Merge branch 'fix_rce' into storageareas

This commit is contained in:
Isaac Connor 2018-10-24 10:17:16 -04:00
commit ca8770bd5a
14 changed files with 401 additions and 633 deletions

File diff suppressed because it is too large Load Diff

View File

@ -274,6 +274,7 @@ void std_delta8_rgba(const uint8_t* col1, const uint8_t* col2, uint8_t* result,
void std_delta8_bgra(const uint8_t* col1, const uint8_t* col2, uint8_t* result, unsigned long count);
void std_delta8_argb(const uint8_t* col1, const uint8_t* col2, uint8_t* result, unsigned long count);
void std_delta8_abgr(const uint8_t* col1, const uint8_t* col2, uint8_t* result, unsigned long count);
void neon32_armv7_delta8_gray8(const uint8_t* col1, const uint8_t* col2, uint8_t* result, unsigned long count);
void neon32_armv7_delta8_rgba(const uint8_t* col1, const uint8_t* col2, uint8_t* result, unsigned long count);
void neon32_armv7_delta8_bgra(const uint8_t* col1, const uint8_t* col2, uint8_t* result, unsigned long count);

View File

@ -69,7 +69,7 @@ class HostController extends AppController {
$this->Session->read('user'); # this is needed for command line/curl to recognize a session
$zmAuthRelay = $this->Config->find('first',array('conditions' => array('Config.' . $this->Config->primaryKey => 'ZM_AUTH_RELAY')))['Config']['Value'];
if ( $zmAuthRelay == 'hashed' ) {
$zmAuthHashIps= $this->Config->find('first',array('conditions' => array('Config.' . $this->Config->primaryKey => 'ZM_AUTH_HASH_IPS')))['Config']['Value'];
$zmAuthHashIps = $this->Config->find('first',array('conditions' => array('Config.' . $this->Config->primaryKey => 'ZM_AUTH_HASH_IPS')))['Config']['Value'];
$credentials = 'auth='.generateAuthHash($zmAuthHashIps);
} else if ( $zmAuthRelay == 'plain' ) {
// user will need to append the store password here

View File

@ -155,7 +155,7 @@ function generateAuthHash($useRemoteAddr, $force=false) {
$time = time();
$mintime = $time - ( ZM_AUTH_HASH_TTL * 1800 );
if ( $force or ( !isset($_SESSION['AuthHash']) ) or ( $_SESSION['AuthHashGeneratedAt'] < $mintime ) ) {
if ( $force or ( !isset($_SESSION['AuthHash'.$_SESSION['remoteAddr']]) ) or ( $_SESSION['AuthHashGeneratedAt'] < $mintime ) ) {
# Don't both regenerating Auth Hash if an hour hasn't gone by yet
$local_time = localtime();
$authKey = '';
@ -172,7 +172,7 @@ function generateAuthHash($useRemoteAddr, $force=false) {
session_start();
$close_session = 1;
}
$_SESSION['AuthHash'] = $auth;
$_SESSION['AuthHash'.$_SESSION['remoteAddr']] = $auth;
$_SESSION['AuthHashGeneratedAt'] = $time;
session_write_close();
} else {
@ -182,7 +182,7 @@ function generateAuthHash($useRemoteAddr, $force=false) {
#} else {
#Logger::Debug("Using cached auth " . $_SESSION['AuthHash'] ." beacuse generatedat:" . $_SESSION['AuthHashGeneratedAt'] . ' < now:'. $time . ' - ' . ZM_AUTH_HASH_TTL . ' * 1800 = '. $mintime);
} # end if AuthHash is not cached
return $_SESSION['AuthHash'];
return $_SESSION['AuthHash'.$_SESSION['remoteAddr']];
} # end if using AUTH and AUTH_RELAY
return '';
}

View File

@ -237,6 +237,7 @@ $SLANG = array(
'Cause' => 'Cause',
'CheckMethod' => 'Alarm Check Method',
'ChooseDetectedCamera' => 'Choose Detected Camera',
'ChooseDetectedProfile' => 'Choose Detected Profile',
'ChooseFilter' => 'Choose Filter',
'ChooseLogFormat' => 'Choose a log format',
'ChooseLogSelection' => 'Choose a log selection',

