Andrew Bauer
7e0ac4b239
Merge pull request #1780 from connortechnology/fix_1775
...
use escapeshellarg on inputs to daemonControl and other functions
2017-03-16 09:27:04 -05:00
Isaac Connor
5bccd92b68
fix scoping of scale var
2017-03-16 09:53:53 -04:00
Isaac Connor
9f99d34807
fix calls to getStreamHTML
2017-03-13 14:22:33 -04:00
Isaac Connor
14c4a156c6
set img.src='' first so that Chrome closes the old stream.
2017-03-06 20:21:12 -05:00
Isaac Connor
4df12ae370
Merge branch 'montage_width_height' of github.com:ConnorTechnology/ZoneMinder into montage_width_height
2017-03-06 17:30:00 -05:00
Isaac Connor
d3f7451736
Merge branch 'storageareas' into montage_width_height
2017-03-06 16:56:18 -05:00
Isaac Connor
fdcb93eacc
Merge branch 'master' into storageareas
2017-03-06 16:22:28 -05:00
Isaac Connor
ebafc62b51
Must reopen the session so we can generate an auth hash
2017-03-01 15:27:42 -05:00
Isaac Connor
4fc0aead70
wip
2017-03-01 15:26:40 -05:00
Isaac Connor
c4caa9a631
convert arguments from an array of strong to a hash and use http_build_query
2017-02-27 21:48:08 -05:00
Isaac Connor
c3a52272d8
implement changeWidth, changeHeight and alter getStreamHTML to take an array of options
2017-02-27 20:56:14 -05:00
Isaac Connor
a0dd36d869
add width and height scale dropdowns
2017-02-27 16:40:40 -05:00
Andy Bauer
8759e2bdb4
prevent divide by zero, make error messages more descriptive
2017-02-21 13:10:41 -06:00
Andy Bauer
27ca8d8674
use === operator in getDiskPercent function
2017-02-21 12:33:05 -06:00
Isaac Connor
186e5ba866
Merge branch 'master' into storageareas
2017-02-21 09:48:00 -05:00
Isaac Connor
971c70f540
Merge pull request #1793 from mnoorenberghe/api_debug_default
...
Reduce the default API debug level
2017-02-20 21:44:48 -05:00
Matthew Noorenberghe
df4739826b
Reduce the default API debug level
2017-02-18 23:06:53 -08:00
Manojav Sridhar
f50c0e2096
fix missing isset check, caused number of Undefined Property warnings
2017-02-18 11:15:43 -05:00
Manojav Sridhar
11b90e6011
fix usage of wrong key
2017-02-17 12:37:58 -05:00
Isaac Connor
980b088d57
google style and add label tags around Scale
2017-02-17 09:19:54 -05:00
Isaac Connor
2bf4b5ad1a
use escapeshellarg on inputs to daemonControl and other functions where exec is called
2017-02-15 09:45:25 -05:00
Isaac Connor
d135216ac7
Merge branch 'master' into storageareas
2017-02-15 09:30:35 -05:00
Isaac Connor
aeedfe8d74
fix some whitespacing
2017-02-14 09:11:54 -05:00
SteveGilvarry
b791504598
Wording of help text fixes
2017-02-06 08:01:04 +11:00
SteveGilvarry
9716c4ef89
Add Option help
2017-02-05 18:43:47 +11:00
SteveGilvarry
c72704bf0b
Change descriptions for ffmpeg methods and put TCP first.
2017-02-05 15:34:06 +11:00
Kyle Johnson
5804cd2462
Merge pull request #2 from connortechnology/fix_sql_injection
...
Sanitize input parameters
2017-02-04 15:05:54 -07:00
Andrew Bauer
c5906a5d4f
Merge pull request #6 from connortechnology/log_xss_fixes2
...
Log xss fixes2
2017-02-04 16:05:43 -06:00
Kyle Johnson
6b3a53ec0f
Tell PDO to use real prepared statements.
...
This makes sure the statement and the values aren't
parsed by PHP before sending it to the MySQL server.
See https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php
and https://secure.php.net/manual/en/pdo.setattribute.php
2017-02-04 14:59:33 -07:00
Isaac Connor
e3edbf40cf
make url full width
2017-02-02 12:16:40 -05:00
Isaac Connor
7b73eb350f
update to current.
