From 17a02d66f78739d08fc176e214308c6445f901ae Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sat, 11 Aug 2018 13:35:37 -0400 Subject: [PATCH 01/15] google code style --- src/zm_image.cpp | 8 +++----- src/zm_image.h | 18 +++++++++--------- 2 files changed, 12 insertions(+), 14 deletions(-) diff --git a/src/zm_image.cpp b/src/zm_image.cpp index 9ea89a0d2..c4b76028e 100644 --- a/src/zm_image.cpp +++ b/src/zm_image.cpp @@ -649,11 +649,9 @@ void Image::Assign( const Image &image ) { (*fptr_imgbufcpy)(buffer, image.buffer, size); } -Image *Image::HighlightEdges( Rgb colour, unsigned int p_colours, unsigned int p_subpixelorder, const Box *limits ) -{ - if ( colours != ZM_COLOUR_GRAY8 ) - { - Panic( "Attempt to highlight image edges when colours = %d", colours ); +Image *Image::HighlightEdges( Rgb colour, unsigned int p_colours, unsigned int p_subpixelorder, const Box *limits ) { + if ( colours != ZM_COLOUR_GRAY8 ) { + Panic("Attempt to highlight image edges when colours = %d", colours); } /* Convert the colour's RGBA subpixel order into the image's subpixel order */ diff --git a/src/zm_image.h b/src/zm_image.h index 104ccdcdc..dafd067f1 100644 --- a/src/zm_image.h +++ b/src/zm_image.h @@ -160,16 +160,16 @@ public: static void Initialise(); static void Deinitialise(); - inline unsigned int Width() const { return( width ); } - inline unsigned int Height() const { return( height ); } - inline unsigned int Pixels() const { return( pixels ); } - inline unsigned int Colours() const { return( colours ); } - inline unsigned int SubpixelOrder() const { return( subpixelorder ); } - inline unsigned int Size() const { return( size ); } + inline unsigned int Width() const { return width; } + inline unsigned int Height() const { return height; } + inline unsigned int Pixels() const { return pixels; } + inline unsigned int Colours() const { return colours; } + inline unsigned int SubpixelOrder() const { return subpixelorder; } + inline unsigned int Size() const { return size; } /* Internal buffer should not be modified from functions outside of this class */ - inline const uint8_t* Buffer() const { return( buffer ); } - inline const uint8_t* Buffer( unsigned int x, unsigned int y= 0 ) const { return( &buffer[colours*((y*width)+x)] ); } + inline const uint8_t* Buffer() const { return buffer; } + inline const uint8_t* Buffer( unsigned int x, unsigned int y= 0 ) const { return &buffer[colours*((y*width)+x)]; } /* Request writeable buffer */ uint8_t* WriteBuffer(const unsigned int p_width, const unsigned int p_height, const unsigned int p_colours, const unsigned int p_subpixelorder); @@ -196,7 +196,7 @@ public: } inline Image &operator=( const unsigned char *new_buffer ) { (*fptr_imgbufcpy)(buffer, new_buffer, size); - return( *this ); + return *this; } bool ReadRaw( const char *filename ); From 94401b6765a4407cff408fd4c947f291db6b9543 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sat, 11 Aug 2018 13:35:57 -0400 Subject: [PATCH 02/15] create ZM_PATH_SOCKS if it doesn't exist --- web/ajax/stream.php | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/web/ajax/stream.php b/web/ajax/stream.php index 44aaec8e6..356227529 100644 --- a/web/ajax/stream.php +++ b/web/ajax/stream.php @@ -3,11 +3,14 @@ $start_time = time(); -define( 'MSG_TIMEOUT', ZM_WEB_AJAX_TIMEOUT/2 ); -define( 'MSG_DATA_SIZE', 4+256 ); +define('MSG_TIMEOUT', ZM_WEB_AJAX_TIMEOUT/2); +define('MSG_DATA_SIZE', 4+256); if ( !($_REQUEST['connkey'] && $_REQUEST['command']) ) { - ajaxError( "Unexpected received message type '$type'" ); + ajaxError("Unexpected received message type '$type'"); +} + +if (!mkdir(ZM_PATH_SOCKS) ) { } # The file that we point ftok to has to exist, and only exist if zms is running, so we are pointing it at the .sock From 718bb6bba30928ba6275fcfb66a74b0fb2a69e4f Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 28 Aug 2018 10:37:02 -0400 Subject: [PATCH 03/15] Remove zm from alter statement --- db/zm_update-1.31.43.sql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/db/zm_update-1.31.43.sql b/db/zm_update-1.31.43.sql index 05a92288e..c97405903 100644 --- a/db/zm_update-1.31.43.sql +++ b/db/zm_update-1.31.43.sql @@ -5,7 +5,7 @@ -- Add Refresh column to Monitors table -- -ALTER TABLE `zm`.`Monitors` +ALTER TABLE `Monitors` CHANGE COLUMN `Type` `Type` ENUM('Local', 'Remote', 'File', 'Ffmpeg', 'Libvlc', 'cURL', 'WebSite') NOT NULL DEFAULT 'Local' ; SET @s = (SELECT IF( From 8f0fb0843a90cd7c9b8091daa012bec62f92551e Mon Sep 17 00:00:00 2001 From: Andrew Bauer Date: Thu, 30 Aug 2018 12:25:02 -0500 Subject: [PATCH 04/15] Add Privacy Statement (#2194) * initial implementation of privacy popup * split the privacy text and run it through translate * change style of toggle button, validate the form * fix copy/paste error * fix typos * display privacy view inline rather than popup * display privacy inline if show_privacy flag set * redirect to console after selection is made * typo * css formatting * update privacy verbiage * create and load default.php * fix typos * fix erroneous copy/paste --- .../lib/ZoneMinder/ConfigData.pm.in | 9 +++ scripts/zmupdate.pl.in | 5 ++ web/includes/actions.php | 23 ++++++ web/includes/lang.php | 8 +- web/index.php | 5 ++ web/lang/default.php | 44 +++++++++++ web/lang/en_gb.php | 12 +++ web/skins/classic/css/base/views/privacy.css | 14 ++++ web/skins/classic/views/js/privacy.js | 9 +++ web/skins/classic/views/privacy.php | 74 +++++++++++++++++++ 10 files changed, 202 insertions(+), 1 deletion(-) create mode 100644 web/lang/default.php create mode 100644 web/skins/classic/css/base/views/privacy.css create mode 100644 web/skins/classic/views/js/privacy.js create mode 100644 web/skins/classic/views/privacy.php diff --git a/scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in b/scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in index c6136717a..6a3a66dae 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in +++ b/scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in @@ -3882,6 +3882,15 @@ our @options = ( readonly => 1, category => 'dynamic', }, + { + name => 'ZM_SHOW_PRIVACY', + default => 'yes', + description => 'Present the privacy statment', + help => '', + type => $types{boolean}, + readonly => 1, + category => 'dynamic', + }, { name => 'ZM_SSMTP_MAIL', default => 'no', diff --git a/scripts/zmupdate.pl.in b/scripts/zmupdate.pl.in index f428ea1f9..45d45851a 100644 --- a/scripts/zmupdate.pl.in +++ b/scripts/zmupdate.pl.in @@ -922,6 +922,11 @@ if ( $version ) { zmDbDisconnect(); die( "Can't find upgrade from version '$version'" ); } + # Re-enable the privacy popup after each upgrade + my $sql = "update Config set Value = 1 where Name = 'ZM_SHOW_PRIVACY'"; + my $sth = $dbh->prepare_cached( $sql ) or die( "Can't prepare '$sql': ".$dbh->errstr() ); + my $res = $sth->execute( ) or die( "Can't execute: ".$sth->errstr() ); + $sth->finish(); print( "\nDatabase upgrade to version ".ZM_VERSION." successful.\n\n" ); } zmDbDisconnect(); diff --git a/web/includes/actions.php b/web/includes/actions.php index a38515f3d..cd67fc81c 100644 --- a/web/includes/actions.php +++ b/web/includes/actions.php @@ -863,6 +863,29 @@ if ( canEdit( 'System' ) ) { } } // end switch option } + if ( $action == 'privacy' && isset($_REQUEST['option'] ) ) { + $option = $_REQUEST['option']; + switch( $option ) { + case 'decline' : + { + dbQuery( "update Config set Value = '0' where Name = 'ZM_SHOW_PRIVACY'" ); + dbQuery( "update Config set Value = '0' where Name = 'ZM_TELEMETRY_DATA'" ); + $view = 'console'; + $redirect = ZM_BASE_URL.$_SERVER['PHP_SELF'].'?view=console'; + break; + } + case 'accept' : + { + dbQuery( "update Config set Value = '0' where Name = 'ZM_SHOW_PRIVACY'" ); + dbQuery( "update Config set Value = '1' where Name = 'ZM_TELEMETRY_DATA'" ); + $view = 'console'; + $redirect = ZM_BASE_URL.$_SERVER['PHP_SELF'].'?view=console'; + break; + } + default: # Enable the privacy statement if we somehow submit something other than accept or decline + dbQuery( "update Config set Value = '1' where Name = 'ZM_SHOW_PRIVACY'" ); + } // end switch option + } if ( $action == 'options' && isset($_REQUEST['tab']) ) { $configCat = $configCats[$_REQUEST['tab']]; $changed = false; diff --git a/web/includes/lang.php b/web/includes/lang.php index 0cab566b7..0c40e7f60 100644 --- a/web/includes/lang.php +++ b/web/includes/lang.php @@ -49,8 +49,14 @@ function loadLanguage( $prefix="" ) return( false ); } -if ( $langFile = loadLanguage() ) +if ( $langFile = loadLanguage() ) { require_once( $langFile ); + require_once( 'lang/default.php' ); + foreach ($DLANG as $key => $value) { + if ( ! array_key_exists( $key, $SLANG ) ) + $SLANG[$key] = $DLANG[$key]; + } +} // diff --git a/web/index.php b/web/index.php index 7f823f1fd..69745ce3c 100644 --- a/web/index.php +++ b/web/index.php @@ -221,6 +221,11 @@ if ( ZM_OPT_USE_AUTH and ! isset($user) ) { $request = null; } +if ( ZM_SHOW_PRIVACY && canEdit('System') ) { + Logger::Debug("Redirecting to privacy" ); + $view = 'privacy'; + $request = null; +} if ( $redirect ) { header('Location: '.$redirect); diff --git a/web/lang/default.php b/web/lang/default.php new file mode 100644 index 000000000..85f27cfe1 --- /dev/null +++ b/web/lang/default.php @@ -0,0 +1,44 @@ + 'Privacy', + 'PrivacyAbout' => 'About', + 'PrivacyAboutText' => 'Since 2002, ZoneMinder has been the premier free and open-source Video Management System (VMS) solution for Linux platforms. ZoneMinder is supported by the community and is managed by those who choose to volunteer their spare time to the project. The best way to improve ZoneMinder is to get involved.', + 'PrivacyContact' => 'Contact', + 'PrivacyContactText' => 'Please contact us here for any questions regarding our privacy policy or to have your information removed.

For support, there are three primary ways to engage with the community:

Our Github forum is only for bug reporting. Please use our user forum or slack channel for all other questions or comments.

', + 'PrivacyCookies' => 'Cookies', + 'PrivacyCookiesText' => 'Whether you use a web browser or a mobile app to communicate with the ZoneMinder server, a ZMSESSID cookie is created on the client to uniquely identify a session with the ZoneMinder server. ZmCSS and zmSkin cookies are created to remember your style and skin choices.', + 'PrivacyTelemetry' => 'Telemetry', + 'PrivacyTelemetryText' => 'Because ZoneMinder is open-source, anyone can install it without registering. This makes it difficult to answer questions such as: how many systems are out there, what is the largest system out there, what kind of systems are out there, or where are these systems located? Knowing the answers to these questions, helps users who ask us these questions, and it helps us set priorities based on the majority user base.', + 'PrivacyTelemetryList' => 'The ZoneMinder Telemetry daemon collects the following data about your system:
  • A unique identifier (UUID)
  • City based location is gathered by querying ipinfo.io. City, region, country, latitude, and longitude parameters are saved. The latitude and longitude coordinates are accurate down to the city or town level only!
  • Current time
  • Total number of monitors
  • Total number of events
  • System architecture
  • Operating system kernel, distro, and distro version
  • Version of ZoneMinder
  • Total amount of memory
  • Number of cpu cores
', + 'PrivacyMonitorList' => 'The following configuration parameters from each monitor are collected:
  • Id
  • Name
  • Type
  • Function
  • Width
  • Height
  • Colours
  • MaxFPS
  • AlarmMaxFPS
', + 'PrivacyConclusionText' => 'We are NOT collecting any image specific data from your cameras. We don’t know what your cameras are watching. This data will not be sold or used for any purpose not stated herein. By clicking accept, you agree to send us this data to help make ZoneMinder a better product. By clicking decline, you can still freely use ZoneMinder and all its features.', +); + +?> + diff --git a/web/lang/en_gb.php b/web/lang/en_gb.php index ba77b156e..27357ade9 100644 --- a/web/lang/en_gb.php +++ b/web/lang/en_gb.php @@ -600,6 +600,18 @@ $SLANG = array( 'Preset' => 'Preset', 'Presets' => 'Presets', 'Prev' => 'Prev', + 'Privacy' => 'Privacy', + 'PrivacyAbout' => 'About', + 'PrivacyAboutText' => 'Since 2002, ZoneMinder has been the premier free and open-source Video Management System (VMS) solution for Linux platforms. ZoneMinder is supported by the community and is managed by those who choose to volunteer their spare time to the project. The best way to improve ZoneMinder is to get involved.', + 'PrivacyContact' => 'Contact', + 'PrivacyContactText' => 'Please contact us here for any questions regarding our privacy policy or to have your information removed.

For support, there are three primary ways to engage with the community:

Our Github forum is only for bug reporting. Please use our user forum or slack channel for all other questions or comments.

', + 'PrivacyCookies' => 'Cookies', + 'PrivacyCookiesText' => 'Whether you use a web browser or a mobile app to communicate with the ZoneMinder server, a ZMSESSID cookie is created on the client to uniquely identify a session with the ZoneMinder server. ZmCSS and zmSkin cookies are created to remember your style and skin choices.', + 'PrivacyTelemetry' => 'Telemetry', + 'PrivacyTelemetryText' => 'Because ZoneMinder is open-source, anyone can install it without registering. This makes it difficult to answer questions such as: how many systems are out there, what is the largest system out there, what kind of systems are out there, or where are these systems located? Knowing the answers to these questions, helps users who ask us these questions, and it helps us set priorities based on the majority user base.', + 'PrivacyTelemetryList' => 'The ZoneMinder Telemetry daemon collects the following data about your system:
  • A unique identifier (UUID)
  • City based location is gathered by querying ipinfo.io. City, region, country, latitude, and longitude parameters are saved. The latitude and longitude coordinates are accurate down to the city or town level only!
  • Current time
  • Total number of monitors
  • Total number of events
  • System architecture
  • Operating system kernel, distro, and distro version
  • Version of ZoneMinder
  • Total amount of memory
  • Number of cpu cores
', + 'PrivacyMonitorList' => 'The following configuration parameters from each monitor are collected:
  • Id
  • Name
  • Type
  • Function
  • Width
  • Height
  • Colours
  • MaxFPS
  • AlarmMaxFPS
', + 'PrivacyConclusionText' => 'We are NOT collecting any image specific data from your cameras. We don’t know what your cameras are watching. This data will not be sold or used for any purpose not stated herein. By clicking accept, you agree to send us this data to help make ZoneMinder a better product. By clicking decline, you can still freely use ZoneMinder and all its features.', 'Probe' => 'Probe', 'ProfileProbe' => 'Stream Probe', 'ProfileProbeIntro' => 'The list below shows the existing stream profiles of the selected camera .