View File

@ -55,7 +55,7 @@ if ( ! empty($refreshParent) ) {
?>;
var closePopup = <?php
if ( ( ! empty($closePopup) ) and ( $closePopup == true ) ) {
echo 'true';
echo 'true';
} else {
echo 'false';
}
@ -67,5 +67,5 @@ var imagePrefix = "<?php echo "?view=image&eid=" ?>";
var auth_hash;
<?php if ( ZM_OPT_USE_AUTH && ZM_AUTH_HASH_LOGINS ) { ?>
auth_hash = '<?php echo isset($_SESSION['AuthHash']) ? $_SESSION['AuthHash'] : ''; ?>';
auth_hash = '<?php echo generateAuthHash(ZM_AUTH_HASH_IPS) ?>';
<?php } ?>

View File

@ -471,7 +471,13 @@ function setAlarmState( currentAlarmState ) {
}
var streamCmdParms = "view=request&request=stream&connkey="+connKey;
var streamCmdReq = new Request.JSON( { url: monitorUrl+thisUrl, method: 'post', timeout: AJAX_TIMEOUT, link: 'cancel', onSuccess: getStreamCmdResponse } );
var streamCmdReq = new Request.JSON( {
url: monitorUrl,
method: 'get',
timeout: AJAX_TIMEOUT,
link: 'cancel',
onSuccess: getStreamCmdResponse
} );
var streamCmdTimer = null;
var streamStatus;
@ -546,7 +552,14 @@ function streamCmdQuery() {
}
var statusCmdParms = "view=request&request=status&entity=monitor&id="+monitorId+"&element[]=Status&element[]=FrameRate";
var statusCmdReq = new Request.JSON( { url: monitorUrl+thisUrl, method: 'post', data: statusCmdParms, timeout: AJAX_TIMEOUT, link: 'cancel', onSuccess: getStatusCmdResponse } );
var statusCmdReq = new Request.JSON( {
url: monitorUrl,
method: 'get',
data: statusCmdParms,
timeout: AJAX_TIMEOUT,
link: 'cancel',
onSuccess: getStatusCmdResponse
} );
var statusCmdTimer = null;
function getStatusCmdResponse( respObj, respText ) {
@ -652,11 +665,13 @@ function initPage() {
// Imported from watch.js and modified for new zone edit view
//
var delay = (Math.random()+0.1)*statusRefreshTimeout;
//console.log("Delay for status updates is: " + delay );
if ( streamMode == "single" ) {
statusCmdTimer = statusCmdQuery.delay( (Math.random()+0.1)*statusRefreshTimeout );
statusCmdTimer = statusCmdQuery.delay( delay );
watchdogCheck.pass('status').periodical(statusRefreshTimeout*2);
} else {
streamCmdTimer = streamCmdQuery.delay( (Math.random()+0.1)*statusRefreshTimeout );
streamCmdTimer = streamCmdQuery.delay( delay );
watchdogCheck.pass('stream').periodical(statusRefreshTimeout*2);
}

View File

@ -101,7 +101,7 @@ var streamMode = "<?php echo $streamMode ?>";
var connKey = '<?php echo $connkey ?>';
var monitorId = <?php echo $monitor->Id() ?>;
var monitorUrl = '<?php echo ( $monitor->Server()->Url() ) ?>';
var monitorUrl = '<?php echo ( $monitor->Url() ) ?>';
var streamSrc = "<?php echo preg_replace( '/&amp;/', '&', $streamSrc ) ?>";

View File

@ -1,5 +1,5 @@
var streamCmdParms = "view=request&request=stream&connkey="+connKey;
var streamCmdReq = new Request.JSON( { url: monitorUrl+thisUrl, method: 'post', timeout: AJAX_TIMEOUT, link: 'cancel' } );
var streamCmdReq = new Request.JSON( { url: monitorUrl, method: 'post', timeout: AJAX_TIMEOUT, link: 'cancel' } );
function streamCmdQuit( action ) {
if ( action )

View File

@ -1,4 +1,4 @@
var connKey = '<?php echo $connkey ?>';
var monitorUrl = '<?php echo ( $monitor->Server()->Url() ) ?>';
var monitorUrl = '<?php echo ( $monitor->Url() ) ?>';
var CMD_QUIT = <?php echo CMD_QUIT ?>;

