diff --git a/web/ajax/stream.php b/web/ajax/stream.php index 93c35a46a..4b39c0ac0 100644 --- a/web/ajax/stream.php +++ b/web/ajax/stream.php @@ -21,23 +21,23 @@ if ( !@socket_bind( $socket, $locSockFile ) ) switch ( $_REQUEST['command'] ) { case CMD_VARPLAY : - Debug( "Varplaying to ".$_REQUEST['rate'] ); + Logger::Debug( "Varplaying to ".$_REQUEST['rate'] ); $msg = pack( "lcn", MSG_CMD, $_REQUEST['command'], $_REQUEST['rate']+32768 ); break; case CMD_ZOOMIN : - Debug( "Zooming to ".$_REQUEST['x'].",".$_REQUEST['y'] ); + Logger::Debug( "Zooming to ".$_REQUEST['x'].",".$_REQUEST['y'] ); $msg = pack( "lcnn", MSG_CMD, $_REQUEST['command'], $_REQUEST['x'], $_REQUEST['y'] ); break; case CMD_PAN : - Debug( "Panning to ".$_REQUEST['x'].",".$_REQUEST['y'] ); + Logger::Debug( "Panning to ".$_REQUEST['x'].",".$_REQUEST['y'] ); $msg = pack( "lcnn", MSG_CMD, $_REQUEST['command'], $_REQUEST['x'], $_REQUEST['y'] ); break; case CMD_SCALE : - Debug( "Scaling to ".$_REQUEST['scale'] ); + Logger::Debug( "Scaling to ".$_REQUEST['scale'] ); $msg = pack( "lcn", MSG_CMD, $_REQUEST['command'], $_REQUEST['scale'] ); break; case CMD_SEEK : - Debug( "Seeking to ".$_REQUEST['offset'] ); + Logger::Debug( "Seeking to ".$_REQUEST['offset'] ); $msg = pack( "lcN", MSG_CMD, $_REQUEST['command'], $_REQUEST['offset'] ); break; default : diff --git a/web/api/app/Controller/AppController.php b/web/api/app/Controller/AppController.php index bfb20aa49..e9c84ab4f 100644 --- a/web/api/app/Controller/AppController.php +++ b/web/api/app/Controller/AppController.php @@ -88,6 +88,31 @@ class AppController extends Controller { } } + if ( isset($_REQUEST['auth']) ) { + require_once "../../../includes/functions.php"; + + // Define some defines required by getAuthUser in functions.php + $defines = array('ZM_AUTH_HASH_IPS', 'ZM_AUTH_HASH_SECRET', 'ZM_AUTH_RELAY', 'ZM_OPT_USE_AUTH'); + $configQuery = array( + 'conditions' => array('OR' => array('Name' => $defines)), + 'fields' => array('Name', 'Value') + ); + $config = $this->Config->find('list', $configQuery); + + foreach ($defines as $define) { + define($define, $config[$define]); + } + + $user = getAuthUser($_REQUEST['auth']); + if ( ! $user ) { + throw new UnauthorizedException(__('User not found')); + return; + } else { + $this->Session->Write( 'user.Username', $user['Username'] ); + $this->Session->Write( 'user.Enabled', $user['Enabled'] ); + } + } + if( ! $this->Session->Read('user.Username') ) { throw new UnauthorizedException(__('Not Authenticated')); return; diff --git a/web/includes/Event.php b/web/includes/Event.php index 11a8f4faa..d7842c96b 100644 --- a/web/includes/Event.php +++ b/web/includes/Event.php @@ -218,11 +218,11 @@ class Event { } $command ='ffmpeg -v 0 -i '.$videoPath.' -vf "select=gte(n\\,'.$frame['FrameId'].'),setpts=PTS-STARTPTS" '.$eventPath.'/'.$captImage; - Debug( "Running $command" ); + Logger::Debug( "Running $command" ); $output = array(); $retval = 0; exec( $command, $output, $retval ); - Debug("Retval: $retval, output: " . implode("\n", $output)); + Logger::Debug("Retval: $retval, output: " . implode("\n", $output)); } else { Error("Can't create frame images from video becuase there is no video file for this event (".$Event->DefaultVideo() ); } diff --git a/web/includes/database.php b/web/includes/database.php index bfd17b70e..8335357b2 100644 --- a/web/includes/database.php +++ b/web/includes/database.php @@ -88,7 +88,7 @@ function dbLog( $sql, $update=false ) global $dbLogLevel; $noExecute = $update && ($dbLogLevel >= DB_LOG_DEBUG); if ( $dbLogLevel > DB_LOG_OFF ) - Debug( "SQL-LOG: $sql".