Isaac Connor
26670c2df2
Add lock function to write lock an object
2019-09-04 10:07:08 -04:00
Isaac Connor
92bc1791f5
fix accidentally removed code
2019-09-03 11:33:13 -04:00
Isaac Connor
a384e978c8
don't load user from session if we have already gotten it from elsewhere
2019-09-03 11:19:42 -04:00
Isaac Connor
b84d005d8f
Load use from session when it exists
2019-09-03 10:54:34 -04:00
Isaac Connor
6b9e8bec69
Add logging of delete events
2019-08-29 11:26:32 -04:00
Isaac Connor
a4b057fa2b
Upgrade Event object to use the common Object methods. Add deleting files from Secondary storage
2019-08-29 11:25:37 -04:00
Isaac Connor
c80ef0e0ab
spacing
2019-08-28 12:20:03 -04:00
Isaac Connor
320bf823c5
Don't report errors when creating monitor symlink when it already exists
2019-08-28 09:18:33 -04:00
Isaac Connor
c482fa7d5d
Fix executing filter
2019-08-26 20:45:38 -04:00
Isaac Connor
f01bedb33e
Merge branch 'master' of github.com:ZoneMinder/zoneminder
2019-08-26 18:49:12 -04:00
Isaac Connor
231c9c3902
move executeFilter to Filter->execute. If no changes have been made, don't make a tempfilter.
2019-08-26 18:48:34 -04:00
Isaac Connor
82e8bde406
Fix SaveAs
2019-08-26 16:19:19 -04:00
Isaac Connor
7ef26275bc
use isset to get rid of warnings when eid is not in REQUEST
2019-08-20 10:28:19 -04:00
Isaac Connor
84492f29b1
Fix token auth sessions ( #2676 )
...
* If token is present do token based auth and do not do anything with session
* update HostController. Use config constants, don't use sessions
* Remove Session from the components list
* spacing
* Remove Session from App Components list.
* Move APIEnabled check to the api from auth.php
* Rework auth. login using username and password only occurs on login action now. Including auth.php should not touch the session. auth_hash logins no longer touch the session. replace userLogin with a function called validateUser which matches the semantics of validateToken.
* remove debugging
* Add session storage if stateful query param is on, but only for LEGACY_API_AUTH
* fix mUser to username, etc.
* shuffle lines
* use instead of session when generating auth hash.
* Add docs regarding the use of cookies and stateful query param
* Only open/close session if we are clearing a session var
* Use zm_session_start instead of session_start
* Should use zm_session_start instead of session_start
* document that zm_session_start should be called previously to session_regenerate_id
* Don't actually write out the session when generating auth hashes. Means they should never actually persist.
* More backticking of SQL
* add .. to fix #2686
* Use material icons for sort because they look nicer
* fix typo
* have to add authhash to session on login
* restore username&password login for all urls
* fix
* fixes
2019-08-20 09:46:53 -04:00
Isaac Connor
b344701dea
fixes
2019-08-19 12:15:58 -04:00
Isaac Connor
3b58da860f
fix
2019-08-19 12:08:41 -04:00
Isaac Connor
b1132087b8
restore username&password login for all urls
2019-08-19 12:07:38 -04:00
Isaac Connor
87e7ba0e50
have to add authhash to session on login
2019-08-19 11:38:56 -04:00
Isaac Connor
d39da61b66
Don't actually write out the session when generating auth hashes. Means they should never actually persist.
2019-08-16 15:27:24 -04:00
Isaac Connor
070b8066f2
document that zm_session_start should be called previously to session_regenerate_id
2019-08-16 15:08:35 -04:00
Isaac Connor
28155ebd90
Should use zm_session_start instead of session_start
2019-08-16 15:08:10 -04:00
Isaac Connor
660eddc69d
Only open/close session if we are clearing a session var
2019-08-16 15:06:56 -04:00
Isaac Connor
3475a11e15
use instead of session when generating auth hash.