View File

@ -45,17 +45,16 @@ xhtmlHeaders(__FILE__, translate('SystemLog') );
<tr class="row">
<td class="col text-center">
<div class="btn-group">
<button type="button" class="btn btn-sm" onclick="expandLog()"> <?php echo translate('More') ?></button>
<button type="button" class="btn btn-sm" onclick="clearLog()"> <?php echo translate('Clear') ?></button>
<button type="button" class="btn btn-sm" onclick="refreshLog()"> <?php echo translate('Refresh') ?></button>
<button type="button" class="btn btn-sm" onclick="exportLog()"> <?php echo translate('Export') ?></button>
<button type="button" class="btn btn-sm" onclick="closeWindow()"> <?php echo translate('Close') ?></button>
<button type="button" onclick="expandLog()"><?php echo translate('More') ?></button>
<button type="button" onclick="clearLog()"><?php echo translate('Clear') ?></button>
<button type="button" onclick="refreshLog()"><?php echo translate('Refresh') ?></button>
<button type="button" onclick="exportLog()"><?php echo translate('Export') ?></button>
<button type="button" onclick="closeWindow()"><?php echo translate('Close') ?></button>
</div> <!--btn-->
</td>
</tr>
</table>
</div> <!--header-->
</tr>
</table>
</div> <!--header-->
<div id="content">
<div id="filters">
@ -89,7 +88,7 @@ xhtmlHeaders(__FILE__, translate('SystemLog') );
</td>
</tr>
</table>
<input type="reset" value="<?php echo translate('Reset') ?>" onclick="resetLog()"/>
<button type="reset" onclick="resetLog()"><?php echo translate('Reset') ?></button>
</div>
<form name="logForm" method="post" action="<?php echo $_SERVER['PHP_SELF'] ?>">
<input type="hidden" name="view" value="<?php echo $view ?>"/>
@ -137,8 +136,8 @@ xhtmlHeaders(__FILE__, translate('SystemLog') );
<div id="exportError">
<?php echo translate('ExportFailed') ?>: <span id="exportErrorText"></span>
</div>
<input type="button" id="exportButton" value="<?php echo translate('Export') ?>" onclick="exportRequest()"/>
<input type="button" value="<?php echo translate('Cancel') ?>" class="overlayCloser"/>
<button type="button" id="exportButton" value="Export" onclick="exportRequest()"><?php echo translate('Export') ?></button>
<button type="button" value="Cancel" class="overlayCloser"><?php echo translate('Cancel') ?></button>
</form>
</div>
</div>

View File

@ -173,7 +173,7 @@ if ( !empty($_REQUEST['preset']) ) {
}
}
if ( !empty($_REQUEST['probe']) ) {
$probe = unserialize(base64_decode($_REQUEST['probe']));
$probe = json_decode(base64_decode($_REQUEST['probe']));
foreach ( $probe as $name=>$value ) {
if ( isset($value) ) {
# Does isset handle NULL's? I don't think this code is correct.

