eb55a6bb9b
set action,view, and/or request to NULL if there are not defined
2017-03-28 17:52:31 -05:00
4e16ae6d19
add ZM_ENABLE_CSRF_MAGIC toggle
2017-03-28 17:29:36 -05:00
d38bae72ae
integrate csrf-magic library
2017-03-18 20:12:06 -05:00
746a096483
Merge branch 'master' of github.com:ZoneMinder/ZoneMinder
2017-01-27 15:16:33 -07:00
30674919c4
always include Storage object, because in the end we will be using it everywhere
2017-01-02 10:34:45 -05:00
2dda2d9e1e
remove unneeded, empty files
2016-12-26 09:49:14 -06:00
254fcbcef7
update gpl 2 mailing address in source files
2016-12-26 09:23:16 -06:00
69c39f8a23
set http_only flag in cookie settings
2016-12-14 14:39:44 -05:00
851a81eff7
Merge pull request #1406 from ZoneMinder/svg_zones
...
replace the static zone image with a stream, and use SVG to draw the zones
2016-04-11 11:14:11 -04:00
5542788a45
make cannot write to content dir an error, rather than fatal
2016-04-10 18:45:38 -05:00
bbd33cc159
add monitor class so we don't have to everywhere else
2016-04-08 13:56:49 -04:00
41d92bbf94
need to include Server class
2015-12-02 10:26:11 -05:00
644080fd41
call CORSHeaders
2015-12-02 10:05:27 -05:00
cb7acb36ab
Use relative URL's instead of absolute
2015-10-24 13:04:54 -05:00
13aab8a1be
Merge pull request #1113 from baffo32/1112-detect-missing-content
...
Fatal if content dirs are unwritable
2015-10-14 06:49:33 -05:00
da8e9dd81b
Remove reference to php.ini from timezone error
2015-10-13 16:55:38 -04:00
250c3c31e1
Revised source-install specific recommendation.
2015-10-13 16:45:31 -04:00
362b190641
Fatal if content dirs are unwritable
2015-10-12 16:16:22 -04:00
4a280a73d1
Use Fatal function to report bad timezone
2015-10-12 15:43:24 -04:00
d20478a15f
Detect invalid timezones
2015-10-12 13:22:30 -04:00
7190b532dd
Fatal error if date.timezone is unset
2015-10-12 13:07:07 -04:00
c0139e87ad
define ZM_BASE_PROTOCOL
2015-09-17 15:14:43 -04:00
82f5ab5175
Fix use of DEFINED. It takes a string not a constant. When COOKIE is not set or has changed, set it
2015-05-11 16:22:14 -04:00
01af58018b
close the session before requiring the page contents to fix the concurrency issue that exists due to using the file-backed session.
2015-04-20 13:06:34 -04:00
0af7d0cc0b
check defined(ZM_DEFAULT_SKIN) otherwise php will turn it into a string
2015-02-19 16:04:06 -05:00
b159f6ce9e
Fatal->Error since Fatal is fatal
2015-02-19 15:57:37 -05:00
8eb8cacd56
Check to make sure that skin and css are valid.
2015-02-19 14:17:33 -05:00
1cfec7e3e7
Move require of config.php and logger up higher
2015-01-04 11:50:24 -05:00
50e6784779
this adds two config options to System tab to set the default skin and css
2014-12-17 16:45:41 -05:00
45feac3d36
Merge pull request #640 from jrd288/offer_login
...
Offer login prompt instead of throwing error
2014-12-16 09:35:08 -05:00
10dba9b4c2
Offer login instead of error
...
When a user accesses a view but receives an error, and is not logged
on, he is offered a login prompt instead. The login prompt saves the
original query URL in a hidden field, and postlogin redirects back to
the original URL once the user has logged on.
If the user is logged in and there is an error, no login prompt is
shown.
This allows the user to click an event link in an e-mail and then log
in before being shown the event, instead of requiring going back
through the front ZM page to log in.
2014-12-15 17:17:03 -05:00
3c8153c9b4
better fix for the view=console security flaw.
...
This does it in index.php,so it guards all pages, and also just changes the view to login, so instead of giving an error, it presents you with the login, which I think is better.
2014-12-12 09:38:54 -05:00
5bf34de07b
Add lines to parse url ?css= commands and set a global variable to be used to determine which set of css files to use.
2014-11-26 11:26:29 -05:00
b197f985e0
make expiry date relative (~10years)
2014-05-01 09:53:45 +02:00
ed7ca66045
make skin selection cookie persistent
2014-05-01 09:37:39 +02:00
6e5d9272e0
supposed to fix #296
2014-01-03 18:33:01 -05:00
6035ed211a
Detaint some user inputs to avoid malicious file inclusion
...
git-svn-id: http://svn.zoneminder.com/svn/zm/trunk@3483 e3e1d417-86f3-4887-817a-d78f3d33393f
2011-07-22 08:37:01 +00:00
6ff385e407
git-svn-id: http://svn.zoneminder.com/svn/zm/trunk@3459 e3e1d417-86f3-4887-817a-d78f3d33393f
2011-06-21 09:19:10 +00:00
160c0d4fa2
Log missing view or request files.
...
git-svn-id: http://svn.zoneminder.com/svn/zm/trunk@2990 e3e1d417-86f3-4887-817a-d78f3d33393f
2009-11-19 08:13:07 +00:00
ef8f7b85fd
Continuing development and bugfixes
...
git-svn-id: http://svn.zoneminder.com/svn/zm/trunk@2632 e3e1d417-86f3-4887-817a-d78f3d33393f
2008-09-26 09:47:20 +00:00
d6fc2d0cd5
Fixed display or error page.
...
git-svn-id: http://svn.zoneminder.com/svn/zm/trunk@2614 e3e1d417-86f3-4887-817a-d78f3d33393f
2008-08-03 15:05:33 +00:00
106882c161
Updated copyright notices
...
git-svn-id: http://svn.zoneminder.com/svn/zm/trunk@2612 e3e1d417-86f3-4887-817a-d78f3d33393f
2008-07-25 09:48:16 +00:00
0f0a8c004f
Changed skinSeq to skinBase
...
git-svn-id: http://svn.zoneminder.com/svn/zm/trunk@2596 e3e1d417-86f3-4887-817a-d78f3d33393f
2008-07-23 09:57:11 +00:00
9e90f0971a
Added ZM_BASE_PATH, may not be necessary though.
...
git-svn-id: http://svn.zoneminder.com/svn/zm/trunk@2560 e3e1d417-86f3-4887-817a-d78f3d33393f
2008-07-16 13:23:32 +00:00
decaf0ef31
Fixed broken default user reference
...
git-svn-id: http://svn.zoneminder.com/svn/zm/trunk@2542 e3e1d417-86f3-4887-817a-d78f3d33393f
2008-07-16 08:42:28 +00:00
2824cb7355
git-svn-id: http://svn.zoneminder.com/svn/zm/trunk@2508 e3e1d417-86f3-4887-817a-d78f3d33393f
2008-07-14 13:54:50 +00:00
Andy Bauer
Andrew Bauer
Kyle Johnson
Isaac Connor
Isaac Connor
Isaac Connor
baffo32
jrd288
m-bene
stan