Select the desired entry from the list below.

Please note that ZoneMinder cannot configure additional profiles and that choosing a camera here may overwrite any values you already have configured for the current monitor.

', diff --git a/web/skins/classic/css/base/views/privacy.css b/web/skins/classic/css/base/views/privacy.css new file mode 100644 index 000000000..f368fa110 --- /dev/null +++ b/web/skins/classic/css/base/views/privacy.css @@ -0,0 +1,14 @@ +h6 { + text-align: left; + font-weight: bold; + text-decoration: underline; +} + +p { + text-align: left; +} + +ul { + text-align: left; + list-style-type: disc; +} diff --git a/web/skins/classic/views/js/privacy.js b/web/skins/classic/views/js/privacy.js new file mode 100644 index 000000000..4b3499981 --- /dev/null +++ b/web/skins/classic/views/js/privacy.js @@ -0,0 +1,9 @@ +function submitForm( element ) { + var form = element.form; + if ( form.option.selectedIndex == 0 ) + form.view.value = currentView; + else + form.view.value = 'none'; + form.submit(); +} + diff --git a/web/skins/classic/views/privacy.php b/web/skins/classic/views/privacy.php new file mode 100644 index 000000000..1480c2973 --- /dev/null +++ b/web/skins/classic/views/privacy.php @@ -0,0 +1,74 @@ + translate('Accept'), + "decline" => translate('Decline'), +); + +$focusWindow = true; + +xhtmlHeaders(__FILE__, translate('Privacy') ); +?> + +
+ +
+
+ + +
+

