use eid= & fid= instead of path to frame image. The use of view=image also provides more security.
This commit is contained in:
parent
235095ed5f
commit
df8964c1f9
|
@ -24,6 +24,8 @@ if ( !canView( 'Events' ) )
|
|||
return;
|
||||
}
|
||||
|
||||
require_once('includes/Frame.php');
|
||||
|
||||
$eid = validInt($_REQUEST['eid']);
|
||||
if ( !empty($_REQUEST['fid']) )
|
||||
$fid = validInt($_REQUEST['fid']);
|
||||
|
@ -38,52 +40,57 @@ if ( !empty($fid) ) {
|
|||
} else {
|
||||
$frame = dbFetchOne( 'SELECT * FROM Frames WHERE EventId = ? AND Score = ?', NULL, array( $eid, $event['MaxScore'] ) );
|
||||
}
|
||||
$frame = new Frame( $frame );
|
||||
|
||||
$maxFid = $event['Frames'];
|
||||
|
||||
$firstFid = 1;
|
||||
$prevFid = $frame['FrameId']-1;
|
||||
$nextFid = $frame['FrameId']+1;
|
||||
$prevFid = $frame->FrameId()-1;
|
||||
$nextFid = $frame->FrameId()+1;
|
||||
$lastFid = $maxFid;
|
||||
|
||||
$alarmFrame = $frame['Type']=='Alarm';
|
||||
$alarmFrame = $frame->Type()=='Alarm';
|
||||
|
||||
if ( isset( $_REQUEST['scale'] ) )
|
||||
$scale = validInt($_REQUEST['scale']);
|
||||
else
|
||||
$scale = max( reScale( SCALE_BASE, $event['DefaultScale'], ZM_WEB_DEFAULT_SCALE ), SCALE_BASE );
|
||||
|
||||
$imageData = getImageSrc( $event, $frame, $scale, (isset($_REQUEST['show']) && $_REQUEST['show']=="capt") );
|
||||
$imageData = getImageSrc( $event, $frame->FrameId(), $scale, (isset($_REQUEST['show']) && $_REQUEST['show']=="capt") );
|
||||
|
||||
$imagePath = $imageData['thumbPath'];
|
||||
$eventPath = $imageData['eventPath'];
|
||||
$dImagePath = sprintf( "%s/%0".ZM_EVENT_IMAGE_DIGITS."d-diag-d.jpg", $eventPath, $frame['FrameId'] );
|
||||
$rImagePath = sprintf( "%s/%0".ZM_EVENT_IMAGE_DIGITS."d-diag-r.jpg", $eventPath, $frame['FrameId'] );
|
||||
$dImagePath = sprintf( "%s/%0".ZM_EVENT_IMAGE_DIGITS."d-diag-d.jpg", $eventPath, $frame->FrameId() );
|
||||
$rImagePath = sprintf( "%s/%0".ZM_EVENT_IMAGE_DIGITS."d-diag-r.jpg", $eventPath, $frame->FrameId() );
|
||||
|
||||
$focusWindow = true;
|
||||
|
||||
xhtmlHeaders(__FILE__, translate('Frame')." - ".$event['Id']." - ".$frame['FrameId'] );
|
||||
xhtmlHeaders(__FILE__, translate('Frame')." - ".$event['Id']." - ".$frame->FrameId() );
|
||||
?>
|
||||
<body>
|
||||
<div id="page">
|
||||
<div id="header">
|
||||
<div id="headerButtons">
|
||||
<?php if ( ZM_RECORD_EVENT_STATS && $alarmFrame ) { echo makePopupLink( '?view=stats&eid='.$event['Id'].'&fid='.$frame['FrameId'], 'zmStats', 'stats', translate('Stats') ); } ?>
|
||||
<?php if ( ZM_RECORD_EVENT_STATS && $alarmFrame ) { echo makePopupLink( '?view=stats&eid='.$event['Id'].'&fid='.$frame->FrameId(), 'zmStats', 'stats', translate('Stats') ); } ?>
|
||||
<?php if ( canEdit( 'Events' ) ) { ?><a href="?view=none&action=delete&markEid=<?php echo $event['Id'] ?>"><?php echo translate('Delete') ?></a><?php } ?>