2019-08-16 14:13:13 -04:00
Isaac Connor
51c7f0b73f
shuffle lines
2019-08-16 14:12:52 -04:00
Isaac Connor
fdb66aaa72
Merge branch 'master' into fix_token_auth_sessions
2019-08-15 16:22:09 -04:00
Isaac Connor
336f45219b
fix object caching
2019-08-15 16:04:56 -04:00
Isaac Connor
68052368f7
use backticks on table and column names. Use data-on-change-this in group dropdown
2019-08-15 16:04:37 -04:00
Isaac Connor
f09941ed48
timezone errors shouldn't be fatal
2019-08-15 15:16:02 -04:00
Isaac Connor
618e6816ef
Rework auth. login using username and password only occurs on login action now. Including auth.php should not touch the session. auth_hash logins no longer touch the session. replace userLogin with a function called validateUser which matches the semantics of validateToken.
2019-08-15 14:59:15 -04:00
Isaac Connor
0ec6e8d635
Merge branch 'master' into fix_token_auth_sessions
2019-08-15 12:05:07 -04:00
Isaac Connor
4140d51e9f
database.php cleanup. remove dbFetchMonitor and dbFetchGroup. Their usage has been replaced with the Object::find_one usage. Also more quoting of table and colume names to fix #2659
2019-08-13 11:45:50 -04:00
Isaac Connor
4922861d1d
Merge branch 'master' into fix_token_auth_sessions
2019-08-12 13:59:11 -04:00
Isaac Connor
5f77634aca
Update Group object to use shared code in Object.php. Should fix #2659
2019-08-08 13:51:56 -04:00
Isaac Connor
702cb65d2a
Merge branch 'storageareas'
2019-08-08 13:38:36 -04:00
Isaac Connor
df285006d2
change sortHeader to include eid if it is in the request
2019-08-08 13:34:10 -04:00
Isaac Connor
a9de537e01
Merge branch 'master' into storageareas
2019-08-08 09:27:27 -04:00
Isaac Connor
1892528679
quotes
2019-08-08 09:26:15 -04:00
Isaac Connor
5b0509e000
When invalid operator terms, use print_r on the term instead of just the operator
2019-08-08 09:26:00 -04:00
Isaac Connor
3a142df14f
Only send zmdc.pl commands for filters to running servers
2019-08-07 15:51:01 -04:00
Isaac Connor
fb7ab993b5
Have to include the --daemon param when telling zmdc.pl what to do with zmfilter.pl
2019-08-07 15:34:30 -04:00
Isaac Connor
d4b59211cd
Merge branch 'master' into storageareas
2019-08-07 11:21:19 -04:00
Isaac Connor
962049fa31
Merge branch 'master' into filter_add_copy
2019-08-06 20:17:21 -04:00
Isaac Connor
7e6b0058d2
Update Zone buttons. Fix double submit. Fixes #2671
2019-08-02 08:04:38 -04:00
Isaac Connor
6a425b6988
If token is present do token based auth and do not do anything with session
2019-08-01 10:02:31 -04:00
Isaac Connor
7f19831e0c
Use isset when testing for existence of authash in session
2019-07-29 14:54:55 -04:00
Isaac Connor
45afc2a534
introduce array_recursive_diff which we use to compare two arrays in Object::changes
2019-07-24 11:24:37 -04:00
Isaac Connor
e3a9d5d488
Rewrite changes to run through the keys of the passed in new values array, and handle object methods as well as basic values
2019-07-24 11:24:14 -04:00
Isaac Connor
341f4adbdf
Functions that change the Query must reset Query_json as well
2019-07-24 11:23:38 -04:00
Isaac Connor
58851d23d2
Add Secondary Storage support to the Event object
2019-07-24 11:22:55 -04:00
Isaac Connor
9b6dedb35d
Update Filter saving action to use object set/save etc
2019-07-23 09:58:28 -04:00
Isaac Connor
35ec60ca03
Change Storage object to extend ZM_Object
2019-07-23 09:58:05 -04:00
Isaac Connor
7c52f8a4ae
Fixes and add Objects_Indexed_By_Id
2019-07-23 09:57:44 -04:00
Isaac Connor
b05aff1d5d
Update Filter Object to extend ZM_Object. Rename Query to Query_json and implement a Query function to parse Query_json
2019-07-23 09:57:16 -04:00
Isaac Connor
fe71a9abaa
php_errormsg is deprecated
2019-07-19 16:32:40 -04:00
Isaac Connor
d244aadee6
Fix #2655
2019-07-08 14:27:49 -04:00
Isaac Connor
b84e3499f4
Implement code to auto-load monitor status info if not already loaded. Check for Connected instead of Capturing in watch to display warning message
2019-07-07 17:25:49 -04:00
Isaac Connor
a28f17653f
Add DecoderHWAccel fields to Monitor
2019-06-25 15:34:45 -04:00
Isaac Connor
6ed0074077
End continuous events on alarm ( #2644 )
...