View File

@ -18,7 +18,7 @@
// Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
//
if ( !canEdit( 'Monitors' ) ) {
if ( !canEdit('Monitors') ) {
$view = 'error';
return;
}
@ -73,26 +73,26 @@ function probeCameras( $localIp ) {
} elseif ( $tokens[1] == 'location' ) {
// $camera['location'] = $tokens[2];
} else {
Logger::Debug('Unknown token ' . $tokens[1] );
Logger::Debug('Unknown token ' . $tokens[1]);
}
}
} // end foreach token
$cameras[] = $camera;
}
} // end foreach line
}
return( $cameras );
}
} // end if results from execOnvif
return $cameras;
} // end function probeCameras
function probeProfiles( $device_ep, $soapversion, $username, $password ) {
$profiles = array();
if ( $lines = @execONVIF( "profiles $device_ep $soapversion $username $password" ) ) {
foreach ( $lines as $line ) {
$line = rtrim( $line );
if ( preg_match( '|^(.+),\s*(.+),\s*(.+),\s*(.+),\s*(.+),\s*(.+),\s*(.+)\s*$|', $line, $matches ) ) {
if ( preg_match('|^(.+),\s*(.+),\s*(.+),\s*(.+),\s*(.+),\s*(.+),\s*(.+)\s*$|', $line, $matches) ) {
$stream_uri = $matches[7];
// add user@pass to URI
if ( preg_match( '|^(\S+://)(.+)$|', $stream_uri, $tokens ) ) {
if ( preg_match('|^(\S+://)(.+)$|', $stream_uri, $tokens) ) {
$stream_uri = $tokens[1].$username.':'.$password.'@'.$tokens[2];
}
@ -106,17 +106,15 @@ function probeProfiles( $device_ep, $soapversion, $username, $password ) {
'Profile' => $matches[1],
'Name' => $matches[2],
'Encoding' => $matches[3],
);
$profiles[] = $profile;
} else {
Logger::Debug("Line did not match preg: $line");
}
}
}
return( $profiles );
}
} // end foreach line
} // end if results from execONVIF
return $profiles;
} // end function probeProfiles
//==== STEP 1 ============================================================
@ -124,20 +122,20 @@ $focusWindow = true;
xhtmlHeaders(__FILE__, translate('MonitorProbe') );
if( !isset($_REQUEST['step']) || ($_REQUEST['step'] == "1")) {
if ( !isset($_REQUEST['step']) || ($_REQUEST['step'] == '1') ) {
$monitors = array();
foreach ( dbFetchAll( "select Id, Name, Host from Monitors where Type = 'Remote' order by Host" ) as $monitor ) {
if ( preg_match( '/^(.+)@(.+)$/', $monitor['Host'], $matches ) ) {
//echo "1: ".$matches[2]." = ".gethostbyname($matches[2])."<br/>";
$monitors[gethostbyname($matches[2])] = $monitor;
} else {
//echo "2: ".$monitor['Host']." = ".gethostbyname($monitor['Host'])."<br/>";
$monitors[gethostbyname($monitor['Host'])] = $monitor;
}
foreach ( dbFetchAll("SELECT Id, Name, Host FROM Monitors WHERE Type = 'Remote' ORDER BY Host") as $monitor ) {
if ( preg_match( '/^(.+)@(.+)$/', $monitor['Host'], $matches ) ) {
//echo "1: ".$matches[2]." = ".gethostbyname($matches[2])."<br/>";
$monitors[gethostbyname($matches[2])] = $monitor;
} else {
//echo "2: ".$monitor['Host']." = ".gethostbyname($monitor['Host'])."<br/>";
$monitors[gethostbyname($monitor['Host'])] = $monitor;
}
}
$detcameras = probeCameras( '' );
$detcameras = probeCameras('');
foreach ( $detcameras as $camera ) {
if ( preg_match( '|([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)|', $camera['monitor']['Host'], $matches ) ) {
$ip = $matches[1];
@ -157,13 +155,13 @@ if( !isset($_REQUEST['step']) || ($_REQUEST['step'] == "1")) {
}
*/
// $sourceDesc = htmlspecialchars(serialize($camera['monitor']));
$sourceDesc = base64_encode(serialize($camera['monitor']));
$sourceString = $camera['model'].' @ '.$host . ' using version ' . $camera['monitor']['SOAP'] ;
$cameras[$sourceDesc] = $sourceString;
$sourceDesc = base64_encode(json_encode($camera['monitor']));
$sourceString = $camera['model'].' @ '.$host . ' using version ' . $camera['monitor']['SOAP'] ;
$cameras[$sourceDesc] = $sourceString;
}
if ( count($cameras) <= 0 )
$cameras[0] = translate('NoDetectedCameras');
$cameras[0] = translate('NoDetectedCameras');
?>
<body>
@ -180,22 +178,23 @@ if( !isset($_REQUEST['step']) || ($_REQUEST['step'] == "1")) {
<?php echo translate('OnvifProbeIntro') ?>
</p>
<p>
<label for="probe"><?php echo translate('DetectedCameras') ?></label><?php echo buildSelect( "probe", $cameras, 'configureButtons( this )' ); ?>
<label for="probe"><?php echo translate('DetectedCameras') ?></label>
<?php echo htmlSelect('probe', $cameras, null, array('onchange'=>'configureButtons(this)')); ?>
</p>
<p>
<?php echo translate('OnvifCredentialsIntro') ?>
</p>
<p>
<label for="username"><?php echo translate('Username') ?></label>
<input type="text" name="username" value="" onChange="configureButtons( this )" />
<input type="text" name="username" value="" onChange="configureButtons(this)"/>
</p>
<p>
