ZaneYork
/
zoneminder
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'master' into fix_token_auth_sessions

This commit is contained in:
Isaac Connor 2019-08-15 16:22:09 -04:00
parent 7c54ac85a0 336f45219b
commit fdb66aaa72
4 changed files with 43 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
web/includes/Group.php
View File

@ -118,13 +118,13 @@ class Group extends ZM_Object {
if ( is_array($group_id) ) { if ( is_array($group_id) ) {
$group_id_sql_part = ' IN ('.implode(',', array_map(function(){return '?';}, $group_id ) ).')'; $group_id_sql_part = ' IN ('.implode(',', array_map(function(){return '?';}, $group_id ) ).')';
$MonitorIds = dbFetchAll('SELECT MonitorId FROM Groups_Monitors WHERE GroupId'.$group_id_sql_part, 'MonitorId', $group_id); $MonitorIds = dbFetchAll('SELECT `MonitorId` FROM `Groups_Monitors` WHERE `GroupId`'.$group_id_sql_part, 'MonitorId', $group_id);
$MonitorIds = array_merge($MonitorIds, dbFetchAll('SELECT MonitorId FROM Groups_Monitors WHERE GroupId IN (SELECT Id FROM Groups WHERE ParentId'.$group_id_sql_part.')', 'MonitorId', $group_id)); $MonitorIds = array_merge($MonitorIds, dbFetchAll('SELECT `MonitorId` FROM `Groups_Monitors` WHERE `GroupId` IN (SELECT `Id` FROM `Groups` WHERE `ParentId`'.$group_id_sql_part.')', 'MonitorId', $group_id));
} else { } else {
$MonitorIds = dbFetchAll('SELECT MonitorId FROM Groups_Monitors WHERE GroupId=?', 'MonitorId', array($group_id)); $MonitorIds = dbFetchAll('SELECT `MonitorId` FROM `Groups_Monitors` WHERE `GroupId`=?', 'MonitorId', array($group_id));
$MonitorIds = array_merge($MonitorIds, dbFetchAll('SELECT MonitorId FROM Groups_Monitors WHERE GroupId IN (SELECT Id FROM Groups WHERE ParentId = ?)', 'MonitorId', array($group_id))); $MonitorIds = array_merge($MonitorIds, dbFetchAll('SELECT `MonitorId` FROM `Groups_Monitors` WHERE `GroupId` IN (SELECT `Id` FROM `Groups` WHERE `ParentId` = ?)', 'MonitorId', array($group_id)));
} }
$groupSql = " find_in_set( M.Id, '".implode(',', $MonitorIds)."' )"; $groupSql = " find_in_set( M.Id, '".implode(',', $MonitorIds)."' )";
} }
@ -132,17 +132,17 @@ class Group extends ZM_Object {
} # end public static function get_group_sql( $group_id ) } # end public static function get_group_sql( $group_id )
public static function get_monitors_dropdown($options = null) { public static function get_monitors_dropdown($options = null) {
$monitor_id = 0; $monitor_id = 0;
if ( isset($_REQUEST['monitor_id']) ) { if ( isset($_REQUEST['monitor_id']) ) {
$monitor_id = $_REQUEST['monitor_id']; $monitor_id = $_REQUEST['monitor_id'];
} else if ( isset($_COOKIE['zmMonitorId']) ) { } else if ( isset($_COOKIE['zmMonitorId']) ) {
$monitor_id = $_COOKIE['zmMonitorId']; $monitor_id = $_COOKIE['zmMonitorId'];
} }
$sql = 'SELECT * FROM Monitors'; $sql = 'SELECT `Id`,`Name` FROM `Monitors`';
if ( $options ) { if ( $options ) {
$sql .= ' WHERE '. implode(' AND ', array( $sql .= ' WHERE '. implode(' AND ', array(
( isset($options['groupSql']) ? $options['groupSql']:'') ( isset($options['groupSql']) ? $options['groupSql']:'')
) ).' ORDER BY Sequence ASC'; ) ).' ORDER BY `Sequence` ASC';
} }
$monitors_dropdown = array(''=>'All'); $monitors_dropdown = array(''=>'All');
@ -153,7 +153,7 @@ class Group extends ZM_Object {
$monitors_dropdown[$monitor['Id']] = $monitor['Name']; $monitors_dropdown[$monitor['Id']] = $monitor['Name'];
} }
echo htmlSelect('monitor_id', $monitors_dropdown, $monitor_id, array('onchange'=>'changeMonitor(this);')); echo htmlSelect('monitor_id', $monitors_dropdown, $monitor_id, array('data-on-change-this'=>'changeMonitor'));
return $monitor_id; return $monitor_id;
} }