2017-02-02 12:15:16 -05:00
Isaac Connor
d8c79cb750
fixup header and sidebar layout
2017-02-02 11:31:16 -05:00
Isaac Connor
cee05a1bb7
fix merge problem
2017-02-02 09:21:49 -05:00
Isaac Connor
9135da92ed
fix typo fileFields => filterFields
2017-01-31 21:33:43 -05:00
Isaac Connor
6f6eacaa72
fixup classic and dark skins
2017-01-30 21:45:48 -05:00
Isaac Connor
89022fff0c
Merge branch 'storageareas' of github.com:ConnorTechnology/ZoneMinder into storageareas
2017-01-30 21:16:26 -05:00
Isaac Connor
f3378207c0
make navbar static instead of fixed, sync up dark theme, and improve storage editing styles
2017-01-30 21:16:21 -05:00
Isaac Connor
ad2e00166a
use isset
2017-01-30 19:53:08 -05:00
Isaac Connor
4543b3e1b1
include jquery-ui instead of using a cdn version
2017-01-30 19:17:14 -05:00
Isaac Connor
19aed3f860
dont check ZM_DIR_EVENTS if it already exists in storageareas
2017-01-30 17:29:15 -05:00
Isaac Connor
9fd9c5de20
test for empty and non-existent path
2017-01-30 17:24:41 -05:00
Isaac Connor
fda115bebe
tell zmc and zma to stop before updating db
2017-01-30 16:37:53 -05:00
Isaac Connor
3437f23e8a
Merge branch 'master' into fix_sql_injection
2017-01-28 14:33:49 -05:00
Isaac Connor
41dab0750e
turn whatever gets output into html escaped html so that nothing gets revealed
2017-01-27 21:30:22 -05:00
Isaac Connor
a8d1450adf
Merge branch 'master' into fix_sql_injection
2017-01-27 17:18:34 -05:00
Kyle Johnson
746a096483
Merge branch 'master' of github.com:ZoneMinder/ZoneMinder
2017-01-27 15:16:33 -07:00
Isaac Connor
c1e05753d6
Merge branch 'master' of github.com:ZoneMinder/ZoneMinder-Pro
2017-01-27 17:12:46 -05:00
Isaac Connor
7ab6818fa0
Merge branch 'sanitize_image_path' of https://github.com/knnniggett/ZoneMinder into storageareas_sanitize
2017-01-25 17:14:30 -05:00
Andrew Bauer
dbd73690b2
use !== false rather than === true
2017-01-25 09:26:07 -06:00
Andrew Bauer
6189d2670c
ZM_DIR_EVENTS can be, and often is, a symlink
2017-01-25 09:05:34 -06:00
Andrew Bauer
8b19fca992
sanitize the image path before processing
2017-01-25 08:30:19 -06:00
Isaac Connor
129acb5b8e
only show mark column if you have the Monitor Edit ability
2017-01-24 09:30:56 -05:00
Isaac Connor
5b598fe90d
cleanup and use cleaned up monitor_id
2017-01-23 21:51:38 -05:00
Isaac Connor
7cd2f6c69e
use glyphicon for sort
2017-01-23 21:51:17 -05:00
Isaac Connor
bb3d47ab45
get rid of mapping
2017-01-23 21:34:06 -05:00
Isaac Connor
e937b4099b
add an ajax file for console to do sorting
2017-01-23 10:13:16 -05:00
Isaac Connor
fdd71a826a
implement dragndrop sorting
2017-01-23 10:12:57 -05:00
Isaac Connor
35148008b6
make img an inline-block so that it continues having space, even when is a broken link
2017-01-18 21:14:15 -05:00
Isaac Connor
8ce7719a33
remove extra db call cuz i sredundant
2017-01-18 21:12:54 -05:00
Isaac Connor
899b1b82b9
Merge branch 'filter_by_runstate' into storageareas
2017-01-14 17:07:20 -05:00
Isaac Connor
242e5a56d8
rough in the ability to filter on RunState
2017-01-14 16:55:28 -05:00
Isaac Connor
2ce4bad39b
fix Event being undefined when called by path
2017-01-13 14:42:10 -05:00
Kyle Johnson
0e7794f2a7
Merge pull request #1 from connortechnology/cookie_http_only
...