($noExecute?" (not executed)":"") ); + Logger::Debug( "SQL-LOG: $sql".($noExecute?" (not executed)":"") ); return( $noExecute ); } diff --git a/web/includes/functions.php b/web/includes/functions.php index 1c542094f..45be252b4 100644 --- a/web/includes/functions.php +++ b/web/includes/functions.php @@ -27,6 +27,9 @@ if ( version_compare( phpversion(), "4.3.0", "<") ) { } } +require_once( 'logger.php' ); +require_once( 'database.php' ); + function userLogin( $username, $password="", $passwordHashed=false ) { global $user, $cookies; diff --git a/web/includes/logger.php b/web/includes/logger.php index 03854dbf9..b10749f10 100644 --- a/web/includes/logger.php +++ b/web/includes/logger.php @@ -165,7 +165,7 @@ class Logger $this->initialised = true; - Debug( "LogOpts: level=".self::$codes[$this->level]."/".self::$codes[$this->effectiveLevel].", screen=".self::$codes[$this->termLevel].", database=".self::$codes[$this->databaseLevel].", logfile=".self::$codes[$this->fileLevel]."->".$this->logFile.", weblog=".self::$codes[$this->weblogLevel].", syslog=".self::$codes[$this->syslogLevel] ); + Logger::Debug( "LogOpts: level=".self::$codes[$this->level]."/".self::$codes[$this->effectiveLevel].", screen=".self::$codes[$this->termLevel].", database=".self::$codes[$this->databaseLevel].", logfile=".self::$codes[$this->fileLevel]."->".$this->logFile.", weblog=".self::$codes[$this->weblogLevel].", syslog=".self::$codes[$this->syslogLevel] ); } private function terminate() @@ -212,6 +212,11 @@ class Logger return self::$instance; } + public static function Debug( $string ) + { + Logger::fetch()->logPrint( Logger::DEBUG, $string ); + } + public function id( $id=NULL ) { if ( isset($id) && $this->id != $id ) @@ -505,11 +510,6 @@ function Dump( &$var, $label="VAR" ) Logger::fetch()->logPrint( Logger::DEBUG, ob_get_clean() ); } -function Debug( $string ) -{ - Logger::fetch()->logPrint( Logger::DEBUG, $string ); -} - function Info( $string ) { Logger::fetch()->logPrint( Logger::INFO, $string ); diff --git a/web/index.php b/web/index.php index 111a5b9e6..2380a3232 100644 --- a/web/index.php +++ b/web/index.php @@ -114,7 +114,7 @@ if ( !file_exists( ZM_SKIN_PATH ) ) $skinBase[] = $skin; $currentCookieParams = session_get_cookie_params(); -Debug('Setting cookie parameters to lifetime('.$currentCookieParams['lifetime'].') path('.$currentCookieParams['path'].') domain ('.$currentCookieParams['domain'].') secure('.$currentCookieParams['secure'].') httpOnly(1)'); +Logger::Debug('Setting cookie parameters to lifetime('.$currentCookieParams['lifetime'].') path('.$currentCookieParams['path'].') domain ('.$currentCookieParams['domain'].') secure('.$currentCookieParams['secure'].') httpOnly(1)'); session_set_cookie_params( $currentCookieParams["lifetime"], $currentCookieParams["path"], @@ -176,8 +176,8 @@ isset($view) || $view = NULL; isset($request) || $request = NULL; isset($action) || $action = NULL; -if ( ZM_ENABLE_CSRF_MAGIC && $action != 'login' ) { - Debug("Calling csrf_check with the following values: \$request = \"$request\", \$view = \"$view\", \$action = \"$action\""); +if ( ZM_ENABLE_CSRF_MAGIC ) { + Logger::Debug("Calling csrf_check with the following values: \$request = \"$request\", \$view = \"$view\", \$action = \"$action\""); csrf_check(); }