* Reference /run/zm instead of /var/run/zm because systemd-tmpfiles complains about it
* Spacing, google code style and tabs to spaces
* add update script to add MinSectionLength
* Add min_section_length to enforce a minimum event length when closing continuous events on alarm
2019-06-24 11:29:00 -04:00
Isaac Connor
38bcdbbffe
ONly close session if we opened it in generateAuthHash, only try to validate auth hash if it is set in the session
2019-06-21 18:04:39 -04:00
Isaac Connor
60618d5998
Fix hour subtraction in getAuthUser to actually subtract an hour
2019-06-21 11:45:33 -04:00
Isaac Connor
3bae7a5432
spaces and parenthesis
2019-06-20 13:28:12 -04:00
Tom Hodder
1336c03f97
WIP: Add pagination to frames.php in classic ( #2618 )
...
* add pagination to the frames.php results
* remove commented code, fix view all paging
* removing debugging logging statements
* default frames paging to on
2019-06-16 12:02:00 -04:00
Pliable Pixels
98bf7800b0
remove a password log, corrected PHP version in log ( #2627 )
...
* remove a password log, corrected PHP version in log
* PHP version correction
2019-06-16 11:59:48 -04:00
Isaac Connor
08cc4e0383
add null value to set() function
2019-06-05 10:22:20 -04:00
Isaac Connor
5346f82de9
Fix unable to login when ZM_AUTH_RELAY != hashed and fix setting the password in session when ZM_AUTH_RELAY==plain
2019-06-05 09:23:34 -04:00
Isaac Connor
4b9b2015cb
write a note why regnerateAuthHash doesn't work when saving config
2019-06-04 16:30:57 -04:00
Isaac Connor
cc269378cf
regenerate auth_hash in session because we might have changed an auth hash setting
2019-06-04 16:27:25 -04:00
Isaac Connor
168aa35461
force regeneration of auth_hash on login. Fix failed auth_hash verification not logging you out by returning null instead of false. Update session with new auth_hash when forcing regeneration
2019-06-04 16:26:29 -04:00
Isaac Connor
eaa1939f6b
comment out debug lines
2019-05-31 10:35:54 -04:00
Isaac Connor
274737d1b1
Fix moocord to mocord.
2019-05-31 10:35:18 -04:00
Isaac Connor
b0869a0b13
spaces and quotes
2019-05-31 10:34:53 -04:00
Isaac Connor
75ec4818a6
WHen saving a monitor, only start zmc and zma if appropriate
2019-05-31 10:15:02 -04:00
Isaac Connor
ba96f0709c
fix saving user using password_hash
2019-05-30 09:58:54 -04:00
Isaac Connor
628760d5b9
Spacing and braces cleanup from asker's code
2019-05-29 10:29:03 -04:00
Isaac Connor
c4d76f03c9
Introduce ZM_PATH_SHUTDOWN to cmake config
2019-05-27 12:09:32 -04:00
Isaac Connor
4765b9d936
Don't generate php errors when returned row doesn't have the specified column
2019-05-24 14:52:04 -04:00
Isaac Connor
1ddd5b1f74
Merge branch 'master' of github.com:ZoneMinder/zoneminder
2019-05-24 13:56:30 -04:00
Isaac Connor
34400419e8
Add shutdown capability ( #2575 )
...
* Add Config for showing a system shutdown/restart option
* Add a translation for Shutdown
* add a shutdown power button to the navbar
* but the shutdown icon in a navbar-txt
* set width and height of shutdown window
* Add instructions for enabling the web user to run shutdown
* add the shutdown view and actions
2019-05-24 13:53:24 -04:00
Pliable Pixels
fc27393a96
Replace MySQL Password() with bcrypt, allow for alternate JWT tokens ( #2598 )
...
