Merge branch 'release-1.30.5' into release-1.30

2019-02-22 10:44:22 -05:00 · 2019-02-22 10:44:22 -05:00 · 02be907692
parent b6a1885167 09cdc5a6df
commit 02be907692
6 changed files with 26 additions and 18 deletions
--- a/src/zm_image.cpp
+++ b/src/zm_image.cpp
@ -1650,6 +1650,7 @@ Image *Image::Highlight( unsigned int n_images, Image *images[], const Rgb thres
  unsigned int size = result->size;
  for ( unsigned int c = 0; c < colours; c++ )
  {
+    unsigned int ref_colour_rgb = RGB_VAL(ref_colour,c);
    for ( unsigned int i = 0; i < size; i++ )
    {
      unsigned int count = 0;
@ -1658,12 +1659,8 @@ Image *Image::Highlight( unsigned int n_images, Image *images[], const Rgb thres
      {
        uint8_t *psrc = images[j]->buffer+c;

-#ifndef SOLARIS
-        if ( (unsigned)abs((*psrc)-RGB_VAL(ref_colour,c)) >= RGB_VAL(threshold,c) )
-#else
-        if ( (unsigned)std::abs((*psrc)-RGB_VAL(ref_colour,c)) >= RGB_VAL(threshold,c) )
-#endif
-        {
+        unsigned int diff = ((*psrc)-ref_colour_rgb) > 0 ? (*psrc)-ref_colour_rgb : ref_colour_rgb - (*psrc);
+        if (diff >= RGB_VAL(threshold,c)) {
          count++;
        }
        psrc += colours;
--- a/src/zm_user.cpp
+++ b/src/zm_user.cpp
@ -98,18 +98,23 @@ bool User::canAccess( int monitor_id )

 // Function to load a user from username and password
 // Please note that in auth relay mode = none, password is NULL
-User *zmLoadUser( const char *username, const char *password )
-{
-  char sql[ZM_SQL_SML_BUFSIZ] = "";
-  char safer_username[65]; // current db username size is 32
-  char safer_password[129]; // current db password size is 64
+User *zmLoadUser( const char *username, const char *password ) {
+  char sql[ZM_SQL_MED_BUFSIZ] = "";
+  int username_length = strlen(username);
+  char *safer_username = new char[(username_length * 2) + 1];

  // According to docs, size of safer_whatever must be 2*length+1 due to unicode conversions + null terminator.
-  mysql_real_escape_string(&dbconn, safer_username, username, strlen( username ) );
+  mysql_real_escape_string(&dbconn, safer_username, username, username_length );

  if ( password ) {
-    mysql_real_escape_string(&dbconn, safer_password, password, strlen( password ) );
-    snprintf( sql, sizeof(sql), "select Username, Password, Enabled, Stream+0, Events+0, Control+0, Monitors+0, System+0, MonitorIds from Users where Username = '%s' and Password = password('%s') and Enabled = 1", safer_username, safer_password );
+    int password_length = strlen(password);
+    char *safer_password = new char[(password_length * 2) + 1];
+    mysql_real_escape_string(&dbconn, safer_password, password, password_length);
+    snprintf(sql, sizeof(sql),
+        "SELECT Id, Username, Password, Enabled, Stream+0, Events+0, Control+0, Monitors+0, System+0, MonitorIds"
+        " FROM Users WHERE Username = '%s' AND Password = password('%s') AND Enabled = 1",
+        safer_username, safer_password );
+    delete safer_password;
  } else {
    snprintf( sql, sizeof(sql), "select Username, Password, Enabled, Stream+0, Events+0, Control+0, Monitors+0, System+0, MonitorIds from Users where Username = '%s' and Enabled = 1", safer_username );
  }
@ -139,7 +144,8 @@ User *zmLoadUser( const char *username, const char *password )
  User *user = new User( dbrow );
  Info( "Authenticated user '%s'", user->getUsername() );

-  mysql_free_result( result );
+  mysql_free_result(result);
+  delete safer_username;

  return( user );
 }
--- a/2
+++ b/2
@ -1 +1 @@
-1.30.4
+1.30.5
--- a/web/api/app/Plugin/Crud
+++ b/web/api/app/Plugin/Crud
@ -1 +1 @@
-Subproject commit c3976f1478c681b0bbc132ec3a3e82c3984eeed5
+Subproject commit 0bd63fb464957080ead342db58ca9e01532cf1ef
--- a/web/skins/classic/includes/functions.php
+++ b/web/skins/classic/includes/functions.php
@ -44,7 +44,7 @@ function xhtmlHeaders( $file, $title )
 <head>
  <meta charset="utf-8">
  <meta http-equiv="X-UA-Compatible" content="IE=edge">
-  <meta name="viewport" content="width=device-width, initial-scale=1, maxiumum-scale=1.0, user-scalable=no">
+  <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1.0, user-scalable=no">
  <title><?php echo ZM_WEB_TITLE_PREFIX ?> - <?php echo validHtmlStr($title) ?></title>
  <link rel="icon" type="image/ico" href="graphics/favicon.ico"/>
  <link rel="shortcut icon" href="graphics/favicon.ico"/>
--- a/web/skins/classic/views/montagereview.php
+++ b/web/skins/classic/views/montagereview.php
@ -474,6 +474,11 @@ foreach ($monitors as $m)
    $numMonitors += 1;
 }
 echo "var numMonitors = $numMonitors;\n";
+
+if ( ! $minTimeSecs )
+$minTimeSecs = strtotime("2036-01-01 01:01:01");
+if ( ! $maxTimeSecs )
+$maxTimeSecs = strtotime("1950-01-01 01:01:01");
 echo "var minTimeSecs="     . $minTimeSecs . ";\n";
 echo "var maxTimeSecs="     . $maxTimeSecs . ";\n";
 echo "var rangeTimeSecs="   . ( $maxTimeSecs - $minTimeSecs + 1) . ";\n";
 @ -1 +1 @@
 .30.4
 .30.5