42
web/includes/Object.php
View File

@ -8,16 +8,11 @@ class ZM_Object {
public function __construct($IdOrRow = NULL) { public function __construct($IdOrRow = NULL) {
$class = get_class($this); $class = get_class($this);
global $object_cache;
if ( ! isset($object_cache[$class]) )
$object_cache[$class] = array();
$cache = $object_cache[$class];
$table = $class::$table;
$row = NULL; $row = NULL;
if ( $IdOrRow ) { if ( $IdOrRow ) {
if ( is_integer($IdOrRow) or ctype_digit($IdOrRow) ) { if ( is_integer($IdOrRow) or ctype_digit($IdOrRow) ) {
$table = $class::$table;
$row = dbFetchOne("SELECT * FROM `$table` WHERE `Id`=?", NULL, array($IdOrRow)); $row = dbFetchOne("SELECT * FROM `$table` WHERE `Id`=?", NULL, array($IdOrRow));
if ( !$row ) { if ( !$row ) {
Error("Unable to load $class record for Id=$IdOrRow"); Error("Unable to load $class record for Id=$IdOrRow");
@ -25,17 +20,24 @@ class ZM_Object {
} elseif ( is_array($IdOrRow) ) { } elseif ( is_array($IdOrRow) ) {
$row = $IdOrRow; $row = $IdOrRow;
} }
} # end if isset($IdOrRow)
if ( $row ) { if ( $row ) {
foreach ($row as $k => $v) { global $object_cache;
$this->{$k} = $v; if ( ! isset($object_cache[$class]) ) {
$object_cache[$class] = array();
}
$cache = &$object_cache[$class];
foreach ($row as $k => $v) {
$this->{$k} = $v;
}
$cache[$row['Id']] = $this;
} }
$cache[$row['Id']] = $this;
} else { } else {
# Set defaults # Set defaults
foreach ( $this->defaults as $k => $v ) $this->{$k} = $v; foreach ( $this->defaults as $k => $v ) $this->{$k} = $v;
} } # end if isset($IdOrRow)
} } # end function __construct
public function __call($fn, array $args){ public function __call($fn, array $args){
if ( count($args) ) { if ( count($args) ) {
@ -48,7 +50,7 @@ class ZM_Object {
return $this->defaults{$fn}; return $this->defaults{$fn};
} else { } else {
$backTrace = debug_backtrace(); $backTrace = debug_backtrace();
Warning("Unknown function call Sensor->$fn from ".print_r($backTrace,true)); Warning("Unknown function call Object->$fn from ".print_r($backTrace,true));
} }
} }
} }
@ -98,13 +100,13 @@ class ZM_Object {
} }
} }
return $results; return $results;
} # end public function find() } # end public function _find()
public static function _find_one($class, $parameters = array(), $options = array() ) { public static function _find_one($class, $parameters = array(), $options = array() ) {
global $object_cache; global $object_cache;
if ( ! isset($object_cache[$class]) ) if ( ! isset($object_cache[$class]) )
$object_cache[$class] = array(); $object_cache[$class] = array();
$cache = $object_cache[$class]; $cache = &$object_cache[$class];
if ( if (
( count($parameters) == 1 ) and ( count($parameters) == 1 ) and
isset($parameters['Id']) and isset($parameters['Id']) and
@ -162,7 +164,7 @@ class ZM_Object {
} else if ( is_null($v) ) { } else if ( is_null($v) ) {
$this->{$k} = $v; $this->{$k} = $v;
} else { } else {
Error( "Unknown type $k => $v of var " . gettype( $v ) ); Error("Unknown type $k => $v of var " . gettype($v));
$this->{$k} = $v; $this->{$k} = $v;
} }
} # end if method_exists } # end if method_exists
@ -175,7 +177,7 @@ class ZM_Object {
if ( method_exists($this, $field) ) { if ( method_exists($this, $field) ) {
$old_value = $this->$field(); $old_value = $this->$field();
Logger::Debug("Checking method $field () ".print_r($old_value,true)." => " . print_r($value,true)); Logger::Debug("Checking method $field () ".print_r($old_value,true).' => ' . print_r($value,true));
if ( is_array($old_value) ) { if ( is_array($old_value) ) {
$diff = array_recursive_diff($old_value, $value); $diff = array_recursive_diff($old_value, $value);
Logger::Debug("Checking method $field () diff is".print_r($diff,true)); Logger::Debug("Checking method $field () diff is".print_r($diff,true));
@ -186,13 +188,13 @@ class ZM_Object {
$changes[$field] = $value; $changes[$field] = $value;
} }
} else if ( array_key_exists($field, $this) ) { } else if ( array_key_exists($field, $this) ) {
Logger::Debug("Checking field $field => ".$this->{$field} . " ?= " .$value); Logger::Debug("Checking field $field => ".$this->{$field} . ' ?= ' .$value);
if ( $this->{$field} != $value ) { if ( $this->{$field} != $value ) {
$changes[$field] = $value; $changes[$field] = $value;
} }
} else if ( array_key_exists($field, $this->defaults) ) { } else if ( array_key_exists($field, $this->defaults) ) {
Logger::Debug("Checking default $field => ".$this->defaults[$field] . " " .$value); Logger::Debug("Checking default $field => ".$this->defaults[$field] . ' ' .$value);
if ( $this->defaults[$field] != $value ) { if ( $this->defaults[$field] != $value ) {
$changes[$field] = $value; $changes[$field] = $value;
} }