* added sha1 and bcrypt submodules
* added bcrypt and sha to src build process
* added test sha1 and bcrypt code to validate working
* bcrypt auth migration in PHP land
* added include path
* add sha source
* added bcrypt to others
* put link_dir ahead of add_executable
* fixed typo
* try add_library instead
* absolute path
* absolute path
* build bcrypt as static
* move to wrapper
* move to fork
* logs tweak
* added lib-ssl/dev for JWT signing
* Moved to openSSL SHA1, initial JWT plugin
* removed vog
* fixed SHA1 algo
* typo
* use php-jwt, use proper way to add PHP modules, via composer
* fixed module path
* first attempt to fix cast error
* own fork
* own fork
* add composer vendor directory
* go back to jwt-cpp as PR merged
* moved to jwt-cpp after PR merge
* New token= query for JWT
* Add JWT token creation, move old code to a different function for future deprecation, simplified code for ZM_XX parameter reading
* JWT integration, validate JWT token via validateToken
* added token validation to zms/zmu/zmuser
* add token to command line for zmu
* move decode inside try/catch
* exception handling for try/catch
* fix db read, forgot to exec query
* remove allowing auth_hash_ip for token
* support refresh tokens as well for increased security
* remove auth_hash_ip
* Error out if used did not create an AUTH_HASH_SECRET
* fixed type conversion
* make sure refresh token login doesn't generate another refresh token
* fix absolute path
* move JWT/Bcrypt inside zm_crypt
* move sha headers out
* move out sha header
* handle case when supplied password is hashed, fix wrong params in AppController
* initial baby step for api tab
* initial plumbing to introduce token expiry and API bans per user
* remove M typo
* display user table in api
* added revoke all tokens code, removed test code
* use strtoul for conversion
* use strtoul for conversion
* use strtoul for conversion
* more fixes
* more fixes
* add mintokenexpiry to DB seek
* typo
* add ability to revoke tokens and enable/disable APIs per user
* moved API enable back to system
* comma
* enable API options only if API enabled
* move user creation to bcrypt
* added password_compat for PHP >=5.3 <5.5
* add Password back so User object indexes don't change
* move token index after adding password
* demote logs
* make old API auth optional, on by default
* make old API auth mechanism optional
* removed stale code
* forgot to checkin update file
* bulk overlay hash mysql encoded passwords
* add back ssl_dev, got deleted
* fix update script
* added token support to index.php
* reworked API document for new changes in 2.0
* Migrate from libdigest to crypt-eks-blowfish due to notice
* merge typo
* css classess for text that disappear
* fixed html typo
* added deps to ubuntu control files
* spaces
* removed extra line
* when regenerating using refresh tokens, username needs to be derived from the refresh token, as no session would exist
* add libssl1.0.0 for ubuntu 16/12
* small API fixes
* clean up of API, remove redundant sections
* moved to ZM fork for bcrypt
* whitespace and google code style
* regenerate auth hash if doing password migration
* dont need AUTH HASH LOGIN to be on
* Add auth hash verification to the user logged in already case
* fix missing ]
* reject requests if per user API disabled
2019-05-24 13:48:40 -04:00
Isaac Connor
729dee5dda
Merge branch 'master' into storageareas
2019-05-24 10:06:14 -04:00
Isaac Connor
db9ba7eeab
Add StartDateTime and EndDateTime as Sort options. Fixes #2614