set http_only flag in cookie settings
2017-01-12 09:25:36 -07:00
Isaac Connor
16fdac3179
fix remSocketFile to remSockFile
2017-01-11 11:14:00 -05:00
Isaac Connor
2436e40f5d
Merge branch 'master' into storageareas
2017-01-11 10:34:27 -05:00
Andy Bauer
7ef7a36f39
fix conditional logic in controlcap.js
2017-01-10 17:53:05 -06:00
Isaac Connor
3074263e06
Merge branch 'control_fixes' into storageareas
2017-01-10 12:54:46 -05:00
Isaac Connor
55403219d8
fix regexp for direction in control command. Also log if the regexp doesn't match
2017-01-10 12:35:38 -05:00
Isaac Connor
fea5fa1b59
fix xtell should be -1 for move left
2017-01-10 12:35:02 -05:00
Isaac Connor
d8b8d78576
Fix storagearea lookup. Default to ZM_EVENTS_DIR
2017-01-09 16:35:58 -05:00
Isaac Connor
03fd964518
fix parsing StorageID
2017-01-09 14:59:14 -05:00
Isaac Connor
7ef0c2c9d3
fix deleting filters. We don't need to set fid anymore
2017-01-09 14:58:55 -05:00
Isaac Connor
cc724a5542
add a question mark to delete confirmation
2017-01-09 14:53:13 -05:00
Isaac Connor
84183c819c
Merge branch 'master' into storageareas
2017-01-03 09:53:09 -05:00
Isaac Connor
b4bddee337
Merge branch 'master' into improve_filter
2017-01-03 08:49:56 -05:00
Isaac Connor
0a90dbac9f
require Event.php and clean up use of object vs db row array. Use newer way of using views/image.php by passing eid and frameid instead of a path.
2017-01-02 10:35:51 -05:00
Isaac Connor
30674919c4
always include Storage object, because in the end we will be using it everywhere
2017-01-02 10:34:45 -05:00
Isaac Connor
f6ea52280a
Update Event object to @iconnor's latest which brings us a createListThumbnail function copied from includes/functions
2017-01-02 10:34:15 -05:00
Andrew Bauer
b063d8d6aa
Merge pull request #1728 from connortechnology/path_zms_message
...
Path zms message
2017-01-02 08:54:32 -06:00
Isaac Connor
5ae34a7561
Merge branch 'master' into storageareas
2017-01-02 09:39:10 -05:00
Isaac Connor
ef71ae248c
fix ramSocketFile to remSocketFile
2017-01-02 09:31:26 -05:00
Isaac Connor
d97926c478
fix ramSocketFile to remSocketFile
2017-01-02 09:31:06 -05:00
klemens
0d549f1db3
spelling fixes
2016-12-29 10:31:05 +01:00
Andy Bauer
25ab1bee18
more fixed to gpl license text
2016-12-26 10:40:09 -06:00
Andy Bauer
2dda2d9e1e
remove unneeded, empty files
2016-12-26 09:49:14 -06:00
Andy Bauer
254fcbcef7
update gpl 2 mailing address in source files
2016-12-26 09:23:16 -06:00
Isaac Connor
0f4b78b180
increase height of bandwidth popup
2016-12-21 10:46:42 -05:00
Isaac Connor
f92edc3456
refresh stream url when changing scale
2016-12-21 10:40:47 -05:00
Isaac Connor
02a2fdf58f
Merge branch 'remove_emptys' into storageareas
2016-12-20 16:40:42 -05:00
Isaac Connor
38c0cedecc
remove the use of empty which on php < 5.5 only supports variables.
2016-12-20 16:37:42 -05:00
Isaac Connor
c27d0270dc
Merge branch 'knnniggett-zmMemDetach' into storageareas
2016-12-20 15:40:14 -05:00
Isaac Connor
752f0eb40b
Merge branch 'master' into improve_filter
2016-12-20 11:43:02 -05:00
Andrew Bauer
68a24040ab
Merge pull request #1710 from connortechnology/path_zms_message
...
replace the old socket_sendto error message with something more useful
2016-12-20 10:30:35 -06:00
Isaac Connor
8b726996f7
FAQ fixes, more text about zms problems in it, and adjust the socket_sendto error message to point to the FAQ entry that is relevant.
2016-12-19 21:36:39 -05:00
Isaac Connor
fe3f3d91ce
replace the old socket_sendto error message with something more useful so that people stop asking us how to fix it.
