The Bank Statement has the Person/Item Column - is this the "Memo details" you are referring to? If so, alter the reporting/rep601.php file.
3,076 03/23/2017 04:43:07 pm
Re: Memo Details doesn't appear in Full in Bank Statement (1 replies, posted in Reporting)
3,077 03/23/2017 04:33:04 pm
Re: Down payment (1 replies, posted in Accounts Payable)
Check the wiki.
3,078 03/23/2017 04:26:55 pm
Re: Table 'finance.0_bank_trans' doesn't exist (1 replies, posted in Banking and General Ledger)
What is the name of your FA's database for your company - is it "finance" ?
Check if it is the same in config_db.php for the company.
Also when using the dashboard - make sure that both the theme and the extension are installed and activated for the company you are using and permissions for the desired user roles enabled.
3,079 03/20/2017 03:39:43 am
Re: voiding transactions (3 replies, posted in Accounts Payable)
It may be some browser cache. Try to logout, clear cache and open the browser again (with no other browser instances open) and then login to void the delivery order and see what happens.
Also take a backup (1) and then create a delivery order and take a backup (2) and then void the delivery order and take a backup (3) and then compare the backups for what entries came in when the delivery order was created and what got taken out / modified when it was voided. Check as to what differences are there if the invoice too was created and voided and see what database changes exist and how it affects the FA processing.
3,080 03/19/2017 03:41:17 pm
Re: Various FA Vulnerabilities that need to be addressed (6 replies, posted in Report Bugs here)
This issue is now fully fixed in both versions in the official repo.
Those using the dashboard theme/extension and the dynamic and exclusive themes can make similar changes in the following files for FA 2.3 and where appropriate in the themes in FA 2.4:
Extensions
Line 92 in dashboard/widgets/customers.php - $filename = company_path(). "/pdf_files/". uniqid("").".png";
Line 92 in dashboard/widgets/dimensions.php - $filename = company_path(). "/pdf_files/". uniqid("").".png";
Line 97 in dashboard/widgets/glreturn.php - $filename = company_path(). "/pdf_files/". uniqid("").".png";
Line 98 in dashboard/widgets/items.php - $filename = company_path(). "/pdf_files/". uniqid("").".png";
Line 92 in dashboard/widgets/suppliers.php - $filename = company_path(). "/pdf_files/". uniqid("").".png";
Line 93 in import_transactions/includes/import_sales_cart_class.inc - $this->cart_id = uniqid(''); - Localised, so no change needed
Themes
Lines 306, 405, 506, 560, 623 in dynamic/renderer.php - $filename = company_path(). "/pdf_files/". uniqid("").".png";
Lines 265, 364, 465, 519, 582 in exclusive/renderer.php - $filename = company_path(). "/pdf_files/". uniqid("").".png";
The official repo for extension distribution for FA 2.3 will not be updated since it is EOL and if done will affect those with non-bleeding edge installs.
3,081 03/19/2017 11:24:51 am
Re: Various FA Vulnerabilities that need to be addressed (6 replies, posted in Report Bugs here)
Consistent Excel Report download SOLVED!
First we need to include the fix in post 4 of this thread.
The issue of filenames starting with a hyphen or underscore may need to be addressed.
The function clean_file_name() in includes/main.inc can also do the job.
Since we are now allowing underscores(_) and hyphens (-) in the random_id()'s filenames, we need to allow it for excel filenames for download too.
Lines 30 to 55 in FA 2.3's reporting/prn_redirect.php:
if (isset($_GET['xls']))
{
$filename = $_GET['filename'];
$unique_name = preg_replace('/[^0-9a-z.]/i', '', $_GET['unique']);
$path = company_path(). '/pdf_files/';
header("Content-type: application/vnd.ms-excel");
header("Content-Disposition: attachment; filename=$filename" );
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0,pre-check=0");
header("Pragma: public");
echo file_get_contents($path.$unique_name);
exit();
}
elseif (isset($_GET['xml']))
{
$filename = $_GET['filename'];
$unique_name = preg_replace('/[^0-9a-z.]/i', '', $_GET['unique']);
$path = company_path(). '/pdf_files/';
header("content-type: text/xml");
header("Content-Disposition: attachment; filename=$filename");
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0,pre-check=0");
header("Pragma: public");
echo file_get_contents($path.$unique_name);
exit();
}can be replaced with:
if (isset($_GET['xls']) || isset($_GET['xml']))
{
$filename = $_GET['filename'];
$unique_name = preg_replace("/[^0-9_a-z.\-]/i", '', $_GET['unique']);
$path = company_path(). '/pdf_files/';
if (isset($_GET['xls'])) header("Content-type: application/vnd.ms-excel");
else header("content-type: text/xml");
header("Content-Disposition: attachment; filename=$filename" );
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0,pre-check=0");
header("Pragma: public");
echo file_get_contents($path.$unique_name);
exit();
}@joe: please update both repos.
