Merge branch 'mysql2PDO'

This commit is contained in:
Isaac Connor 2014-03-28 10:16:14 -04:00
commit 329f6ae5c4
33 changed files with 95 additions and 144 deletions

View File

@ -437,22 +437,6 @@ function rewind() {
} }
//---------------------------------+ //---------------------------------+
// CARPE S l i d e r 1.3 | // CARPE S l i d e r 1.3 |
// 2005 - 12 - 10 | // 2005 - 12 - 10 |
@ -590,15 +574,9 @@ function slideManual(val,length,from,to) {
if (yMax == 0) carpeLeft(sliderid, pos) // Snap horizontal slider to corresponding display position. if (yMax == 0) carpeLeft(sliderid, pos) // Snap horizontal slider to corresponding display position.
} }
if (ie||dom) start_slider(); if (ie||dom) start_slider();
else if (document.layers) window.onload=start_slider; else if (document.layers) window.onload=start_slider;
</script> </script>
</body> </body>

View File

@ -232,7 +232,7 @@ function parseFilterToTree( $filter )
$value = "'$value'"; $value = "'$value'";
break; break;
case 'DateTime': case 'DateTime':
$value = "'".strftime( STRF_FMT_DATETIME_DB, strtotime( $value ) )."'"; $value = strftime( STRF_FMT_DATETIME_DB, strtotime( $value ) );
break; break;
case 'Date': case 'Date':
$value = "to_days( '".strftime( STRF_FMT_DATETIME_DB, strtotime( $value ) )."' )"; $value = "to_days( '".strftime( STRF_FMT_DATETIME_DB, strtotime( $value ) )."' )";

View File

@ -1,5 +0,0 @@
--This line, and those below, will be ignored--
M views/plugin.php
M views/css/plugin.css

View File

@ -71,8 +71,11 @@ $eventCounts = array(
$running = daemonCheck(); $running = daemonCheck();
$status = $running?$SLANG['Running']:$SLANG['Stopped']; $status = $running?$SLANG['Running']:$SLANG['Stopped'];
if ( $group = dbFetchOne( 'select * from Groups where Id = ?', NULL, array(empty($_COOKIE['zmGroup'])?0:$_COOKIE['zmGroup'])) ) $group = NULL;
if ( ! empty($_COOKIE['zmGroup']) ) {
if ( $group = dbFetchOne( 'select * from Groups where Id = ?', NULL, array($_COOKIE['zmGroup'])) )
$groupIds = array_flip(explode( ',', $group['MonitorIds'] )); $groupIds = array_flip(explode( ',', $group['MonitorIds'] ));
}
noCacheHeaders(); noCacheHeaders();

View File

@ -25,15 +25,14 @@ if ( !canView( 'Control' ) )
} }
$groupSql = ""; $groupSql = "";
if ( !empty($_REQUEST['group']) ) if ( !empty($_REQUEST['group']) ) {
{
$row = dbFetchOne( 'SELECT * FROM Groups WHERE Id = ?', NULL, array($_REQUEST['group']) ); $row = dbFetchOne( 'SELECT * FROM Groups WHERE Id = ?', NULL, array($_REQUEST['group']) );
$groupSql = " and find_in_set( Id, '".$row['MonitorIds']."' )"; $groupSql = " and find_in_set( Id, '".$row['MonitorIds']."' )";
} }
$mid = validInt($_REQUEST['mid']); $mid = validInt($_REQUEST['mid']);
$sql = "select * from Monitors where Function != 'None' and Controllable = 1$groupSql order by Sequence"; $sql = "SELECT * FROM Monitors WHERE Function != 'None' AND Controllable = 1$groupSql ORDER BY Sequence";
$mids = array(); $mids = array();
foreach( dbFetchAll( $sql ) as $row ) foreach( dbFetchAll( $sql ) as $row )
{ {
@ -50,7 +49,7 @@ foreach ( getSkinIncludes( 'includes/control_functions.php' ) as $includeFile )
require_once $includeFile; require_once $includeFile;
$sql = 'SELECT C.*,M.* FROM Monitors AS M INNER JOIN Controls AS C ON (M.ControlId = C.Id ) WHERE M.Id = ?'; $sql = 'SELECT C.*,M.* FROM Monitors AS M INNER JOIN Controls AS C ON (M.ControlId = C.Id ) WHERE M.Id = ?';
$monitor = dbFetchOne( $sql, NULL, $mid ); $monitor = dbFetchOne( $sql, NULL, array( $mid ) );
$focusWindow = true; $focusWindow = true;

View File

@ -24,8 +24,7 @@ if ( !canView( 'Control' ) )
return; return;
} }
$sql = "select * from Controls order by Id"; $controls = dbFetchAll( 'SELECT * FROM Controls ORDER BY Id' );
$controls = dbFetchAll( $sql );
$focusWindow = true; $focusWindow = true;