2016-12-16 09:12:27 -05:00
Isaac Connor
794043cbe9
On successful login, tell php to regenerate the session id
2016-12-14 15:06:18 -05:00
Isaac Connor
ad157cf21c
fix tabs
2016-12-14 14:56:54 -05:00
Isaac Connor
69c39f8a23
set http_only flag in cookie settings
2016-12-14 14:39:44 -05:00
Isaac Connor
87e8f91868
Merge branch 'storageareas' of github.com:connortechnology/ZoneMinder into storageareas
2016-12-13 15:06:07 -05:00
Isaac Connor
708f52beda
Merge branch 'disk_space_in_events' into storageareas
2016-12-13 13:36:18 -05:00
Isaac Connor
a9548d3f6b
Add a config entry to turn event disk space on/off
2016-12-13 13:34:56 -05:00
Isaac Connor
30ec67d4c3
Merge branch 'master' into disk_space_in_events
2016-12-13 13:28:32 -05:00
Isaac Connor
821f9f8e6e
Merge branch 'fix_sql_injection' into storageareas
2016-12-08 15:58:10 -05:00
Isaac Connor
b5e4c94682
test for integer string as well
2016-12-08 15:58:00 -05:00
Isaac Connor
4fa24dcda4
Merge branch 'fix_sql_injection' into storageareas
2016-12-08 15:53:46 -05:00
Isaac Connor
7c84e2417d
remove extra ?
2016-12-08 15:53:38 -05:00
Isaac Connor
f68c73b4a8
Merge branch 'fix_sql_injection' into storageareas
2016-12-08 15:52:52 -05:00
Isaac Connor
08370b010e
Merge branch 'log_xss_fixes' into storageareas
2016-12-08 15:52:37 -05:00
Isaac Connor
42fdd1fbe9
Use htmlentities on the error message when dying because the string will be sent to the browser and if it includes scripts they will be run.
2016-12-08 15:52:21 -05:00
Isaac Connor
c8009baf3f
fix missing ; and test for integer string in limit
2016-12-08 15:46:42 -05:00
Isaac Connor
acbc5bc9e3
Merge branch 'cookie_http_only' into storageareas
2016-12-08 15:20:54 -05:00
Isaac Connor
772792a1b9
remove extra ,
2016-12-08 15:20:43 -05:00
Isaac Connor
ced701f56f
Merge branch 'fix_sql_injection' into storageareas
2016-12-08 14:58:50 -05:00
Isaac Connor
7f2bf04c2f
Merge branch 'cookie_http_only' into storageareas
2016-12-08 14:26:13 -05:00
Isaac Connor
20793ee822
set httpOnly to true on cookie creation. This will override whatever is in php.ini
2016-12-08 14:25:29 -05:00
Isaac Connor
d600eb0e8b
Merge branch 'master' into fix_sql_injection
2016-12-08 13:39:04 -05:00
Isaac Connor
e7d0861530
check limit for a valid integer and complain if not.
2016-12-08 13:37:23 -05:00
Isaac Connor
587fd16aa6
Add testing for limit, sortField and all the filters to ensure that they are valid.
2016-12-08 13:31:44 -05:00
Isaac Connor
857b4e8345
Merge branch 'master' into improve_filter
2016-12-06 11:58:41 -05:00
Bernardus Jansen
986567839e
Additional minor changes
2016-12-02 10:08:49 +01:00
Bernardus Jansen
e27639f599
Updated dutch translation
2016-12-02 09:49:50 +01:00
Isaac Connor
9e5f52a0ae
fix MonitorId is part of event, not frame
2016-11-29 15:25:51 -05:00
Isaac Connor
2adb17ad90
fix type
2016-11-29 15:25:24 -05:00
Isaac Connor
c2d6b3d809
fix auth
2016-11-29 15:25:10 -05:00
Isaac Connor
f9af1e7129
put authorized check back after including actions.php where it needs to go
2016-11-28 11:34:46 -05:00
Isaac Connor
be5b4691da
check for isset of SESSION['username'] instead of just assuming it exists
2016-11-22 15:35:07 -05:00
Isaac Connor
9312eed17f
Merge branch 'master' into disk_space_in_events
2016-11-22 10:58:24 -05:00
Isaac Connor
02cd3e8cba
Merge branch 'master' into small_fixes
2016-11-22 10:52:07 -05:00
Isaac Connor
6bf921a858
Add thumbnanils to the frames view. Also add a content-disposition header and some url mangling to help browsers give a useful filename when doing Save Image As
2016-11-21 12:28:15 -05:00
Isaac Connor
4fe6b6f8b7
set a min width so that small images or fps updates don't cause a reflow
2016-11-21 11:39:31 -05:00
Isaac Connor
c360e27b02
Merge branch 'master' of github.com:ZoneMinder/ZoneMinder into storageareas
2016-11-17 13:13:47 -05:00
Isaac Connor
bb6b0c2d49
Merge branch 'master' of github.com:ZoneMinder/ZoneMinder into improve_filter
2016-11-17 12:16:49 -05:00
Kyle Johnson
4eb5ff7aff
Fix Undefined index: loginFailed. Resolves #1684
2016-11-16 19:42:04 -07:00
Isaac Connor
2bd080a6a6
Merge branch 'master' into storageareas
2016-11-15 08:41:00 -05:00
Isaac Connor
8f71971209
Show error message upon unsuccessful login. Fixes #1648 ( #1680 )
...
