2013-03-17 07:45:21 +08:00
< ? php
//
// ZoneMinder web action file, $Date$, $Revision$
// Copyright (C) 2001-2008 Philip Coombes
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation; either version 2
// of the License, or (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
2016-12-26 23:23:16 +08:00
// Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
2013-03-17 07:45:21 +08:00
//
2015-08-30 03:13:15 +08:00
// PP - POST request handler for PHP which does not need extensions
// credit: http://wezfurlong.org/blog/2006/nov/http-post-from-php-without-curl/
2015-09-25 03:44:35 +08:00
2017-10-27 09:56:10 +08:00
function do_request ( $method , $url , $data = array (), $optional_headers = null ) {
global $php_errormsg ;
$params = array ( 'http' => array (
'method' => $method ,
'content' => $data
));
if ( $optional_headers !== null ) {
$params [ 'http' ][ 'header' ] = $optional_headers ;
}
$ctx = stream_context_create ( $params );
$fp = @ fopen ( $url , 'rb' , false , $ctx );
if ( ! $fp ) {
throw new Exception ( " Problem with $url , $php_errormsg " );
}
$response = @ stream_get_contents ( $fp );
if ( $response === false ) {
throw new Exception ( " Problem reading data from $url , $php_errormsg " );
}
return $response ;
}
2017-05-17 02:14:07 +08:00
function do_post_request ( $url , $data , $optional_headers = null ) {
2015-08-30 03:13:15 +08:00
$params = array ( 'http' => array (
2017-05-17 02:14:07 +08:00
'method' => 'POST' ,
'content' => $data
));
2015-08-30 03:13:15 +08:00
if ( $optional_headers !== null ) {
$params [ 'http' ][ 'header' ] = $optional_headers ;
}
$ctx = stream_context_create ( $params );
$fp = @ fopen ( $url , 'rb' , false , $ctx );
if ( ! $fp ) {
throw new Exception ( " Problem with $url , $php_errormsg " );
}
$response = @ stream_get_contents ( $fp );
if ( $response === false ) {
throw new Exception ( " Problem reading data from $url , $php_errormsg " );
}
return $response ;
}
2017-05-17 02:14:07 +08:00
function getAffectedIds ( $name ) {
$names = $name . 's' ;
$ids = array ();
2018-02-03 01:14:01 +08:00
if ( isset ( $_REQUEST [ $names ]) ) {
if ( is_array ( $_REQUEST [ $names ]) ) {
$ids = $_REQUEST [ $names ];
} else {
$ids = array ( $_REQUEST [ $names ]);
}
} else if ( isset ( $_REQUEST [ $name ]) ) {
if ( is_array ( $_REQUEST [ $name ]) ) {
$ids = $_REQUEST [ $name ];
} else {
$ids = array ( $_REQUEST [ $name ]);
}
}
return $ids ;
2013-03-17 07:45:21 +08:00
}
2017-10-31 04:29:27 +08:00
if ( empty ( $action ) ) {
return ;
}
if ( $action == 'login' && isset ( $_REQUEST [ 'username' ]) && ( ZM_AUTH_TYPE == 'remote' || isset ( $_REQUEST [ 'password' ]) ) ) {
// if true, a popup will display after login
// PP - lets validate reCaptcha if it exists
if ( defined ( 'ZM_OPT_USE_GOOG_RECAPTCHA' )
&& defined ( 'ZM_OPT_GOOG_RECAPTCHA_SECRETKEY' )
&& defined ( 'ZM_OPT_GOOG_RECAPTCHA_SITEKEY' )
&& ZM_OPT_USE_GOOG_RECAPTCHA && ZM_OPT_GOOG_RECAPTCHA_SECRETKEY
2017-10-31 08:21:16 +08:00
&& ZM_OPT_GOOG_RECAPTCHA_SITEKEY )
2017-10-31 04:29:27 +08:00
{
$url = 'https://www.google.com/recaptcha/api/siteverify' ;
$fields = array (
2017-10-31 08:21:16 +08:00
'secret' => ZM_OPT_GOOG_RECAPTCHA_SECRETKEY ,
'response' => $_REQUEST [ 'g-recaptcha-response' ],
'remoteip' => $_SERVER [ 'REMOTE_ADDR' ]
2017-10-31 04:29:27 +08:00
);
2017-10-31 08:21:16 +08:00
$res = do_post_request ( $url , http_build_query ( $fields ));
2017-10-31 04:29:27 +08:00
$responseData = json_decode ( $res , true );
// PP - credit: https://github.com/google/recaptcha/blob/master/src/ReCaptcha/Response.php
// if recaptcha resulted in error, we might have to deny login
if ( isset ( $responseData [ 'success' ]) && $responseData [ 'success' ] == false ) {
// PP - before we deny auth, let's make sure the error was not 'invalid secret'
// because that means the user did not configure the secret key correctly
// in this case, we prefer to let him login in and display a message to correct
// the key. Unfortunately, there is no way to check for invalid site key in code
// as it produces the same error as when you don't answer a recaptcha
if ( isset ( $responseData [ 'error-codes' ]) && is_array ( $responseData [ 'error-codes' ])) {
if ( ! in_array ( 'invalid-input-secret' , $responseData [ 'error-codes' ])) {
Error ( 'reCaptcha authentication failed' );
userLogout ();
$view = 'login' ;
$refreshParent = true ;
} else {
//Let them login but show an error
echo '<script type="text/javascript">alert("' . translate ( 'RecaptchaWarning' ) . '"); </script>' ;
2017-12-07 23:31:25 +08:00
Error ( 'Invalid recaptcha secret detected' );
2013-03-17 07:45:21 +08:00
}
2017-10-31 04:29:27 +08:00
}
} // end if success==false
} // end if using reCaptcha
$username = validStr ( $_REQUEST [ 'username' ] );
$password = isset ( $_REQUEST [ 'password' ]) ? validStr ( $_REQUEST [ 'password' ]) : '' ;
userLogin ( $username , $password );
$refreshParent = true ;
$view = 'console' ;
2018-01-29 04:13:57 +08:00
$redirect = ZM_BASE_URL . $_SERVER [ 'PHP_SELF' ] . '?view=console' ;
2017-10-31 04:29:27 +08:00
} else if ( $action == 'logout' ) {
userLogout ();
$refreshParent = true ;
$view = 'none' ;
} else if ( $action == 'bandwidth' && isset ( $_REQUEST [ 'newBandwidth' ]) ) {
$_COOKIE [ 'zmBandwidth' ] = validStr ( $_REQUEST [ 'newBandwidth' ]);
setcookie ( 'zmBandwidth' , validStr ( $_REQUEST [ 'newBandwidth' ]), time () + 3600 * 24 * 30 * 12 * 10 );
$refreshParent = true ;
}
2013-03-17 07:45:21 +08:00
2017-10-31 04:29:27 +08:00
// Event scope actions, view permissions only required
if ( canView ( 'Events' ) ) {
2017-05-17 02:14:07 +08:00
2017-10-31 04:29:27 +08:00
if ( isset ( $_REQUEST [ 'object' ] ) and ( $_REQUEST [ 'object' ] == 'filter' ) ) {
if ( $action == 'addterm' ) {
$_REQUEST [ 'filter' ] = addFilterTerm ( $_REQUEST [ 'filter' ], $_REQUEST [ 'line' ] );
} elseif ( $action == 'delterm' ) {
$_REQUEST [ 'filter' ] = delFilterTerm ( $_REQUEST [ 'filter' ], $_REQUEST [ 'line' ] );