+
+ +
+

+
+ +
+

+
+ +
+

+
+ +

+

+

+

+ +
+ +
+
+
+
+ + From 0eaa539dc61e32d89735a7bc89ac4e085e1a89ef Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 30 Aug 2018 14:53:27 -0400 Subject: [PATCH 05/15] ZM_SWAP_PATH may not exist, so always try to create it --- src/zm_monitorstream.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/zm_monitorstream.cpp b/src/zm_monitorstream.cpp index 48d83200c..d3721bf8f 100644 --- a/src/zm_monitorstream.cpp +++ b/src/zm_monitorstream.cpp @@ -482,7 +482,7 @@ void MonitorStream::runStream() { swap_path = staticConfig.PATH_SWAP; Debug( 3, "Checking swap path folder: %s", swap_path.c_str() ); - if ( checkSwapPath(swap_path.c_str(), false) ) { + if ( checkSwapPath(swap_path.c_str(), true) ) { swap_path += stringtf("/zmswap-m%d", monitor->Id()); Debug(4, "Checking swap path subfolder: %s", swap_path.c_str()); From 18c88be5504e78f5ad0dce2262f01fcf52d923cc Mon Sep 17 00:00:00 2001 From: Andrew Bauer Date: Fri, 31 Aug 2018 07:59:51 -0500 Subject: [PATCH 06/15] bump rpm specfile to 1.31.47 --- distros/redhat/zoneminder.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/distros/redhat/zoneminder.spec b/distros/redhat/zoneminder.spec index 042abb40e..a91a3a78e 100644 --- a/distros/redhat/zoneminder.spec +++ b/distros/redhat/zoneminder.spec @@ -26,7 +26,7 @@ %global _hardened_build 1 Name: zoneminder -Version: 1.31.45 +Version: 1.31.47 Release: 1%{?dist} Summary: A camera monitoring and analysis tool Group: System Environment/Daemons From 799b34eee8a2af20d76952d86b32d81317d0df39 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 31 Aug 2018 10:34:54 -0400 Subject: [PATCH 07/15] handle xhr errors like when auth is no longer valid. Do a page refresh when this happens --- web/skins/classic/views/js/watch.js | 113 ++++++++++++++++------------ 1 file changed, 65 insertions(+), 48 deletions(-) diff --git a/web/skins/classic/views/js/watch.js b/web/skins/classic/views/js/watch.js index c6a014f2b..7e8f868b3 100644 --- a/web/skins/classic/views/js/watch.js +++ b/web/skins/classic/views/js/watch.js @@ -114,6 +114,7 @@ if ( monitorType != 'WebSite' ) { method: 'get', timeout: AJAX_TIMEOUT, link: 'chain', + onError: getStreamCmdError, onSuccess: getStreamCmdResponse, onFailure: getStreamCmdFailure } ); @@ -122,22 +123,28 @@ if ( monitorType != 'WebSite' ) { var streamStatus; -function getStreamCmdFailure(xhr) { -console.log(xhr); +function getStreamCmdError(text,error) { + console.log(error); + // Error are normally due to failed auth. reload the page. + window.location.reload(); } -function getStreamCmdResponse( respObj, respText ) { +function getStreamCmdFailure(xhr) { + console.log(xhr); +} +function getStreamCmdResponse(respObj, respText) { watchdogOk("stream"); + console.log('stream'); if ( streamCmdTimer ) - streamCmdTimer = clearTimeout( streamCmdTimer ); + streamCmdTimer = clearTimeout(streamCmdTimer); if ( respObj.result == 'Ok' ) { // The get status command can get backed up, in which case we won't be able to get the semaphore and will exit. if ( respObj.status ) { streamStatus = respObj.status; - $('fpsValue').set( 'text', streamStatus.fps ); + $('fpsValue').set('text', streamStatus.fps); - setAlarmState( streamStatus.state ); + setAlarmState(streamStatus.state); - $('levelValue').set( 'text', streamStatus.level ); + $('levelValue').set('text', streamStatus.level); if ( streamStatus.level > 95 ) $('levelValue').className = "alarm"; else if ( streamStatus.level > 80 ) @@ -145,34 +152,34 @@ function getStreamCmdResponse( respObj, respText ) { else $('levelValue').className = "ok"; - var delayString = secsToTime( streamStatus.delay ); + var delayString = secsToTime(streamStatus.delay); if ( streamStatus.paused == true ) { - $('modeValue').set( 'text', "Paused" ); - $('rate').addClass( 'hidden' ); - $('delayValue').set( 'text', delayString ); - $('delay').removeClass( 'hidden' ); - $('level').removeClass( 'hidden' ); - streamCmdPause( false ); + $('modeValue').set('text', 'Paused'); + $('rate').addClass('hidden'); + $('delayValue').set('text', delayString); + $('delay').removeClass('hidden'); + $('level').removeClass('hidden'); + streamCmdPause(false); } else if ( streamStatus.delayed == true ) { - $('modeValue').set( 'text', "Replay" ); - $('rateValue').set( 'text', streamStatus.rate ); - $('rate').removeClass( 'hidden' ); - $('delayValue').set( 'text', delayString ); - $('delay').removeClass( 'hidden' ); - $('level').removeClass( 'hidden' ); + $('modeValue').set('text', 'Replay'); + $('rateValue').set('text', streamStatus.rate); + $('rate').removeClass('hidden'); + $('delayValue').set('text', delayString); + $('delay').removeClass('hidden'); + $('level').removeClass('hidden'); if ( streamStatus.rate == 1 ) { - streamCmdPlay( false ); + streamCmdPlay(false); } else if ( streamStatus.rate > 0 ) { if ( streamStatus.rate < 1 ) - streamCmdSlowFwd( false ); + streamCmdSlowFwd(false); else - streamCmdFastFwd( false ); + streamCmdFastFwd(false); } else { if ( streamStatus.rate > -1 ) - streamCmdSlowRev( false ); + streamCmdSlowRev(false); else - streamCmdFastRev( false ); + streamCmdFastRev(false); } // rate } else { $('modeValue').set( 'text', "Live" ); @@ -209,16 +216,19 @@ function getStreamCmdResponse( respObj, respText ) { } // end if canEditMonitors if ( streamStatus.auth ) { - console.log("Haev a new auth hash" + streamStatus.auth); + console.log("Have a new auth hash" + streamStatus.auth); // Try to reload the image stream. var streamImg = $('liveStream'); if ( streamImg ) - streamImg.src = streamImg.src.replace( /auth=\w+/i, 'auth='+streamStatus.auth ); - } // end if haev a new auth hash + streamImg.src = streamImg.src.replace(/auth=\w+/i, 'auth='+streamStatus.auth); + } // end if have a new auth hash } // end if respObj.status } else { - checkStreamForErrors("getStreamCmdResponse",respObj);//log them + checkStreamForErrors("getStreamCmdResponse", respObj);//log them // Try to reload the image stream. + // If it's an auth error, we should reload the whole page. + window.location.reload(); + if ( 0 ) { var streamImg = $('liveStream'+monitorId); if ( streamImg ) { streamImg.src = streamImg.src.replace(/rand=\d+/i,'rand='+Math.floor((Math.random() * 1000000) )); @@ -226,6 +236,7 @@ function getStreamCmdResponse( respObj, respText ) { } else { console.log("Unable to find streamImg liveStream"); } + } } var streamCmdTimeout = statusRefreshTimeout; @@ -360,14 +371,14 @@ if ( monitorType != 'WebSite' ) { var statusCmdTimer = null; } -function getStatusCmdResponse( respObj, respText ) { +function getStatusCmdResponse(respObj, respText) { watchdogOk("status"); if ( statusCmdTimer ) - statusCmdTimer = clearTimeout( statusCmdTimer ); + statusCmdTimer = clearTimeout(statusCmdTimer); if ( respObj.result == 'Ok' ) { - $('fpsValue').set( 'text', respObj.monitor.FrameRate ); - setAlarmState( respObj.monitor.Status ); + $('fpsValue').set('text', respObj.monitor.FrameRate); + setAlarmState(respObj.monitor.Status); } else checkStreamForErrors("getStatusCmdResponse", respObj); @@ -401,19 +412,19 @@ function getAlarmCmdResponse( respObj, respText ) { } function cmdDisableAlarms() { - alarmCmdReq.send( alarmCmdParms+"&command=disableAlarms" ); + alarmCmdReq.send(alarmCmdParms+"&command=disableAlarms"); } function cmdEnableAlarms() { - alarmCmdReq.send( alarmCmdParms+"&command=enableAlarms" ); + alarmCmdReq.send(alarmCmdParms+"&command=enableAlarms"); } function cmdForceAlarm() { - alarmCmdReq.send( alarmCmdParms+"&command=forceAlarm" ); + alarmCmdReq.send(alarmCmdParms+"&command=forceAlarm"); } function cmdCancelForcedAlarm() { - alarmCmdReq.send( alarmCmdParms+"&command=cancelForcedAlarm" ); + alarmCmdReq.send(alarmCmdParms+"&command=cancelForcedAlarm"); return false; } @@ -429,7 +440,13 @@ function getActResponse( respObj, respText ) { function deleteEvent( event, eventId ) { var actParms = "view=request&request=event&action=delete&id="+eventId; - var actReq = new Request.JSON( { url: thisUrl, method: 'post', timeout: 3000, data: actParms, onSuccess: getActResponse } ); + var actReq = new Request.JSON( { + url: thisUrl, + method: 'post', + timeout: 3000, + data: actParms, + onSuccess: getActResponse + } ); actReq.send(); event.stop(); } @@ -444,7 +461,7 @@ if ( monitorType != 'WebSite' ) { } function highlightRow( row ) { - $(row).toggleClass( 'highlight' ); + $(row).toggleClass('highlight'); } function getEventCmdResponse( respObj, respText ) { @@ -649,7 +666,7 @@ var watchdogFunctions = { //Make sure the various refreshes are still taking effect function watchdogCheck( type ) { if ( watchdogInactive[type] ) { - console.log( "Detected streamWatch of type: " + type + " stopped, restarting" ); + console.log("Detected streamWatch of type: " + type + " stopped, restarting"); watchdogFunctions[type](); watchdogInactive[type] = false; } else { @@ -662,7 +679,7 @@ function watchdogOk( type ) { } function reloadWebSite() { - document.getElementById('imageFeed').innerHTML = document.getElementById('imageFeed').innerHTML; + document.getElementById('imageFeed').innerHTML = document.getElementById('imageFeed').innerHTML; } function initPage() { @@ -683,16 +700,16 @@ function initPage() { if ( !streamImg ) streamImg = $('imageFeed').getElement('object'); if ( streamMode == "single" ) { - streamImg.addEvent( 'click', fetchImage.pass( streamImg ) ); - fetchImage.pass( streamImg ).periodical( imageRefreshTimeout ); + streamImg.addEvent('click', fetchImage.pass(streamImg)); + fetchImage.pass(streamImg).periodical(imageRefreshTimeout); } else - streamImg.addEvent( 'click', function( event ) { handleClick( event ); } ); + streamImg.addEvent('click', function(event) { handleClick(event); }); } if ( refreshApplet && appletRefreshTime ) - appletRefresh.delay( appletRefreshTime*1000 ); - if (scale == "auto") changeScale(); - if (window.history.length == 1) { + appletRefresh.delay(appletRefreshTime*1000); + if ( scale == "auto" ) changeScale(); + if ( window.history.length == 1 ) { $j('#closeControl').html(''); } } else if ( monitorRefresh > 0 ) { @@ -701,4 +718,4 @@ function initPage() { } // Kick everything off -window.addEvent( 'domready', initPage ); +window.addEvent('domready', initPage); From 029c6401afe3eca2bfa9c3d9e547c0f863cff49e Mon Sep 17 00:00:00 2001 From: Andrew Bauer Date: Fri, 31 Aug 2018 09:34:54 -0500 Subject: [PATCH 08/15] add libjson-maybexs-perl as a debian package dependency --- distros/debian/control | 2 +- distros/ubuntu1204/control | 1 + distros/ubuntu1410/control | 2 +- distros/ubuntu1504_cmake_split_packages/control | 2 +- distros/ubuntu1604/control | 1 + 5 files changed, 5 insertions(+), 3 deletions(-) diff --git a/distros/debian/control b/distros/debian/control index 29be56e25..20443f3f7 100644 --- a/distros/debian/control +++ b/distros/debian/control @@ -37,7 +37,7 @@ Depends: ${shlibs:Depends}, ${misc:Depends}, ${perl:Depends} , libphp-serialization-perl , libdate-manip-perl, libmime-lite-perl, libmime-tools-perl, libdbd-mysql-perl , libwww-perl, libarchive-tar-perl, libarchive-zip-perl, libdevice-serialport-perl - , libmodule-load-perl, libsys-mmap-perl, libjson-any-perl + , libmodule-load-perl, libsys-mmap-perl, libjson-any-perl, libjson-maybexs-perl , libnet-sftp-foreign-perl, libio-pty-perl, libexpect-perl , libdata-dump-perl, libclass-std-fast-perl, libsoap-wsdl-perl, libio-socket-multicast-perl, libdigest-sha-perl , libsys-cpu-perl, libsys-meminfo-perl diff --git a/distros/ubuntu1204/control b/distros/ubuntu1204/control index febcb9435..f1756c5e8 100644 --- a/distros/ubuntu1204/control +++ b/distros/ubuntu1204/control @@ -50,6 +50,7 @@ Depends: ${shlibs:Depends}, ${misc:Depends}, ${perl:Depends} ,libdevice-serialport-perl ,libimage-info-perl ,libjson-any-perl + ,libjson-maybexs-perl ,libsys-mmap-perl [!hurd-any] ,liburi-encode-perl ,libwww-perl diff --git a/distros/ubuntu1410/control b/distros/ubuntu1410/control index 4f979f8c2..5a873f133 100644 --- a/distros/ubuntu1410/control +++ b/distros/ubuntu1410/control @@ -32,7 +32,7 @@ Package: libzoneminder-perl Section: perl Architecture: all Depends: ${misc:Depends}, ${perl:Depends}, libdbi-perl, - libdevice-serialport-perl, libimage-info-perl, libjson-any-perl, + libdevice-serialport-perl, libimage-info-perl, libjson-any-perl, libjson-maybexs-perl, libsys-mmap-perl, liburi-encode-perl, libwww-perl Description: Perl libraries for ZoneMinder ZoneMinder is a video camera security and surveillance solution. diff --git a/distros/ubuntu1504_cmake_split_packages/control b/distros/ubuntu1504_cmake_split_packages/control index 5f313897f..b24d67cf2 100644 --- a/distros/ubuntu1504_cmake_split_packages/control +++ b/distros/ubuntu1504_cmake_split_packages/control @@ -45,7 +45,7 @@ Package: libzoneminder-perl Section: perl Architecture: all Depends: ${misc:Depends}, ${perl:Depends}, libdbi-perl, - libdevice-serialport-perl, libimage-info-perl, libjson-any-perl, + libdevice-serialport-perl, libimage-info-perl, libjson-any-perl, libjson-maybexs-perl, libsys-mmap-perl, liburi-encode-perl, libwww-perl Description: Perl libraries for ZoneMinder ZoneMinder is a video camera security and surveillance solution. diff --git a/distros/ubuntu1604/control b/distros/ubuntu1604/control index 3054a2d55..d4fe74e79 100644 --- a/distros/ubuntu1604/control +++ b/distros/ubuntu1604/control @@ -53,6 +53,7 @@ Depends: ${shlibs:Depends}, ${misc:Depends}, ${perl:Depends} ,libdevice-serialport-perl ,libimage-info-perl ,libjson-any-perl + ,libjson-maybexs-perl ,libsys-mmap-perl [!hurd-any] ,liburi-encode-perl ,libwww-perl From 4b30ea78779632f9c5cb5ea15fb56d2ea53513c2 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 31 Aug 2018 10:35:23 -0400 Subject: [PATCH 09/15] cleanup, whitespace --- web/includes/actions.php | 460 ++++++++++++++++++++------------------- 1 file changed, 242 insertions(+), 218 deletions(-) diff --git a/web/includes/actions.php b/web/includes/actions.php index cd67fc81c..de0861fe0 100644 --- a/web/includes/actions.php +++ b/web/includes/actions.php @@ -29,16 +29,16 @@ function do_request($method, $url, $data=array(), $optional_headers = null) { 'method' => $method, 'content' => $data )); - if ($optional_headers !