Commit Graph

2298 Commits

Author SHA1 Message Date
Isaac Connor ab4b5e6b69 Merge pull request #1853 from knnniggett/cakecache
change cake cache engine from File -> Apc
2017-04-14 21:10:23 -04:00
Andrew Bauer 0b729cf295 modify cmakelists.txt 2017-04-14 15:15:29 -05:00
Andrew Bauer d2490cf7e3 make cake tmp = zoneminder tmp 2017-04-14 15:11:41 -05:00
Andrew Bauer 48a73f7e78 change cache engine from File -> Apc 2017-04-14 14:31:42 -05:00
Andrew Bauer 3cbd32cd41 move cake log to zoneminder log folder 2017-04-14 14:24:29 -05:00
Andrew Bauer a10d52a3e1 Merge pull request #1844 from connortechnology/fix_1812
fix Monitors filtering SQL
2017-04-03 20:06:39 -05:00
Isaac Connor d3f6ab3d29 fix Monitors filtering SQL 2017-03-30 13:06:54 -04:00
Isaac Connor 7e3b27a130 Test for Controllable as well as ControlId 2017-03-30 10:49:02 -04:00
Isaac Connor 538658403c Merge pull request #1822 from knnniggett/csrf
Implement CSRF Mitigation
2017-03-30 10:39:55 -04:00
Isaac Connor 589b369109 fix inserting x10 record with missing , 2017-03-28 20:03:46 -04:00
Andy Bauer eb55a6bb9b set action,view, and/or request to NULL if there are not defined 2017-03-28 17:52:31 -05:00
Andy Bauer 4e16ae6d19 add ZM_ENABLE_CSRF_MAGIC toggle 2017-03-28 17:29:36 -05:00
IDDQDesnik 6081374ace Updated Russian translation 2017-03-21 17:39:22 +03:00
Isaac Connor eaca58bb7c Merge pull request #1815 from mnoorenberghe/postlogin
Properly escape postLoginQuery. Fixes #1797
2017-03-21 10:27:13 -04:00
Matthew Noorenberghe ea558c79a0 Fix check that API user is enabled 2017-03-20 17:16:24 -07:00
Isaac Connor badbf1c74c Merge pull request #1816 from mnoorenberghe/flat_window_sizes
Increase default window sizes for the flat theme. Fixes #1059
2017-03-20 13:10:13 -04:00
Andrew Bauer 2dcd95bc7f Merge pull request #1504 from ZoneMinder/improve_filter
Improve filter
2017-03-18 21:12:58 -05:00
Andrew Bauer d38bae72ae integrate csrf-magic library 2017-03-18 20:12:06 -05:00
SteveGilvarry a16ea554a3 Swap to PNG 2017-03-18 22:34:13 +11:00
Matthew Noorenberghe c7955cd1b6 Add eslint configuration files extending Google's rules 2017-03-18 00:02:17 -07:00
Matthew Noorenberghe 91ad6afffb Increase default window sizes for the flat theme. Fixes #1059
Used the computed height of <html> and rounded up the nearest multiple of 5.
2017-03-17 22:24:42 -07:00
Matthew Noorenberghe ea5342abd2 Properly escape postLoginQuery. Fixes #1797 2017-03-17 21:05:28 -07:00
Andrew Bauer 9681a444b4 Merge pull request #1765 from SteveGilvarry/ffmpeg_url
Align Method description to what it is actually doing
2017-03-16 09:32:30 -05:00
Andrew Bauer 7e0ac4b239 Merge pull request #1780 from connortechnology/fix_1775
use escapeshellarg on inputs to daemonControl and other functions
2017-03-16 09:27:04 -05:00
Andy Bauer 8759e2bdb4 prevent divide by zero, make error messages more descriptive 2017-02-21 13:10:41 -06:00
Andy Bauer 27ca8d8674 use === operator in getDiskPercent function 2017-02-21 12:33:05 -06:00
Isaac Connor 971c70f540 Merge pull request #1793 from mnoorenberghe/api_debug_default
Reduce the default API debug level
2017-02-20 21:44:48 -05:00
Matthew Noorenberghe df4739826b Reduce the default API debug level 2017-02-18 23:06:53 -08:00
Manojav Sridhar f50c0e2096 fix missing isset check, caused number of Undefined Property warnings 2017-02-18 11:15:43 -05:00
Manojav Sridhar 11b90e6011 fix usage of wrong key 2017-02-17 12:37:58 -05:00
Isaac Connor 2bf4b5ad1a use escapeshellarg on inputs to daemonControl and other functions where exec is called 2017-02-15 09:45:25 -05:00
SteveGilvarry b791504598 Wording of help text fixes 2017-02-06 08:01:04 +11:00
SteveGilvarry 9716c4ef89 Add Option help 2017-02-05 18:43:47 +11:00
SteveGilvarry c72704bf0b Change descriptions for ffmpeg methods and put TCP first. 2017-02-05 15:34:06 +11:00
Kyle Johnson 5804cd2462 Merge pull request #2 from connortechnology/fix_sql_injection
Sanitize input parameters
2017-02-04 15:05:54 -07:00
Andrew Bauer c5906a5d4f Merge pull request #6 from connortechnology/log_xss_fixes2
Log xss fixes2
2017-02-04 16:05:43 -06:00
Kyle Johnson 6b3a53ec0f Tell PDO to use real prepared statements.
This makes sure the statement and the values aren't
parsed by PHP before sending it to the MySQL server.