View File

@ -41,15 +41,11 @@ $groupSql = '';
if ( !empty($_REQUEST['group']) ) if ( !empty($_REQUEST['group']) )
{ {
$group = validInt($_REQUEST['group']); $group = validInt($_REQUEST['group']);
$row = dbFetchOne( 'select * from Groups where Id = ?', NULL, array( $group) ); $row = dbFetchOne( 'SELECT * FROM Groups WHERE Id = ?', NULL, array($group) );
$groupSql = " and find_in_set( Id, '".$row['MonitorIds']."' )"; $groupSql = " and find_in_set( Id, '".$row['MonitorIds']."' )";
} }
$sql = "select * from Monitors where Function != 'None'$groupSql"; $sql = "SELECT * FROM Monitors WHERE Function != 'None'$groupSql ORDER BY Sequence";
if ( ''+ZM_SERVER_HOST ) {
$sql .= " and ServerHost='".ZM_SERVER_HOST."'";
}
$sql .= " order by Sequence";
$monitors = array(); $monitors = array();
$monIdx = 0; $monIdx = 0;
foreach( dbFetchAll( $sql ) as $row ) foreach( dbFetchAll( $sql ) as $row )

View File

@ -24,7 +24,7 @@ if ( !canView( 'Devices' ) )
return; return;
} }
$sql = "select * from Devices where Type = 'X10' order by Name"; $sql = "SELECT * FROM Devices WHERE Type = 'X10' ORDER BY Name";
$devices = array(); $devices = array();
foreach( dbFetchAll( $sql ) as $row ) foreach( dbFetchAll( $sql ) as $row )
{ {

View File

@ -29,16 +29,13 @@ if ( !empty($_REQUEST['execute']) )
executeFilter( $tempFilterName ); executeFilter( $tempFilterName );
} }
$countSql = "select count(E.Id) as EventCount from Monitors as M inner join Events as E on (M.Id = E.MonitorId) where"; $countSql = 'SELECT count(E.Id) AS EventCount FROM Monitors AS M INNER JOIN Events AS E ON (M.Id = E.MonitorId) WHERE';
$eventsSql = "select E.Id,E.MonitorId,M.Name As MonitorName,M.DefaultScale,E.Name,E.Width,E.Height,E.Cause,E.Notes,E.StartTime,E.Length,E.Frames,E.AlarmFrames,E.TotScore,E.AvgScore,E.MaxScore,E.Archived from Monitors as M inner join Events as E on (M.Id = E.MonitorId) where"; $eventsSql = 'SELECT E.Id,E.MonitorId,M.Name AS MonitorName,M.DefaultScale,E.Name,E.Width,E.Height,E.Cause,E.Notes,E.StartTime,E.Length,E.Frames,E.AlarmFrames,E.TotScore,E.AvgScore,E.MaxScore,E.Archived FROM Monitors AS M INNER JOIN Events AS E on (M.Id = E.MonitorId) WHERE';
if ( $user['MonitorIds'] ) if ( $user['MonitorIds'] ) {
{
$user_monitor_ids = " M.Id in (".join( ",", preg_split( '/["\'\s]*,["\'\s]*/', $user['MonitorIds'] ) ).")"; $user_monitor_ids = " M.Id in (".join( ",", preg_split( '/["\'\s]*,["\'\s]*/', $user['MonitorIds'] ) ).")";
$countSql .= $user_monitor_ids; $countSql .= $user_monitor_ids;
$eventsSql .= $user_monitor_ids; $eventsSql .= $user_monitor_ids;
} } else {
else
{
$countSql .= " 1"; $countSql .= " 1";
$eventsSql .= " 1"; $eventsSql .= " 1";
} }
@ -52,7 +49,7 @@ if ( $_REQUEST['filter']['sql'] )
$countSql .= $_REQUEST['filter']['sql']; $countSql .= $_REQUEST['filter']['sql'];
$eventsSql .= $_REQUEST['filter']['sql']; $eventsSql .= $_REQUEST['filter']['sql'];
} }
$eventsSql .= " order by $sortColumn $sortOrder"; $eventsSql .= " ORDER BY $sortColumn $sortOrder";
if ( isset($_REQUEST['page']) ) if ( isset($_REQUEST['page']) )
$page = validInt($_REQUEST['page']); $page = validInt($_REQUEST['page']);
@ -69,18 +66,15 @@ if ( !empty($limit) && $nEvents > $limit )
$nEvents = $limit; $nEvents = $limit;
} }
$pages = (int)ceil($nEvents/ZM_WEB_EVENTS_PER_PAGE); $pages = (int)ceil($nEvents/ZM_WEB_EVENTS_PER_PAGE);
if ( $pages > 1 ) if ( $pages > 1 ) {
{ if ( !empty($page) ) {
if ( !empty($page) )
{
if ( $page < 0 ) if ( $page < 0 )
$page = 1; $page = 1;
if ( $page > $pages ) if ( $page > $pages )
$page = $pages; $page = $pages;
} }
} }
if ( !empty($page) ) if ( !empty($page) ) {
{
$limitStart = (($page-1)*ZM_WEB_EVENTS_PER_PAGE); $limitStart = (($page-1)*ZM_WEB_EVENTS_PER_PAGE);
if ( empty( $limit ) ) if ( empty( $limit ) )
{ {
@ -92,10 +86,8 @@ if ( !empty($page) )
$limitAmount = ($limitLeft>ZM_WEB_EVENTS_PER_PAGE)?ZM_WEB_EVENTS_PER_PAGE:$limitLeft; $limitAmount = ($limitLeft>ZM_WEB_EVENTS_PER_PAGE)?ZM_WEB_EVENTS_PER_PAGE:$limitLeft;
} }
$eventsSql .= " limit $limitStart, $limitAmount"; $eventsSql .= " limit $limitStart, $limitAmount";
} } elseif ( !empty( $limit ) ) {
elseif ( !empty( $limit ) ) $eventsSql .= " limit 0, ".$limit;
{
$eventsSql .= " limit 0, $limit";
} }
$maxWidth = 0; $maxWidth = 0;