== null) { + if ( $optional_headers !== null ) { $params['http']['header'] = $optional_headers; } $ctx = stream_context_create($params); $fp = @fopen($url, 'rb', false, $ctx); - if (!$fp) { + if ( !$fp ) { throw new Exception("Problem with $url, $php_errormsg"); } $response = @stream_get_contents($fp); - if ($response === false) { + if ( $response === false ) { throw new Exception("Problem reading data from $url, $php_errormsg"); } return $response; @@ -49,16 +49,16 @@ function do_post_request($url, $data, $optional_headers = null) { 'method' => 'POST', 'content' => $data )); - if ($optional_headers !== null) { + if ( $optional_headers !== null ) { $params['http']['header'] = $optional_headers; } $ctx = stream_context_create($params); $fp = @fopen($url, 'rb', false, $ctx); - if (!$fp) { + if ( !$fp ) { throw new Exception("Problem with $url, $php_errormsg"); } $response = @stream_get_contents($fp); - if ($response === false) { + if ( $response === false ) { throw new Exception("Problem reading data from $url, $php_errormsg"); } return $response; @@ -106,17 +106,17 @@ if ( $action == 'login' && isset($_REQUEST['username']) && ( ZM_AUTH_TYPE == 're $responseData = json_decode($res,true); // PP - credit: https://github.com/google/recaptcha/blob/master/src/ReCaptcha/Response.php // if recaptcha resulted in error, we might have to deny login - if (isset($responseData['success']) && $responseData['success'] == false) { + if ( isset($responseData['success']) && $responseData['success'] == false ) { // PP - before we deny auth, let's make sure the error was not 'invalid secret' // because that means the user did not configure the secret key correctly // in this case, we prefer to let him login in and display a message to correct // the key. Unfortunately, there is no way to check for invalid site key in code // as it produces the same error as when you don't answer a recaptcha - if (isset($responseData['error-codes']) && is_array($responseData['error-codes'])) { - if (!in_array('invalid-input-secret',$responseData['error-codes'])) { + if ( isset($responseData['error-codes']) && is_array($responseData['error-codes']) ) { + if ( !in_array('invalid-input-secret',$responseData['error-codes']) ) { Error('reCaptcha authentication failed'); userLogout(); - $view='login'; + $view = 'login'; $refreshParent = true; return; } else { @@ -140,19 +140,19 @@ if ( $action == 'login' && isset($_REQUEST['username']) && ( ZM_AUTH_TYPE == 're $view = 'none'; } else if ( $action == 'bandwidth' && isset($_REQUEST['newBandwidth']) ) { $_COOKIE['zmBandwidth'] = validStr($_REQUEST['newBandwidth']); - setcookie( 'zmBandwidth', validStr($_REQUEST['newBandwidth']), time()+3600*24*30*12*10 ); + setcookie('zmBandwidth', validStr($_REQUEST['newBandwidth']), time()+3600*24*30*12*10); $refreshParent = true; } // Event scope actions, view permissions only required if ( canView('Events') ) { - if ( isset( $_REQUEST['object'] ) and ( $_REQUEST['object'] == 'filter' ) ) { + if ( isset($_REQUEST['object']) and ( $_REQUEST['object'] == 'filter' ) ) { if ( $action == 'addterm' ) { - $_REQUEST['filter'] = addFilterTerm( $_REQUEST['filter'], $_REQUEST['line'] ); + $_REQUEST['filter'] = addFilterTerm($_REQUEST['filter'], $_REQUEST['line']); } elseif ( $action == 'delterm' ) { - $_REQUEST['filter'] = delFilterTerm( $_REQUEST['filter'], $_REQUEST['line'] ); - } else if ( canEdit( 'Events' ) ) { + $_REQUEST['filter'] = delFilterTerm($_REQUEST['filter'], $_REQUEST['line']); + } else if ( canEdit('Events') ) { if ( $action == 'delete' ) { if ( ! empty($_REQUEST['Id']) ) { dbQuery('DELETE FROM Filters WHERE Id=?', array($_REQUEST['Id'])); @@ -210,11 +210,13 @@ if ( canView('Events') ) { dbQuery('UPDATE Events SET Name=? WHERE Id=?', array($_REQUEST['eventName'], $_REQUEST['eid'])); } else if ( $action == 'eventdetail' ) { if ( !empty($_REQUEST['eid']) ) { - dbQuery( 'UPDATE Events SET Cause=?, Notes=? WHERE Id=?', array( $_REQUEST['newEvent']['Cause'], $_REQUEST['newEvent']['Notes'], $_REQUEST['eid'] ) ); + dbQuery('UPDATE Events SET Cause=?, Notes=? WHERE Id=?', + array($_REQUEST['newEvent']['Cause'], $_REQUEST['newEvent']['Notes'], $_REQUEST['eid']) ); } else { $dbConn->beginTransaction(); foreach( getAffectedIds('markEid') as $markEid ) { - dbQuery( 'UPDATE Events SET Cause=?, Notes=? WHERE Id=?', array( $_REQUEST['newEvent']['Cause'], $_REQUEST['newEvent']['Notes'], $markEid ) ); + dbQuery('UPDATE Events SET Cause=?, Notes=? WHERE Id=?', + array($_REQUEST['newEvent']['Cause'], $_REQUEST['newEvent']['Notes'], $markEid) ); } $dbConn->commit(); } @@ -226,7 +228,7 @@ if ( canView('Events') ) { dbQuery('UPDATE Events SET Archived=? WHERE Id=?', array($archiveVal, $_REQUEST['eid'])); } else { $dbConn->beginTransaction(); - foreach( getAffectedIds( 'markEid' ) as $markEid ) { + foreach( getAffectedIds('markEid') as $markEid ) { dbQuery('UPDATE Events SET Archived=? WHERE Id=?', array($archiveVal, $markEid)); } $dbConn->commit(); @@ -234,8 +236,8 @@ if ( canView('Events') ) { } } elseif ( $action == 'delete' ) { $dbConn->beginTransaction(); - foreach( getAffectedIds( 'markEid' ) as $markEid ) { - deleteEvent( $markEid ); + foreach( getAffectedIds('markEid') as $markEid ) { + deleteEvent($markEid); } $dbConn->commit(); $refreshParent = true; @@ -245,45 +247,47 @@ if ( canView('Events') ) { } // end canView(Events) // Monitor control actions, require a monitor id and control view permissions for that monitor -if ( !empty($_REQUEST['mid']) && canView( 'Control', $_REQUEST['mid'] ) ) { - require_once( 'control_functions.php' ); - require_once( 'Monitor.php' ); +if ( !empty($_REQUEST['mid']) && canView('Control', $_REQUEST['mid']) ) { + require_once('control_functions.php'); + require_once('Monitor.php'); $mid = validInt($_REQUEST['mid']); if ( $action == 'control' ) { - $monitor = new Monitor( $mid ); + $monitor = new Monitor($mid); - $ctrlCommand = buildControlCommand( $monitor ); - sendControlCommand( $monitor->Id(), $ctrlCommand ); - } elseif ( $action == 'settings' ) { + $ctrlCommand = buildControlCommand($monitor); + sendControlCommand($monitor->Id(), $ctrlCommand); + } else if ( $action == 'settings' ) { $args = ' -m ' . escapeshellarg($mid); $args .= ' -B' . escapeshellarg($_REQUEST['newBrightness']); $args .= ' -C' . escapeshellarg($_REQUEST['newContrast']); $args .= ' -H' . escapeshellarg($_REQUEST['newHue']); $args .= ' -O' . escapeshellarg($_REQUEST['newColour']); - $zmuCommand = getZmuCommand( $args ); + $zmuCommand = getZmuCommand($args); - $zmuOutput = exec( $zmuCommand ); - list( $brightness, $contrast, $hue, $colour ) = explode( ' ', $zmuOutput ); - dbQuery( 'UPDATE Monitors SET Brightness = ?, Contrast = ?, Hue = ?, Colour = ? WHERE Id = ?', array($brightness, $contrast, $hue, $colour, $mid)); + $zmuOutput = exec($zmuCommand); + list($brightness, $contrast, $hue, $colour) = explode(' ', $zmuOutput); + dbQuery( + 'UPDATE Monitors SET Brightness = ?, Contrast = ?, Hue = ?, Colour = ? WHERE Id = ?', + array($brightness, $contrast, $hue, $colour, $mid)); } } // Control capability actions, require control edit permissions if ( canEdit('Control') ) { if ( $action == 'controlcap' ) { - require_once( 'Control.php' ); + require_once('Control.php'); $Control = new Control( !empty($_REQUEST['cid']) ? $_REQUEST['cid'] : null ); //$changes = getFormChanges( $control, $_REQUEST['newControl'], $types, $columns ); - $Control->save( $_REQUEST['newControl'] ); + $Control->save($_REQUEST['newControl']); $refreshParent = true; $view = 'none'; } elseif ( $action == 'delete' ) { if ( isset($_REQUEST['markCids']) ) { foreach( $_REQUEST['markCids'] as $markCid ) { - dbQuery( 'delete from Controls where Id = ?', array($markCid) ); - dbQuery( 'update Monitors set Controllable = 0, ControlId = 0 where ControlId = ?', array($markCid) ); + dbQuery('DELETE FROM Controls WHERE Id = ?', array($markCid)); + dbQuery('UPDATE Monitors SET Controllable = 0, ControlId = 0 WHERE ControlId = ?', array($markCid)); $refreshParent = true; } } @@ -293,59 +297,59 @@ if ( canEdit('Control') ) { if ( isset($_REQUEST['object']) and $_REQUEST['object'] == 'Monitor' ) { if ( $action == 'save' ) { foreach ( $_REQUEST['mids'] as $mid ) { - $mid = ValidInt( $mid ); - if ( ! canEdit('Monitors', $mid ) ) { + $mid = ValidInt($mid); + if ( ! canEdit('Monitors', $mid) ) { Warning("Cannot edit monitor $mid"); continue; } - $Monitor = new Monitor( $mid ); + $Monitor = new Monitor($mid); if ( $Monitor->Type() != 'WebSite' ) { $Monitor->zmaControl('stop'); $Monitor->zmcControl('stop'); } - $Monitor->save( $_REQUEST['newMonitor'] ); - if ($Monitor->Function() != 'None' && $Monitor->Type() != 'WebSite' ) { + $Monitor->save($_REQUEST['newMonitor']); + if ( $Monitor->Function() != 'None' && $Monitor->Type() != 'WebSite' ) { $Monitor->zmcControl('start'); if ( $Monitor->Enabled() ) { $Monitor->zmaControl('start'); } } - } // end foreach mid $refreshParent = true; } // end if action == save } // end if object is Monitor // Monitor edit actions, require a monitor id and edit permissions for that monitor -if ( !empty($_REQUEST['mid']) && canEdit( 'Monitors', $_REQUEST['mid'] ) ) { +if ( !empty($_REQUEST['mid']) && canEdit('Monitors', $_REQUEST['mid']) ) { $mid = validInt($_REQUEST['mid']); if ( $action == 'function' ) { - $monitor = dbFetchOne( 'SELECT * FROM Monitors WHERE Id=?', NULL, array($mid) ); + $monitor = dbFetchOne('SELECT * FROM Monitors WHERE Id=?', NULL, array($mid)); $newFunction = validStr($_REQUEST['newFunction']); # Because we use a checkbox, it won't get passed in the request. So not being in _REQUEST means 0 - $newEnabled = ( !isset( $_REQUEST['newEnabled'] ) or $_REQUEST['newEnabled'] != '1' ) ? '0' : '1'; + $newEnabled = ( !isset($_REQUEST['newEnabled']) or $_REQUEST['newEnabled'] != '1' ) ? '0' : '1'; $oldFunction = $monitor['Function']; $oldEnabled = $monitor['Enabled']; if ( $newFunction != $oldFunction || $newEnabled != $oldEnabled ) { - dbQuery( 'UPDATE Monitors SET Function=?, Enabled=? WHERE Id=?', array( $newFunction, $newEnabled, $mid ) ); + dbQuery('UPDATE Monitors SET Function=?, Enabled=? WHERE Id=?', + array($newFunction, $newEnabled, $mid)); $monitor['Function'] = $newFunction; $monitor['Enabled'] = $newEnabled; - if ( daemonCheck() && $monitor['Type'] != 'WebSite' ) { + if ( daemonCheck() && ($monitor['Type'] != 'WebSite') ) { $restart = ($oldFunction == 'None') || ($newFunction == 'None') || ($newEnabled != $oldEnabled); - zmaControl( $monitor, 'stop' ); - zmcControl( $monitor, $restart?'restart':'' ); - zmaControl( $monitor, 'start' ); + zmaControl($monitor, 'stop'); + zmcControl($monitor, $restart?'restart':''); + zmaControl($monitor, 'start'); } $refreshParent = true; } - } elseif ( $action == 'zone' && isset( $_REQUEST['zid'] ) ) { + } else if ( $action == 'zone' && isset($_REQUEST['zid']) ) { $zid = validInt($_REQUEST['zid']); - $monitor = dbFetchOne( 'SELECT * FROM Monitors WHERE Id=?', NULL, array($mid) ); + $monitor = dbFetchOne('SELECT * FROM Monitors WHERE Id=?', NULL, array($mid)); if ( !empty($zid) ) { - $zone = dbFetchOne( 'SELECT * FROM Zones WHERE MonitorId=? AND Id=?', NULL, array( $mid, $zid ) ); + $zone = dbFetchOne('SELECT * FROM Zones WHERE MonitorId=? AND Id=?', NULL, array($mid, $zid)); } else { $zone = array(); } @@ -365,74 +369,74 @@ if ( !empty($_REQUEST['mid']) && canEdit( 'Monitors', $_REQUEST['mid'] ) ) { unset( $_REQUEST['newZone']['Points'] ); $types = array(); - $changes = getFormChanges( $zone, $_REQUEST['newZone'], $types ); + $changes = getFormChanges($zone, $_REQUEST['newZone'], $types); - if ( count( $changes ) ) { + if ( count($changes) ) { if ( $zid > 0 ) { - dbQuery( 'UPDATE Zones SET '.implode( ', ', $changes ).' WHERE MonitorId=? AND Id=?', array( $mid, $zid) ); + dbQuery('UPDATE Zones SET '.implode(', ', $changes).' WHERE MonitorId=? AND Id=?', array($mid, $zid)); } else { - dbQuery( 'INSERT INTO Zones SET MonitorId=?, '.implode( ', ', $changes ), array( $mid ) ); + dbQuery('INSERT INTO Zones SET MonitorId=?, '.implode(', ', $changes), array($mid)); } - if ( daemonCheck() && $monitor['Type'] != 'WebSite' ) { + if ( daemonCheck() && ($monitor['Type'] != 'WebSite') ) { if ( $_REQUEST['newZone']['Type'] == 'Privacy' ) { - zmaControl( $monitor, 'stop' ); - zmcControl( $monitor, 'restart' ); - zmaControl( $monitor, 'start' ); + zmaControl($monitor, 'stop'); + zmcControl($monitor, 'restart'); + zmaControl($monitor, 'start'); } else { - zmaControl( $mid, 'restart' ); + zmaControl($monitor, 'restart'); } } - if ( $_REQUEST['newZone']['Type'] == 'Privacy' && $monitor['Controllable'] ) { - require_once( 'control_functions.php' ); - sendControlCommand( $mid, 'quit' ); + if ( ($_REQUEST['newZone']['Type'] == 'Privacy') && $monitor['Controllable'] ) { + require_once('control_functions.php'); + sendControlCommand($mid, 'quit'); } $refreshParent = true; } $view = 'none'; - } elseif ( $action == 'plugin' && isset($_REQUEST['pl'])) { - $sql='SELECT * FROM PluginsConfig WHERE MonitorId=? AND ZoneId=? AND pluginName=?'; - $pconfs=dbFetchAll( $sql, NULL, array( $mid, $_REQUEST['zid'], $_REQUEST['pl'] ) ); - $changes=0; - foreach( $pconfs as $pconf ) { - $value=$_REQUEST['pluginOpt'][$pconf['Name']]; - if(array_key_exists($pconf['Name'], $_REQUEST['pluginOpt']) && ($pconf['Value']!