Merge branch 'release-1.30.5' into release-1.30

This commit is contained in:
Isaac Connor 2019-02-22 10:44:22 -05:00
commit 02be907692
6 changed files with 26 additions and 18 deletions

View File

@ -1650,6 +1650,7 @@ Image *Image::Highlight( unsigned int n_images, Image *images[], const Rgb thres
unsigned int size = result->size; unsigned int size = result->size;
for ( unsigned int c = 0; c < colours; c++ ) for ( unsigned int c = 0; c < colours; c++ )
{ {
unsigned int ref_colour_rgb = RGB_VAL(ref_colour,c);
for ( unsigned int i = 0; i < size; i++ ) for ( unsigned int i = 0; i < size; i++ )
{ {
unsigned int count = 0; unsigned int count = 0;
@ -1658,12 +1659,8 @@ Image *Image::Highlight( unsigned int n_images, Image *images[], const Rgb thres
{ {
uint8_t *psrc = images[j]->buffer+c; uint8_t *psrc = images[j]->buffer+c;
#ifndef SOLARIS unsigned int diff = ((*psrc)-ref_colour_rgb) > 0 ? (*psrc)-ref_colour_rgb : ref_colour_rgb - (*psrc);
if ( (unsigned)abs((*psrc)-RGB_VAL(ref_colour,c)) >= RGB_VAL(threshold,c) ) if (diff >= RGB_VAL(threshold,c)) {
#else
if ( (unsigned)std::abs((*psrc)-RGB_VAL(ref_colour,c)) >= RGB_VAL(threshold,c) )
#endif
{
count++; count++;
} }
psrc += colours; psrc += colours;

View File

@ -98,18 +98,23 @@ bool User::canAccess( int monitor_id )
// Function to load a user from username and password // Function to load a user from username and password
// Please note that in auth relay mode = none, password is NULL // Please note that in auth relay mode = none, password is NULL
User *zmLoadUser( const char *username, const char *password ) User *zmLoadUser( const char *username, const char *password ) {
{ char sql[ZM_SQL_MED_BUFSIZ] = "";
char sql[ZM_SQL_SML_BUFSIZ] = ""; int username_length = strlen(username);
char safer_username[65]; // current db username size is 32 char *safer_username = new char[(username_length * 2) + 1];
char safer_password[129]; // current db password size is 64
// According to docs, size of safer_whatever must be 2*length+1 due to unicode conversions + null terminator. // According to docs, size of safer_whatever must be 2*length+1 due to unicode conversions + null terminator.
mysql_real_escape_string(&dbconn, safer_username, username, strlen( username ) ); mysql_real_escape_string(&dbconn, safer_username, username, username_length );
if ( password ) { if ( password ) {
mysql_real_escape_string(&dbconn, safer_password, password, strlen( password ) ); int password_length = strlen(password);
snprintf( sql, sizeof(sql), "select Username, Password, Enabled, Stream+0, Events+0, Control+0, Monitors+0, System+0, MonitorIds from Users where Username = '%s' and Password = password('%s') and Enabled = 1", safer_username, safer_password ); char *safer_password = new char[(password_length * 2) + 1];
mysql_real_escape_string(&dbconn, safer_password, password, password_length);
snprintf(sql, sizeof(sql),
"SELECT Id, Username, Password, Enabled, Stream+0, Events+0, Control+0, Monitors+0, System+0, MonitorIds"
" FROM Users WHERE Username = '%s' AND Password = password('%s') AND Enabled = 1",
safer_username, safer_password );
delete safer_password;
} else { } else {
snprintf( sql, sizeof(sql), "select Username, Password, Enabled, Stream+0, Events+0, Control+0, Monitors+0, System+0, MonitorIds from Users where Username = '%s' and Enabled = 1", safer_username ); snprintf( sql, sizeof(sql), "select Username, Password, Enabled, Stream+0, Events+0, Control+0, Monitors+0, System+0, MonitorIds from Users where Username = '%s' and Enabled = 1", safer_username );
} }
@ -140,6 +145,7 @@ User *zmLoadUser( const char *username, const char *password )
Info( "Authenticated user '%s'", user->getUsername() ); Info( "Authenticated user '%s'", user->getUsername() );
mysql_free_result(result); mysql_free_result(result);
delete safer_username;
return( user ); return( user );
} }

View File

@ -1 +1 @@
1.30.4 1.30.5

@ -1 +1 @@
Subproject commit c3976f1478c681b0bbc132ec3a3e82c3984eeed5 Subproject commit 0bd63fb464957080ead342db58ca9e01532cf1ef

View File

@ -44,7 +44,7 @@ function xhtmlHeaders( $file, $title )
<head> <head>
<meta charset="utf-8"> <meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1, maxiumum-scale=1.0, user-scalable=no"> <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1.0, user-scalable=no">
<title><?php echo ZM_WEB_TITLE_PREFIX ?> - <?php echo validHtmlStr($title) ?></title> <title><?php echo ZM_WEB_TITLE_PREFIX ?> - <?php echo validHtmlStr($title) ?></title>
<link rel="icon" type="image/ico" href="graphics/favicon.ico"/> <link rel="icon" type="image/ico" href="graphics/favicon.ico"/>
<link rel="shortcut icon" href="graphics/favicon.ico"/> <link rel="shortcut icon" href="graphics/favicon.ico"/>

View File

@ -474,6 +474,11 @@ foreach ($monitors as $m)
$numMonitors += 1; $numMonitors += 1;
} }
echo "var numMonitors = $numMonitors;\n"; echo "var numMonitors = $numMonitors;\n";
if ( ! $minTimeSecs )
$minTimeSecs = strtotime("2036-01-01 01:01:01");
if ( ! $maxTimeSecs )
$maxTimeSecs = strtotime("1950-01-01 01:01:01");
echo "var minTimeSecs=" . $minTimeSecs . ";\n"; echo "var minTimeSecs=" . $minTimeSecs . ";\n";
echo "var maxTimeSecs=" . $maxTimeSecs . ";\n"; echo "var maxTimeSecs=" . $maxTimeSecs . ";\n";
echo "var rangeTimeSecs=" . ( $maxTimeSecs - $minTimeSecs + 1) . ";\n"; echo "var rangeTimeSecs=" . ( $maxTimeSecs - $minTimeSecs + 1) . ";\n";