View File

@ -31,15 +31,12 @@ if ( !empty($_REQUEST['fid']) )
$sql = 'SELECT E.*,M.Name AS MonitorName,M.DefaultScale FROM Events AS E INNER JOIN Monitors AS M ON E.MonitorId = M.Id WHERE E.Id = ?'; $sql = 'SELECT E.*,M.Name AS MonitorName,M.DefaultScale FROM Events AS E INNER JOIN Monitors AS M ON E.MonitorId = M.Id WHERE E.Id = ?';
$event = dbFetchOne( $sql, NULL, array($eid) ); $event = dbFetchOne( $sql, NULL, array($eid) );
if ( !empty($fid) ) if ( !empty($fid) ) {
{
$sql = 'SELECT * FROM Frames WHERE EventId = ? AND FrameId = ?'; $sql = 'SELECT * FROM Frames WHERE EventId = ? AND FrameId = ?';
if ( !($frame = dbFetchOne( $sql, NULL, array($eid, $fid) )) ) if ( !($frame = dbFetchOne( $sql, NULL, array($eid, $fid) )) )
$frame = array( 'FrameId'=>$fid, 'Type'=>'Normal', 'Score'=>0 ); $frame = array( 'FrameId'=>$fid, 'Type'=>'Normal', 'Score'=>0 );
} } else {
else $frame = dbFetchOne( 'SELECT * FROM Frames WHERE EventId = ? AND Score = ?', NULL, array( $eid, $event['MaxScore'] ) );
{
$frame = dbFetchOne( 'SELECT * FROM Frames WHERE EventId = ? AND Score = ?', null, array( $eid, $event['MaxScore'] ) );
} }
$maxFid = $event['Frames']; $maxFid = $event['Frames'];

View File

@ -1,5 +1,5 @@
/* /*
* ZoneMinder Base Stylesheet, $Date: 2011-06-23 22:53:45 +0100 (Thu, 23 Jun 2011) $, $Revision: 3462 $ * ZoneMinder Base Stylesheet, $Date$, $Revision$
* Copyright (C) 2001-2008 Philip Coombes * Copyright (C) 2001-2008 Philip Coombes
* *
* This program is free software; you can redistribute it and/or * This program is free software; you can redistribute it and/or

View File

@ -596,8 +596,8 @@ function exportEventImagesMaster( $eids )
<?php <?php
foreach ($eids as $eid) { foreach ($eids as $eid) {
//get monitor id and event id //get monitor id and event id
$sql = 'SELECT E.MonitorId FROM Monitors as M INNER JOIN Events AS E ON (M.Id = E.MonitorId) WHERE E.Id = ?'; $sql = 'SELECT E.MonitorId FROM Monitors AS M INNER JOIN Events AS E ON (M.Id = E.MonitorId) WHERE E.Id = ?';
$event = dbFetchOne( $sql, NULL, ARRAY( $eid ) ); $event = dbFetchOne( $sql, NULL, array( $eid ) );
$eventMonitorId[$eid] = $event['MonitorId']; $eventMonitorId[$eid] = $event['MonitorId'];
} }
@ -758,7 +758,7 @@ function exportFileList( $eid, $exportDetail, $exportFrames, $exportImages, $exp
if ( canView( 'Events' ) && $eid ) if ( canView( 'Events' ) && $eid )
{ {
$sql = 'SELECT E.Id,E.MonitorId,M.Name AS MonitorName,M.Width,M.Height,E.Name,E.Cause,E.Notes,E.StartTime,E.Length,E.Frames,E.AlarmFrames,E.TotScore,E.AvgScore,E.MaxScore,E.Archived FROM Monitors AS M INNER JOIN Events AS E ON (M.Id = E.MonitorId) WHERE E.Id = ?'; $sql = 'SELECT E.Id,E.MonitorId,M.Name AS MonitorName,M.Width,M.Height,E.Name,E.Cause,E.Notes,E.StartTime,E.Length,E.Frames,E.AlarmFrames,E.TotScore,E.AvgScore,E.MaxScore,E.Archived FROM Monitors AS M INNER JOIN Events AS E ON (M.Id = E.MonitorId) WHERE E.Id = ?';
$event = dbFetchOne( $sql, NULL, ARRAY($eid) ); $event = dbFetchOne( $sql, NULL, array($eid) );
$eventPath = mygetEventPath( $event ); $eventPath = mygetEventPath( $event );
$files = array(); $files = array();
if ( $dir = opendir( $eventPath ) ) if ( $dir = opendir( $eventPath ) )