=$value)) { - dbQuery('UPDATE PluginsConfig SET Value=? WHERE id=?', array( $value, $pconf['Id'] ) ); + } elseif ( $action == 'plugin' && isset($_REQUEST['pl']) ) { + $sql = 'SELECT * FROM PluginsConfig WHERE MonitorId=? AND ZoneId=? AND pluginName=?'; + $pconfs=dbFetchAll($sql, NULL, array($mid, $_REQUEST['zid'], $_REQUEST['pl'])); + $changes = 0; + foreach ( $pconfs as $pconf ) { + $value = $_REQUEST['pluginOpt'][$pconf['Name']]; + if ( array_key_exists($pconf['Name'], $_REQUEST['pluginOpt']) && ($pconf['Value'] != $value) ) { + dbQuery('UPDATE PluginsConfig SET Value=? WHERE id=?', array($value, $pconf['Id'])); $changes++; } } - if($changes>0) { - if ( daemonCheck() && $monitor['Type'] != 'WebSite' ) { - zmaControl( $mid, 'restart' ); + if ( $changes > 0 ) { + if ( daemonCheck() && ($monitor['Type'] != 'WebSite') ) { + zmaControl($mid, 'restart'); } $refreshParent = true; } $view = 'none'; - } elseif ( $action == 'sequence' && isset($_REQUEST['smid']) ) { + } elseif ( ($action == 'sequence') && isset($_REQUEST['smid']) ) { $smid = validInt($_REQUEST['smid']); - $monitor = dbFetchOne( 'select * from Monitors where Id = ?', NULL, array($mid) ); - $smonitor = dbFetchOne( 'select * from Monitors where Id = ?', NULL, array($smid) ); + $monitor = dbFetchOne('SELECT * FROM Monitors WHERE Id = ?', NULL, array($mid)); + $smonitor = dbFetchOne('SELECT * FROM Monitors WHERE Id = ?', NULL, array($smid)); - dbQuery( 'update Monitors set Sequence=? where Id=?', array( $smonitor['Sequence'], $monitor['Id'] ) ); - dbQuery( 'update Monitors set Sequence=? WHERE Id=?', array( $monitor['Sequence'], $smonitor['Id'] ) ); + dbQuery('UPDATE Monitors SET Sequence=? WHERE Id=?', array($smonitor['Sequence'], $monitor['Id'])); + dbQuery('UPDATE Monitors SET Sequence=? WHERE Id=?', array($monitor['Sequence'], $smonitor['Id'])); $refreshParent = true; fixSequences(); } elseif ( $action == 'delete' ) { if ( isset($_REQUEST['markZids']) ) { $deletedZid = 0; - foreach( $_REQUEST['markZids'] as $markZid ) { - $zone = dbFetchOne( 'select * from Zones where Id=?', NULL, array($markZid) ); - dbQuery( 'delete from Zones WHERE MonitorId=? AND Id=?', array( $mid, $markZid) ); + foreach ( $_REQUEST['markZids'] as $markZid ) { + $zone = dbFetchOne('SELECT * FROM Zones WHERE Id=?', NULL, array($markZid)); + dbQuery('DELETE FROM Zones WHERE MonitorId=? AND Id=?', array($mid, $markZid)); $deletedZid = 1; } if ( $deletedZid ) { if ( daemonCheck() && $monitor['Type'] != 'WebSite' ) { if ( $zone['Type'] == 'Privacy' ) { - zmaControl( $mid, 'stop' ); - zmcControl( $mid, 'restart' ); - zmaControl( $mid, 'start' ); + zmaControl($mid, 'stop'); + zmcControl($mid, 'restart'); + zmaControl($mid, 'start'); } else { - zmaControl( $mid, 'restart' ); + zmaControl($mid, 'restart'); } } // end if daemonCheck() $refreshParent = true; @@ -442,15 +446,15 @@ if ( !empty($_REQUEST['mid']) && canEdit( 'Monitors', $_REQUEST['mid'] ) ) { } // end if $mid and canEdit($mid) // Monitor edit actions, monitor id derived, require edit permissions for that monitor -if ( canEdit( 'Monitors' ) ) { +if ( canEdit('Monitors') ) { if ( $action == 'monitor' ) { $mid = 0; if ( !empty($_REQUEST['mid']) ) { $mid = validInt($_REQUEST['mid']); - $monitor = dbFetchOne( 'SELECT * FROM Monitors WHERE Id=?', NULL, array($mid) ); + $monitor = dbFetchOne('SELECT * FROM Monitors WHERE Id=?', NULL, array($mid)); if ( ZM_OPT_X10 ) { - $x10Monitor = dbFetchOne( 'SELECT * FROM TriggersX10 WHERE MonitorId=?', NULL, array($mid) ); + $x10Monitor = dbFetchOne('SELECT * FROM TriggersX10 WHERE MonitorId=?', NULL, array($mid)); if ( !$x10Monitor ) $x10Monitor = array(); } @@ -476,18 +480,19 @@ if ( canEdit( 'Monitors' ) ) { ); if ( $_REQUEST['newMonitor']['ServerId'] == 'auto' ) { - $_REQUEST['newMonitor']['ServerId'] = dbFetchOne('SELECT Id FROM Servers WHERE Status=\'Running\' ORDER BY FreeMem DESC, CpuLoad ASC LIMIT 1', 'Id'); - Logger::Debug("Auto selecting server: Got " . $_REQUEST['newMonitor']['ServerId'] ); + $_REQUEST['newMonitor']['ServerId'] = dbFetchOne( + 'SELECT Id FROM Servers WHERE Status=\'Running\' ORDER BY FreeMem DESC, CpuLoad ASC LIMIT 1', 'Id'); + Logger::Debug('Auto selecting server: Got ' . $_REQUEST['newMonitor']['ServerId'] ); if ( ( ! $_REQUEST['newMonitor'] ) and defined('ZM_SERVER_ID') ) { $_REQUEST['newMonitor']['ServerId'] = ZM_SERVER_ID; - Logger::Debug("Auto selecting server to " . ZM_SERVER_ID); + Logger::Debug('Auto selecting server to ' . ZM_SERVER_ID); } } $columns = getTableColumns('Monitors'); $changes = getFormChanges($monitor, $_REQUEST['newMonitor'], $types, $columns); - if ( count( $changes ) ) { + if ( count($changes) ) { if ( $mid ) { # If we change anything that changes the shared mem size, zma can complain. So let's stop first. @@ -495,19 +500,19 @@ if ( canEdit( 'Monitors' ) ) { zmaControl($monitor, 'stop'); zmcControl($monitor, 'stop'); } - dbQuery( 'UPDATE Monitors SET '.implode( ', ', $changes ).' WHERE Id=?', array($mid) ); + dbQuery('UPDATE Monitors SET '.implode(', ', $changes).' WHERE Id=?', array($mid)); // Groups will be added below if ( isset($changes['Name']) or isset($changes['StorageId']) ) { - $OldStorage = new Storage( $monitor['StorageId'] ); - $saferOldName = basename( $monitor['Name'] ); - if ( file_exists( $OldStorage->Path().'/'.$saferOldName ) ) - unlink( $OldStorage->Path().'/'.$saferOldName ); + $OldStorage = new Storage($monitor['StorageId']); + $saferOldName = basename($monitor['Name']); + if ( file_exists($OldStorage->Path().'/'.$saferOldName) ) + unlink($OldStorage->Path().'/'.$saferOldName); - $NewStorage = new Storage( $_REQUEST['newMonitor']['StorageId'] ); - if ( ! file_exists( $NewStorage->Path().'/'.$mid ) ) - mkdir( $NewStorage->Path().'/'.$mid, 0755 ); - $saferNewName = basename( $_REQUEST['newMonitor']['Name'] ); - symlink( $mid, $NewStorage->Path().'/'.$saferNewName ); + $NewStorage = new Storage($_REQUEST['newMonitor']['StorageId']); + if ( ! file_exists($NewStorage->Path().'/'.$mid) ) + mkdir($NewStorage->Path().'/'.$mid, 0755); + $saferNewName = basename($_REQUEST['newMonitor']['Name']); + symlink($mid, $NewStorage->Path().'/'.$saferNewName); } if ( isset($changes['Width']) || isset($changes['Height']) ) { $newW = $_REQUEST['newMonitor']['Width']; @@ -517,15 +522,15 @@ if ( canEdit( 'Monitors' ) ) { $oldH = $monitor['Height']; $oldA = $oldW * $oldH; - $zones = dbFetchAll( 'SELECT * FROM Zones WHERE MonitorId=?', NULL, array($mid) ); + $zones = dbFetchAll('SELECT * FROM Zones WHERE MonitorId=?', NULL, array($mid)); foreach ( $zones as $zone ) { $newZone = $zone; - $points = coordsToPoints( $zone['Coords'] ); + $points = coordsToPoints($zone['Coords']); for ( $i = 0; $i < count($points); $i++ ) { $points[$i]['x'] = intval(($points[$i]['x']*($newW-1))/($oldW-1)); $points[$i]['y'] = intval(($points[$i]['y']*($newH-1))/($oldH-1)); } - $newZone['Coords'] = pointsToCoords( $points ); + $newZone['Coords'] = pointsToCoords($points); $newZone['Area'] = intval(round(($zone['Area']*$newA)/$oldA)); $newZone['MinAlarmPixels'] = intval(round(($newZone['MinAlarmPixels']*$newA)/$oldA)); $newZone['MaxAlarmPixels'] = intval(round(($newZone['MaxAlarmPixels']*$newA)/$oldA)); @@ -534,41 +539,43 @@ if ( canEdit( 'Monitors' ) ) { $newZone['MinBlobPixels'] = intval(round(($newZone['MinBlobPixels']*$newA)/$oldA)); $newZone['MaxBlobPixels'] = intval(round(($newZone['MaxBlobPixels']*$newA)/$oldA)); - $changes = getFormChanges( $zone, $newZone, $types ); + $changes = getFormChanges($zone, $newZone, $types); - if ( count( $changes ) ) { - dbQuery( 'update Zones set '.implode( ', ', $changes ).' WHERE MonitorId=? AND Id=?', array( $mid, $zone['Id'] ) ); + if ( count($changes) ) { + dbQuery('UPDATE Zones SET '.implode(', ', $changes).' WHERE MonitorId=? AND Id=?', + array($mid, $zone['Id'])); } - } - } + } // end foreach zone + } // end if width and height $restart = true; - } else if ( ! $user['MonitorIds'] ) { // Can only create new monitors if we are not restricted to specific monitors + } else if ( ! $user['MonitorIds'] ) { + // Can only create new monitors if we are not restricted to specific monitors # FIXME This is actually a race condition. Should lock the table. $maxSeq = dbFetchOne('SELECT MAX(Sequence) AS MaxSequence FROM Monitors', 'MaxSequence'); $changes[] = 'Sequence = '.($maxSeq+1); - if ( dbQuery( 'INSERT INTO Monitors SET '.implode( ', ', $changes ) ) ) { + if ( dbQuery('INSERT INTO Monitors SET '.implode(', ', $changes)) ) { $mid = dbInsertId(); $zoneArea = $_REQUEST['newMonitor']['Width'] * $_REQUEST['newMonitor']['Height']; - dbQuery( "insert into Zones set MonitorId = ?, Name = 'All', Type = 'Active', Units = 'Percent', NumCoords = 4, Coords = ?, Area=?, AlarmRGB = 0xff0000, CheckMethod = 'Blobs', MinPixelThreshold = 25, MinAlarmPixels=?, MaxAlarmPixels=?, FilterX = 3, FilterY = 3, MinFilterPixels=?, MaxFilterPixels=?, MinBlobPixels=?, MinBlobs = 1", array( $mid, sprintf( "%d,%d %d,%d %d,%d %d,%d", 0, 0, $_REQUEST['newMonitor']['Width']-1, 0, $_REQUEST['newMonitor']['Width']-1, $_REQUEST['newMonitor']['Height']-1, 0, $_REQUEST['newMonitor']['Height']-1 ), $zoneArea, intval(($zoneArea*3)/100), intval(($zoneArea*75)/100), intval(($zoneArea*3)/100), intval(($zoneArea*75)/100), intval(($zoneArea*2)/100) ) ); + dbQuery("INSERT INTO Zones SET MonitorId = ?, Name = 'All', Type = 'Active', Units = 'Percent', NumCoords = 4, Coords = ?, Area=?, AlarmRGB = 0xff0000, CheckMethod = 'Blobs', MinPixelThreshold = 25, MinAlarmPixels=?, MaxAlarmPixels=?, FilterX = 3, FilterY = 3, MinFilterPixels=?, MaxFilterPixels=?, MinBlobPixels=?, MinBlobs = 1", array( $mid, sprintf( "%d,%d %d,%d %d,%d %d,%d", 0, 0, $_REQUEST['newMonitor']['Width']-1, 0, $_REQUEST['newMonitor']['Width']-1, $_REQUEST['newMonitor']['Height']-1, 0, $_REQUEST['newMonitor']['Height']-1 ), $zoneArea, intval(($zoneArea*3)/100), intval(($zoneArea*75)/100), intval(($zoneArea*3)/100), intval(($zoneArea*75)/100), intval(($zoneArea*2)/100) ) ); //$view = 'none'; - $Storage = new Storage( $_REQUEST['newMonitor']['StorageId'] ); - mkdir( $Storage->Path().'/'.$mid, 0755 ); + $Storage = new Storage($_REQUEST['newMonitor']['StorageId']); + mkdir($Storage->Path().'/'.$mid, 0755); $saferName = basename($_REQUEST['newMonitor']['Name']); - symlink( $mid, $Storage->Path().'/'.$saferName ); + symlink($mid, $Storage->Path().'/'.$saferName); } else { - Error("Error saving new Monitor."); + Error('Error saving new Monitor.'); return; } } else { - Error("Users with Monitors restrictions cannot create new monitors."); + Error('Users with Monitors restrictions cannot create new monitors.'); return; } $restart = true; } else { - Logger::Debug("No action due to no changes to Monitor"); + Logger::Debug('No action due to no changes to Monitor'); } # end if count(changes) if ( @@ -589,21 +596,21 @@ if ( canEdit( 'Monitors' ) ) { } // end if there has been a change of groups if ( ZM_OPT_X10 ) { - $x10Changes = getFormChanges( $x10Monitor, $_REQUEST['newX10Monitor'] ); + $x10Changes = getFormChanges($x10Monitor, $_REQUEST['newX10Monitor']); - if ( count( $x10Changes ) ) { + if ( count($x10Changes) ) { if ( $x10Monitor && isset($_REQUEST['newX10Monitor']) ) { - dbQuery( 'update TriggersX10 set '.implode( ', ', $x10Changes ).' where MonitorId=?', array($mid) ); + dbQuery('UPDATE TriggersX10 SET '.implode(', ', $x10Changes).' WHERE MonitorId=?', array($mid)); } elseif ( !$user['MonitorIds'] ) { if ( !$x10Monitor ) { - dbQuery( 'insert into TriggersX10 set MonitorId = ?, '.implode( ', ', $x10Changes ), array( $mid ) ); + dbQuery('INSERT INTO TriggersX10 SET MonitorId = ?, '.implode(', ', $x10Changes), array($mid)); } else { - dbQuery( 'delete from TriggersX10 where MonitorId = ?', array($mid) ); + dbQuery('DELETE FROM TriggersX10 WHERE MonitorId = ?', array($mid)); } } $restart = true; - } - } + } # end if has x10Changes + } # end if ZM_OPT_X10 if ( $restart ) { @@ -616,8 +623,8 @@ if ( canEdit( 'Monitors' ) ) { } if ( $new_monitor->Controllable() ) { - require_once( 'control_functions.php' ); - sendControlCommand( $mid, 'quit' ); + require_once('control_functions.php'); + sendControlCommand($mid, 'quit'); } // really should thump zmwatch and maybe zmtrigger too. //daemonControl( 'restart', 'zmwatch.pl' ); @@ -626,11 +633,11 @@ if ( canEdit( 'Monitors' ) ) { $view = 'none'; } elseif ( $action == 'delete' ) { if ( isset($_REQUEST['markMids']) && !$user['MonitorIds'] ) { - require_once( 'Monitor.php' ); - foreach( $_REQUEST['markMids'] as $markMid ) { + require_once('Monitor.php'); + foreach ( $_REQUEST['markMids'] as $markMid ) { if ( canEdit('Monitors', $markMid) ) { // This could be faster as a select all - if ( $monitor = dbFetchOne( 'SELECT * FROM Monitors WHERE Id = ?', NULL, array($markMid) ) ) { + if ( $monitor = dbFetchOne('SELECT * FROM Monitors WHERE Id = ?', NULL, array($markMid)) ) { $Monitor = new Monitor($monitor); $Monitor->delete(); } // end if monitor found in db @@ -641,15 +648,17 @@ if ( canEdit( 'Monitors' ) ) { } // Device view actions -if ( canEdit( 'Devices' ) ) { +if ( canEdit('Devices') ) { if ( $action == 'device' ) { if ( !empty($_REQUEST['command']) ) { - setDeviceStatusX10( $_REQUEST['key'], $_REQUEST['command'] ); - } elseif ( isset( $_REQUEST['newDevice'] ) ) { + setDeviceStatusX10($_REQUEST['key'], $_REQUEST['command']); + } else if ( isset($_REQUEST['newDevice']) ) { if ( isset($_REQUEST['did']) ) { - dbQuery( 'update Devices set Name=?, KeyString=? where Id=?', array($_REQUEST['newDevice']['Name'], $_REQUEST['newDevice']['KeyString'], $_REQUEST['did']) ); + dbQuery('UPDATE Devices SET Name=?, KeyString=? WHERE Id=?', + array($_REQUEST['newDevice']['Name'], $_REQUEST['newDevice']['KeyString'], $_REQUEST['did']) ); } else { - dbQuery( 'insert into Devices set Name=?, KeyString=?', array( $_REQUEST['newDevice']['Name'], $_REQUEST['newDevice']['KeyString'] ) ); + dbQuery('INSERT INTO Devices SET Name=?, KeyString=?', + array($_REQUEST['newDevice']['Name'], $_REQUEST['newDevice']['KeyString']) ); } $refreshParent = true; $view = 'none'; @@ -657,7 +666,7 @@ if ( canEdit( 'Devices' ) ) { } elseif ( $action == 'delete' ) { if ( isset($_REQUEST['markDids']) ) { foreach( $_REQUEST['markDids'] as $markDid ) { - dbQuery( 'delete from Devices where Id=?', array($markDid) ); + dbQuery('DELETE FROM Devices WHERE Id=?', array($markDid)); $refreshParent = true; } } @@ -665,47 +674,59 @@ if ( canEdit( 'Devices' ) ) { } // end if canedit devices // Group view actions -if ( canView( 'Groups' ) && $action == 'setgroup' ) { +if ( canView('Groups') && ($action == 'setgroup') ) { if ( !empty($_REQUEST['gid']) ) { - setcookie( 'zmGroup', validInt($_REQUEST['gid']), time()+3600*24*30*12*10 ); + setcookie('zmGroup', validInt($_REQUEST['gid']), time()+3600*24*30*12*10); } else { - setcookie( 'zmGroup', '', time()-3600*24*2 ); + setcookie('zmGroup', '', time()-3600*24*2); } $refreshParent = true; } // Group edit actions -# Should probably verify that each monitor id is a valid monitor, that we have access to. However at the moment, you have to have System permissions to do this -if ( canEdit( 'Groups' ) ) { +# Should probably verify that each monitor id is a valid monitor, that we have access to. +# However at the moment, you have to have System permissions to do this +if ( canEdit('Groups') ) { if ( $action == 'group' ) { - $monitors = empty( $_POST['newGroup']['MonitorIds'] ) ? '' : implode(',', $_POST['newGroup']['MonitorIds']); + $monitors = empty($_POST['newGroup']['MonitorIds']) ? '' : implode(',', $_POST['newGroup']['MonitorIds']); $group_id = null; if ( !empty($_POST['gid']) ) { $group_id = $_POST['gid']; - dbQuery( 'UPDATE Groups SET Name=?, ParentId=? WHERE Id=?', - array($_POST['newGroup']['Name'], ( $_POST['newGroup']['ParentId'] == '' ? null : $_POST['newGroup']['ParentId'] ), $group_id) ); - dbQuery( 'DELETE FROM Groups_Monitors WHERE GroupId=?', array($group_id) ); + dbQuery( + 'UPDATE Groups SET Name=?, ParentId=? WHERE Id=?', + array( + $_POST['newGroup']['Name'], + ( $_POST['newGroup']['ParentId'] == '' ? null : $_POST['newGroup']['ParentId'] ), + $group_id, + ) + ); + dbQuery('DELETE FROM Groups_Monitors WHERE GroupId=?', array($group_id)); } else { - dbQuery( 'INSERT INTO Groups (Name,ParentId) VALUES (?,?)', - array( $_POST['newGroup']['Name'], ( $_POST['newGroup']['ParentId'] == '' ? null : $_POST['newGroup']['ParentId'] ) ) ); - $group_id=dbInsertId(); + dbQuery( + 'INSERT INTO Groups (Name,ParentId) VALUES (?,?)', + array( + $_POST['newGroup']['Name'], + ( $_POST['newGroup']['ParentId'] == '' ? null : $_POST['newGroup']['ParentId'] ), + ) + ); + $group_id = dbInsertId(); } if ( $group_id ) { foreach ( $_POST['newGroup']['MonitorIds'] as $mid ) { - dbQuery( 'INSERT INTO Groups_Monitors (GroupId,MonitorId) VALUES (?,?)', array($group_id, $mid) ); + dbQuery('INSERT INTO Groups_Monitors (GroupId,MonitorId) VALUES (?,?)', array($group_id, $mid)); } } $view = 'none'; $refreshParent = true; } else if ( $action == 'delete' ) { if ( !empty($_REQUEST['gid']) ) { - if ( is_array( $_REQUEST['gid'] ) ) { - foreach( $_REQUEST['gid'] as $gid ) { - $Group = new Group( $gid ); + if ( is_array($_REQUEST['gid']) ) { + foreach ( $_REQUEST['gid'] as $gid ) { + $Group = new Group($gid); $Group->delete(); } } else { - $Group = new Group( $_REQUEST['gid'] ); + $Group = new Group($_REQUEST['gid'] ); $Group->delete(); } } @@ -714,23 +735,23 @@ if ( canEdit( 'Groups' ) ) { } // end if can edit groups // System edit actions -if ( canEdit( 'System' ) ) { - if ( isset( $_REQUEST['object'] ) ) { +if ( canEdit('System') ) { + if ( isset($_REQUEST['object']) ) { if ( $_REQUEST['object'] == 'MontageLayout' ) { require_once('MontageLayout.php'); if ( $action == 'Save' ) { $Layout = null; if ( $_REQUEST['Name'] != '' ) { $Layout = new MontageLayout(); - $Layout->Name( $_REQUEST['Name'] ); + $Layout->Name($_REQUEST['Name']); } else { - $Layout = new MontageLayout( $_REQUEST['zmMontageLayout'] ); + $Layout = new MontageLayout($_REQUEST['zmMontageLayout']); } - $Layout->Positions( $_REQUEST['Positions'] ); + $Layout->Positions($_REQUEST['Positions']); $Layout->save(); session_start(); $_SESSION['zmMontageLayout'] = $Layout->Id(); - setcookie('zmMontageLayout', $Layout->Id(), 1 ); + setcookie('zmMontageLayout', $Layout->Id(), 1); session_write_close(); $redirect = ZM_BASE_URL.$_SERVER['PHP_SELF'].'?view=montagereview'; } // end if save @@ -738,19 +759,24 @@ if ( canEdit( 'System' ) ) { } else if ( $_REQUEST['object'] == 'server' ) { if ( $action == 'Save' ) { - if ( !empty($_REQUEST['id']) ) - $dbServer = dbFetchOne( 'SELECT * FROM Servers WHERE Id=?', NULL, array($_REQUEST['id']) ); - else + if ( !empty($_REQUEST['id']) ) { + $dbServer = dbFetchOne( + 'SELECT * FROM Servers WHERE Id=?', + NULL, + array($_REQUEST['id']) ); + } else { $dbServer = array(); + } $types = array(); - $changes = getFormChanges( $dbServer, $_REQUEST['newServer'], $types ); + $changes = getFormChanges($dbServer, $_REQUEST['newServer'], $types); - if ( count( $changes ) ) { + if ( count($changes) ) { if ( !empty($_REQUEST['id']) ) { - dbQuery( 'UPDATE Servers SET '.implode( ', ', $changes ).' WHERE Id = ?', array($_REQUEST['id']) ); + dbQuery('UPDATE Servers SET '.implode(', ', $changes).' WHERE Id = ?', + array($_REQUEST['id']) ); } else { - dbQuery( 'INSERT INTO Servers set '.implode( ', ', $changes ) ); + dbQuery('INSERT INTO Servers SET '.implode(', ', $changes)); } $refreshParent = true; } @@ -758,27 +784,27 @@ if ( canEdit( 'System' ) ) { } else if ( $action == 'delete' ) { if ( !empty($_REQUEST['markIds']) ) { foreach( $_REQUEST['markIds'] as $Id ) - dbQuery( 'DELETE FROM Servers WHERE Id=?', array($Id) ); + dbQuery('DELETE FROM Servers WHERE Id=?', array($Id)); } $refreshParent = true; } else { - Error( "Unknown action $action in saving Server" ); + Error("Unknown action $action in saving Server"); } } else if ( $_REQUEST['object'] == 'storage' ) { if ( $action == 'Save' ) { if ( !empty($_REQUEST['id']) ) - $dbStorage = dbFetchOne( 'SELECT * FROM Storage WHERE Id=?', NULL, array($_REQUEST['id']) ); + $dbStorage = dbFetchOne('SELECT * FROM Storage WHERE Id=?', NULL, array($_REQUEST['id'])); else $dbStorage = array(); $types = array(); - $changes = getFormChanges( $dbStorage, $_REQUEST['newStorage'], $types ); + $changes = getFormChanges($dbStorage, $_REQUEST['newStorage'], $types); - if ( count( $changes ) ) { + if ( count($changes) ) { if ( !empty($_REQUEST['id']) ) { - dbQuery( 'UPDATE Storage SET '.implode( ', ', $changes ).' WHERE Id = ?', array($_REQUEST['id']) ); + dbQuery('UPDATE Storage SET '.implode(', ', $changes).' WHERE Id = ?', array($_REQUEST['id'])); } else { - dbQuery( 'INSERT INTO Storage set '.implode( ', ', $changes ) ); + dbQuery('INSERT INTO Storage set '.implode(', ', $changes)); } $refreshParent = true; } @@ -786,11 +812,11 @@ if ( canEdit( 'System' ) ) { } else if ( $action == 'delete' ) { if ( !empty($_REQUEST['markIds']) ) { foreach( $_REQUEST['markIds'] as $Id ) - dbQuery( 'DELETE FROM Storage WHERE Id=?', array($Id) ); + dbQuery('DELETE FROM Storage WHERE Id=?', array($Id)); } $refreshParent = true; } else { - Error( "Unknown action $action in saving Storage" ); + Error("Unknown action $action in saving Storage"); } } # end if isset($_REQUEST['object'] ) @@ -804,7 +830,7 @@ if ( canEdit( 'System' ) ) { } case 'ignore' : { - dbQuery( "update Config set Value = '".ZM_DYN_LAST_VERSION."' where Name = 'ZM_DYN_CURR_VERSION'" ); + dbQuery("UPDATE Config SET Value = '".ZM_DYN_LAST_VERSION."' WHERE Name = 'ZM_DYN_CURR_VERSION'"); break; } case 'hour' : @@ -819,12 +845,12 @@ if ( canEdit( 'System' ) ) { } elseif ( $option == 'week' ) { $nextReminder += 7*24*60*60; } - dbQuery( "update Config set Value = '".$nextReminder."' where Name = 'ZM_DYN_NEXT_REMINDER'" ); + dbQuery("UPDATE Config SET Value = '".$nextReminder."' WHERE Name = 'ZM_DYN_NEXT_REMINDER'"); break; } case 'never' : { - dbQuery( "update Config set Value = '0' where Name = 'ZM_CHECK_FOR_UPDATES'" ); + dbQuery("UPDATE Config SET Value = '0' WHERE Name = 'ZM_CHECK_FOR_UPDATES'"); break; } } @@ -852,53 +878,51 @@ if ( canEdit( 'System' ) ) { } elseif ( $option == 'month' ) { $nextReminder += 30*24*60*60; } - dbQuery( "update Config set Value = '".$nextReminder."' where Name = 'ZM_DYN_DONATE_REMINDER_TIME'" ); + dbQuery("UPDATE Config SET Value = '".$nextReminder."' WHERE Name = 'ZM_DYN_DONATE_REMINDER_TIME'"); break; } case 'never' : case 'already' : { - dbQuery( "update Config set Value = '0' where Name = 'ZM_DYN_SHOW_DONATE_REMINDER'" ); + dbQuery("UPDATE Config SET Value = '0' WHERE Name = 'ZM_DYN_SHOW_DONATE_REMINDER'"); break; } } // end switch option } - if ( $action == 'privacy' && isset($_REQUEST['option'] ) ) { - $option = $_REQUEST['option']; - switch( $option ) { + if ( ($action == 'privacy') && isset($_REQUEST['option']) ) { + switch( $_REQUEST['option'] ) { case 'decline' : { - dbQuery( "update Config set Value = '0' where Name = 'ZM_SHOW_PRIVACY'" ); - dbQuery( "update Config set Value = '0' where Name = 'ZM_TELEMETRY_DATA'" ); - $view = 'console'; + dbQuery("UPDATE Config SET Value = '0' WHERE Name = 'ZM_SHOW_PRIVACY'"); + dbQuery("UPDATE Config SET Value = '0' WHERE Name = 'ZM_TELEMETRY_DATA'"); $redirect = ZM_BASE_URL.$_SERVER['PHP_SELF'].'?view=console'; break; } case 'accept' : { - dbQuery( "update Config set Value = '0' where Name = 'ZM_SHOW_PRIVACY'" ); - dbQuery( "update Config set Value = '1' where Name = 'ZM_TELEMETRY_DATA'" ); - $view = 'console'; + dbQuery("UPDATE Config SET Value = '0' WHERE Name = 'ZM_SHOW_PRIVACY'"); + dbQuery("UPDATE Config SET Value = '1' WHERE Name = 'ZM_TELEMETRY_DATA'"); $redirect = ZM_BASE_URL.$_SERVER['PHP_SELF'].'?view=console'; break; } default: # Enable the privacy statement if we somehow submit something other than accept or decline - dbQuery( "update Config set Value = '1' where Name = 'ZM_SHOW_PRIVACY'" ); + dbQuery("UPDATE Config SET Value = '1' WHERE Name = 'ZM_SHOW_PRIVACY'"); } // end switch option + return; } if ( $action == 'options' && isset($_REQUEST['tab']) ) { $configCat = $configCats[$_REQUEST['tab']]; $changed = false; foreach ( $configCat as $name=>$value ) { - unset( $newValue ); + unset($newValue); if ( $value['Type'] == 'boolean' && empty($_REQUEST['newConfig'][$name]) ) { $newValue = 0; } else if ( isset($_REQUEST['newConfig'][$name]) ) { - $newValue = preg_replace( "/\r\n/", "\n", stripslashes( $_REQUEST['newConfig'][$name] ) ); + $newValue = preg_replace("/\r\n/", "\n", stripslashes($_REQUEST['newConfig'][$name])); } if ( isset($newValue) && ($newValue != $value['Value']) ) { - dbQuery( 'UPDATE Config SET Value=? WHERE Name=?', array( $newValue, $name ) ); + dbQuery('UPDATE Config SET Value=? WHERE Name=?', array($newValue, $name)); $changed = true; } } @@ -924,29 +948,30 @@ if ( canEdit( 'System' ) ) { } $redirect = ZM_BASE_URL.$_SERVER['PHP_SELF'].'?view=options&tab='.$_REQUEST['tab']; } - loadConfig( false ); + loadConfig(false); + return; } elseif ( $action == 'user' ) { if ( !empty($_REQUEST['uid']) ) - $dbUser = dbFetchOne( "SELECT * FROM Users WHERE Id=?", NULL, array($_REQUEST['uid']) ); + $dbUser = dbFetchOne('SELECT * FROM Users WHERE Id=?', NULL, array($_REQUEST['uid'])); else $dbUser = array(); $types = array(); - $changes = getFormChanges( $dbUser, $_REQUEST['newUser'], $types ); + $changes = getFormChanges($dbUser, $_REQUEST['newUser'], $types); if ( $_REQUEST['newUser']['Password'] ) $changes['Password'] = 'Password = password('.dbEscape($_REQUEST['newUser']['Password']).')'; else - unset( $changes['Password'] ); + unset($changes['Password']); - if ( count( $changes ) ) { + if ( count($changes) ) { if ( !empty($_REQUEST['uid']) ) { - dbQuery( 'update Users set '.implode( ', ', $changes ).' where Id = ?', array($_REQUEST['uid']) ); + dbQuery('UPDATE Users SET '.implode(', ', $changes).' WHERE Id = ?', array($_REQUEST['uid'])); # If we are updating the logged in user, then update our session user data. if ( $user and ( $dbUser['Username'] == $user['Username'] ) ) - userLogin( $dbUser['Username'], $dbUser['Password'] ); + userLogin($dbUser['Username'], $dbUser['Password']); } else { - dbQuery( 'insert into Users set '.implode( ', ', $changes ) ); + dbQuery('INSERT INTO Users SET '.implode(', ', $changes)); } $refreshParent = true; } @@ -954,29 +979,28 @@ if ( canEdit( 'System' ) ) { } elseif ( $action == 'state' ) { if ( !empty($_REQUEST['runState']) ) { //if ( $cookies ) session_write_close(); - packageControl( $_REQUEST['runState'] ); + packageControl($_REQUEST['runState']); $refreshParent = true; } } elseif ( $action == 'save' ) { if ( !empty($_REQUEST['runState']) || !empty($_REQUEST['newState']) ) { $sql = 'SELECT Id,Function,Enabled FROM Monitors ORDER BY Id'; $definitions = array(); - foreach( dbFetchAll( $sql ) as $monitor ) - { + foreach( dbFetchAll($sql) as $monitor ) { $definitions[] = $monitor['Id'].':'.$monitor['Function'].':'.