +01:00
Pierre Goiffon
6847d8a5c7 N°4414 Startup error handler : fix message logged twice (#243) 2021-11-09 10:25:29 +01:00
Pierre Goiffon
908a48e0a1 Merge remote-tracking branch 'origin/support/2.6' into support/2.7 
# Conflicts:
#	application/transaction.class.inc.php
#	test/application/privUITransactionFileTest.php
 2021-10-21 15:09:50 +02:00
Pierre Goiffon
7757f1f2d2 N°4289 Security hardening 2021-10-21 12:43:03 +02:00
Pierre Goiffon
a353317746 N°4289 Fix privUITransactionFile generating error if MetaModel not loaded 2021-10-20 17:26:32 +02:00
Pierre Goiffon
723eb90160 N°4289 privUITransactionSession phpDoc 2021-10-20 17:25:58 +02:00
Pierre Goiffon
8ea5be4ead Merge remote-tracking branch 'origin/support/2.6' into support/2.7 
# Conflicts:
#	application/transaction.class.inc.php
 2021-10-18 14:32:27 +02:00
Pierre Goiffon
b3f827ed5e N°4367 Security hardening 2021-10-18 14:27:58 +02:00
Pierre Goiffon
34f64c61f6 privUITransaction fix inspections errors + formatting 2021-10-18 11:32:38 +02:00
Molkobain
27217815d1 N°2510 - Fix expand/collapse buttons of log entries in a list 2021-08-16 09:37:36 +02:00
Pierre Goiffon
b5074c4cee N°3806 Fix saying memory_limit isn't enough in CLI scripts and setup 
This was caused by the strict comparison in \utils::IsMemoryLimitOk for the special "-1" value of memory_limit, which was added in c2f5cafa.
Fix was to change \utils::ConvertToBytes : it was returning original value when input was numeric (so if input is '-1' output was '-1')  now it always returns an int (input '-1' output -1)
 2021-06-28 14:53:39 +02:00
Eric
3a876d5c75 Log complete error on Memory Limit or max execution time 2021-06-11 09:36:01 +02:00
Pierre Goiffon
373641e01d 🎨 Code formatting 2021-06-03 17:31:34 +02:00
Pierre Goiffon
2625d2da80 💡 PHPDoc 2021-06-03 15:29:13 +02:00
Eric
5691ca0327 Fix CI 2021-05-28 08:48:47 +02:00
Pierre Goiffon
44952d1ea0 Fix \UtilsTest::testIsMemoryLimit 2021-05-25 17:04:32 +02:00
BGdu38
c2f5cafaf3 Avoid setting memory_limit to lower value than the one already configured (#215) 
Some scripts are setting the memory_limit PHP option : setup, csvimport and XLSX export. This was done to avoid crashing when dealing with such large amount of data.
But sometimes we were setting the value without any prior check, so we could actually lower the memory_limit value :/

Now this memory_limit change is done using \utils::SetMinMemoryLimit, which will call ini_set if and only if the current value is lower than the one to be set.

Setup calls (setup/ajax.dataloader.php and webservices/backoffice.dataloader.php) were left as is as they weren't subject to this bug, and also they are more complex (logging done on each case).
 2021-05-25 12:03:19 +02:00
Molkobain
9af4846372 N°3810 - Avoid syntax highlighting that shouldn't take place 2021-03-23 16:39:22 +01:00
Pierre Goiffon
2432ff77a3 💡 More details in PHPDoc for \utils::RealPath 2021-03-17 08:34:25 +01:00
odain
386c90c601 N°3668 - URL direct error: renamed trust_proxies<-behind_reverse_proxy 2021-03-15 14:56:16 +01:00
odain
3bcae734e5 N°3671 : persist absolute URL when setup context (force trustproxy enabled) 2021-03-15 12:27:05 +01:00
bruno-ds
ae6a264d6d N°3671 - fix typo in HTTP header name 2021-03-05 16:57:03 +01:00
bruno-ds
a06bf6ea7c coding convention (thanks @molkobain) 2021-03-05 09:20:04 +01:00
bruno-ds
bb8d4a92cb fix an indentation problem (thanks @Hipska) 2021-03-04 09:56:05 +01:00
bruno-ds
1429792690 N°3668 - fix an improper redirection to the homepage when iTop is behind a reverse proxy 2021-03-04 09:39:48 +01:00
bruno-ds
1f26b59d90 N°3671 - add an API endpoint (it will be used by N°3668 and N°3760) + some code cleanup asked by @molkobain 2021-03-04 09:32:13 +01:00
bruno-ds
7b093a6bba N°3671 - app_root_url: handle reverse proxies during the setup and preserve existing configuration during an upgrade. 2021-03-03 11:55:18 +01:00
bruno-ds
0030d5c2b8 N°3764 - add transactions_gc_threshold in order to tune CSRF token GC load 2021-03-01 15:30:40 +01:00
bruno-ds
95a0efedcf N°3728 - security hardening 2021-03-01 15:28:34 +01:00