} else if ( canEdit ( 'Events' ) ) {
if ( $action == 'delete' ) {
if ( ! empty ( $_REQUEST [ 'Id' ]) ) {
dbQuery ( 'DELETE FROM Filters WHERE Id=?' , array ( $_REQUEST [ 'Id' ] ) );
}
2017-11-25 04:37:50 +08:00
} else if ( ( $action == 'Save' ) or ( $action == 'SaveAs' ) or ( $action == 'execute' ) ) {
# or ( $action == 'submit' ) ) {
2017-10-31 04:29:27 +08:00
$sql = '' ;
$_REQUEST [ 'filter' ][ 'Query' ][ 'sort_field' ] = validStr ( $_REQUEST [ 'filter' ][ 'Query' ][ 'sort_field' ]);
$_REQUEST [ 'filter' ][ 'Query' ][ 'sort_asc' ] = validStr ( $_REQUEST [ 'filter' ][ 'Query' ][ 'sort_asc' ]);
$_REQUEST [ 'filter' ][ 'Query' ][ 'limit' ] = validInt ( $_REQUEST [ 'filter' ][ 'Query' ][ 'limit' ]);
2017-11-25 04:37:50 +08:00
if ( $action == 'execute' ) {
$tempFilterName = '_TempFilter' . time ();
$sql .= ' Name = \'' . $tempFilterName . '\'' ;
2017-10-31 04:29:27 +08:00
} else {
$sql .= ' Name = ' . dbEscape ( $_REQUEST [ 'filter' ][ 'Name' ]);
}
$sql .= ', Query = ' . dbEscape ( jsonEncode ( $_REQUEST [ 'filter' ][ 'Query' ]));
$sql .= ', AutoArchive = ' . ( ! empty ( $_REQUEST [ 'filter' ][ 'AutoArchive' ]) ? 1 : 0 );
$sql .= ', AutoVideo = ' . ( ! empty ( $_REQUEST [ 'filter' ][ 'AutoVideo' ]) ? 1 : 0 );
$sql .= ', AutoUpload = ' . ( ! empty ( $_REQUEST [ 'filter' ][ 'AutoUpload' ]) ? 1 : 0 );
$sql .= ', AutoEmail = ' . ( ! empty ( $_REQUEST [ 'filter' ][ 'AutoEmail' ]) ? 1 : 0 );
$sql .= ', AutoMessage = ' . ( ! empty ( $_REQUEST [ 'filter' ][ 'AutoMessage' ]) ? 1 : 0 );
$sql .= ', AutoExecute = ' . ( ! empty ( $_REQUEST [ 'filter' ][ 'AutoExecute' ]) ? 1 : 0 );
$sql .= ', AutoExecuteCmd = ' . dbEscape ( $_REQUEST [ 'filter' ][ 'AutoExecuteCmd' ]);
$sql .= ', AutoDelete = ' . ( ! empty ( $_REQUEST [ 'filter' ][ 'AutoDelete' ]) ? 1 : 0 );
2017-12-05 00:05:50 +08:00
if ( ! empty ( $_REQUEST [ 'filter' ][ 'AutoMove' ]) ? 1 : 0 ) {
$sql .= ', AutoMove = 1, AutoMoveTo=' . validInt ( $_REQUEST [ 'filter' ][ 'AutoMoveTo' ]);
} else {
$sql .= ', AutoMove = 0' ;
}
2017-10-31 04:29:27 +08:00
$sql .= ', UpdateDiskSpace = ' . ( ! empty ( $_REQUEST [ 'filter' ][ 'UpdateDiskSpace' ]) ? 1 : 0 );
$sql .= ', Background = ' . ( ! empty ( $_REQUEST [ 'filter' ][ 'Background' ]) ? 1 : 0 );
$sql .= ', Concurrent = ' . ( ! empty ( $_REQUEST [ 'filter' ][ 'Concurrent' ]) ? 1 : 0 );
2017-11-24 00:26:55 +08:00
if ( $_REQUEST [ 'Id' ] and ( $action == 'Save' ) ) {
2017-10-31 04:29:27 +08:00
dbQuery ( 'UPDATE Filters SET ' . $sql . ' WHERE Id=?' , array ( $_REQUEST [ 'Id' ]) );
} else {
dbQuery ( 'INSERT INTO Filters SET' . $sql );
$_REQUEST [ 'Id' ] = dbInsertId ();
}
2017-11-25 04:37:50 +08:00
if ( $action == 'execute' ) {
2018-02-22 02:54:06 +08:00
session_write_close ();
2017-11-25 04:37:50 +08:00
executeFilter ( $tempFilterName );
}
2017-06-19 22:18:44 +08:00
2017-10-31 04:29:27 +08:00
} // end if save or execute
} // end if canEdit(Events)
return ;
} // end if object == filter
else {
// Event scope actions, edit permissions required
2018-02-03 01:14:01 +08:00
if ( canEdit ( 'Events' ) ) {
if ( ( $action == 'rename' ) && isset ( $_REQUEST [ 'eventName' ]) && ! empty ( $_REQUEST [ 'eid' ]) ) {
2017-10-31 04:29:27 +08:00
dbQuery ( 'UPDATE Events SET Name=? WHERE Id=?' , array ( $_REQUEST [ 'eventName' ], $_REQUEST [ 'eid' ] ) );
} else if ( $action == 'eventdetail' ) {
if ( ! empty ( $_REQUEST [ 'eid' ]) ) {
dbQuery ( 'UPDATE Events SET Cause=?, Notes=? WHERE Id=?' , array ( $_REQUEST [ 'newEvent' ][ 'Cause' ], $_REQUEST [ 'newEvent' ][ 'Notes' ], $_REQUEST [ 'eid' ] ) );
} else {
2018-02-03 01:14:01 +08:00
$dbConn -> beginTransaction ();
foreach ( getAffectedIds ( 'markEid' ) as $markEid ) {
2017-10-31 04:29:27 +08:00
dbQuery ( 'UPDATE Events SET Cause=?, Notes=? WHERE Id=?' , array ( $_REQUEST [ 'newEvent' ][ 'Cause' ], $_REQUEST [ 'newEvent' ][ 'Notes' ], $markEid ) );
2017-06-16 03:45:43 +08:00
}
2018-02-03 01:14:01 +08:00
$dbConn -> commit ();
2017-10-31 04:29:27 +08:00
}
$refreshParent = true ;
$closePopup = true ;
} elseif ( $action == 'archive' || $action == 'unarchive' ) {
$archiveVal = ( $action == 'archive' ) ? 1 : 0 ;
if ( ! empty ( $_REQUEST [ 'eid' ]) ) {
2018-02-03 01:14:01 +08:00
dbQuery ( 'UPDATE Events SET Archived=? WHERE Id=?' , array ( $archiveVal , $_REQUEST [ 'eid' ]));
2017-10-31 04:29:27 +08:00
} else {
2018-02-03 01:14:01 +08:00
$dbConn -> beginTransaction ();
2017-06-16 03:45:43 +08:00
foreach ( getAffectedIds ( 'markEid' ) as $markEid ) {
2018-02-03 01:14:01 +08:00
dbQuery ( 'UPDATE Events SET Archived=? WHERE Id=?' , array ( $archiveVal , $markEid ));
2017-06-16 03:45:43 +08:00
}
2018-02-03 01:14:01 +08:00
$dbConn -> commit ();
2017-07-06 22:48:33 +08:00
$refreshParent = true ;
2017-05-17 02:14:07 +08:00
}
2017-10-31 04:29:27 +08:00
} elseif ( $action == 'delete' ) {
2018-02-03 01:14:01 +08:00
$dbConn -> beginTransaction ();
2017-10-31 04:29:27 +08:00
foreach ( getAffectedIds ( 'markEid' ) as $markEid ) {
deleteEvent ( $markEid );
}
2018-02-03 01:14:01 +08:00
$dbConn -> commit ();
2017-10-31 04:29:27 +08:00
$refreshParent = true ;
}
} // end if canEdit(Events)
} // end if filter or something else
} // end canView(Events)
// Monitor control actions, require a monitor id and control view permissions for that monitor
if ( ! empty ( $_REQUEST [ 'mid' ]) && canView ( 'Control' , $_REQUEST [ 'mid' ] ) ) {
require_once ( 'control_functions.php' );
require_once ( 'Monitor.php' );
$mid = validInt ( $_REQUEST [ 'mid' ]);
if ( $action == 'control' ) {
$monitor = new Monitor ( $mid );
$ctrlCommand = buildControlCommand ( $monitor );
sendControlCommand ( $monitor -> Id (), $ctrlCommand );
} elseif ( $action == 'settings' ) {
2017-12-07 23:31:25 +08:00
$args = ' -m ' . escapeshellarg ( $mid );
$args .= ' -B' . escapeshellarg ( $_REQUEST [ 'newBrightness' ]);
$args .= ' -C' . escapeshellarg ( $_REQUEST [ 'newContrast' ]);
$args .= ' -H' . escapeshellarg ( $_REQUEST [ 'newHue' ]);