View File

@ -71,8 +71,9 @@ $eventCounts = array(
$running = daemonCheck(); $running = daemonCheck();
$status = $running?$SLANG['Running']:$SLANG['Stopped']; $status = $running?$SLANG['Running']:$SLANG['Stopped'];
$group = NULL;
if ( ! empty($_COOKIE['zmGroup']) ) { if ( ! empty($_COOKIE['zmGroup']) ) {
if ( $group = dbFetchOne( 'SELECT * FROM Groups WHERE Id = ?', NULL, ARRAY($_COOKIE['zmGroup']) ) ) if ( $group = dbFetchOne( 'SELECT * FROM Groups WHERE Id = ?', NULL, array($_COOKIE['zmGroup']) ) )
$groupIds = array_flip(explode( ',', $group['MonitorIds'] )); $groupIds = array_flip(explode( ',', $group['MonitorIds'] ));
} }
@ -107,7 +108,7 @@ for ( $i = 0; $i < count($monitors); $i++ )
} }
$monitors[$i]['zmc'] = zmcStatus( $monitors[$i] ); $monitors[$i]['zmc'] = zmcStatus( $monitors[$i] );
$monitors[$i]['zma'] = zmaStatus( $monitors[$i] ); $monitors[$i]['zma'] = zmaStatus( $monitors[$i] );
$monitors[$i]['ZoneCount'] = dbFetchOne( 'SELECT count(Id) AS ZoneCount FROM Zones WHERE MonitorId = ?', 'ZoneCount', ARRAY( $monitors[$i]['Id'] ) ); $monitors[$i]['ZoneCount'] = dbFetchOne( 'SELECT count(Id) AS ZoneCount FROM Zones WHERE MonitorId = ?', 'ZoneCount', array( $monitors[$i]['Id'] ) );
$counts = array(); $counts = array();
for ( $j = 0; $j < count($eventCounts); $j++ ) for ( $j = 0; $j < count($eventCounts); $j++ )
{ {
@ -116,8 +117,8 @@ for ( $i = 0; $i < count($monitors); $i++ )
$counts[] = "count(if(1".$filter['sql'].",1,NULL)) as EventCount$j"; $counts[] = "count(if(1".$filter['sql'].",1,NULL)) as EventCount$j";
$monitors[$i]['eventCounts'][$j]['filter'] = $filter; $monitors[$i]['eventCounts'][$j]['filter'] = $filter;
} }
$sql = 'SELECT '.join($counts,", ").' FROM Events AS E WHERE MonitorId = ?'; $sql = 'SELECT '.join($counts,', ').' FROM Events AS E WHERE MonitorId = ?';
$counts = dbFetchOne( $sql, NULL, ARRAY( $monitors[$i]['Id'] ) ); $counts = dbFetchOne( $sql, NULL, array( $monitors[$i]['Id'] ) );
if ( $monitors[$i]['Function'] != 'None' ) if ( $monitors[$i]['Function'] != 'None' )
{ {
$cycleCount++; $cycleCount++;
@ -126,7 +127,7 @@ for ( $i = 0; $i < count($monitors); $i++ )
if ( $maxWidth < $scaleWidth ) $maxWidth = $scaleWidth; if ( $maxWidth < $scaleWidth ) $maxWidth = $scaleWidth;
if ( $maxHeight < $scaleHeight ) $maxHeight = $scaleHeight; if ( $maxHeight < $scaleHeight ) $maxHeight = $scaleHeight;
} }
$monitors[$i] = array_merge( $monitors[$i], $counts ); if ( $counts ) $monitors[$i] = array_merge( $monitors[$i], $counts );
$seqIdList[] = $monitors[$i]['Id']; $seqIdList[] = $monitors[$i]['Id'];
$displayMonitors[] = $monitors[$i]; $displayMonitors[] = $monitors[$i];
} }

View File

@ -26,7 +26,7 @@ if ( !canView( 'Control' ) )
$groupSql = ""; $groupSql = "";
if ( !empty($_REQUEST['group']) ) { if ( !empty($_REQUEST['group']) ) {
$row = dbFetchOne( 'SELECT * FROM Groups WHERE Id = ?', NULL, ARRAY($_REQUEST['group']) ); $row = dbFetchOne( 'SELECT * FROM Groups WHERE Id = ?', NULL, array($_REQUEST['group']) );
$groupSql = " and find_in_set( Id, '".$row['MonitorIds']."' )"; $groupSql = " and find_in_set( Id, '".$row['MonitorIds']."' )";
} }
@ -49,7 +49,7 @@ foreach ( getSkinIncludes( 'includes/control_functions.php' ) as $includeFile )
require_once $includeFile; require_once $includeFile;
$sql = 'SELECT C.*,M.* FROM Monitors AS M INNER JOIN Controls AS C ON (M.ControlId = C.Id ) WHERE M.Id = ?'; $sql = 'SELECT C.*,M.* FROM Monitors AS M INNER JOIN Controls AS C ON (M.ControlId = C.Id ) WHERE M.Id = ?';
$monitor = dbFetchOne( $sql, NULL, ARRAY( $mid ) ); $monitor = dbFetchOne( $sql, NULL, array( $mid ) );
$focusWindow = true; $focusWindow = true;