|
||||
<a href="#" onclick="closeWindow(); return( false );"><?php echo translate('Close') ?></a>
|
||||
</div>
|
||||
<h2><?php echo translate('Frame') ?> <?php echo $event['Id']."-".$frame['FrameId']." (".$frame['Score'].")" ?></h2>
|
||||
<h2><?php echo translate('Frame') ?> <?php echo $event['Id']."-".$frame->FrameId()." (".$frame->Score().")" ?></h2>
|
||||
</div>
|
||||
<div id="content">
|
||||
<p id="image"><?php if ( $imageData['hasAnalImage'] ) { ?><a href="?view=frame&eid=<?php echo $event['Id'] ?>&fid=<?php echo $frame['FrameId'] ?>&scale=<?php echo $scale ?>&show=<?php echo $imageData['isAnalImage']?"capt":"anal" ?>"><?php } ?><img src="<?php echo viewImagePath( $imagePath ) ?>" width="<?php echo reScale( $event['Width'], $event['DefaultScale'], $scale ) ?>" height="<?php echo reScale( $event['Height'], $event['DefaultScale'], $scale ) ?>" alt="<?php echo $frame['EventId']."-".$frame['FrameId'] ?>" class="<?php echo $imageData['imageClass'] ?>"/><?php if ( $imageData['hasAnalImage'] ) { ?></a><?php } ?></p>
|
||||
<p id="image">
|
||||
<?php if ( $imageData['hasAnalImage'] ) { ?><a href="?view=frame&eid=<?php echo $event['Id'] ?>&fid=<?php echo $frame->FrameId() ?>&scale=<?php echo $scale ?>&show=<?php echo $imageData['isAnalImage']?"capt":"anal" ?>"><?php } ?>
|
||||
<img src="<?php echo $frame->getImageSrc() ?>" width="<?php echo reScale( $event['Width'], $event['DefaultScale'], $scale ) ?>" height="<?php echo reScale( $event['Height'], $event['DefaultScale'], $scale ) ?>" alt="<?php echo $frame->EventId()."-".$frame->FrameId() ?>" class="<?php echo $imageData['imageClass'] ?>"/>
|
||||
<?php if ( $imageData['hasAnalImage'] ) { ?></a><?php } ?>
|
||||
|
||||
<p id="controls">
|
||||
<?php if ( $frame['FrameId'] > 1 ) { ?>
|
||||
<?php if ( $frame->FrameId() > 1 ) { ?>
|
||||
<a id="firstLink" href="?view=frame&eid=<?php echo $event['Id'] ?>&fid=<?php echo $firstFid ?>&scale=<?php echo $scale ?>"><?php echo translate('First') ?></a>
|
||||
<?php } if ( $frame['FrameId'] > 1 ) { ?>
|
||||
<?php } if ( $frame->FrameId() > 1 ) { ?>
|
||||
<a id="prevLink" href="?view=frame&eid=<?php echo $event['Id'] ?>&fid=<?php echo $prevFid ?>&scale=<?php echo $scale ?>"><?php echo translate('Prev') ?></a>
|
||||
<?php } if ( $frame['FrameId'] < $maxFid ) { ?>
|
||||
<?php } if ( $frame->FrameId() < $maxFid ) { ?>
|
||||
<a id="nextLink" href="?view=frame&eid=<?php echo $event['Id'] ?>&fid=<?php echo $nextFid ?>&scale=<?php echo $scale ?>"><?php echo translate('Next') ?></a>
|
||||
<?php } if ( $frame['FrameId'] < $maxFid ) { ?>
|
||||
<?php } if ( $frame->FrameId() < $maxFid ) { ?>
|
||||
<a id="lastLink" href="?view=frame&eid=<?php echo $event['Id'] ?>&fid=<?php echo $lastFid ?>&scale=<?php echo $scale ?>"><?php echo translate('Last') ?></a>
|
||||
<?php } ?>
|
||||
</p>
|
||||
|
|
Loading…
Reference in New Issue