See https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php
and https://secure.php.net/manual/en/pdo.setattribute.php
2017-02-04 14:59:33 -07:00
Isaac Connor 9135da92ed fix typo fileFields => filterFields 2017-01-31 21:33:43 -05:00
Isaac Connor 7d451e1e41 float the scale control right, add css for other skins 2017-01-31 11:13:16 -05:00
Isaac Connor 4a4f62f0a7 add a scale element to the frame view. Include some bits from StorageAreas to make it work 2017-01-31 11:13:16 -05:00
Isaac Connor 568160e5aa add a scale element to the frame view. Include some bits from StorageAreas to make it work 2017-01-31 11:13:15 -05:00
Isaac Connor 3437f23e8a Merge branch 'master' into fix_sql_injection 2017-01-28 14:33:49 -05:00
Isaac Connor 41dab0750e turn whatever gets output into html escaped html so that nothing gets revealed 2017-01-27 21:30:22 -05:00
Isaac Connor a8d1450adf Merge branch 'master' into fix_sql_injection 2017-01-27 17:18:34 -05:00
Kyle Johnson 746a096483 Merge branch 'master' of github.com:ZoneMinder/ZoneMinder 2017-01-27 15:16:33 -07:00
Isaac Connor c1e05753d6 Merge branch 'master' of github.com:ZoneMinder/ZoneMinder-Pro 2017-01-27 17:12:46 -05:00
Andrew Bauer dbd73690b2 use !== false rather than === true 2017-01-25 09:26:07 -06:00
Andrew Bauer 6189d2670c ZM_DIR_EVENTS can be, and often is, a symlink 2017-01-25 09:05:34 -06:00
Andrew Bauer 8b19fca992 sanitize the image path before processing 2017-01-25 08:30:19 -06:00
SteveGilvarry 2f3ebd80da Remove zmf, die..die..die 2017-01-16 13:20:05 -08:00
Isaac Connor 9c8b229c74 Fix cutnpaste error 2017-01-14 17:08:13 -05:00
Isaac Connor 242e5a56d8 rough in the ability to filter on RunState 2017-01-14 16:55:28 -05:00
Kyle Johnson 0e7794f2a7 Merge pull request #1 from connortechnology/cookie_http_only
set http_only flag in cookie settings
2017-01-12 09:25:36 -07:00
Andy Bauer 7ef7a36f39 fix conditional logic in controlcap.js 2017-01-10 17:53:05 -06:00
Isaac Connor 55403219d8 fix regexp for direction in control command. Also log if the regexp doesn't match 2017-01-10 12:35:38 -05:00
Isaac Connor fea5fa1b59 fix xtell should be -1 for move left 2017-01-10 12:35:02 -05:00
Isaac Connor b4bddee337 Merge branch 'master' into improve_filter 2017-01-03 08:49:56 -05:00
Isaac Connor 0a90dbac9f require Event.php and clean up use of object vs db row array. Use newer way of using views/image.php by passing eid and frameid instead of a path. 2017-01-02 10:35:51 -05:00
Isaac Connor 30674919c4 always include Storage object, because in the end we will be using it everywhere 2017-01-02 10:34:45 -05:00
Isaac Connor f6ea52280a Update Event object to @iconnor's latest which brings us a createListThumbnail function copied from includes/functions 2017-01-02 10:34:15 -05:00
Andrew Bauer b063d8d6aa Merge pull request #1728 from connortechnology/path_zms_message
Path zms message
2017-01-02 08:54:32 -06:00
Isaac Connor ef71ae248c fix ramSocketFile to remSocketFile 2017-01-02 09:31:26 -05:00
klemens 0d549f1db3 spelling fixes 2016-12-29 10:31:05 +01:00
Andy Bauer 25ab1bee18 more fixed to gpl license text 2016-12-26 10:40:09 -06:00
Andy Bauer 2dda2d9e1e remove unneeded, empty files 2016-12-26 09:49:14 -06:00
Andy Bauer 254fcbcef7 update gpl 2 mailing address in source files 2016-12-26 09:23:16 -06:00
Isaac Connor 38c0cedecc remove the use of empty which on php < 5.5 only supports variables. 2016-12-20 16:37:42 -05:00
Isaac Connor 752f0eb40b Merge branch 'master' into improve_filter 2016-12-20 11:43:02 -05:00
Andrew Bauer 68a24040ab Merge pull request #1710 from connortechnology/path_zms_message
replace the old socket_sendto error message with something more useful
2016-12-20 10:30:35 -06:00
Isaac Connor 8b726996f7 FAQ fixes, more text about zms problems in it, and adjust the socket_sendto error message to point to the FAQ entry that is relevant. 2016-12-19 21:36:39 -05:00
Isaac Connor fe3f3d91ce replace the old socket_sendto error message with something more useful so that people stop asking us how to fix it. 2016-12-16 09:12:27 -05:00
Isaac Connor 794043cbe9 On successful login, tell php to regenerate the session id 2016-12-14 15:06:18 -05:00
Isaac Connor ad157cf21c fix tabs 2016-12-14 14:56:54 -05:00
Isaac Connor 69c39f8a23 set http_only flag in cookie settings 2016-12-14 14:39:44 -05:00
Isaac Connor a9548d3f6b Add a config entry to turn event disk space on/off 2016-12-13 13:34:56 -05:00
Isaac Connor 30ec67d4c3 Merge branch 'master' into disk_space_in_events 2016-12-13 13:28:32 -05:00
Isaac Connor b5e4c94682 test for integer string as well 2016-12-08 15:58:00 -05:00
Isaac Connor 7c84e2417d remove extra ? 2016-12-08 15:53:38 -05:00
Isaac Connor c8009baf3f fix missing ; and test for integer string in limit 2016-12-08 15:46:42 -05:00
Isaac Connor d600eb0e8b Merge branch 'master' into fix_sql_injection 2016-12-08 13:39:04 -05:00
Isaac Connor e7d0861530 check limit for a valid integer and complain if not. 2016-12-08 13:37:23 -05:00
Isaac Connor 587fd16aa6 Add testing for limit, sortField and all the filters to ensure that they are valid. 2016-12-08 13:31:44 -05:00
Isaac Connor 857b4e8345 Merge branch 'master' into improve_filter 2016-12-06 11:58:41 -05:00
Bernardus Jansen 986567839e
Additional minor changes 2016-12-02 10:08:49 +01:00
Bernardus Jansen e27639f599
Updated dutch translation 2016-12-02 09:49:50 +01:00
Isaac Connor 9312eed17f Merge branch 'master' into disk_space_in_events 2016-11-22 10:58:24 -05:00
Isaac Connor 02cd3e8cba Merge branch 'master' into small_fixes 2016-11-22 10:52:07 -05:00
Isaac Connor bb6b0c2d49 Merge branch 'master' of github.com:ZoneMinder/ZoneMinder into improve_filter 2016-11-17 12:16:49 -05:00
Kyle Johnson 4eb5ff7aff Fix Undefined index: loginFailed. Resolves #1684 2016-11-16 19:42:04 -07:00
Isaac Connor 8f71971209 Show error message upon unsuccessful login. Fixes #1648 (#1680)
* Add additional post-cmake files to .gitignore