View File

@ -48,7 +48,7 @@ else
{ {
if ( !empty($_REQUEST['cid']) ) if ( !empty($_REQUEST['cid']) )
{ {
$control = dbFetchOne( 'SELECT * FROM Controls WHERE Id = ?', NULL, ARRAY($_REQUEST['cid']) ); $control = dbFetchOne( 'SELECT * FROM Controls WHERE Id = ?', NULL, array($_REQUEST['cid']) );
} }
else else
{ {

View File

@ -24,11 +24,10 @@ if ( !canEdit( 'Monitors' ) )
return; return;
} }
$monitor = dbFetchOne( 'SELECT C.*,M.* FROM Monitors AS M INNER JOIN Controls AS C ON (M.ControlId = C.Id ) WHERE M.Id = ?', NULL, ARRAY($_REQUEST['mid']) ); $monitor = dbFetchOne( 'SELECT C.*,M.* FROM Monitors AS M INNER JOIN Controls AS C ON (M.ControlId = C.Id ) WHERE M.Id = ?', NULL, array($_REQUEST['mid']) );
$labels = array(); $labels = array();
foreach( dbFetchAll( 'SELECT * FROM ControlPresets WHERE MonitorId = ?', NULL, ARRAY($monitor['Id']) ) as $row ) foreach( dbFetchAll( 'SELECT * FROM ControlPresets WHERE MonitorId = ?', NULL, array($monitor['Id']) ) as $row ) {
{
$labels[$row['Preset']] = $row['Label']; $labels[$row['Preset']] = $row['Label'];
} }

View File

@ -41,7 +41,7 @@ $groupSql = '';
if ( !empty($_REQUEST['group']) ) if ( !empty($_REQUEST['group']) )
{ {
$group = validInt($_REQUEST['group']); $group = validInt($_REQUEST['group']);
$row = dbFetchOne( 'SELECT * FROM Groups WHERE Id = ?', NULL, ARRAY($group) ); $row = dbFetchOne( 'SELECT * FROM Groups WHERE Id = ?', NULL, array($group) );
$groupSql = " and find_in_set( Id, '".$row['MonitorIds']."' )"; $groupSql = " and find_in_set( Id, '".$row['MonitorIds']."' )";
} }

View File

@ -24,10 +24,8 @@ if ( !canEdit( 'Devices' ) )
return; return;
} }
if ( !empty($_REQUEST['did']) ) { if ( !empty($_REQUEST['did']) ) {
$newDevice = dbFetchOne( 'SELECT * FROM Devices WHERE Id = ?', NULL, ARRAY($_REQUEST['did']) ); $newDevice = dbFetchOne( 'SELECT * FROM Devices WHERE Id = ?', NULL, array($_REQUEST['did']) );
} } else {
else
{
$newDevice = array( $newDevice = array(
"Id" => "", "Id" => "",
"Name" => "New Device", "Name" => "New Device",

View File

@ -31,10 +31,10 @@ if ( !empty($_REQUEST['execute']) )
$countSql = 'SELECT count(E.Id) AS EventCount FROM Monitors AS M INNER JOIN Events AS E ON (M.Id = E.MonitorId) WHERE'; $countSql = 'SELECT count(E.Id) AS EventCount FROM Monitors AS M INNER JOIN Events AS E ON (M.Id = E.MonitorId) WHERE';
$eventsSql = 'SELECT E.Id,E.MonitorId,M.Name AS MonitorName,M.DefaultScale,E.Name,E.Width,E.Height,E.Cause,E.Notes,E.StartTime,E.Length,E.Frames,E.AlarmFrames,E.TotScore,E.AvgScore,E.MaxScore,E.Archived FROM Monitors AS M INNER JOIN Events AS E on (M.Id = E.MonitorId) WHERE'; $eventsSql = 'SELECT E.Id,E.MonitorId,M.Name AS MonitorName,M.DefaultScale,E.Name,E.Width,E.Height,E.Cause,E.Notes,E.StartTime,E.Length,E.Frames,E.AlarmFrames,E.TotScore,E.AvgScore,E.MaxScore,E.Archived FROM Monitors AS M INNER JOIN Events AS E on (M.Id = E.MonitorId) WHERE';
if ( $user['MonitorIds'] ) if ( $user['MonitorIds'] ) {
{ $user_monitor_ids = " M.Id in (".join( ",", preg_split( '/["\'\s]*,["\'\s]*/', $user['MonitorIds'] ) ).")";
$countSql .= " M.Id in (".join( ",", preg_split( '/["\'\s]*,["\'\s]*/', $user['MonitorIds'] ) ).")"; $countSql .= $user_monitor_ids;
$eventsSql .= " M.Id in (".join( ",", preg_split( '/["\'\s]*,["\'\s]*/', $user['MonitorIds'] ) ).")"; $eventsSql .= $user_monitor_ids;
} else { } else {
$countSql .= " 1"; $countSql .= " 1";
$eventsSql .= " 1"; $eventsSql .= " 1";