* Add additional post-cmake files to .gitignore
* Add bootstrap 3.3.7
* Load bootstrap css
* Restyle login page, move recaptcha js to <head>
The way it was handled previously resulted in
invalid html, with an extra <head> tag being
inserteed inside the <body>.
* Update doctype to HTML5, add meta tags for mobile browsers
* Move inline Login css to css file
* Remove extra php tag in functions.php
* Show error message upon unsuccessful login. Fixes #1648
* Includes bootstrap glyphicons as they're used in the error message.
* Failure check is done via a simple test in login.js.php and login.js.
The 'view' param will only be set (to 'postlogin') if the login page
has refreshed due to a failed login. Otherwise you're directed to
the console view.
* Only load bootstrap css in specific views.
Bootstrap was causing some styling conflicts with the legacy css.
As such only load bootstrap.css on pages which we have specifically
allowed, which would be pages that have been restyled and verified.
* Test for invalid login via session variable.
The previous method had cases where the error messsage was displayed
when it shouldn't have been, such as when specifying ?view=login
* Fix a few typos in login inputs
* Add new fonts directory to web CMakeLists
2016-11-14 21:24:43 -05:00
Kyle Johnson
b0d22aa2a5
Add new fonts directory to web CMakeLists
2016-11-14 19:23:05 -07:00
Isaac Connor
3b7723ee8f
Merge branch 'master' into storageareas
2016-11-11 22:40:00 -05:00
Andrew Bauer
49d8e35e56
Show available PATH_MAP percent on console ( #1675 )
...
* Add PATH_SWAP percent to console
* add changes to console.php
* use ZM_PATH_MAP instead of ZM_PATH_SWAP
* show the folder name PATH_MAP points to
* use a dash as the delimiter instead of fwd slash
2016-11-11 08:47:08 -05:00
Kyle Johnson
65fe07e7aa
Fix a few typos in login inputs
2016-11-10 23:36:28 -07:00
Kyle Johnson
95d00f70a3
Test for invalid login via session variable.
...
The previous method had cases where the error messsage was displayed
when it shouldn't have been, such as when specifying ?view=login
2016-11-10 23:29:12 -07:00
Kyle Johnson
3916b02a74
Only load bootstrap css in specific views.
...
Bootstrap was causing some styling conflicts with the legacy css.
As such only load bootstrap.css on pages which we have specifically
allowed, which would be pages that have been restyled and verified.
2016-11-10 23:07:52 -07:00
Kyle Johnson
0800a69a57
Show error message upon unsuccessful login. Fixes #1648
...
* Includes bootstrap glyphicons as they're used in the error message.
* Failure check is done via a simple test in login.js.php and login.js.
The 'view' param will only be set (to 'postlogin') if the login page
has refreshed due to a failed login. Otherwise you're directed to
the console view.
2016-11-10 22:51:32 -07:00
Kyle Johnson
97fb53e95c
Remove extra php tag in functions.php
2016-11-10 21:49:57 -07:00
Kyle Johnson
227b196a2e
Move inline Login css to css file
2016-11-10 21:48:42 -07:00
Kyle Johnson
3e3956f45d
Update doctype to HTML5, add meta tags for mobile browsers
2016-11-10 21:47:53 -07:00
Kyle Johnson
eacf6cd415
Restyle login page, move recaptcha js to <head>
...
The way it was handled previously resulted in
invalid html, with an extra <head> tag being
inserteed inside the <body>.
2016-11-10 21:46:55 -07:00
Kyle Johnson
1607ae1210
Load bootstrap css
2016-11-10 21:45:46 -07:00
Kyle Johnson
2c93f61622
Add bootstrap 3.3.7
2016-11-10 21:45:18 -07:00
Andrew Bauer
9f43825b92
prevent the end user from slecting an invalid configuration on the PT… ( #1676 )
...
* prevent the end user from slecting an invalid configuration on the PTZ control configuraion "Move" tab
* change to console.php should not be in this pr
2016-11-08 22:10:51 -05:00
Kyle Johnson
8c41781a9f
Fix event.stop error in watch.js See #1672 ( #1678 )
2016-11-08 18:53:06 -05:00