4
web/includes/functions.php
View File

@ -2400,13 +2400,13 @@ function check_timezone() {
#"); #");
if ( $sys_tzoffset != $php_tzoffset ) if ( $sys_tzoffset != $php_tzoffset )
ZM\Fatal("ZoneMinder is not installed properly: php's date.timezone does not match the system timezone!"); ZM\Error("ZoneMinder is not installed properly: php's date.timezone does not match the system timezone!");
if ( $sys_tzoffset != $mysql_tzoffset ) if ( $sys_tzoffset != $mysql_tzoffset )
ZM\Error("ZoneMinder is not installed properly: mysql's timezone does not match the system timezone! Event lists will display incorrect times."); ZM\Error("ZoneMinder is not installed properly: mysql's timezone does not match the system timezone! Event lists will display incorrect times.");
if (!ini_get('date.timezone') || !date_default_timezone_set(ini_get('date.timezone'))) if (!ini_get('date.timezone') || !date_default_timezone_set(ini_get('date.timezone')))
ZM\Fatal( "ZoneMinder is not installed properly: php's date.timezone is not set to a valid timezone" ); ZM\Error("ZoneMinder is not installed properly: php's date.timezone is not set to a valid timezone");
} }

8
web/index.php
View File

@ -77,8 +77,6 @@ if ( $_SERVER['REQUEST_METHOD'] == 'OPTIONS' ) {
return; return;
} }
// Verify the system, php, and mysql timezones all match
check_timezone();
if ( isset($_GET['skin']) ) { if ( isset($_GET['skin']) ) {
$skin = $_GET['skin']; $skin = $_GET['skin'];
@ -170,6 +168,7 @@ $user = null;
if ( isset($_REQUEST['view']) ) if ( isset($_REQUEST['view']) )
$view = detaintPath($_REQUEST['view']); $view = detaintPath($_REQUEST['view']);
# Add CSP Headers # Add CSP Headers
$cspNonce = bin2hex(openssl_random_pseudo_bytes(16)); $cspNonce = bin2hex(openssl_random_pseudo_bytes(16));
@ -191,6 +190,11 @@ isset($view) || $view = NULL;
isset($request) || $request = NULL; isset($request) || $request = NULL;
isset($action) || $action = NULL; isset($action) || $action = NULL;
if ( (!$view and !$request) or ($view == 'console') ) {
// Verify the system, php, and mysql timezones all match
check_timezone();
}
ZM\Logger::Debug("View: $view Request: $request Action: $action User: " . ( isset($user) ? $user['Username'] : 'none' )); ZM\Logger::Debug("View: $view Request: $request Action: $action User: " . ( isset($user) ? $user['Username'] : 'none' ));
if ( if (
ZM_ENABLE_CSRF_MAGIC && ZM_ENABLE_CSRF_MAGIC &&