View File

@ -44,7 +44,7 @@ if ( !empty($_REQUEST['mid']) )
{ {
$monitor = dbFetchMonitor( $_REQUEST['mid'] ); $monitor = dbFetchMonitor( $_REQUEST['mid'] );
if ( ZM_OPT_X10 ) if ( ZM_OPT_X10 )
$x10Monitor = dbFetchOne( "select * from TriggersX10 where MonitorId = '".dbEscape($_REQUEST['mid'])."'" ); $x10Monitor = dbFetchOne( 'SELECT * FROM TriggersX10 WHERE MonitorId = ?', NULL, array($_REQUEST['mid']) );
} }
else else
{ {
@ -143,7 +143,7 @@ if ( $newMonitor['AlarmMaxFPS'] == '0.00' )
if ( !empty($_REQUEST['preset']) ) if ( !empty($_REQUEST['preset']) )
{ {
$preset = dbFetchOne( "select Type, Device, Channel, Format, Protocol, Method, Host, Port, Path, Width, Height, Palette, MaxFPS, Controllable, ControlId, ControlDevice, ControlAddress, DefaultRate, DefaultScale from MonitorPresets where Id = '".dbEscape($_REQUEST['preset'])."'" ); $preset = dbFetchOne( 'SELECT Type, Device, Channel, Format, Protocol, Method, Host, Port, Path, Width, Height, Palette, MaxFPS, Controllable, ControlId, ControlDevice, ControlAddress, DefaultRate, DefaultScale FROM MonitorPresets WHERE Id = ?', NULL, array($_REQUEST['preset']) );
foreach ( $preset as $name=>$value ) foreach ( $preset as $name=>$value )
{ {
if ( isset($value) ) if ( isset($value) )

View File

@ -27,12 +27,12 @@ if ( !canView( 'Stream' ) )
$groupSql = ""; $groupSql = "";
if ( !empty($_REQUEST['group']) ) if ( !empty($_REQUEST['group']) )
{ {
$sql = "select * from Groups where Id = '".dbEscape($_REQUEST['group'])."'"; $row = dbFetchOne( 'select * from Groups where Id = ?', NULL, array($_REQUEST['group']) );
$row = dbFetchOne( $sql ); $sql = "select * from Monitors where Function != 'None' and find_in_set( Id, '".$row['MonitorIds']."' ) order by Sequence";
$groupSql = " and find_in_set( Id, '".$row['MonitorIds']."' )"; } else {
$sql = "select * from Monitors where Function != 'None' order by Sequence";
} }
$sql = "select * from Monitors where Function != 'None'$groupSql order by Sequence";
$maxWidth = 0; $maxWidth = 0;
$maxHeight = 0; $maxHeight = 0;
$showControl = false; $showControl = false;
@ -70,11 +70,11 @@ foreach( dbFetchAll( $sql ) as $row )
$focusWindow = true; $focusWindow = true;
$layouts = array( $layouts = array(
'montage_freeform.css' => 'Default', 'montage_freeform.css' => $SLANG['MtgDefault'],
'montage_2wide.css' => '2-wide grid', 'montage_2wide.css' => $SLANG['Mtg2widgrd'],
'montage_3wide.css' => '3-wide grid', 'montage_3wide.css' => $SLANG['Mtg3widgrd'],
'montage_4wide.css' => '4-wide grid', 'montage_4wide.css' => $SLANG['Mtg4widgrd'],
'montage_3wide50enlarge.css' => '3-wide grid, scaled, enlarge on alarm', 'montage_3wide50enlarge.css' => $SLANG['Mtg3widgrx'],
); );
if ( isset($_COOKIE['zmMontageLayout']) ) if ( isset($_COOKIE['zmMontageLayout']) )