2019-05-24 10:02:15 -04:00
Isaac Connor
f9004443cf
Merge branch 'master' into storageareas
2019-05-24 09:37:03 -04:00
Isaac Connor
843a9a6630
Merge branch 'pliablepixels-crypt-replacement3' into storageareas
2019-05-24 09:36:54 -04:00
Isaac Connor
2fc7b3cf4d
Don't allow deleting of in-progress recording
2019-05-24 09:31:48 -04:00
Isaac Connor
aa1264f4d2
fix missing ]
2019-05-23 16:26:40 -04:00
Isaac Connor
4466ef13fd
Merge branch 'pliablepixels-crypt-replacement3' into storageareas
2019-05-23 15:21:58 -04:00
Isaac Connor
7559c975e3
Merge branch 'crypt-replacement' of https://github.com/pliablepixels/ZoneMinder into pliablepixels-crypt-replacement3
2019-05-23 15:15:52 -04:00
Isaac Connor
883688a72d
Add auth hash verification to the user logged in already case
2019-05-23 15:15:37 -04:00
Pliable Pixels
57708c016c
dont need AUTH HASH LOGIN to be on
2019-05-23 14:59:21 -04:00
Isaac Connor
d5120f7506
regenerate auth hash if doing password migration
2019-05-23 14:30:45 -04:00
Isaac Connor
bc9116dd94
whitespace and google code style
2019-05-23 14:27:17 -04:00
Isaac Connor
2ce2381269
Merge branch 'crypt-replacement' of https://github.com/pliablepixels/ZoneMinder into pliablepixels-crypt-replacement
2019-05-19 08:45:42 -04:00
Pliable Pixels
8e1037458a
when regenerating using refresh tokens, username needs to be derived from the refresh token, as no session would exist
2019-05-18 11:23:16 -04:00
Isaac Connor
93aeceecfc
Merge branch 'crypt-replacement' of https://github.com/pliablepixels/ZoneMinder into pliablepixels-crypt-replacement
2019-05-17 10:18:15 -04:00
Pliable Pixels
95460a945a
added token support to index.php
2019-05-14 19:22:49 -04:00
Pliable Pixels
e9f843f297
bulk overlay hash mysql encoded passwords
2019-05-13 14:29:24 -04:00
Pliable Pixels
adb01c4d0e
added password_compat for PHP >=5.3 <5.5
2019-05-12 13:57:25 -04:00
Pliable Pixels
d7dbaf52d4
move user creation to bcrypt
2019-05-12 13:01:29 -04:00
Pliable Pixels
a9d601e5ae
add ability to revoke tokens and enable/disable APIs per user
2019-05-12 10:56:17 -04:00
Pliable Pixels
ae14be916c
initial plumbing to introduce token expiry and API bans per user
2019-05-11 13:39:40 -04:00
Pliable Pixels
95b448abdd
handle case when supplied password is hashed, fix wrong params in AppController
2019-05-10 11:25:55 -04:00
Pliable Pixels
f9730bb46b
remove auth_hash_ip
2019-05-08 14:07:48 -04:00
Pliable Pixels
bc050fe330
support refresh tokens as well for increased security
2019-05-08 13:38:42 -04:00
Pliable Pixels
b293592e4c
added token validation to zms/zmu/zmuser
2019-05-08 10:55:32 -04:00
Pliable Pixels
e8f79f3254
JWT integration, validate JWT token via validateToken
2019-05-07 15:04:51 -04:00
Isaac Connor
5fe565b99d
spacing
2019-05-06 10:49:18 -04:00
Pliable Pixels
ca3f65deef
go back to jwt-cpp as PR merged
2019-05-05 14:32:09 -04:00
Pliable Pixels
a55a11dad1
first attempt to fix cast error
2019-05-05 11:24:55 -04:00
Pliable Pixels
8d62c61b7a
fixed module path
2019-05-05 07:50:52 -04:00
Pliable Pixels
725c3c50ed
use php-jwt, use proper way to add PHP modules, via composer
2019-05-05 07:08:25 -04:00
Pliable Pixels
887912e7ad
bcrypt auth migration in PHP land
2019-05-01 13:22:24 -04:00
Isaac Connor
b3fb934fb5
add namespace to Logging calls
2019-04-29 14:16:55 -04:00
Isaac Connor
1a1c2db15f
add the shutdown view and actions
2019-04-12 14:55:56 -04:00
Isaac Connor
780f4f9b9a
Merge branch 'master' of github.com:zoneminder/ZoneMinder
2019-04-06 09:27:44 -04:00
Isaac Connor
381f526d66
spacing