PHP PCRE (Regular Expressions) - CheatSheet | Tutorial.
3,082 03/19/2017 10:18:36 am
Re: Various FA Vulnerabilities that need to be addressed (6 replies, posted in Report Bugs here)
The current commits for this issue breaks excel report formation consistency. Zero byte excel file downloads occur frequently and sometimes it works correctly.
The file includes/main.inc is "included" in the includes/session.inc file (apart from during installation in the install/isession.inc). It may have been possible that the file redirection (reporting/prn_redirect.php) to download the excel file did not have this initially - the said session file seems included though.
Line 719 in reporting/excel_report.inc:
meta_forward($path_to_root.'/reporting/prn_redirect.php', "xls=1&filename=$this->filename&unique=$this->unique_name");causes the redirection to download the excel file.
Line 33 in reporting/prn_redirect.php:
$unique_name = preg_replace('/[^0-9a-z.]/i', '', $_GET['unique']);seems to do some replacements that affect the downloaded filename.
@itronics / @joe: Is this necessary in the light of the current commits?
3,083 03/19/2017 09:22:21 am
Re: Various FA Vulnerabilities that need to be addressed (6 replies, posted in Report Bugs here)
@itronics: please replace line 372 in FA 2.3's includes/main.inc:
$id = strtr(base64_encode($bin), '+/', '-_'); // see RFC 4648 Section 5with
$id = strtr(base64_encode($bin), '+/=', '-_x'); // see RFC 4648 Section 5and likewise in FA 2.4. The pad character "=" can be got rid off this way.
Before your commit, it was a 13 character file base name and it is now 24 (multiples of 8).
The original filename was like:
dLPhO1A-K5vj5Dq4NxBA7w==.pdf
and the new file name will be like:
4vuNUMXvAVsQVuHEVzlrdwxx.pdf
3,084 03/18/2017 06:19:27 pm
Re: Various FA Vulnerabilities that need to be addressed (6 replies, posted in Report Bugs here)
As of 2015: PHP bug #70014 affects the reliability of openssl_random_pseudo_bytes(). paragonie/random_compat, backports random_bytes() from PHP 7 into PHP 5. One of the fallbacks it supports is openssl_random_pseudo_bytes(), but if it can read directly from /dev/urandom it will prefer that instead.
As of 2016: There's another bug with openssl_random_pseudo_bytes() (71915), which can result in duplicate values when you run it multiple times with the same process ID. Looks like it's fixed in 5.6.24.
3,085 03/18/2017 04:15:33 pm
Re: Various FA Vulnerabilities that need to be addressed (6 replies, posted in Report Bugs here)
@itronics: Thanks for the quick commits in FA 2.3 and FA 2.4. There seem to be some files left out.
The file includes/main.inc is expected to be included in every instance where it is used as the new function random_id() is defined there and it refers to a variable $cstrong which is not assigned yet. This is mostly okay as it is a return diagnostics value only. If there are any errors then just assign it a blank string before invocation as it is passed by reference.
The following files too use uniqid still and no changes in them yet in the commit done now:
1. includes/ui/ui_view.inc - $name = uniqid('_el',true);
2. reporting/includes/class.mail.inc - $this->boundary = md5(uniqid(time()));
3. reporting/includes/tcpdf.inc - $owner_pass = uniqid(rand());
4. sales/includes/cart_class.inc - $this->cart_id = uniqid(''); - This is just temporary cart id used to avoid erroneous concurrent edition inside single user session. This is not used in urls, so the security problem does not apply here.
In FA 2.4 additionally:
1. includes/dashboard.inc - $filename = company_path(). "/pdf_files/". uniqid("").".png"; - Fixed in this commit.
When changes are made to the files above, we need to make sure that the said new function random_id() is available therein. Those using it in extensions and using SOAP / RESTful APIs too need to take care by defining the function if it dows not exists at the point of invocation.
3,086 03/18/2017 10:20:07 am
Topic: Various FA Vulnerabilities that need to be addressed (6 replies, posted in Report Bugs here)
SecurityMaverick.com has listed a few and one such code that limits entropy is here.
Line 973 in reporting/includes/pdf_report.inc:
$fname = $dir.'/'.uniqid('').'.pdf';can be changed to
$fname = $dir.'/'.md5(uniqid(mt_rand(), true)).'.pdf';This improves the entropy from 10 to 29 bits but is still not good enough and is used in line 69 of includes/ui/ui_controls.inc.
Other places like this are in some repXXX.php files:
$filename = company_path(). "/pdf_files/". uniqid("").".png";that need similar changes. Several others files in FA use uniqid too and will need some changes like this.
With or without the more_entropy option, uniqid(), as represented in the PHP sample code and documentation, results in poor entropy and should not be used.
@joe: can we include this in both repos?