$monitor['Enabled']; } - $definition = join( ',', $definitions ); + $definition = join(',', $definitions); if ( $_REQUEST['newState'] ) $_REQUEST['runState'] = $_REQUEST['newState']; - dbQuery( 'replace into States set Name=?, Definition=?', array( $_REQUEST['runState'],$definition) ); + dbQuery('REPLACE INTO States SET Name=?, Definition=?', array($_REQUEST['runState'],$definition)); } } elseif ( $action == 'delete' ) { if ( isset($_REQUEST['runState']) ) - dbQuery( 'delete from States where Name=?', array($_REQUEST['runState']) ); + dbQuery('DELETE FROM States WHERE Name=?', array($_REQUEST['runState'])); if ( isset($_REQUEST['markUids']) ) { foreach( $_REQUEST['markUids'] as $markUid ) - dbQuery( 'delete from Users where Id = ?', array($markUid) ); + dbQuery('DELETE FROM Users WHERE Id = ?', array($markUid)); if ( $markUid == $user['Id'] ) userLogout(); } @@ -985,17 +1009,17 @@ if ( canEdit( 'System' ) ) { if ( ZM_USER_SELF_EDIT && $action == 'user' ) { $uid = $user['Id']; - $dbUser = dbFetchOne( 'SELECT Id, Password, Language FROM Users WHERE Id = ?', NULL, array($uid) ); + $dbUser = dbFetchOne('SELECT Id, Password, Language FROM Users WHERE Id = ?', NULL, array($uid)); $types = array(); - $changes = getFormChanges( $dbUser, $_REQUEST['newUser'], $types ); + $changes = getFormChanges($dbUser, $_REQUEST['newUser'], $types); if ( !empty($_REQUEST['newUser']['Password']) ) $changes['Password'] = 'Password = password('.dbEscape($_REQUEST['newUser']['Password']).')'; else - unset( $changes['Password'] ); - if ( count( $changes ) ) { - dbQuery( 'update Users set '.implode( ', ', $changes ).' where Id=?', array($uid) ); + unset($changes['Password']); + if ( count($changes) ) { + dbQuery('UPDATE Users SET '.implode(', ', $changes).' WHERE Id=?', array($uid)); $refreshParent = true; } $view = 'none'; @@ -1004,8 +1028,8 @@ if ( canEdit( 'System' ) ) { if ( $action == 'reset' ) { session_start(); - $_SESSION['zmEventResetTime'] = strftime( STRF_FMT_DATETIME_DB ); - setcookie( 'zmEventResetTime', $_SESSION['zmEventResetTime'], time()+3600*24*30*12*10 ); + $_SESSION['zmEventResetTime'] = strftime(STRF_FMT_DATETIME_DB); + setcookie('zmEventResetTime', $_SESSION['zmEventResetTime'], time()+3600*24*30*12*10); session_write_close(); } From 0823b287128092ffcbed0a6661ec085c2b752ca5 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 31 Aug 2018 10:37:11 -0400 Subject: [PATCH 10/15] whitespace changes. Make Privacy test an else so that PRIVACY checks don't happen if not logged in --- web/index.php | 120 ++++++++++++++++++++++++++------------------------ 1 file changed, 63 insertions(+), 57 deletions(-) diff --git a/web/index.php b/web/index.php index 69745ce3c..9df89ac4b 100644 --- a/web/index.php +++ b/web/index.php @@ -18,17 +18,17 @@ // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. // -error_reporting( E_ALL ); +error_reporting(E_ALL); $debug = false; if ( $debug ) { // Use these for debugging, though not both at once! - phpinfo( INFO_VARIABLES ); + phpinfo(INFO_VARIABLES); //error_reporting( E_ALL ); } // Use new style autoglobals where possible -if ( version_compare( phpversion(), '4.1.0', '<') ) { +if ( version_compare(phpversion(), '4.1.0', '<') ) { $_SESSION = &$HTTP_SESSION_VARS; $_SERVER = &$HTTP_SERVER_VARS; } @@ -36,20 +36,20 @@ if ( version_compare( phpversion(), '4.1.0', '<') ) { // Useful debugging lines for mobile devices if ( false ) { ob_start(); - phpinfo( INFO_VARIABLES ); - $fp = fopen( '/tmp/env.html', 'w' ); - fwrite( $fp, ob_get_contents() ); - fclose( $fp ); + phpinfo(INFO_VARIABLES); + $fp = fopen('/tmp/env.html', 'w'); + fwrite($fp, ob_get_contents()); + fclose($fp); ob_end_clean(); } -require_once( 'includes/config.php' ); -require_once( 'includes/logger.php' ); -require_once( 'includes/Server.php' ); -require_once( 'includes/Storage.php' ); -require_once( 'includes/Event.php' ); -require_once( 'includes/Group.php' ); -require_once( 'includes/Monitor.php' ); +require_once('includes/config.php'); +require_once('includes/logger.php'); +require_once('includes/Server.php'); +require_once('includes/Storage.php'); +require_once('includes/Event.php'); +require_once('includes/Group.php'); +require_once('includes/Monitor.php'); if ( @@ -61,13 +61,13 @@ if ( } else { $protocol = 'http'; } -define( 'ZM_BASE_PROTOCOL', $protocol ); +define('ZM_BASE_PROTOCOL', $protocol); // Absolute URL's are unnecessary and break compatibility with reverse proxies // define( "ZM_BASE_URL", $protocol.'://'.$_SERVER['HTTP_HOST'] ); // Use relative URL's instead -define( 'ZM_BASE_URL', '' ); +define('ZM_BASE_URL', ''); // Check time zone is set if (!ini_get('date.timezone') || !date_default_timezone_set(ini_get('date.timezone'))) { @@ -85,10 +85,10 @@ if ( isset($_GET['skin']) ) { $skin = 'classic'; } -$skins = array_map( 'basename', glob('skins/*', GLOB_ONLYDIR ) ); +$skins = array_map('basename', glob('skins/*', GLOB_ONLYDIR)); -if ( ! in_array( $skin, $skins ) ) { - Error( "Invalid skin '$skin' setting to " . $skins[0] ); +if ( ! in_array($skin, $skins) ) { + Error("Invalid skin '$skin' setting to " . $skins[0]); $skin = $skins[0]; } @@ -96,25 +96,25 @@ if ( isset($_GET['css']) ) { $css = $_GET['css']; } elseif ( isset($_COOKIE['zmCSS']) ) { $css = $_COOKIE['zmCSS']; -} elseif (defined('ZM_CSS_DEFAULT')) { +} elseif ( defined('ZM_CSS_DEFAULT') ) { $css = ZM_CSS_DEFAULT; } else { $css = 'classic'; } -$css_skins = array_map( 'basename', glob('skins/'.$skin.'/css/*',GLOB_ONLYDIR) ); -if ( ! in_array( $css, $css_skins ) ) { - Error( "Invalid skin css '$css' setting to " . $css_skins[0] ); +$css_skins = array_map('basename', glob('skins/'.$skin.'/css/*',GLOB_ONLYDIR)); +if ( !in_array($css, $css_skins) ) { + Error("Invalid skin css '$css' setting to " . $css_skins[0]); $css = $css_skins[0]; } -define( 'ZM_BASE_PATH', dirname( $_SERVER['REQUEST_URI'] ) ); -define( 'ZM_SKIN_PATH', "skins/$skin" ); -define( 'ZM_SKIN_NAME', $skin ); +define('ZM_BASE_PATH', dirname($_SERVER['REQUEST_URI'])); +define('ZM_SKIN_PATH', "skins/$skin"); +define('ZM_SKIN_NAME', $skin); $skinBase = array(); // To allow for inheritance of skins -if ( !file_exists( ZM_SKIN_PATH ) ) - Fatal( "Invalid skin '$skin'" ); +if ( !file_exists(ZM_SKIN_PATH) ) + Fatal("Invalid skin '$skin'"); $skinBase[] = $skin; $currentCookieParams = session_get_cookie_params(); @@ -127,25 +127,25 @@ session_set_cookie_params( true ); -ini_set( 'session.name', 'ZMSESSID' ); +ini_set('session.name', 'ZMSESSID'); session_start(); if ( !isset($_SESSION['skin']) || isset($_REQUEST['skin']) || !isset($_COOKIE['zmSkin']) || $_COOKIE['zmSkin'] != $skin ) { $_SESSION['skin'] = $skin; - setcookie( 'zmSkin', $skin, time()+3600*24*30*12*10 ); + setcookie('zmSkin', $skin, time()+3600*24*30*12*10); } if ( !isset($_SESSION['css']) || isset($_REQUEST['css']) || !isset($_COOKIE['zmCSS']) || $_COOKIE['zmCSS'] != $css ) { $_SESSION['css'] = $css; - setcookie( 'zmCSS', $css, time()+3600*24*30*12*10 ); + setcookie('zmCSS', $css, time()+3600*24*30*12*10); } if ( ZM_OPT_USE_AUTH ) { - if ( isset( $_SESSION['user'] ) ) { + if ( isset($_SESSION['user']) ) { $user = $_SESSION['user']; } else { - unset( $user ); + unset($user); } } else { $user = $defaultUser; @@ -154,9 +154,9 @@ if ( ZM_OPT_USE_AUTH ) { # Any file/page that sets session variables must re-open it. session_write_close(); -require_once( 'includes/lang.php' ); -require_once( 'includes/functions.php' ); -require_once( 'includes/auth.php' ); +require_once('includes/lang.php'); +require_once('includes/functions.php'); +require_once('includes/auth.php'); # Running is global but only do the daemonCheck if it is actually needed $running = null; @@ -179,20 +179,20 @@ $request = null; if ( isset($_REQUEST['request']) ) $request = detaintPath($_REQUEST['request']); -foreach ( getSkinIncludes( 'skin.php' ) as $includeFile ) +foreach ( getSkinIncludes('skin.php') as $includeFile ) require_once $includeFile; if ( ZM_OPT_USE_AUTH ) { if ( ZM_AUTH_HASH_LOGINS ) { if ( empty($user) && ! empty($_REQUEST['auth']) ) { - if ( $authUser = getAuthUser( $_REQUEST['auth'] ) ) { - userLogin( $authUser['Username'], $authUser['Password'], true ); + if ( $authUser = getAuthUser($_REQUEST['auth']) ) { + userLogin($authUser['Username'], $authUser['Password'], true); } } } - if ( ! empty($user) ) { + if ( !empty($user) ) { // generate it once here, while session is open. Value will be cached in session and return when called later on - generateAuthHash( ZM_AUTH_HASH_IPS ); + generateAuthHash(ZM_AUTH_HASH_IPS); } } @@ -205,24 +205,30 @@ isset($view) || $view = NULL; isset($request) || $request = NULL; isset($action) || $action = NULL; -if ( ZM_ENABLE_CSRF_MAGIC && $action != 'login' && $view != 'view_video' && $request != 'control' && $view != 'frames' && $view != 'archive' ) { +Logger::Debug("View: $view Request: $request Action: $action"); +if ( + ZM_ENABLE_CSRF_MAGIC && + ( $action != 'login' ) && + ( $view != 'view_video' ) && + ( $request != 'control' ) && + ( $view != 'frames' ) && + ( $view != 'archive' ) +) { require_once( 'includes/csrf/csrf-magic.php' ); #Logger::Debug("Calling csrf_check with the following values: \$request = \"$request\", \$view = \"$view\", \$action = \"$action\""); csrf_check(); } # Need to include actions because it does auth -require_once( 'includes/actions.php' ); +require_once('includes/actions.php'); # If I put this here, it protects all views and popups, but it has to go after actions.php because actions.php does the actual logging in. -if ( ZM_OPT_USE_AUTH and ! isset($user) ) { - Logger::Debug("Redirecting to login" ); +if ( ZM_OPT_USE_AUTH and !isset($user) ) { + Logger::Debug('Redirecting to login'); $view = 'login'; $request = null; -} - -if ( ZM_SHOW_PRIVACY && canEdit('System') ) { - Logger::Debug("Redirecting to privacy" ); +} else if ( ZM_SHOW_PRIVACY && ($action != 'privacy') && ($view !='options') && (!$request) && canEdit('System') ) { + Logger::Debug('Redirecting to privacy'); $view = 'privacy'; $request = null; } @@ -233,17 +239,17 @@ if ( $redirect ) { } if ( $request ) { - foreach ( getSkinIncludes( 'ajax/'.$request.'.php', true, true ) as $includeFile ) { - if ( !file_exists( $includeFile ) ) - Fatal( "Request '$request' does not exist" ); + foreach ( getSkinIncludes('ajax/'.$request.'.php', true, true) as $includeFile ) { + if ( !file_exists($includeFile) ) + Fatal("Request '$request' does not exist"); require_once $includeFile; } return; } else { - if ( $includeFiles = getSkinIncludes( 'views/'.$view.'.php', true, true ) ) { + if ( $includeFiles = getSkinIncludes('views/'.$view.'.php', true, true) ) { foreach ( $includeFiles as $includeFile ) { - if ( !file_exists( $includeFile ) ) - Fatal( "View '$view' does not exist" ); + if ( !file_exists($includeFile) ) + Fatal("View '$view' does not exist"); require_once $includeFile; } // If the view overrides $view to 'error', and the user is not logged in, then the @@ -251,14 +257,14 @@ if ( $request ) { // The login view should handle redirecting to the correct location afterward. if ( $view == 'error' && !isset($user) ) { $view = 'login'; - foreach ( getSkinIncludes( 'views/login.php', true, true ) as $includeFile ) + foreach ( getSkinIncludes('views/login.php', true, true) as $includeFile ) require_once $includeFile; } } // If the view is missing or the view still returned error with the user logged in, // then it is not recoverable. if ( !$includeFiles || $view == 'error' ) { - foreach ( getSkinIncludes( 'views/error.php', true, true ) as $includeFile ) + foreach ( getSkinIncludes('views/error.php', true, true) as $includeFile ) require_once $includeFile; } } From 57d5e28870fa98735b602855324aac8a22ab844e Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 31 Aug 2018 11:57:47 -0400 Subject: [PATCH 11/15] clear output buffer before sending image. Adjust filename for saveAs when doing a scaled image. whitespace corrections. More Debug output --- web/views/image.php | 78 +++++++++++++++++++++++++++------------------ 1 file changed, 47 insertions(+), 31 deletions(-) diff --git a/web/views/image.php b/web/views/image.php index 26c58f4f7..552b81256 100644 --- a/web/views/image.php +++ b/web/views/image.php @@ -40,7 +40,7 @@ require_once('includes/Event.php'); require_once('includes/Frame.php'); // Compatibility for PHP 5.4 -if (!function_exists('imagescale')) { +if ( !function_exists('imagescale') ) { function imagescale($image, $new_width, $new_height = -1, $mode = 0) { $mode; // Not supported @@ -70,17 +70,18 @@ if ( empty($_REQUEST['path']) ) { if ( !empty($_REQUEST['eid']) ) { $Event = Event::find_one(array('Id'=>$_REQUEST['eid'])); - if ( ! $Event ) { + if ( !$Event ) { header('HTTP/1.0 404 Not Found'); - Fatal('Event ' . $_REQUEST['eid'].' Not found'); + Fatal('Event '.$_REQUEST['eid'].' Not found'); return; } if ( $_REQUEST['fid'] == 'snapshot' ) { $Frame = Frame::find_one(array('EventId'=>$_REQUEST['eid'], 'Score'=>$Event->MaxScore())); - if ( ! $Frame ) + if ( !$Frame ) $Frame = Frame::find_one(array('EventId'=>$_REQUEST['eid'])); - if ( ! $Frame ) { + if ( !$Frame ) { + Warning("No frame found for event " + $_REQUEST['eid']); $Frame = new Frame(); $Frame->Delta(1); $Frame->FrameId('snapshot'); @@ -123,14 +124,14 @@ Logger::Debug("Got virtual frame from Bulk Frames previous delta: " . $previousB } else { # If we are only specifying fid, then the fid must be the primary key into the frames table. But when the event is specified, then it is the frame # $Frame = Frame::find_one(array('Id'=>$_REQUEST['fid'])); - if ( ! $Frame ) { + if ( !$Frame ) { header('HTTP/1.0 404 Not Found'); Fatal('Frame ' . $_REQUEST['fid'] . ' Not Found'); return; } $Event = Event::find_one(array('Id'=>$Frame->EventId())); - if ( ! $Event ) { + if ( !$Event ) { header('HTTP/1.0 404 Not Found'); Fatal('Event ' . $Frame->EventId() . ' Not Found'); return; @@ -138,11 +139,11 @@ Logger::Debug("Got virtual frame from Bulk Frames previous delta: " . $previousB $path = $Event->Path().'/'.sprintf('%0'.ZM_EVENT_IMAGE_DIGITS.'d',$Frame->FrameId()).'-'.$show.'.jpg'; } # end if have eid - if ( ! file_exists($path) ) { + if ( !file_exists($path) ) { Logger::Debug("$path does not exist"); # Generate the frame JPG - if ( $show == 'capture' and $Event->DefaultVideo() ) { - if ( ! file_exists($Event->Path().'/'.$Event->DefaultVideo()) ) { + if ( ($show == 'capture') and $Event->DefaultVideo() ) { + if ( !file_exists($Event->Path().'/'.$Event->DefaultVideo()) ) { header('HTTP/1.0 404 Not Found'); Fatal("Can't create frame images from video because there is no video file for this event at (".$Event->Path().'/'.$Event->DefaultVideo() ); } @@ -190,52 +191,52 @@ Logger::Debug("Got virtual frame from Bulk Frames previous delta: " . $previousB } else { $errorText = 'Invalid image path'; } - if ( ! file_exists($path) ) { + if ( !file_exists($path) ) { header('HTTP/1.0 404 Not Found'); Fatal("Image not found at $path"); } } -$scale=0; +$scale = 0; if ( !empty($_REQUEST['scale']) ) { if ( is_numeric($_REQUEST['scale']) ) { $x = $_REQUEST['scale']; if ( $x >= 1 and $x <= 400 ) - $scale=$x; + $scale = $x; } } -$width=0; +$width = 0; if ( !empty($_REQUEST['width']) ) { if ( is_numeric($_REQUEST['width']) ) { $x = $_REQUEST['width']; if ( $x >= 10 and $x <= 8000 ) - $width=$x; + $width = $x; } } -$height=0; +$height = 0; if ( !empty($_REQUEST['height']) ) { if ( is_numeric($_REQUEST['height']) ) { $x = $_REQUEST['height']; if ( $x >= 10 and $x <= 8000 ) - $height=$x; + $height = $x; } } -header('Content-type: image/jpeg'); - -# This is so that Save Image As give a useful filename -if ( $Event ) { - $filename = $Event->MonitorId().'_'.$Event->Id().'_'.$Frame->FrameId().'