<label for="password"><?php echo translate('Password') ?></label>
<input type="password" name="password" value=""onChange="configureButtons( this )" />
<input type="password" name="password" value=""onChange="configureButtons(this)"/>
</p>
<div id="contentButtons">
<input type="button" value="<?php echo translate('Cancel') ?>" onclick="closeWindow()"/>
<input type="submit" name="nextBtn" value="<?php echo translate('Next') ?>" onclick="gotoStep2( this )" disabled="disabled"/>
<input type="submit" name="nextBtn" value="<?php echo translate('Next') ?>" onclick="gotoStep2(this)" disabled="disabled"/>
</div>
</form>
</div>
@ -205,44 +204,42 @@ if( !isset($_REQUEST['step']) || ($_REQUEST['step'] == "1")) {
<?php
//==== STEP 2 ============================================================
}
else if($_REQUEST['step'] == "2")
{
} else if($_REQUEST['step'] == '2') {
if ( empty($_REQUEST['probe']) )
Fatal("No probe passed in request. Please go back and try again.");
Fatal('No probe passed in request. Please go back and try again.');
#|| empty($_REQUEST['username']) ||
#empty($_REQUEST['password']) )
$probe = unserialize(base64_decode($_REQUEST['probe']));
$probe = json_decode(base64_decode($_REQUEST['probe']));
Logger::Debug(print_r($probe,true));
foreach ( $probe as $name=>$value ) {
if ( isset($value) ) {
$monitor[$name] = $value;
}
if ( isset($value) ) {
$monitor[$name] = $value;
}
}
$camera['monitor'] = $monitor;
//print $monitor['Host'].", ".$_REQUEST['username'].", ".$_REQUEST['password']."<br/>";
$detprofiles = probeProfiles( $monitor['Host'], $monitor['SOAP'], $_REQUEST['username'], $_REQUEST['password']);
$detprofiles = probeProfiles($monitor['Host'], $monitor['SOAP'], $_REQUEST['username'], $_REQUEST['password']);
foreach ( $detprofiles as $profile ) {
$monitor = $camera['monitor'];
$sourceString = "${profile['Name']} : ${profile['Encoding']}" .
" (${profile['Width']}x${profile['Height']} @ ${profile['MaxFPS']}fps)";
// copy technical details
$monitor['Width'] = $profile['Width'];
$monitor['Height'] = $profile['Height'];
// The maxfps fields do not work for ip streams. Can re-enable if that is fixed.
// $monitor['MaxFPS'] = $profile['MaxFPS'];
// $monitor['AlarmMaxFPS'] = $profile['AlarmMaxFPS'];
$monitor['Path'] = $profile['Path'];
// $sourceDesc = htmlspecialchars(serialize($monitor));
$sourceDesc = base64_encode(serialize($monitor));
$profiles[$sourceDesc] = $sourceString;
$monitor = $camera['monitor'];
$sourceString = "${profile['Name']} : ${profile['Encoding']}" .
" (${profile['Width']}x${profile['Height']} @ ${profile['MaxFPS']}fps)";
// copy technical details
$monitor['Width'] = $profile['Width'];
$monitor['Height'] = $profile['Height'];
// The maxfps fields do not work for ip streams. Can re-enable if that is fixed.
// $monitor['MaxFPS'] = $profile['MaxFPS'];
// $monitor['AlarmMaxFPS'] = $profile['AlarmMaxFPS'];
$monitor['Path'] = $profile['Path'];
$sourceDesc = base64_encode(json_encode($monitor));
$profiles[$sourceDesc] = $sourceString;
}
if ( count($profiles) <= 0 )
$profiles[0] = translate('NoDetectedProfiles');
$profiles[0] = translate('NoDetectedProfiles');
?>
<body>
@ -254,17 +251,18 @@ else if($_REQUEST['step'] == "2")
<form name="contentForm" id="contentForm" method="post" action="<?php echo $_SERVER['PHP_SELF'] ?>">
<input type="hidden" name="view" value="none"/>
<input type="hidden" name="mid" value="<?php echo validNum($_REQUEST['mid']) ?>"/>
<input type="hidden" name="step" value=""/>
<input type="hidden" name="step"/>
<p>
<?php echo translate('ProfileProbeIntro') ?>
</p>
<p>
<label for="probe"><?php echo translate('DetectedProfiles') ?></label><?php echo buildSelect( 'probe', $profiles, 'configureButtons( this )' ); ?>
<label for="probe"><?php echo translate('DetectedProfiles') ?></label>
<?php echo htmlSelect('probe', $profiles, null, array('onchange'=>'configureButtons(this)')); ?>
</p>
<div id="contentButtons">
<input type="button" name="prevBtn" value="<?php echo translate('Prev') ?>" onclick="gotoStep1( this )"/>
<input type="button" name="prevBtn" value="<?php echo translate('Prev') ?>" onclick="gotoStep1(this)"/>
<input type="button" value="<?php echo translate('Cancel') ?>" onclick="closeWindow()"/>
<input type="submit" name="saveBtn" value="<?php echo translate('Save') ?>" onclick="submitCamera( this )" disabled="disabled"/>
<input type="submit" name="saveBtn" value="<?php echo translate('Save') ?>" onclick="submitCamera(this)" disabled="disabled"/>
</div>
</form>
</div>
@ -272,5 +270,5 @@ else if($_REQUEST['step'] == "2")
</body>
</html>
<?php
}
} // end if step 1 or 2
?>