$args .= ' -O' . escapeshellarg ( $_REQUEST [ 'newColour' ]);
2017-10-31 04:29:27 +08:00
$zmuCommand = getZmuCommand ( $args );
$zmuOutput = exec ( $zmuCommand );
list ( $brightness , $contrast , $hue , $colour ) = explode ( ' ' , $zmuOutput );
dbQuery ( 'UPDATE Monitors SET Brightness = ?, Contrast = ?, Hue = ?, Colour = ? WHERE Id = ?' , array ( $brightness , $contrast , $hue , $colour , $mid ));
2017-05-17 02:14:07 +08:00
}
2017-10-31 04:29:27 +08:00
}
2013-03-17 07:45:21 +08:00
2017-10-31 04:29:27 +08:00
// Control capability actions, require control edit permissions
if ( canEdit ( 'Control' ) ) {
if ( $action == 'controlcap' ) {
if ( ! empty ( $_REQUEST [ 'cid' ]) ) {
$control = dbFetchOne ( 'SELECT * FROM Controls WHERE Id = ?' , NULL , array ( $_REQUEST [ 'cid' ]) );
} else {
$control = array ();
}
2017-05-17 02:14:07 +08:00
2017-10-31 04:29:27 +08:00
// Define a field type for anything that's not simple text equivalent
$types = array (
// Empty
);
2017-05-17 02:14:07 +08:00
2017-10-31 04:29:27 +08:00
$columns = getTableColumns ( 'Controls' );
foreach ( $columns as $name => $type ) {
if ( preg_match ( '/^(Can|Has)/' , $name ) ) {
$types [ $name ] = 'toggle' ;
2017-05-17 02:14:07 +08:00
}
2017-10-31 04:29:27 +08:00
}
$changes = getFormChanges ( $control , $_REQUEST [ 'newControl' ], $types , $columns );
2014-06-06 03:14:12 +08:00
2017-10-31 04:29:27 +08:00
if ( count ( $changes ) ) {
if ( ! empty ( $_REQUEST [ 'cid' ]) ) {
2017-12-07 23:31:25 +08:00
dbQuery ( 'update Controls set ' . implode ( ', ' , $changes ) . ' where Id = ?' , array ( $_REQUEST [ 'cid' ]) );
2017-10-31 04:29:27 +08:00
} else {
2017-12-07 23:31:25 +08:00
dbQuery ( 'insert into Controls set ' . implode ( ', ' , $changes ) );
2017-10-31 04:29:27 +08:00
//$_REQUEST['cid'] = dbInsertId();
2017-05-17 02:14:07 +08:00
}
2017-10-31 04:29:27 +08:00
$refreshParent = true ;
}
$view = 'none' ;
} elseif ( $action == 'delete' ) {
if ( isset ( $_REQUEST [ 'markCids' ]) ) {
foreach ( $_REQUEST [ 'markCids' ] as $markCid ) {
2017-12-07 23:31:25 +08:00
dbQuery ( 'delete from Controls where Id = ?' , array ( $markCid ) );
dbQuery ( 'update Monitors set Controllable = 0, ControlId = 0 where ControlId = ?' , array ( $markCid ) );
2017-10-31 04:29:27 +08:00
$refreshParent = true ;
2017-05-17 02:14:07 +08:00
}
2013-03-17 07:45:21 +08:00
}
2017-05-17 02:14:07 +08:00
}
2017-10-31 04:29:27 +08:00
}
2013-03-17 07:45:21 +08:00
2017-10-31 04:29:27 +08:00
if ( isset ( $_REQUEST [ 'object' ]) and $_REQUEST [ 'object' ] == 'Monitor' ) {
if ( $action == 'save' ) {
foreach ( $_REQUEST [ 'mids' ] as $mid ) {
$mid = ValidInt ( $mid );
if ( ! canEdit ( 'Monitors' , $mid ) ) {
Warning ( " Cannot edit monitor $mid " );
continue ;
}
$Monitor = new Monitor ( $mid );
$Monitor -> zmaControl ( 'stop' );
$Monitor -> zmcControl ( 'stop' );
$Monitor -> save ( $_REQUEST [ 'newMonitor' ] );
if ( $Monitor -> Function () != 'None' ) {
$Monitor -> zmcControl ( 'start' );
if ( $Monitor -> Enabled () ) {
$Monitor -> zmaControl ( 'start' );
2017-10-24 08:01:43 +08:00
}
2017-10-31 04:29:27 +08:00
}
2017-10-24 08:01:43 +08:00
2017-10-31 04:29:27 +08:00
} // end foreach mid
$refreshParent = true ;
} // end if action == save
} // end if object is Monitor
// Monitor edit actions, require a monitor id and edit permissions for that monitor
if ( ! empty ( $_REQUEST [ 'mid' ]) && canEdit ( 'Monitors' , $_REQUEST [ 'mid' ] ) ) {
$mid = validInt ( $_REQUEST [ 'mid' ]);
if ( $action == 'function' ) {
$monitor = dbFetchOne ( 'SELECT * FROM Monitors WHERE Id=?' , NULL , array ( $mid ) );
$newFunction = validStr ( $_REQUEST [ 'newFunction' ]);
# Because we use a checkbox, it won't get passed in the request. So not being in _REQUEST means 0
$newEnabled = ( ! isset ( $_REQUEST [ 'newEnabled' ] ) or $_REQUEST [ 'newEnabled' ] != '1' ) ? '0' : '1' ;
$oldFunction = $monitor [ 'Function' ];
$oldEnabled = $monitor [ 'Enabled' ];
if ( $newFunction != $oldFunction || $newEnabled != $oldEnabled ) {
dbQuery ( 'UPDATE Monitors SET Function=?, Enabled=? WHERE Id=?' , array ( $newFunction , $newEnabled , $mid ) );
$monitor [ 'Function' ] = $newFunction ;
$monitor [ 'Enabled' ] = $newEnabled ;
if ( daemonCheck () ) {
$restart = ( $oldFunction == 'None' ) || ( $newFunction == 'None' ) || ( $newEnabled != $oldEnabled );
zmaControl ( $monitor , 'stop' );
zmcControl ( $monitor , $restart ? 'restart' : '' );
zmaControl ( $monitor , 'start' );
}
2017-10-24 08:01:43 +08:00
$refreshParent = true ;
2017-10-31 04:29:27 +08:00
}
} elseif ( $action == 'zone' && isset ( $_REQUEST [ 'zid' ] ) ) {
$zid = validInt ( $_REQUEST [ 'zid' ]);
$monitor = dbFetchOne ( 'SELECT * FROM Monitors WHERE Id=?' , NULL , array ( $mid ) );
if ( ! empty ( $zid ) ) {
$zone = dbFetchOne ( 'SELECT * FROM Zones WHERE MonitorId=? AND Id=?' , NULL , array ( $mid , $zid ) );
} else {
$zone = array ();
}
if ( $_REQUEST [ 'newZone' ][ 'Units' ] == 'Percent' ) {
$_REQUEST [ 'newZone' ][ 'MinAlarmPixels' ] = intval (( $_REQUEST [ 'newZone' ][ 'MinAlarmPixels' ] * $_REQUEST [ 'newZone' ][ 'Area' ]) / 100 );
$_REQUEST [ 'newZone' ][ 'MaxAlarmPixels' ] = intval (( $_REQUEST [ 'newZone' ][ 'MaxAlarmPixels' ] * $_REQUEST [ 'newZone' ][ 'Area' ]) / 100 );
if ( isset ( $_REQUEST [ 'newZone' ][ 'MinFilterPixels' ]) )
$_REQUEST [ 'newZone' ][ 'MinFilterPixels' ] = intval (( $_REQUEST [ 'newZone' ][ 'MinFilterPixels' ] * $_REQUEST [ 'newZone' ][ 'Area' ]) / 100 );
if ( isset ( $_REQUEST [ 'newZone' ][ 'MaxFilterPixels' ]) )
$_REQUEST [ 'newZone' ][ 'MaxFilterPixels' ] = intval (( $_REQUEST [ 'newZone' ][ 'MaxFilterPixels' ] * $_REQUEST [ 'newZone' ][ 'Area' ]) / 100 );
if ( isset ( $_REQUEST [ 'newZone' ][ 'MinBlobPixels' ]) )
$_REQUEST [ 'newZone' ][ 'MinBlobPixels' ] = intval (( $_REQUEST [ 'newZone' ][ 'MinBlobPixels' ] * $_REQUEST [ 'newZone' ][ 'Area' ]) / 100 );
if ( isset ( $_REQUEST [ 'newZone' ][ 'MaxBlobPixels' ]) )
