ZaneYork
/
zoneminder
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
15,654 Commits 20 Branches 69 Tags 131 MiB
Commit Graph

75 Commits

Author SHA1 Message Date
Matt N 33092e4022 Allow API authentication using the `auth` query parameter containing an auth. hash. (#1845) 
* Allow API authentication using the `auth` query parameter containing an auth. hash.

Fixes #1827

The same auth. hash for zms is used here. This allows consumers to use the API without sending the password in the query string and not require forging logins via the login form.

* Move logger.php's global Debug function to Logger::Debug to avoid polluting globals

This avoids a conflict with CakePHP when logger.php gets included indrectly from API code.

* Protect action=login when ZM_ENABLE_CSRF_MAGIC is enabled
 2017-05-15 21:51:48 -04:00
Joshua Ruehlig 05a141bf78 Update database.php 2017-04-24 23:40:52 -07:00
Kyle Johnson 6b3a53ec0f Tell PDO to use real prepared statements. 
This makes sure the statement and the values aren't
parsed by PHP before sending it to the MySQL server.

See https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php
and https://secure.php.net/manual/en/pdo.setattribute.php
 2017-02-04 14:59:33 -07:00
Andy Bauer 254fcbcef7 update gpl 2 mailing address in source files 2016-12-26 09:23:16 -06:00
josh4trunks 2ab79820a1 Add back changes 2016-05-22 08:08:12 -07:00
Isaac Connor ce6f8da098 Use PDO::error_string instead of mysql_error 2016-04-09 11:23:35 -04:00
Isaac Connor a0d4934b84 Have PDO actually throw exceptions on db errors. Prior to this it would have been just failing silently. Also, fix a . to -> in the exception catcher. 2015-11-11 16:56:28 -05:00
Isaac Connor bec58a6011 fixes WRT to db logging. I believe fixes issue #504 2014-09-26 14:43:58 -04:00
Isaac Connor 86b04d0e6f fixup dbFetchMOnitor 2013-12-06 14:22:07 -05:00
Isaac Connor 969918781f more updates, currently the log updates are not enough. Filtering does not work. 2013-11-13 10:11:16 -05:00
Isaac Connor 03809cfa0f improve error reporting 2013-11-07 10:58:27 -05:00
Isaac Connor 4c6c415f02 fix: wrote dbCon instead of dbConn 2013-11-07 10:03:19 -05:00
Isaac Connor 51455b5c85 more updates and removal of escaping and quoting 2013-11-04 12:43:34 -05:00
Isaac Connor 7fdb933d6b rework dbQuery, dbFetchOne to take a parameters array, and use it 2013-10-18 14:15:24 -04:00
Isaac Connor 92591a6835 more removal of quotes 2013-10-17 17:05:50 -04:00
Isaac Connor 36c4fad644 remove extra quoets since dbEcape does quoting now 2013-10-17 15:35:23 -04:00
Isaac Connor b126c5ae7e fix typo 2013-10-16 16:55:24 -04:00
Isaac Connor 9e2d7cfd24 initial convert to PDO with no testing 2013-10-16 16:07:58 -04:00
stan 6ff385e407 git-svn-id: http://svn.zoneminder.com/svn/zm/trunk@3459 e3e1d417-86f3-4887-817a-d78f3d33393f 2011-06-21 09:19:10 +00:00
stan 0cdc6e89ef Added utility function 
git-svn-id: http://svn.zoneminder.com/svn/zm/trunk@3065 e3e1d417-86f3-4887-817a-d78f3d33393f
 2010-05-27 12:18:06 +00:00
stan 545ca029e3 Added next auto inc function 
git-svn-id: http://svn.zoneminder.com/svn/zm/trunk@2825 e3e1d417-86f3-4887-817a-d78f3d33393f
 2009-03-31 10:53:51 +00:00
stan 69b9f78343 Added associate fetch function. 
git-svn-id: http://svn.zoneminder.com/svn/zm/trunk@2705 e3e1d417-86f3-4887-817a-d78f3d33393f
 2008-12-05 23:15:08 +00:00
stan 106882c161 Updated copyright notices 
git-svn-id: http://svn.zoneminder.com/svn/zm/trunk@2612 e3e1d417-86f3-4887-817a-d78f3d33393f
 2008-07-25 09:48:16 +00:00
stan aed786dd0e Fixed unquoted array indexes 
git-svn-id: http://svn.zoneminder.com/svn/zm/trunk@2529 e3e1d417-86f3-4887-817a-d78f3d33393f
 2008-07-15 21:24:31 +00:00
stan 2824cb7355 git-svn-id: http://svn.zoneminder.com/svn/zm/trunk@2508 e3e1d417-86f3-4887-817a-d78f3d33393f 2008-07-14 13:54:50 +00:00