View File

@ -69,6 +69,7 @@ if ( empty($_REQUEST['path']) ) {
}
if ( !empty($_REQUEST['eid']) ) {
Logger::Debug("Loading by eid");
$Event = Event::find_one(array('Id'=>$_REQUEST['eid']));
if ( !$Event ) {
header('HTTP/1.0 404 Not Found');
@ -136,6 +137,7 @@ Logger::Debug("Got virtual frame from Bulk Frames previous delta: " . $previousB
}
// Frame can be non-existent. We have Bulk frames. So now we should try to load the bulk frame
$path = $Event->Path().'/'.sprintf('%0'.ZM_EVENT_IMAGE_DIGITS.'d',$Frame->FrameId()).'-'.$show.'.jpg';
Logger::Debug("Path: $path");
}
} else {
@ -225,12 +227,14 @@ if ( !empty($_REQUEST['scale']) ) {
$width = 0;
if ( !empty($_REQUEST['width']) ) {
Logger::Debug("Setting width: " . $_REQUEST['width']);
if ( is_numeric($_REQUEST['width']) ) {
$x = $_REQUEST['width'];
if ( $x >= 10 and $x <= 8000 )
$width = $x;
}
}
$height = 0;
if ( !empty($_REQUEST['height']) ) {
if ( is_numeric($_REQUEST['height']) ) {
@ -246,14 +250,12 @@ if ( $errorText ) {
# Clears the output buffer. Not sure what is there, but have had troubles.
ob_end_clean();
header('Content-type: image/jpeg');
if ( ( $scale==0 || $scale==100 ) && $width==0 && $height==0 ) {
if ( ( $scale==0 || $scale==100 ) && ($width==0) && ($height==0) ) {
# This is so that Save Image As give a useful filename
if ( $Event ) {
$filename = $Event->MonitorId().'_'.$Event->Id().'_'.$Frame->FrameId().'.jpg';
header('Content-Disposition: inline; filename="' . $filename . '"');
}
ob_clean();
flush();
if ( !readfile($path) ) {
Error('No bytes read from '. $path);
}
@ -271,6 +273,7 @@ if ( $errorText ) {
$width = ($height * $oldWidth) / $oldHeight;
} elseif ( $width != 0 && $height == 0 ) {
$height = ($width * $oldHeight) / $oldWidth;
Logger::Debug("Figuring out height using width: $height = ($width * $oldHeight) / $oldWidth");
}
if ( $width == $oldWidth && $height == $oldHeight ) {
Warning('No change to width despite scaling.');
@ -283,8 +286,6 @@ if ( $errorText ) {
$filename = $Event->MonitorId().'_'.$Event->Id().'_'.$Frame->FrameId()."-${width}x${height}.jpg";
header('Content-Disposition: inline; filename="' . $filename . '"');
}
//ob_clean();
//flush();
if ( !( file_exists($scaled_path) and readfile($scaled_path) ) ) {
Logger::Debug("Cached scaled image does not exist at $scaled_path or is no good.. Creating it");
ob_start();