$_REQUEST [ 'newZone' ][ 'MaxBlobPixels' ] = intval (( $_REQUEST [ 'newZone' ][ 'MaxBlobPixels' ] * $_REQUEST [ 'newZone' ][ 'Area' ]) / 100 );
}
unset ( $_REQUEST [ 'newZone' ][ 'Points' ] );
$types = array ();
$changes = getFormChanges ( $zone , $_REQUEST [ 'newZone' ], $types );
if ( count ( $changes ) ) {
if ( $zid > 0 ) {
2017-12-07 23:31:25 +08:00
dbQuery ( 'UPDATE Zones SET ' . implode ( ', ' , $changes ) . ' WHERE MonitorId=? AND Id=?' , array ( $mid , $zid ) );
2017-10-31 04:29:27 +08:00
} else {
2017-12-07 23:31:25 +08:00
dbQuery ( 'INSERT INTO Zones SET MonitorId=?, ' . implode ( ', ' , $changes ), array ( $mid ) );
2017-10-31 04:29:27 +08:00
}
//if ( $cookies ) session_write_close();
if ( daemonCheck () ) {
if ( $_REQUEST [ 'newZone' ][ 'Type' ] == 'Privacy' ) {
2017-05-17 02:14:07 +08:00
zmaControl ( $monitor , 'stop' );
2017-10-31 04:29:27 +08:00
zmcControl ( $monitor , 'restart' );
2017-05-17 02:14:07 +08:00
zmaControl ( $monitor , 'start' );
2017-10-31 04:29:27 +08:00
} else {
zmaControl ( $mid , 'restart' );
2013-03-17 07:45:21 +08:00
}
2017-05-17 02:14:07 +08:00
}
2017-10-31 04:29:27 +08:00
if ( $_REQUEST [ 'newZone' ][ 'Type' ] == 'Privacy' && $monitor [ 'Controllable' ] ) {
require_once ( 'control_functions.php' );
sendControlCommand ( $mid , 'quit' );
2017-05-17 02:14:07 +08:00
}
2017-10-31 04:29:27 +08:00
$refreshParent = true ;
}
$view = 'none' ;
} elseif ( $action == 'plugin' && isset ( $_REQUEST [ 'pl' ])) {
$sql = 'SELECT * FROM PluginsConfig WHERE MonitorId=? AND ZoneId=? AND pluginName=?' ;
$pconfs = dbFetchAll ( $sql , NULL , array ( $mid , $_REQUEST [ 'zid' ], $_REQUEST [ 'pl' ] ) );
$changes = 0 ;
foreach ( $pconfs as $pconf ) {
$value = $_REQUEST [ 'pluginOpt' ][ $pconf [ 'Name' ]];
if ( array_key_exists ( $pconf [ 'Name' ], $_REQUEST [ 'pluginOpt' ]) && ( $pconf [ 'Value' ] != $value )) {
2017-12-07 23:31:25 +08:00
dbQuery ( 'UPDATE PluginsConfig SET Value=? WHERE id=?' , array ( $value , $pconf [ 'Id' ] ) );
2017-10-31 04:29:27 +08:00
$changes ++ ;
}
}
if ( $changes > 0 ) {
if ( daemonCheck () ) {
zmaControl ( $mid , 'restart' );
2017-05-17 02:14:07 +08:00
}
2017-10-31 04:29:27 +08:00
$refreshParent = true ;
}
$view = 'none' ;
} elseif ( $action == 'sequence' && isset ( $_REQUEST [ 'smid' ]) ) {
$smid = validInt ( $_REQUEST [ 'smid' ]);
$monitor = dbFetchOne ( 'select * from Monitors where Id = ?' , NULL , array ( $mid ) );
$smonitor = dbFetchOne ( 'select * from Monitors where Id = ?' , NULL , array ( $smid ) );
2017-05-17 02:14:07 +08:00
2017-10-31 04:29:27 +08:00
dbQuery ( 'update Monitors set Sequence=? where Id=?' , array ( $smonitor [ 'Sequence' ], $monitor [ 'Id' ] ) );
dbQuery ( 'update Monitors set Sequence=? WHERE Id=?' , array ( $monitor [ 'Sequence' ], $smonitor [ 'Id' ] ) );
2017-05-17 02:14:07 +08:00
2017-10-31 04:29:27 +08:00
$refreshParent = true ;
fixSequences ();
} elseif ( $action == 'delete' ) {
if ( isset ( $_REQUEST [ 'markZids' ]) ) {
$deletedZid = 0 ;
foreach ( $_REQUEST [ 'markZids' ] as $markZid ) {
$zone = dbFetchOne ( 'select * from Zones where Id=?' , NULL , array ( $markZid ) );
dbQuery ( 'delete from Zones WHERE MonitorId=? AND Id=?' , array ( $mid , $markZid ) );
$deletedZid = 1 ;
}
if ( $deletedZid ) {
//if ( $cookies )
//session_write_close();
2017-05-17 02:14:07 +08:00
if ( daemonCheck () ) {
2017-10-31 04:29:27 +08:00
if ( $zone [ 'Type' ] == 'Privacy' ) {
zmaControl ( $mid , 'stop' );
zmcControl ( $mid , 'restart' );
zmaControl ( $mid , 'start' );
2017-05-17 02:14:07 +08:00
} else {
zmaControl ( $mid , 'restart' );
}
2017-10-31 04:29:27 +08:00
} // end if daemonCheck()
2017-05-17 02:14:07 +08:00
$refreshParent = true ;
2017-10-31 04:29:27 +08:00
} // end if deletedzid
} // end if isset($_REQUEST['markZids'])
} // end if action
} // end if $mid and canEdit($mid)
// Monitor edit actions, monitor id derived, require edit permissions for that monitor
if ( canEdit ( 'Monitors' ) ) {
if ( $action == 'monitor' ) {
$mid = 0 ;
if ( ! empty ( $_REQUEST [ 'mid' ]) ) {
$mid = validInt ( $_REQUEST [ 'mid' ]);
$monitor = dbFetchOne ( 'SELECT * FROM Monitors WHERE Id = ?' , NULL , array ( $mid ) );
if ( ZM_OPT_X10 ) {
$x10Monitor = dbFetchOne ( 'SELECT * FROM TriggersX10 WHERE MonitorId=?' , NULL , array ( $mid ) );
if ( ! $x10Monitor )
$x10Monitor = array ();
2017-05-17 02:14:07 +08:00
}
2017-10-31 04:29:27 +08:00
} else {
$monitor = array ();
if ( ZM_OPT_X10 ) {
$x10Monitor = array ();
2017-05-17 02:14:07 +08:00
}
2017-10-31 04:29:27 +08:00
}
2017-05-17 02:14:07 +08:00
2017-10-31 04:29:27 +08:00
// Define a field type for anything that's not simple text equivalent
$types = array (
'Triggers' => 'set' ,
'Controllable' => 'toggle' ,
'TrackMotion' => 'toggle' ,
'Enabled' => 'toggle' ,
'DoNativeMotDet' => 'toggle' ,
'Exif' => 'toggle' ,
'RTSPDescribe' => 'toggle' ,
'RecordAudio' => 'toggle' ,
);
2018-01-26 00:41:42 +08:00
if ( $_REQUEST [ 'newMonitor' ][ 'ServerId' ] == 'auto' ) {
2018-02-02 23:27:50 +08:00
Logger :: Debug ( " Auto selecting server " );
2018-01-29 10:07:01 +08:00
$_REQUEST [ 'newMonitor' ][ 'ServerId' ] = dbFetchOne ( 'SELECT Id FROM Servers WHERE Status=\'Running\' ORDER BY FreeMem ASC, CpuLoad ASC LIMIT 1' , 'Id' );
2018-02-02 23:27:50 +08:00
Logger :: Debug ( " Auto selecting server: Got " . $_REQUEST [ 'newMonitor' ][ 'ServerId' ] );
2018-01-26 00:41:42 +08:00
if ( ( ! $_REQUEST [ 'newMonitor' ] ) and defined ( 'ZM_SERVER_ID' ) ) {
$_REQUEST [ 'newMonitor' ][ 'ServerId' ] = ZM_SERVER_ID ;
2018-02-02 23:27:50 +08:00
Logger :: Debug ( " Auto selecting server to " . ZM_SERVER_ID );
2018-01-26 00:41:42 +08:00
}
2018-01-29 10:07:01 +08:00
} else {
Logger :: Debug ( " NOT Auto selecting server " . $_REQUEST [ 'newMonitor' ][ 'ServerId' ]);
2018-01-26 00:41:42 +08:00
}
2017-10-31 04:29:27 +08:00
$columns = getTableColumns ( 'Monitors' );
$changes = getFormChanges ( $monitor , $_REQUEST [ 'newMonitor' ], $types , $columns );