3,087 03/18/2017 05:45:48 am
Re: entries showing in red (6 replies, posted in Setup)
Check whether the expected value is 'visible' and is used as needed in the included file in your error.
3,088 03/18/2017 05:43:49 am
Re: TCPDF error: Not a JPEG file in the (Stock Check Sheet) (3 replies, posted in Reporting)
PM access details - let us have a look.
3,089 03/16/2017 08:51:42 pm
Re: TCPDF error: Not a JPEG file in the (Stock Check Sheet) (3 replies, posted in Reporting)
Make sure you have the php GD libs installed and the files are readable by the webserver user. Try to save the jpg file from some other graphics program.
3,090 03/16/2017 08:48:34 pm
Re: entries showing in red (6 replies, posted in Setup)
When arithmetic computations occur whether in the sql statement or in the php expressions, there is room for additional decimal places. These are rounded off and discarded if the DELTA is below a threshold. Search for the constant FLOAT_COMP_DELTA in the FA files and see what gives.
It is defined in includes/current_user.inc and is used in the suppliers and customers "_db.inc" files.
define('FLOAT_COMP_DELTA', 0.004);3,091 03/13/2017 02:32:53 am
Re: entries showing in red (6 replies, posted in Setup)
Have a look at the value 0.00 in the database tables and see if there is some 3rd decimal place error. If so, we may need to incorporate the DELTA difference makeover in the formula that computes it before triggering the red font. Provide the url part after the webroot that caused the error.
3,092 03/12/2017 10:34:57 am
Re: OPEN LINK IN A NEW TAB (1 replies, posted in FA Modifications)
The links are generated later after all lapp and rapp functions populate the menu array. If you need to open the link in a new tab/window you will either need to use the right click menu in your browser or create and use a new method in the application menu class.
3,093 03/07/2017 06:07:41 am
Re: Getting error message on form submission and ajax submission. (1 replies, posted in Report Bugs here)
Which version of PHP / FA are you using?
3,094 03/04/2017 05:28:04 am
Topic: Vietnamese Translations added to FAMods (1 replies, posted in Translations)
Thanks to @tuananh88c25, Vietnamese Install language files are now committed in my unofficial GitHub Repo and are available at:
https://github.com/apmuthu/frontaccounting/tree/master/FAMods/install/lang/vi_VN
Transifex now has Vietnamese added for FrontAccounting v2.3.x with 1% of the strings translated for now and @tuananh88c25 has been added as a translator at:
https://www.transifex.com/gnuacademy/frontaccounting-1/language/vi_VN/
The Vietnamese core translation files are available at:
https://github.com/apmuthu/frontaccounting/tree/master/extensions/Languages/vi_VN
These files can now be added to the official translation as a pkg file.
3,095 03/04/2017 03:12:12 am
Re: Today we passed 200 000 downloads on Sourceforge. (9 replies, posted in Announcements)
Approximtely 250 downloads a week for FA 2.3.25 on SourceForge still.
FA is becoming most popular in Germany in the last year and a half - home of SAP!
3,096 03/01/2017 03:35:01 pm
Re: Need Salesman wise report (25 replies, posted in Reporting)
Replace line 201 in the new file:
$sql .= " ORDER BY name";with
$sql .= " GROUP BY debtors_master.debtor_no ORDER BY name";3,097 03/01/2017 03:24:54 pm
Re: Need Salesman wise report (25 replies, posted in Reporting)
The said error occurs because you have the same salesman in 2 or more branches and the debtors_master does not specify a particular branch since it should be taken from the transaction itself....
3,098 02/24/2017 04:51:21 pm
Re: G/L Account Subledger Control and Locking Accounts (2 replies, posted in Wish List)
This "licence" to mess up is actually a "feature" to make adjustments that might otherwise mess up standard reports by popping up there.
Anyway, you are right about trackable transactions need to be posted from their respective modules. Thanks for both your workarounds that will surely help others should they traverse the path you did. FA's open database structure saved the day even if taking it's pound of flesh in time and effort.
3,099 02/24/2017 04:42:54 pm
Re: Release 2.4.RC1 (20 replies, posted in Announcements)
Upgrade 2.3.12 to 2.3.25+ first.
Then upgrade to FA 2.4RC1.
Otherwise close current accounting year in 2.3.12 and start the next accounting year in 2.4RC1.
Issues like what extensions are installed and need migration / updation, etc will need to be addressed.
This is apart from local customisation / extra fields and external linkages that need to be dealt with as well.
3,100 02/22/2017 04:59:20 pm
Re: Release 2.4.RC1 (20 replies, posted in Announcements)
Enable / Activate the Fixed Assets Configuration permissions for your user role (System Administrator) for your company and make sure you have edit rights when you want to make such critical changes as it is disabled by default.
fixed_assets/includes/fa_classes_db.inc defines the function update_fixed_asset_class() which operates on the fields of the stock_fa_class table whose inactive field is not used for now in this file.