2019-04-05 15:18:20 -04:00
Isaac Connor
8f3d1f8653
fix a missing = and use csrf_get_tokens instead of csrf_get_secret which is the wrong function
2019-04-02 15:25:14 -04:00
Isaac Connor
9e96c29620
Log a failed csrf check
2019-04-02 15:24:47 -04:00
Isaac Connor
8a90176a2c
Add CanReboot to Controls
2019-04-02 09:25:50 -04:00
Isaac Connor
15fb546e15
spacing
2019-04-01 11:13:35 -04:00
Isaac Connor
49e3f0a68e
eslint fixes
2019-03-28 09:43:31 -04:00
Isaac Connor
4eafc52955
spacing
2019-03-25 12:18:01 -04:00
Isaac Connor
8d07a4a08f
Log useful error messages when can't mkdir the monitor events dir or the symlink to it. symlink is a warning because the symlink is just a user aid
2019-03-25 11:58:04 -04:00
Isaac Connor
bd5c9b5b20
add Control to ZM namespace
2019-03-24 09:58:50 -04:00
Isaac Connor
8f28ba0be3
beter debug and less often when no terms in parseFilter
2019-03-22 17:28:12 -04:00
Isaac Connor
6d4d353209
fix namespace on MontageLayout
2019-03-22 17:27:58 -04:00
Isaac Connor
7f7acc18ee
spacing and code doc
2019-03-21 14:14:30 -04:00
Isaac Connor
f434042c52
fix spacing
2019-03-21 14:14:15 -04:00
Isaac Connor
6efeab5f8d
improve readability of parseFilter
2019-03-20 14:26:48 -04:00
Isaac Connor
3f9564c10a
Merge branch 'master' into storageareas
2019-03-19 10:37:35 -04:00
Isaac Connor
72b87a7c00
Add code to be a bit more careful about not deleting all events when an incomplete event object is used.
2019-03-19 09:36:58 -04:00
Isaac Connor
520c41da23
Merge ../ZoneMinder.connortechnology.bad into storageareas
2019-03-18 14:40:03 -04:00
Matthew Noorenberghe
3c31dd63ce
Use zm_session_start() for API auth. Fixes #2547
2019-03-11 00:27:46 -07:00
Isaac Connor
6c8eac1ac8
Merge branch 'storageareas' into h265
2019-03-06 11:10:01 -05:00
Isaac Connor
fa124eb29a
Merge branch 'master' of github.com:zoneminder/ZoneMinder
2019-03-05 14:35:15 -05:00
Isaac Connor
0022dbfb76
add a newline to improve readability
2019-03-05 14:31:39 -05:00
Isaac Connor
e59eb510e3
update and fix the donate popup
2019-03-05 13:10:04 -05:00
Isaac Connor
73ae3f49ed
Merge branch 'master' into storageareas
2019-03-05 11:35:55 -05:00
Isaac Connor
7779edb485
Fix saving multiple monitors at once by moving the relevant code to includes/actions/monitors.php
2019-03-05 11:02:37 -05:00
Isaac Connor
49a1954f96
fix typo and remove deprecated DefaultView
2019-03-05 11:01:39 -05:00
Isaac Connor
8b29c5f54c
Fix typo: Ineterval to Interval
2019-03-05 10:58:23 -05:00
Isaac Connor
f446e73ff7
Typo: AnalysisUpdateDelete to AnalysisUpdateDelay
2019-03-05 10:55:27 -05:00
Isaac Connor
778707c8df
Merge branch 'master' into storageareas
2019-03-04 14:33:28 -05:00
Isaac Connor
96e29c0299
fix up remaining issues with cycle updates
2019-03-04 13:35:40 -05:00
Isaac Connor
190142b24c
Merge branch 'master' into storageareas
2019-03-01 17:47:07 -05:00
Isaac Connor
7703661cb1
Don't use streaming port in UrlToIndex because xmlHttpRequest won't send cookies to a different port
2019-03-01 17:25:17 -05:00
Isaac Connor
466c379e94
Merge branch 'master' into storageareas
2019-03-01 14:03:49 -05:00
Isaac Connor
675b4975b0
Fix control presets
2019-03-01 13:37:34 -05:00
Isaac Connor
20fe502ca4
Add ZM to ErrorHandler. Spacing and quotes
2019-02-27 12:02:40 -05:00
Isaac Connor
af9c87a112
Merge branch 'master' into storageareas
2019-02-27 10:53:19 -05:00
Isaac Connor
6e4444099b
Only populate session with user info on successful login. Use parameters in sql when loading users in getAuthUser. Fixes #2542
2019-02-27 09:57:50 -05:00