if ( count ( $changes ) ) {
if ( $mid ) {
# If we change anything that changes the shared mem size, zma can complain. So let's stop first.
zmaControl ( $monitor , 'stop' );
zmcControl ( $monitor , 'stop' );
dbQuery ( 'UPDATE Monitors SET ' . implode ( ', ' , $changes ) . ' WHERE Id=?' , array ( $mid ) );
2018-01-23 00:42:07 +08:00
if ( isset ( $changes [ 'Name' ]) or isset ( $changes [ 'StorageId' ]) ) {
$OldStorage = new Storage ( $monitor [ 'StorageId' ] );
2017-10-31 04:29:27 +08:00
$saferOldName = basename ( $monitor [ 'Name' ] );
2018-01-23 00:42:07 +08:00
if ( file_exists ( $OldStorage -> Path () . '/' . $saferOldName ) )
unlink ( $OldStorage -> Path () . '/' . $saferOldName );
$NewStorage = new Storage ( $_REQUEST [ 'newMonitor' ][ 'StorageId' ] );
if ( ! file_exists ( $NewStorage -> Path () . '/' . $mid ) )
mkdir ( $NewStorage -> Path () . '/' . $mid , 0755 );
2017-10-31 04:29:27 +08:00
$saferNewName = basename ( $_REQUEST [ 'newMonitor' ][ 'Name' ] );
2018-01-23 00:42:07 +08:00
symlink ( $mid , $NewStorage -> Path () . '/' . $saferNewName );
2013-03-17 07:45:21 +08:00
}
2017-10-31 04:29:27 +08:00
if ( isset ( $changes [ 'Width' ]) || isset ( $changes [ 'Height' ]) ) {
$newW = $_REQUEST [ 'newMonitor' ][ 'Width' ];
$newH = $_REQUEST [ 'newMonitor' ][ 'Height' ];
$newA = $newW * $newH ;
$oldW = $monitor [ 'Width' ];
$oldH = $monitor [ 'Height' ];
$oldA = $oldW * $oldH ;
$zones = dbFetchAll ( 'SELECT * FROM Zones WHERE MonitorId=?' , NULL , array ( $mid ) );
foreach ( $zones as $zone ) {
$newZone = $zone ;
$points = coordsToPoints ( $zone [ 'Coords' ] );
for ( $i = 0 ; $i < count ( $points ); $i ++ ) {
$points [ $i ][ 'x' ] = intval (( $points [ $i ][ 'x' ] * ( $newW - 1 )) / ( $oldW - 1 ));
$points [ $i ][ 'y' ] = intval (( $points [ $i ][ 'y' ] * ( $newH - 1 )) / ( $oldH - 1 ));
2017-05-17 02:14:07 +08:00
}
2017-10-31 04:29:27 +08:00
$newZone [ 'Coords' ] = pointsToCoords ( $points );
$newZone [ 'Area' ] = intval ( round (( $zone [ 'Area' ] * $newA ) / $oldA ));
$newZone [ 'MinAlarmPixels' ] = intval ( round (( $newZone [ 'MinAlarmPixels' ] * $newA ) / $oldA ));
$newZone [ 'MaxAlarmPixels' ] = intval ( round (( $newZone [ 'MaxAlarmPixels' ] * $newA ) / $oldA ));
$newZone [ 'MinFilterPixels' ] = intval ( round (( $newZone [ 'MinFilterPixels' ] * $newA ) / $oldA ));
$newZone [ 'MaxFilterPixels' ] = intval ( round (( $newZone [ 'MaxFilterPixels' ] * $newA ) / $oldA ));
$newZone [ 'MinBlobPixels' ] = intval ( round (( $newZone [ 'MinBlobPixels' ] * $newA ) / $oldA ));
$newZone [ 'MaxBlobPixels' ] = intval ( round (( $newZone [ 'MaxBlobPixels' ] * $newA ) / $oldA ));
$changes = getFormChanges ( $zone , $newZone , $types );
if ( count ( $changes ) ) {
2017-12-07 23:31:25 +08:00
dbQuery ( 'update Zones set ' . implode ( ', ' , $changes ) . ' WHERE MonitorId=? AND Id=?' , array ( $mid , $zone [ 'Id' ] ) );
2013-03-17 07:45:21 +08:00
}
2017-05-17 02:14:07 +08:00
}
2017-10-31 04:29:27 +08:00
}
2018-01-19 04:40:10 +08:00
$restart = true ;
2018-01-30 02:41:09 +08:00
} else if ( ! $user [ 'MonitorIds' ] ) { // Can only create new monitors if we are not restricted to specific monitors
2017-05-17 02:14:07 +08:00
# FIXME This is actually a race condition. Should lock the table.
2018-02-02 23:27:50 +08:00
$maxSeq = dbFetchOne ( 'SELECT MAX(Sequence) AS MaxSequence FROM Monitors' , 'MaxSequence' );
2017-10-31 04:29:27 +08:00
$changes [] = 'Sequence = ' . ( $maxSeq + 1 );
2018-01-30 02:41:09 +08:00
if ( dbQuery ( 'INSERT INTO Monitors SET ' . implode ( ', ' , $changes ) ) ) {
$mid = dbInsertId ();
$zoneArea = $_REQUEST [ 'newMonitor' ][ 'Width' ] * $_REQUEST [ 'newMonitor' ][ 'Height' ];
dbQuery ( " insert into Zones set MonitorId = ?, Name = 'All', Type = 'Active', Units = 'Percent', NumCoords = 4, Coords = ?, Area=?, AlarmRGB = 0xff0000, CheckMethod = 'Blobs', MinPixelThreshold = 25, MinAlarmPixels=?, MaxAlarmPixels=?, FilterX = 3, FilterY = 3, MinFilterPixels=?, MaxFilterPixels=?, MinBlobPixels=?, MinBlobs = 1 " , array ( $mid , sprintf ( " %d,%d %d,%d %d,%d %d,%d " , 0 , 0 , $_REQUEST [ 'newMonitor' ][ 'Width' ] - 1 , 0 , $_REQUEST [ 'newMonitor' ][ 'Width' ] - 1 , $_REQUEST [ 'newMonitor' ][ 'Height' ] - 1 , 0 , $_REQUEST [ 'newMonitor' ][ 'Height' ] - 1 ), $zoneArea , intval (( $zoneArea * 3 ) / 100 ), intval (( $zoneArea * 75 ) / 100 ), intval (( $zoneArea * 3 ) / 100 ), intval (( $zoneArea * 75 ) / 100 ), intval (( $zoneArea * 2 ) / 100 ) ) );
//$view = 'none';
$Storage = new Storage ( $_REQUEST [ 'newMonitor' ][ 'StorageId' ] );
mkdir ( $Storage -> Path () . '/' . $mid , 0755 );
$saferName = basename ( $_REQUEST [ 'newMonitor' ][ 'Name' ]);
symlink ( $mid , $Storage -> Path () . '/' . $saferName );
if ( isset ( $_COOKIE [ 'zmGroup' ]) ) {
dbQuery ( 'INSERT INTO Groups_Monitors (GroupId,MonitorId) VALUES (?,?)' , array ( $_COOKIE [ 'zmGroup' ], $mid ) );
}
} else {
Error ( " Error saving new Monitor. " );
return ;
2013-03-17 07:45:21 +08:00
}
2017-10-31 04:29:27 +08:00
} else {
Error ( " Users with Monitors restrictions cannot create new monitors. " );
}
$restart = true ;
} # end if count(changes)
if ( ZM_OPT_X10 ) {
$x10Changes = getFormChanges ( $x10Monitor , $_REQUEST [ 'newX10Monitor' ] );
if ( count ( $x10Changes ) ) {
if ( $x10Monitor && isset ( $_REQUEST [ 'newX10Monitor' ]) ) {
2017-12-07 23:31:25 +08:00
dbQuery ( 'update TriggersX10 set ' . implode ( ', ' , $x10Changes ) . ' where MonitorId=?' , array ( $mid ) );
2017-10-31 04:29:27 +08:00
} elseif ( ! $user [ 'MonitorIds' ] ) {
if ( ! $x10Monitor ) {
2017-12-07 23:31:25 +08:00
dbQuery ( 'insert into TriggersX10 set MonitorId = ?, ' . implode ( ', ' , $x10Changes ), array ( $mid ) );
2017-10-31 04:29:27 +08:00
} else {
2017-12-07 23:31:25 +08:00
dbQuery ( 'delete from TriggersX10 where MonitorId = ?' , array ( $mid ) );
2017-05-17 02:14:07 +08:00
}
2013-03-17 07:45:21 +08:00
}
2017-10-31 04:29:27 +08:00
$restart = true ;
2017-05-17 02:14:07 +08:00
}
2017-10-31 04:29:27 +08:00
}
2017-05-17 02:14:07 +08:00
2017-10-31 04:29:27 +08:00
if ( $restart ) {
2018-01-19 04:40:10 +08:00
$new_monitor = new Monitor ( $mid );
2017-10-31 04:29:27 +08:00
//fixDevices();
//if ( $cookies )
//session_write_close();
2018-01-19 04:40:10 +08:00
$new_monitor -> zmcControl ( 'start' );
$new_monitor -> zmaControl ( 'start' );
2017-10-31 04:29:27 +08:00
2018-01-19 04:40:10 +08:00
if ( $new_monitor -> Controllable () ) {
2017-10-31 04:29:27 +08:00
require_once ( 'control_functions.php' );
sendControlCommand ( $mid , 'quit' );
}
// really should thump zmwatch and maybe zmtrigger too.