View File

@ -29,15 +29,14 @@ $mid = validInt($_REQUEST['mid']);
$zid = !empty($_REQUEST['zid'])?validInt($_REQUEST['zid']):0; $zid = !empty($_REQUEST['zid'])?validInt($_REQUEST['zid']):0;
if ( $zid > 0 ) if ( $zid > 0 ) {
{ $newZone = dbFetchOne( 'SELECT * FROM Zones WHERE MonitorId = ? AND Id = ?', NULL, array( $mid, $zid) );
$newZone = dbFetchOne( "select * from Zones where MonitorId = '".dbEscape($mid)."' and Id = '".dbEscape($zid)."'" );
} else { } else {
$view = "error"; $view = "error";
return; return;
} }
$monitor = dbFetchMonitor ( $mid ); $monitor = dbFetchMonitor ( $mid );
$plugin = dbEscape($_REQUEST['pl']); $plugin = $_REQUEST['pl'];
$plugin_path = dirname(ZM_PLUGINS_CONFIG_PATH)."/".$plugin; $plugin_path = dirname(ZM_PLUGINS_CONFIG_PATH)."/".$plugin;
@ -61,8 +60,8 @@ if(file_exists($plugin_path."/config.php"))
include_once($plugin_path."/config.php"); include_once($plugin_path."/config.php");
} }
$sql="SELECT * FROM PluginsConfig WHERE MonitorId=$mid AND ZoneId=$zid AND pluginName='$plugin'"; $sql='SELECT * FROM PluginsConfig WHERE MonitorId=? AND ZoneId=? AND pluginName=?';
foreach( dbFetchAll( $sql ) as $popt ) foreach( dbFetchAll( $sql, NULL, array( $mid, $zid, $plugin ) ) as $popt )
{ {
if(array_key_exists($popt['Name'], $pluginOptions) if(array_key_exists($popt['Name'], $pluginOptions)
&& $popt['Type']==$pluginOptions[$popt['Name']]['Type'] && $popt['Type']==$pluginOptions[$popt['Name']]['Type']
@ -72,7 +71,7 @@ foreach( dbFetchAll( $sql ) as $popt )
$pluginOptions[$popt['Name']]=$popt; $pluginOptions[$popt['Name']]=$popt;
array_push($optionNames, $popt['Name']); array_push($optionNames, $popt['Name']);
} else { } else {
dbQuery("DELETE from PluginsConfig WHERE Id=".$popt['Id']); dbQuery('DELETE FROM PluginsConfig WHERE Id=?', array( $popt['Id'] ) );
} }
} }
foreach($pluginOptions as $name => $values) foreach($pluginOptions as $name => $values)
@ -80,10 +79,8 @@ foreach($pluginOptions as $name => $values)
if(!in_array($name, $optionNames)) if(!in_array($name, $optionNames))
{ {
$popt=$pluginOptions[$name]; $popt=$pluginOptions[$name];
$sql="INSERT INTO PluginsConfig VALUES $sql="INSERT INTO PluginsConfig VALUES ('',?,?,?,?,?,?,?)";
('','".dbEscape($popt['Name'])."','".dbEscape($popt['Value'])."', dbQuery($sql, array( $popt['Name'], $popt['Value'], $popt['Type'], $popt['Choices'], $mid, $zid, $plugin ) );
'".dbEscape($popt['Type'])."','".dbEscape($popt['Choices'])."','$mid','$zid','$plugin')";
dbQuery($sql);
} }
} }

View File

@ -27,8 +27,8 @@ if ( !canView( 'Events' ) )
$eid = validInt($_REQUEST['eid']); $eid = validInt($_REQUEST['eid']);
$fid = validInt($_REQUEST['fid']); $fid = validInt($_REQUEST['fid']);
$sql = "select S.*,E.*,Z.Name as ZoneName,Z.Units,Z.Area,M.Name as MonitorName from Stats as S left join Events as E on S.EventId = E.Id left join Zones as Z on S.ZoneId = Z.Id left join Monitors as M on E.MonitorId = M.Id where S.EventId = '".dbEscape($eid)."' and S.FrameId = '".dbEscape($fid)."' order by S.ZoneId"; $sql = 'SELECT S.*,E.*,Z.Name AS ZoneName,Z.Units,Z.Area,M.Name AS MonitorName FROM Stats AS S LEFT JOIN Events AS E ON S.EventId = E.Id LEFT JOIN Zones AS Z ON S.ZoneId = Z.Id LEFT JOIN Monitors AS M ON E.MonitorId = M.Id WHERE S.EventId = ? AND S.FrameId = ? ORDER BY S.ZoneId';
$stats = dbFetchAll( $sql ); $stats = dbFetchAll( $sql, NULL, array( $eid, $fid ) );
$focusWindow = true; $focusWindow = true;

View File

@ -382,8 +382,8 @@ foreach( dbFetchAll( $eventsSql ) as $event )
{ {
if ( $startIndex == $endIndex ) if ( $startIndex == $endIndex )
{ {
$framesSql = "select FrameId,Score from Frames where EventId = '".$event['Id']."' and Score > 0 order by Score desc limit 1"; $framesSql = "select FrameId,Score from Frames where EventId = ? and Score > 0 order by Score desc limit 1";
$frame = dbFetchOne( $framesSql ); $frame = dbFetchOne( $framesSql, NULL, array($event['Id']) );
$i = $startIndex; $i = $startIndex;
if ( !isset($currFrameSlots[$i]) ) if ( !isset($currFrameSlots[$i]) )
@ -407,8 +407,8 @@ foreach( dbFetchAll( $eventsSql ) as $event )
} }
else else
{ {
$framesSql = "select FrameId,Delta,unix_timestamp(TimeStamp) as TimeT,Score from Frames where EventId = '".$event['Id']."' and Score > 0"; $framesSql = "select FrameId,Delta,unix_timestamp(TimeStamp) as TimeT,Score from Frames where EventId = ? and Score > 0";
$result = dbQuery( $framesSql ); $result = dbQuery( $framesSql, array( $event['Id'] ) );
while( $frame = dbFetchNext( $result ) ) while( $frame = dbFetchNext( $result ) )
{ {
if ( $frame['Score'] == 0 ) if ( $frame['Score'] == 0 )
@ -462,8 +462,8 @@ if ( false )
{ {
if ( !isset($currFrameSlots[$i]['frame']) ) if ( !isset($currFrameSlots[$i]['frame']) )
{ {
$framesSql = "select FrameId,Score from Frames where EventId = '".$currFrameSlots[$i]['event']['Id']."' and Score > 0 order by FrameId limit 1"; $framesSql = "select FrameId,Score from Frames where EventId = ? and Score > 0 order by FrameId limit 1";
$currFrameSlots[$i]['frame'] = dbFetchOne( $framesSql ); $currFrameSlots[$i]['frame'] = dbFetchOne( $framesSql, NULL, array( $currFrameSlots[$i]['event']['Id'] ) );
} }
} }
} }
@ -818,10 +818,10 @@ xhtmlHeaders(__FILE__, $SLANG['Timeline'] );
<div id="dataPanel"> <div id="dataPanel">
<div id="textPanel"> <div id="textPanel">
<div id="instruction"> <div id="instruction">
<p>Pass your mouse over the graph to view a snapshot image and event details.</p> <p><?= $SLANG['TimelineTip1'] ?></p>
<p>Click on the coloured sections of the graph, or the image, to view the event.</p> <p><?= $SLANG['TimelineTip2'] ?></p>
<p>Click on the background to zoom in to a smaller time period based around your click.</p> <p><?= $SLANG['TimelineTip3'] ?></p>
<p>Use the controls below to zoom out or navigate back and forward through the time range.</p> <p><?= $SLANG['TimelineTip4'] ?></p>
</div> </div>
<div id="eventData"> <div id="eventData">
</div> </div>