.jpg'; - header('Content-Disposition: inline; filename="' . $filename . '"'); -} -ob_clean(); -flush(); - if ( $errorText ) { Error($errorText); } else { + # Clears the output buffer. Not sure what is there, but have had troubles. + ob_end_clean(); + header('Content-type: image/jpeg'); if ( ( $scale==0 || $scale==100 ) && $width==0 && $height==0 ) { + # This is so that Save Image As give a useful filename + if ( $Event ) { + $filename = $Event->MonitorId().'_'.$Event->Id().'_'.$Frame->FrameId().'.jpg'; + header('Content-Disposition: inline; filename="' . $filename . '"'); + } + ob_clean(); + flush(); if ( !readfile($path) ) { Error('No bytes read from '. $path); } @@ -254,17 +255,23 @@ if ( $errorText ) { } elseif ( $width != 0 && $height == 0 ) { $height = ($width * $oldHeight) / $oldWidth; } - if ( $width == $oldWidth && $height == $oldHeight) { + if ( $width == $oldWidth && $height == $oldHeight ) { Warning('No change to width despite scaling.'); } } # Slight optimisation, thumbnails always specify width and height, so we can cache them. - $scaled_path = preg_replace('/\.jpg$/', "-${width}x${height}.jpg", $path ); - if ( ! file_exists($scaled_path) or ! readfile($scaled_path) ) { + $scaled_path = preg_replace('/\.jpg$/', "-${width}x${height}.jpg", $path); + if ( $Event ) { + $filename = $Event->MonitorId().'_'.$Event->Id().'_'.$Frame->FrameId()."-${width}x${height}.jpg"; + header('Content-Disposition: inline; filename="' . $filename . '"'); + } + //ob_clean(); + //flush(); + if ( !( file_exists($scaled_path) and readfile($scaled_path) ) ) { Logger::Debug("Cached scaled image does not exist at $scaled_path or is no good.. Creating it"); ob_start(); - if ( ! $i ) + if ( !$i ) $i = imagecreatefromjpeg($path); $iScale = imagescale($i, $width, $height); imagejpeg($iScale); @@ -274,6 +281,15 @@ if ( $errorText ) { file_put_contents($scaled_path, $scaled_jpeg_data); ob_end_clean(); echo $scaled_jpeg_data; + } else { + Logger::Debug("Sending $scaled_path"); + $bytes = readfile($scaled_path); + if ( !$bytes ) { + Error('No bytes read from '. $scaled_path); + } else { + Logger::Debug("$bytes sent"); + } } } } +exit(); From 7ee80e7ccadd461df6cc2d0cf607347cd4882dc1 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 31 Aug 2018 11:58:03 -0400 Subject: [PATCH 12/15] Debug lines should be debug, not warning --- web/includes/database.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/web/includes/database.php b/web/includes/database.php index 2c3a818c1..55535659f 100644 --- a/web/includes/database.php +++ b/web/includes/database.php @@ -139,9 +139,9 @@ function dbQuery( $sql, $params=NULL ) { } if ( defined('ZM_DB_DEBUG') ) { if ( $params ) - Warning("SQL: $sql" . implode(',',$params) . ' rows: '.$result->rowCount() ); + Logger::Debug("SQL: $sql" . implode(',',$params) . ' rows: '.$result->rowCount() ); else - Warning("SQL: $sql: rows:" . $result->rowCount() ); + Logger::Debug("SQL: $sql: rows:" . $result->rowCount() ); } } catch(PDOException $e) { Error( "SQL-ERR '".$e->getMessage()."', statement was '".$sql."' params:" . ($params?implode(',',$params):'') ); From 623d31edae25c23eb8df5aee9bf5eda4e66e30a3 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 31 Aug 2018 11:58:17 -0400 Subject: [PATCH 13/15] Don't do csrf for view=image --- web/index.php | 1 + 1 file changed, 1 insertion(+) diff --git a/web/index.php b/web/index.php index 9df89ac4b..0bda75ad6 100644 --- a/web/index.php +++ b/web/index.php @@ -210,6 +210,7 @@ if ( ZM_ENABLE_CSRF_MAGIC && ( $action != 'login' ) && ( $view != 'view_video' ) && + ( $view != 'image' ) && ( $request != 'control' ) && ( $view != 'frames' ) && ( $view != 'archive' ) From 798aab84f3695049828ff566706d2ba6ff2252eb Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 31 Aug 2018 11:58:33 -0400 Subject: [PATCH 14/15] whitespace changes --- web/views/view_video.php | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/web/views/view_video.php b/web/views/view_video.php index cb5707139..9bba64e69 100644 --- a/web/views/view_video.php +++ b/web/views/view_video.php @@ -25,7 +25,7 @@ // Does not support scaling at this time. // -if ( !canView( 'Events' ) ) { +if ( !canView('Events') ) { $view = 'error'; return; } @@ -37,12 +37,12 @@ $path = ''; $Event = null; -if ( ! empty($_REQUEST['eid'] ) ) { - $Event = new Event( $_REQUEST['eid'] ); +if ( ! empty($_REQUEST['eid']) ) { + $Event = new Event($_REQUEST['eid']); $path = $Event->Path().'/'.$Event->DefaultVideo(); Logger::Debug("Path: $path"); -} else if ( ! empty($_REQUEST['event_id'] ) ) { - $Event = new Event( $_REQUEST['event_id'] ); +} else if ( ! empty($_REQUEST['event_id']) ) { + $Event = new Event($_REQUEST['event_id']); $path = $Event->Path().'/'.$Event->DefaultVideo(); Logger::Debug("Path: $path"); } else { @@ -50,7 +50,7 @@ if ( ! empty($_REQUEST['eid'] ) ) { } if ( $errorText ) { - Error( $errorText ); + Error($errorText); header('HTTP/1.0 404 Not Found'); die(); } @@ -67,12 +67,12 @@ $begin = 0; $end = $size-1; $length = $size; -if ( isset( $_SERVER['HTTP_RANGE'] ) ) { - Logger::Debug("Using Range " . $_SERVER['HTTP_RANGE'] ); - if ( preg_match( '/bytes=\h*(\d+)-(\d*)[\D.*]?/i', $_SERVER['HTTP_RANGE'], $matches) ) { - $begin = intval( $matches[1] ); - if ( ! empty( $matches[2]) ) { - $end = intval( $matches[2] ); +if ( isset($_SERVER['HTTP_RANGE']) ) { + Logger::Debug('Using Range ' . $_SERVER['HTTP_RANGE']); + if ( preg_match('/bytes=\h*(\d+)-(\d*)[\D.*]?/i', $_SERVER['HTTP_RANGE'], $matches) ) { + $begin = intval($matches[1]); + if ( ! empty($matches[2]) ) { + $end = intval($matches[2]); } $length = $end - $begin + 1; Logger::Debug("Using Range $begin $end size: $size, length: $length"); @@ -102,10 +102,10 @@ ob_clean(); flush(); $cur = $begin; -fseek( $fh, $begin, 0 ); +fseek($fh, $begin, 0); -while( $length && ( ! feof( $fh ) ) && ( connection_status() == 0 ) ) { - $amount = min( 1024*16, $length ); +while( $length && ( !feof($fh) ) && ( connection_status() == 0 ) ) { + $amount = min(1024*16, $length); print fread( $fh, $amount ); $length -= $amount; @@ -114,5 +114,5 @@ while( $length && ( ! feof( $fh ) ) && ( connection_status() == 0 ) ) { flush(); } -fclose( $fh ); +fclose($fh); exit(); From 9ec415b30a0d996381c61b76b828342e651a0196 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 31 Aug 2018 15:56:21 -0400 Subject: [PATCH 15/15] Just reload the event view instead of dynamically updating the stream. Fixes #2196 --- web/skins/classic/views/js/event.js | 89 ++++++++++++++++++----------- 1 file changed, 56 insertions(+), 33 deletions(-) diff --git a/web/skins/classic/views/js/event.js b/web/skins/classic/views/js/event.js index 9d963c745..86989cbf6 100644 --- a/web/skins/classic/views/js/event.js +++ b/web/skins/classic/views/js/event.js @@ -180,7 +180,7 @@ function changeScale() { function changeReplayMode() { var replayMode = $('replayMode').get('value'); - Cookie.write( 'replayMode', replayMode, { duration: 10*365 }); + Cookie.write('replayMode', replayMode, { duration: 10*365 }); refreshWindow(); } @@ -195,6 +195,8 @@ var zmsBroke = false; //Use alternate navigation if zms has crashed function getCmdResponse( respObj, respText ) { if ( checkStreamForErrors( "getCmdResponse", respObj ) ) { console.log('Got an error from getCmdResponse'); + console.log(respObj); + console.log(respText); zmsBroke = true; return; } @@ -202,18 +204,24 @@ function getCmdResponse( respObj, respText ) { zmsBroke = false; if ( streamCmdTimer ) - streamCmdTimer = clearTimeout( streamCmdTimer ); + streamCmdTimer = clearTimeout(streamCmdTimer); streamStatus = respObj.status; - if (streamStatus.progress >= Math.round(parseFloat(eventData.Length))) streamStatus.progress = parseFloat(eventData.Length); //Limit progress to reality + if ( streamStatus.progress >= Math.round(parseFloat(eventData.Length)) ) + streamStatus.progress = parseFloat(eventData.Length); //Limit progress to reality var eventId = streamStatus.event; - if ( eventId != lastEventId && lastEventId != 0) { //Doesn't run on first load, prevents a double hit on event and nearEvents ajax - eventQuery( eventId ); - initialAlarmCues(eventId); //zms uses this instead of a page reload, must call ajax+render - lastEventId = eventId; + if ( lastEventId ) { + if ( eventId != lastEventId ) { + //Doesn't run on first load, prevents a double hit on event and nearEvents ajax + eventQuery(eventId); + initialAlarmCues(eventId); //zms uses this instead of a page reload, must call ajax+render + lastEventId = eventId; + } + } else { + lastEventId = eventId; //Only fires on first load. } - if (lastEventId == 0) lastEventId = eventId; //Only fires on first load. + if ( streamStatus.paused == true ) { streamPause( ); } else { @@ -239,18 +247,24 @@ function getCmdResponse( respObj, respText ) { streamCmdTimer = streamQuery.delay( streamTimeout ); //Timeout is refresh rate for progressBox and time display } -var streamReq = new Request.JSON( { url: thisUrl, method: 'get', timeout: AJAX_TIMEOUT, link: 'chain', onSuccess: getCmdResponse } ); +var streamReq = new Request.JSON( { + url: thisUrl, + method: 'get', + timeout: AJAX_TIMEOUT, + link: 'chain', + onSuccess: getCmdResponse +} ); function pauseClicked() { - if (vid) { + if ( vid ) { vid.pause(); } else { - streamReq.send( streamParms+"&command="+CMD_PAUSE ); + streamReq.send(streamParms+"&command="+CMD_PAUSE); streamPause(); } } -function vjsPause () { +function vjsPause() { stopFastRev(); streamPause(); } @@ -267,8 +281,8 @@ function streamPause( ) { } function playClicked( ) { - if (vid) { - if (vid.paused()) { + if ( vid ) { + if ( vid.paused() ) { vid.play(); } else { vjsPlay(); //handles fast forward and rewind @@ -279,7 +293,7 @@ function playClicked( ) { } } -function vjsPlay () { //catches if we change mode programatically +function vjsPlay() { //catches if we change mode programatically stopFastRev(); $j('#rateValue').html(vid.playbackRate()); streamPlay(); @@ -302,13 +316,14 @@ function streamFastFwd( action ) { setButtonState( $('slowFwdBtn'), 'unavail' ); setButtonState( $('slowRevBtn'), 'unavail' ); setButtonState( $('fastRevBtn'), 'inactive' ); - if (vid) { - if (revSpeed != .5) stopFastRev(); + if ( vid ) { + if ( revSpeed != .5 ) stopFastRev(); vid.playbackRate(rates[rates.indexOf(vid.playbackRate()*100)-1]/100); - if (rates.indexOf(vid.playbackRate()*100)-1 == -1) setButtonState($('fastFwdBtn'), 'unavail'); + if ( rates.indexOf(vid.playbackRate()*100)-1 == -1 ) + setButtonState($('fastFwdBtn'), 'unavail'); $j('#rateValue').html(vid.playbackRate()); } else { - streamReq.send( streamParms+"&command="+CMD_FASTFWD ); + streamReq.send(streamParms+"&command="+CMD_FASTFWD); } } @@ -317,22 +332,22 @@ var intervalRewind; var revSpeed = .5; function streamSlowFwd( action ) { - if (vid) { + if ( vid ) { vid.currentTime(vid.currentTime() + spf); } else { - streamReq.send( streamParms+"&command="+CMD_SLOWFWD ); + streamReq.send(streamParms+"&command="+CMD_SLOWFWD); } } function streamSlowRev( action ) { - if (vid) { + if ( vid ) { vid.currentTime(vid.currentTime() - spf); } else { - streamReq.send( streamParms+"&command="+CMD_SLOWREV ); + streamReq.send(streamParms+"&command="+CMD_SLOWREV); } } -function stopFastRev () { +function stopFastRev() { clearInterval(intervalRewind); vid.playbackRate(1); revSpeed = .5; @@ -345,9 +360,9 @@ function streamFastRev( action ) { setButtonState( $('slowFwdBtn'), 'unavail' ); setButtonState( $('slowRevBtn'), 'unavail' ); setButtonState( $('fastRevBtn'), 'active' ); - if (vid) { //There is no reverse play with mp4. Set the speed to 0 and manualy set the time back. + if ( vid ) { //There is no reverse play with mp4. Set the speed to 0 and manualy set the time back. revSpeed = rates[rates.indexOf(revSpeed*100)-1]/100; - if (rates.indexOf(revSpeed*100) == 0) { + if ( rates.indexOf(revSpeed*100) == 0 ) { setButtonState( $('fastRevBtn'), 'unavail' ); } clearInterval(intervalRewind); @@ -367,9 +382,12 @@ function streamFastRev( action ) { } function streamPrev(action) { - if (action) { + if ( action ) { $j(".vjsMessage").remove(); - if (vid && PrevEventDefVideoPath.indexOf("view_video") > 0) { + location.replace(thisUrl + '?view=event&eid=' + prevEventId + filterQuery + sortQuery); + return; + + if ( vid && PrevEventDefVideoPath.indexOf("view_video") > 0 ) { CurEventDefVideoPath = PrevEventDefVideoPath; eventQuery(prevEventId); } else if (zmsBroke || (vid && PrevEventDefVideoPath.indexOf("view_video") < 0) || $j("#vjsMessage").length || PrevEventDefVideoPath.indexOf("view_video") > 0) {//zms broke, leaving videojs, last event, moving to videojs @@ -382,20 +400,25 @@ function streamPrev(action) { } function streamNext(action) { - if (action) { + if ( action ) { $j(".vjsMessage").remove();//This shouldn't happen - if (nextEventId == 0) { //handles deleting last event. + if ( nextEventId == 0 ) { //handles deleting last event. pauseClicked(); let hideContainer = $j('#eventVideo'); let hideStream = $j(vid ? "#videoobj" : "#evtStream").height() + (vid ? 0 :$j("#progressBar").height()); hideContainer.prepend('

No more events

'); - if (vid == null) zmsBroke = true; + if ( vid == null ) zmsBroke = true; return; } - if (vid && NextEventDefVideoPath.indexOf("view_video") > 0) { //on and staying with videojs + // We used to try to dynamically update all the bits in the page, which is really complex + // How about we just reload the page? + // + location.replace(thisUrl + '?view=event&eid=' + nextEventId + filterQuery + sortQuery); + return; + if ( vid && ( NextEventDefVideoPath.indexOf("view_video") > 0 ) ) { //on and staying with videojs CurEventDefVideoPath = NextEventDefVideoPath; eventQuery(nextEventId); - } else if (zmsBroke || (vid && NextEventDefVideoPath.indexOf("view_video") < 0) || NextEventDefVideoPath.indexOf("view_video") > 0) {//reload zms, leaving vjs, moving to vjs + } else if ( zmsBroke || (vid && NextEventDefVideoPath.indexOf("view_video") < 0) || NextEventDefVideoPath.indexOf("view_video") > 0) {//reload zms, leaving vjs, moving to vjs location.replace(thisUrl + '?view=event&eid=' + nextEventId + filterQuery + sortQuery); } else { streamReq.send(streamParms+"&command="+CMD_NEXT);