//daemonControl( 'restart', 'zmwatch.pl' );
$refreshParent = true ;
} // end if restart
$view = 'none' ;
} elseif ( $action == 'delete' ) {
if ( isset ( $_REQUEST [ 'markMids' ]) && ! $user [ 'MonitorIds' ] ) {
foreach ( $_REQUEST [ 'markMids' ] as $markMid ) {
if ( canEdit ( 'Monitors' , $markMid ) ) {
if ( $monitor = dbFetchOne ( 'SELECT * FROM Monitors WHERE Id = ?' , NULL , array ( $markMid ) ) ) {
if ( daemonCheck () ) {
zmaControl ( $monitor , 'stop' );
zmcControl ( $monitor , 'stop' );
}
2017-05-17 02:14:07 +08:00
2017-10-31 04:29:27 +08:00
// If fast deletes are on, then zmaudit will clean everything else up later
// If fast deletes are off and there are lots of events then this step may
// well time out before completing, in which case zmaudit will still tidy up
if ( ! ZM_OPT_FAST_DELETE ) {
$markEids = dbFetchAll ( 'SELECT Id FROM Events WHERE MonitorId=?' , 'Id' , array ( $markMid ) );
foreach ( $markEids as $markEid )
deleteEvent ( $markEid );
deletePath ( ZM_DIR_EVENTS . '/' . basename ( $monitor [ 'Name' ]) );
deletePath ( ZM_DIR_EVENTS . '/' . $monitor [ 'Id' ] ); // I'm trusting the Id.
} // end if ZM_OPT_FAST_DELETE
// This is the important stuff
dbQuery ( 'DELETE FROM Zones WHERE MonitorId = ?' , array ( $markMid ) );
if ( ZM_OPT_X10 )
dbQuery ( 'DELETE FROM TriggersX10 WHERE MonitorId=?' , array ( $markMid ) );
2017-11-25 04:37:50 +08:00
dbQuery ( 'DELETE FROM Monitors WHERE Id = ?' , array ( $markMid ) );
2017-10-31 04:29:27 +08:00
fixSequences ();
} // end if found the monitor in the db
} // end if canedit this monitor
} // end foreach monitor in MarkMid
} // markMids is set and we aren't limited to specific monitors
} // end if action == Delete
}
2017-05-17 02:14:07 +08:00
2017-10-31 04:29:27 +08:00
// Device view actions
if ( canEdit ( 'Devices' ) ) {
if ( $action == 'device' ) {
if ( ! empty ( $_REQUEST [ 'command' ]) ) {
setDeviceStatusX10 ( $_REQUEST [ 'key' ], $_REQUEST [ 'command' ] );
} elseif ( isset ( $_REQUEST [ 'newDevice' ] ) ) {
if ( isset ( $_REQUEST [ 'did' ]) ) {
2017-12-07 23:31:25 +08:00
dbQuery ( 'update Devices set Name=?, KeyString=? where Id=?' , array ( $_REQUEST [ 'newDevice' ][ 'Name' ], $_REQUEST [ 'newDevice' ][ 'KeyString' ], $_REQUEST [ 'did' ]) );
2017-10-31 04:29:27 +08:00
} else {
2017-12-07 23:31:25 +08:00
dbQuery ( 'insert into Devices set Name=?, KeyString=?' , array ( $_REQUEST [ 'newDevice' ][ 'Name' ], $_REQUEST [ 'newDevice' ][ 'KeyString' ] ) );
2017-10-31 04:29:27 +08:00
}
$refreshParent = true ;
2017-05-17 02:14:07 +08:00
$view = 'none' ;
2017-10-31 04:29:27 +08:00
}
} elseif ( $action == 'delete' ) {
if ( isset ( $_REQUEST [ 'markDids' ]) ) {
foreach ( $_REQUEST [ 'markDids' ] as $markDid ) {
2017-12-07 23:31:25 +08:00
dbQuery ( 'delete from Devices where Id=?' , array ( $markDid ) );
2017-05-17 02:14:07 +08:00
$refreshParent = true ;
}
2015-08-16 02:22:13 +08:00
}
2017-10-31 04:29:27 +08:00
} // end if action
} // end if canedit devices
// Group view actions
if ( canView ( 'Groups' ) && $action == 'setgroup' ) {
if ( ! empty ( $_REQUEST [ 'gid' ]) ) {
setcookie ( 'zmGroup' , validInt ( $_REQUEST [ 'gid' ]), time () + 3600 * 24 * 30 * 12 * 10 );
} else {
setcookie ( 'zmGroup' , '' , time () - 3600 * 24 * 2 );
2017-05-17 02:14:07 +08:00
}
2017-10-31 04:29:27 +08:00
$refreshParent = true ;
}
2013-03-17 07:45:21 +08:00
2017-10-31 04:29:27 +08:00
// Group edit actions
2017-10-10 22:38:13 +08:00
# Should probably verify that each monitor id is a valid monitor, that we have access to. However at the moment, you have to have System permissions to do this
2017-10-31 04:29:27 +08:00
if ( canEdit ( 'Groups' ) ) {
if ( $action == 'group' ) {
$monitors = empty ( $_POST [ 'newGroup' ][ 'MonitorIds' ] ) ? '' : implode ( ',' , $_POST [ 'newGroup' ][ 'MonitorIds' ]);
2017-12-05 11:02:56 +08:00
$group_id = null ;
2017-10-31 04:29:27 +08:00
if ( ! empty ( $_POST [ 'gid' ]) ) {
2017-12-05 11:02:56 +08:00
$group_id = $_POST [ 'gid' ];
2017-12-05 04:52:16 +08:00
dbQuery ( 'UPDATE Groups SET Name=?, ParentId=? WHERE Id=?' ,
2017-12-05 11:02:56 +08:00
array ( $_POST [ 'newGroup' ][ 'Name' ], ( $_POST [ 'newGroup' ][ 'ParentId' ] == '' ? null : $_POST [ 'newGroup' ][ 'ParentId' ] ), $group_id ) );
dbQuery ( 'DELETE FROM Groups_Monitors WHERE GroupId=?' , array ( $group_id ) );
2017-10-31 04:29:27 +08:00
} else {
2017-12-05 11:02:56 +08:00
dbQuery ( 'INSERT INTO Groups (Name,ParentId) VALUES (?,?)' ,
array ( $_POST [ 'newGroup' ][ 'Name' ], ( $_POST [ 'newGroup' ][ 'ParentId' ] == '' ? null : $_POST [ 'newGroup' ][ 'ParentId' ] ) ) );
$group_id = dbInsertId ();
2017-10-31 04:29:27 +08:00
}
2017-12-05 11:02:56 +08:00
if ( $group_id ) {
foreach ( $_POST [ 'newGroup' ][ 'MonitorIds' ] as $mid ) {
dbQuery ( 'INSERT INTO Groups_Monitors (GroupId,MonitorId) VALUES (?,?)' , array ( $group_id , $mid ) );
}
2017-12-05 04:52:16 +08:00
}
2017-10-31 04:29:27 +08:00
$view = 'none' ;
$refreshParent = true ;
} else if ( $action == 'delete' ) {
if ( ! empty ( $_REQUEST [ 'gid' ]) ) {
if ( is_array ( $_REQUEST [ 'gid' ] ) ) {
foreach ( $_REQUEST [ 'gid' ] as $gid ) {
$Group = new Group ( $gid );
$Group -> delete ();
}
2017-05-17 02:14:07 +08:00
} else {
2017-10-31 04:29:27 +08:00
$Group = new Group ( $_REQUEST [ 'gid' ] );
$Group -> delete ();
2017-05-17 02:14:07 +08:00
}
2017-10-31 04:29:27 +08:00
}