View File

@ -25,9 +25,7 @@ if ( !canEdit( 'System' ) && !$selfEdit )
$view = "error"; $view = "error";
return; return;
} }
$sql = "select * from Users where Id = '".dbEscape($_REQUEST['uid'])."'"; if ( !($newUser = dbFetchOne( 'SELECT * FROM Users WHERE Id = ?', NULL, $_REQUEST['uid']) ) ); {
if ( !($newUser = dbFetchOne( $sql )) )
{
$newUser = array(); $newUser = array();
$newUser['Username'] = $SLANG['NewUser']; $newUser['Username'] = $SLANG['NewUser'];
$newUser['Enabled'] = 1; $newUser['Enabled'] = 1;

View File

@ -29,8 +29,8 @@ if ( !empty($user['MonitorIds']) )
else else
$midSql = ''; $midSql = '';
$sql = "select E.*,M.Name as MonitorName,M.DefaultRate,M.DefaultScale from Events as E inner join Monitors as M on E.MonitorId = M.Id where E.Id = ".dbEscape($_REQUEST['eid']).$midSql; $sql = 'SELECT E.*,M.Name AS MonitorName,M.DefaultRate,M.DefaultScale FROM Events AS E INNER JOIN Monitors AS M ON E.MonitorId = M.Id WHERE E.Id = ?'.$midSql;
$event = dbFetchOne( $sql ); $event = dbFetchOne( $sql, NULL, array( $_REQUEST['eid'] ) );
if ( isset( $_REQUEST['rate'] ) ) if ( isset( $_REQUEST['rate'] ) )
$rate = validInt($_REQUEST['rate']); $rate = validInt($_REQUEST['rate']);

View File

@ -24,8 +24,8 @@ if ( !canView( 'Stream' ) )
return; return;
} }
$sql = "select C.*, M.* from Monitors as M left join Controls as C on (M.ControlId = C.Id ) where M.Id = '".dbEscape($_REQUEST['mid'])."'"; $sql = 'SELECT C.*, M.* FROM Monitors AS M LEFT JOIN Controls AS C ON (M.ControlId = C.Id ) WHERE M.Id = ?';
$monitor = dbFetchOne( $sql ); $monitor = dbFetchOne( $sql, NULL, array($_REQUEST['mid']) );
if ( isset($_REQUEST['showControls']) ) if ( isset($_REQUEST['showControls']) )
$showControls = validInt($_REQUEST['showControls']); $showControls = validInt($_REQUEST['showControls']);

View File

@ -70,7 +70,7 @@ if ( !isset($newZone) )
{ {
if ( $zid > 0 ) if ( $zid > 0 )
{ {
$zone = dbFetchOne( "select * from Zones where MonitorId = '".dbEscape($monitor['Id'])."' and Id = '".dbEscape($zid)."'" ); $zone = dbFetchOne( 'SELECT * FROM Zones WHERE MonitorId = ? AND Id=?', NULL, array( $monitor['Id'], $zid ) );
} }
else else
{ {

View File

@ -32,9 +32,8 @@ chdir( $wd );
$monitor = dbFetchMonitor( $mid ); $monitor = dbFetchMonitor( $mid );
$sql = "select * from Zones where MonitorId = '".$mid."' order by Area desc";
$zones = array(); $zones = array();
foreach( dbFetchAll( $sql ) as $row ) foreach( dbFetchAll( 'select * from Zones where MonitorId = ? order by Area desc', NULL, array($mid) ) as $row )
{ {
if ( $row['Points'] = coordsToPoints( $row['Coords'] ) ) if ( $row['Points'] = coordsToPoints( $row['Coords'] ) )
{ {