ZaneYork
/
zoneminder
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix spacing and code style, and when logging in, change view to console

This commit is contained in:
Isaac Connor 2016-07-22 16:03:39 -04:00
parent 9262d9d14e
commit 6d1f85bcd6
1 changed files with 974 additions and 990 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
web/includes/actions.php
View File

@ -23,8 +23,7 @@
// credit: http://wezfurlong.org/blog/2006/nov/http-post-from-php-without-curl/ // credit: http://wezfurlong.org/blog/2006/nov/http-post-from-php-without-curl/
function do_post_request($url, $data, $optional_headers = null) function do_post_request($url, $data, $optional_headers = null) {
{
$params = array('http' => array( $params = array('http' => array(
'method' => 'POST', 'method' => 'POST',
'content' => $data 'content' => $data
@ -44,12 +43,10 @@ function do_post_request($url, $data, $optional_headers = null)
return $response; return $response;
} }
function getAffectedIds( $name ) function getAffectedIds( $name ) {
{
$names = $name."s"; $names = $name."s";
$ids = array(); $ids = array();
if ( isset($_REQUEST[$names]) || isset($_REQUEST[$name]) ) if ( isset($_REQUEST[$names]) || isset($_REQUEST[$name]) ) {
{
if ( isset($_REQUEST[$names]) ) if ( isset($_REQUEST[$names]) )
$ids = validInt($_REQUEST[$names]); $ids = validInt($_REQUEST[$names]);
else if ( isset($_REQUEST[$name]) ) else if ( isset($_REQUEST[$name]) )
@ -58,18 +55,14 @@ function getAffectedIds( $name )
return( $ids ); return( $ids );
} }
if ( ZM_OPT_USE_AUTH && ZM_AUTH_HASH_LOGINS && empty($user) && !empty($_REQUEST['auth']) ) if ( ZM_OPT_USE_AUTH && ZM_AUTH_HASH_LOGINS && empty($user) && !empty($_REQUEST['auth']) ) {
{ if ( $authUser = getAuthUser( $_REQUEST['auth'] ) ) {
if ( $authUser = getAuthUser( $_REQUEST['auth'] ) )
{
userLogin( $authUser['Username'], $authUser['Password'], true ); userLogin( $authUser['Username'], $authUser['Password'], true );
} }
} }
if ( !empty($action) ) if ( !empty($action) ) {
{ if ( $action == "login" && isset($_REQUEST['username']) && ( ZM_AUTH_TYPE == "remote" || isset($_REQUEST['password']) ) ) {
if ( $action == "login" && isset($_REQUEST['username']) && ( ZM_AUTH_TYPE == "remote" || isset($_REQUEST['password']) ) )
{
// if true, a popup will display after login // if true, a popup will display after login
// PP - lets validate reCaptcha if it exists // PP - lets validate reCaptcha if it exists
if ( defined('ZM_OPT_USE_GOOG_RECAPTCHA') if ( defined('ZM_OPT_USE_GOOG_RECAPTCHA')
@ -83,51 +76,42 @@ if ( !empty($action) )
'secret'=> ZM_OPT_GOOG_RECAPTCHA_SECRETKEY, 'secret'=> ZM_OPT_GOOG_RECAPTCHA_SECRETKEY,
'response' => $_REQUEST['g-recaptcha-response'], 'response' => $_REQUEST['g-recaptcha-response'],
'remoteip'=> $_SERVER['REMOTE_ADDR'] 'remoteip'=> $_SERVER['REMOTE_ADDR']
); );
$res= do_post_request($url, http_build_query($fields)); $res= do_post_request($url, http_build_query($fields));
$responseData = json_decode($res,true); $responseData = json_decode($res,true);
// PP - credit: https://github.com/google/recaptcha/blob/master/src/ReCaptcha/Response.php // PP - credit: https://github.com/google/recaptcha/blob/master/src/ReCaptcha/Response.php
// if recaptcha resulted in error, we might have to deny login // if recaptcha resulted in error, we might have to deny login
if (isset($responseData['success']) && $responseData['success'] == false) if (isset($responseData['success']) && $responseData['success'] == false) {
{
// PP - before we deny auth, let's make sure the error was not 'invalid secret' // PP - before we deny auth, let's make sure the error was not 'invalid secret'
// because that means the user did not configure the secret key correctly // because that means the user did not configure the secret key correctly
// in this case, we prefer to let him login in and display a message to correct // in this case, we prefer to let him login in and display a message to correct
// the key. Unfortunately, there is no way to check for invalid site key in code // the key. Unfortunately, there is no way to check for invalid site key in code
// as it produces the same error as when you don't answer a recaptcha // as it produces the same error as when you don't answer a recaptcha
if (isset($responseData['error-codes']) && is_array($responseData['error-codes'])) if (isset($responseData['error-codes']) && is_array($responseData['error-codes'])) {
{ if (!in_array('invalid-input-secret',$responseData['error-codes'])) {
if (!in_array('invalid-input-secret',$responseData['error-codes']))
{
Error ("reCaptcha authentication failed"); Error ("reCaptcha authentication failed");
userLogout(); userLogout();
$view='login'; $view='login';
$refreshParent = true; $refreshParent = true;
} } else {
else
{
//Let them login but show an error //Let them login but show an error
echo '<script type="text/javascript">alert("'.translate('RecaptchaWarning').'"); </script>'; echo '<script type="text/javascript">alert("'.translate('RecaptchaWarning').'"); </script>';
Error ("Invalid recaptcha secret detected"); Error ("Invalid recaptcha secret detected");
}
}
} // end if success==false
} } // end if using reCaptcha
}
}
}
} }
// General scope actions // General scope actions
if ( $action == "login" && isset($_REQUEST['username']) && ( ZM_AUTH_TYPE == "remote" || isset($_REQUEST['password']) ) ) if ( $action == "login" && isset($_REQUEST['username']) && ( ZM_AUTH_TYPE == "remote" || isset($_REQUEST['password']) ) ) {
{
$username = validStr( $_REQUEST['username'] ); $username = validStr( $_REQUEST['username'] );
$password = isset($_REQUEST['password'])?validStr($_REQUEST['password']):''; $password = isset($_REQUEST['password'])?validStr($_REQUEST['password']):'';
userLogin( $username, $password ); userLogin( $username, $password );
} $refreshParent = true;
elseif ( $action == "logout" ) $view = 'console';
{ } elseif ( $action == "logout" ) {
userLogout(); userLogout();
$refreshParent = true; $refreshParent = true;
$view = 'none'; $view = 'none';