$refreshParent = true ;
} # end if action
} // end if can edit groups
// System edit actions
if ( canEdit ( 'System' ) ) {
if ( isset ( $_REQUEST [ 'object' ] ) ) {
if ( $_REQUEST [ 'object' ] == 'MontageLayout' ) {
require_once ( 'MontageLayout.php' );
if ( $action == 'Save' ) {
$Layout = null ;
if ( $_REQUEST [ 'Name' ] != '' ) {
$Layout = new MontageLayout ();
$Layout -> Name ( $_REQUEST [ 'Name' ] );
2017-10-10 22:38:13 +08:00
} else {
2017-10-31 04:29:27 +08:00
$Layout = new MontageLayout ( $_REQUEST [ 'zmMontageLayout' ] );
2013-03-17 07:45:21 +08:00
}
2017-10-31 04:29:27 +08:00
$Layout -> Positions ( $_REQUEST [ 'Positions' ] );
$Layout -> save ();
2017-11-02 00:19:27 +08:00
session_start ();
$_SESSION [ 'zmMontageLayout' ] = $Layout -> Id ();
2017-11-02 01:07:35 +08:00
setcookie ( 'zmMontageLayout' , $Layout -> Id (), 1 );
2017-11-02 00:19:27 +08:00
session_write_close ();
2018-01-29 04:13:57 +08:00
$redirect = ZM_BASE_URL . $_SERVER [ 'PHP_SELF' ] . '?view=montagereview' ;
2017-10-31 04:29:27 +08:00
} // end if save
} else if ( $_REQUEST [ 'object' ] == 'server' ) {
if ( $action == 'Save' ) {
if ( ! empty ( $_REQUEST [ 'id' ]) )
$dbServer = dbFetchOne ( 'SELECT * FROM Servers WHERE Id=?' , NULL , array ( $_REQUEST [ 'id' ]) );
else
$dbServer = array ();
$types = array ();
$changes = getFormChanges ( $dbServer , $_REQUEST [ 'newServer' ], $types );
if ( count ( $changes ) ) {
if ( ! empty ( $_REQUEST [ 'id' ]) ) {
2017-12-07 23:31:25 +08:00
dbQuery ( 'UPDATE Servers SET ' . implode ( ', ' , $changes ) . ' WHERE Id = ?' , array ( $_REQUEST [ 'id' ]) );
2017-10-31 04:29:27 +08:00
} else {
2017-12-07 23:31:25 +08:00
dbQuery ( 'INSERT INTO Servers set ' . implode ( ', ' , $changes ) );
2017-05-17 02:14:07 +08:00
}
$refreshParent = true ;
2013-03-17 07:45:21 +08:00
}
2017-10-31 04:29:27 +08:00
$view = 'none' ;
} else if ( $action == 'delete' ) {
if ( ! empty ( $_REQUEST [ 'markIds' ]) ) {
foreach ( $_REQUEST [ 'markIds' ] as $Id )
2017-12-07 23:31:25 +08:00
dbQuery ( 'DELETE FROM Servers WHERE Id=?' , array ( $Id ) );
2017-10-31 04:29:27 +08:00
}
$refreshParent = true ;
} else {
Error ( " Unknown action $action in saving Server " );
}
} else if ( $_REQUEST [ 'object' ] == 'storage' ) {
if ( $action == 'Save' ) {
if ( ! empty ( $_REQUEST [ 'id' ]) )
$dbStorage = dbFetchOne ( 'SELECT * FROM Storage WHERE Id=?' , NULL , array ( $_REQUEST [ 'id' ]) );
else
$dbStorage = array ();
$types = array ();
$changes = getFormChanges ( $dbStorage , $_REQUEST [ 'newStorage' ], $types );
if ( count ( $changes ) ) {
if ( ! empty ( $_REQUEST [ 'id' ]) ) {
2017-12-07 23:31:25 +08:00
dbQuery ( 'UPDATE Storage SET ' . implode ( ', ' , $changes ) . ' WHERE Id = ?' , array ( $_REQUEST [ 'id' ]) );
2017-10-31 04:29:27 +08:00
} else {
2017-12-07 23:31:25 +08:00
dbQuery ( 'INSERT INTO Storage set ' . implode ( ', ' , $changes ) );
2017-05-17 02:14:07 +08:00
}
$refreshParent = true ;
2013-03-17 07:45:21 +08:00
}
2017-10-31 04:29:27 +08:00
$view = 'none' ;
} else if ( $action == 'delete' ) {
if ( ! empty ( $_REQUEST [ 'markIds' ]) ) {
foreach ( $_REQUEST [ 'markIds' ] as $Id )
dbQuery ( 'DELETE FROM Storage WHERE Id=?' , array ( $Id ) );
}
$refreshParent = true ;
} else {
Error ( " Unknown action $action in saving Storage " );
2017-05-17 02:14:07 +08:00
}
2017-10-31 04:29:27 +08:00
} # end if isset($_REQUEST['object'] )
} else if ( $action == 'version' && isset ( $_REQUEST [ 'option' ]) ) {
$option = $_REQUEST [ 'option' ];
switch ( $option ) {
case 'go' :
{
// Ignore this, the caller will open the page itself
break ;
}
case 'ignore' :
{
dbQuery ( " update Config set Value = ' " . ZM_DYN_LAST_VERSION . " ' where Name = 'ZM_DYN_CURR_VERSION' " );
break ;
}
case 'hour' :
case 'day' :
case 'week' :
{
$nextReminder = time ();
if ( $option == 'hour' ) {
$nextReminder += 60 * 60 ;
} elseif ( $option == 'day' ) {
$nextReminder += 24 * 60 * 60 ;
} elseif ( $option == 'week' ) {
$nextReminder += 7 * 24 * 60 * 60 ;
2017-05-17 02:14:07 +08:00
}
2017-10-31 04:29:27 +08:00
dbQuery ( " update Config set Value = ' " . $nextReminder . " ' where Name = 'ZM_DYN_NEXT_REMINDER' " );
break ;
}
case 'never' :
{
dbQuery ( " update Config set Value = '0' where Name = 'ZM_CHECK_FOR_UPDATES' " );
break ;
}
2017-05-17 02:14:07 +08:00
}
2017-10-31 04:29:27 +08:00
}
if ( $action == 'donate' && isset ( $_REQUEST [ 'option' ]) ) {
$option = $_REQUEST [ 'option' ];
switch ( $option ) {
case 'go' :
{
// Ignore this, the caller will open the page itself
break ;
2013-03-17 07:45:21 +08:00
}
2017-10-31 04:29:27 +08:00
case 'hour' :
case 'day' :
case 'week' :
case 'month' :
{
$nextReminder = time ();
if ( $option == 'hour' ) {
$nextReminder += 60 * 60 ;
} elseif ( $option == 'day' ) {
$nextReminder += 24 * 60 * 60 ;
} elseif ( $option == 'week' ) {
$nextReminder += 7 * 24 * 60 * 60 ;
} elseif ( $option == 'month' ) {
$nextReminder += 30 * 24 * 60 * 60 ;
}
dbQuery ( " update Config set Value = ' " . $nextReminder . " ' where Name = 'ZM_DYN_DONATE_REMINDER_TIME' " );
break ;
2013-03-17 07:45:21 +08:00
}
2017-10-31 04:29:27 +08:00
case 'never' :
case 'already' :
{
dbQuery ( " update Config set Value = '0' where Name = 'ZM_DYN_SHOW_DONATE_REMINDER' " );
break ;
2013-03-17 07:45:21 +08:00
}
2017-10-31 04:29:27 +08:00
} // end switch option
}
if ( $action == 'options' && isset ( $_REQUEST [ 'tab' ]) ) {
$configCat = $configCats [ $_REQUEST [ 'tab' ]];
$changed = false ;
foreach ( $configCat as $name => $value ) {
unset ( $newValue );
2017-12-13 00:16:08 +08:00
if ( $value [ 'Type' ] == 'boolean' && empty ( $_REQUEST [ 'newConfig' ][ $name ]) ) {
2017-10-31 04:29:27 +08:00
$newValue = 0 ;
2017-12-13 00:16:08 +08:00
} else if ( isset ( $_REQUEST [ 'newConfig' ][ $name ]) ) {
2017-12-09 03:22:38 +08:00
$newValue = preg_replace ( " / \r \n / " , " \n " , stripslashes ( $_REQUEST [ 'newConfig' ][ $name ] ) );
2017-12-13 00:16:08 +08:00
}
2017-10-31 04:29:27 +08:00
if ( isset ( $newValue ) && ( $newValue != $value [ 'Value' ]) ) {
dbQuery ( 'UPDATE Config SET Value=? WHERE Name=?' , array ( $newValue , $name ) );
$changed = true ;
2017-05-17 02:14:07 +08:00
}
2017-12-09 03:22:38 +08:00
} // end foreach config entry
2017-10-31 04:29:27 +08:00
if ( $changed ) {
switch ( $_REQUEST [ 'tab' ] ) {
case 'system' :
case 'config' :
$restartWarning = true ;
break ;
case 'web' :
case 'tools' :
break ;
case 'logging' :
case 'network' :
case 'mail' :
case 'upload' :
$restartWarning = true ;
break ;
case 'highband' :
case 'medband' :
case 'lowband' :
break ;
2017-05-17 02:14:07 +08:00
}
2018-01-29 04:13:57 +08:00
$redirect = ZM_BASE_URL . $_SERVER [ 'PHP_SELF' ] . '?view=options&tab=' . $_REQUEST [ 'tab' ];
2017-10-31 04:29:27 +08:00
}
loadConfig ( false );
} elseif ( $action == 'user' ) {
if ( ! empty ( $_REQUEST [ 'uid' ]) )
$dbUser = dbFetchOne ( " SELECT * FROM Users WHERE Id=? " , NULL , array ( $_REQUEST [ 'uid' ]) );
else
$dbUser = array ();
$types = array ();
$changes = getFormChanges ( $dbUser , $_REQUEST [ 'newUser' ], $types );
if ( $_REQUEST [ 'newUser' ][ 'Password' ] )
2017-12-07 23:31:25 +08:00
$changes [ 'Password' ] = 'Password = password(' . dbEscape ( $_REQUEST [ 'newUser' ][ 'Password' ]) . ')' ;
2017-10-31 04:29:27 +08:00
else
unset ( $changes [ 'Password' ] );
if ( count ( $changes ) ) {
if ( ! empty ( $_REQUEST [ 'uid' ]) ) {
2017-12-07 23:31:25 +08:00
dbQuery ( 'update Users set ' . implode ( ', ' , $changes ) . ' where Id = ?' , array ( $_REQUEST [ 'uid' ]) );
2017-10-31 04:29:27 +08:00
# If we are updating the logged in user, then update our session user data.
if ( $user and ( $dbUser [ 'Username' ] == $user [ 'Username' ] ) )
userLogin ( $dbUser [ 'Username' ], $dbUser [ 'Password' ] );
} else {
2017-12-07 23:31:25 +08:00
dbQuery ( 'insert into Users set ' . implode ( ', ' , $changes ) );
2017-05-17 02:14:07 +08:00
}
2017-10-31 04:29:27 +08:00
$refreshParent = true ;
}
$view = 'none' ;
} elseif ( $action == 'state' ) {
if ( ! empty ( $_REQUEST [ 'runState' ]) ) {
//if ( $cookies ) session_write_close();
packageControl ( $_REQUEST [ 'runState' ] );
$refreshParent = true ;
}
} elseif ( $action == 'save' ) {
if ( ! empty ( $_REQUEST [ 'runState' ]) || ! empty ( $_REQUEST [ 'newState' ]) ) {
$sql = 'SELECT Id,Function,Enabled FROM Monitors ORDER BY Id' ;
$definitions = array ();
foreach ( dbFetchAll ( $sql ) as $monitor )
{
2017-12-07 23:31:25 +08:00
$definitions [] = $monitor [ 'Id' ] . ':' . $monitor [ 'Function' ] . ':' . $monitor [ 'Enabled' ];
2017-05-17 02:14:07 +08:00
}
2017-10-31 04:29:27 +08:00
$definition = join ( ',' , $definitions );
if ( $_REQUEST [ 'newState' ] )
$_REQUEST [ 'runState' ] = $_REQUEST [ 'newState' ];
2017-12-07 23:31:25 +08:00
dbQuery ( 'replace into States set Name=?, Definition=?' , array ( $_REQUEST [ 'runState' ], $definition ) );
2013-03-17 07:45:21 +08:00
}
2017-10-31 04:29:27 +08:00
} elseif ( $action == 'delete' ) {
if ( isset ( $_REQUEST [ 'runState' ]) )
2017-12-07 23:31:25 +08:00
dbQuery ( 'delete from States where Name=?' , array ( $_REQUEST [ 'runState' ]) );
2017-10-31 04:29:27 +08:00
if ( isset ( $_REQUEST [ 'markUids' ]) ) {
foreach ( $_REQUEST [ 'markUids' ] as $markUid )
2017-12-07 23:31:25 +08:00
dbQuery ( 'delete from Users where Id = ?' , array ( $markUid ) );
2017-10-31 04:29:27 +08:00
if ( $markUid == $user [ 'Id' ] )
userLogout ();
}
}
} else {
if ( ZM_USER_SELF_EDIT && $action == 'user' ) {
$uid = $user [ 'Id' ];
2013-03-17 07:45:21 +08:00
2017-10-31 04:29:27 +08:00
$dbUser = dbFetchOne ( 'SELECT Id, Password, Language FROM Users WHERE Id = ?' , NULL , array ( $uid ) );
2013-03-17 07:45:21 +08:00
2017-10-31 04:29:27 +08:00
$types = array ();
$changes = getFormChanges ( $dbUser , $_REQUEST [ 'newUser' ], $types );
2013-03-17 07:45:21 +08:00
2017-10-31 04:29:27 +08:00
if ( ! empty ( $_REQUEST [ 'newUser' ][ 'Password' ]) )
2017-12-07 23:31:25 +08:00
$changes [ 'Password' ] = 'Password = password(' . dbEscape ( $_REQUEST [ 'newUser' ][ 'Password' ]) . ')' ;
2017-10-31 04:29:27 +08:00
else
unset ( $changes [ 'Password' ] );
if ( count ( $changes ) ) {
2017-12-07 23:31:25 +08:00
dbQuery ( 'update Users set ' . implode ( ', ' , $changes ) . ' where Id=?' , array ( $uid ) );
2017-10-31 04:29:27 +08:00
$refreshParent = true ;
2013-03-17 07:45:21 +08:00
}
2017-10-31 04:29:27 +08:00
$view = 'none' ;
2017-05-17 02:14:07 +08:00
}
2017-10-31 04:29:27 +08:00
}
2013-03-17 07:45:21 +08:00
2017-10-31 04:29:27 +08:00
if ( $action == 'reset' ) {
$_SESSION [ 'zmEventResetTime' ] = strftime ( STRF_FMT_DATETIME_DB );
setcookie ( 'zmEventResetTime' , $_SESSION [ 'zmEventResetTime' ], time () + 3600 * 24 * 30 * 12 * 10 );
//if ( $cookies ) session_write_close();
2013-03-17 07:45:21 +08:00
}
?>