* Add bootstrap 3.3.7

* Load bootstrap css

* Restyle login page, move recaptcha js to <head>

The way it was handled previously resulted in
invalid html, with an extra <head> tag being
inserteed inside the <body>.

* Update doctype to HTML5, add meta tags for mobile browsers

* Move inline Login css to css file

* Remove extra php tag in functions.php

* Show error message upon unsuccessful login.  Fixes #1648

 * Includes bootstrap glyphicons as they're used in the error message.
 * Failure check is done via a simple test in login.js.php and login.js.
   The 'view' param will only be set (to 'postlogin') if the login page
   has refreshed due to a failed login.  Otherwise you're directed to
   the console view.

* Only load bootstrap css in specific views.

Bootstrap was causing some styling conflicts with the legacy css.
As such only load bootstrap.css on pages which we have specifically
allowed, which would be pages that have been restyled and verified.

* Test for invalid login via session variable.

The previous method had cases where the error messsage was displayed
when it shouldn't have been, such as when specifying ?view=login

* Fix a few typos in login inputs

* Add new fonts directory to web CMakeLists
2016-11-14 21:24:43 -05:00
Kyle Johnson b0d22aa2a5 Add new fonts directory to web CMakeLists 2016-11-14 19:23:05 -07:00
Andrew Bauer 49d8e35e56 Show available PATH_MAP percent on console (#1675)
* Add PATH_SWAP percent to console

* add changes to console.php

* use ZM_PATH_MAP instead of ZM_PATH_SWAP

* show the folder name PATH_MAP points to

* use a dash as the delimiter instead of fwd slash
2016-11-11 08:47:08 -05:00
Kyle Johnson 65fe07e7aa Fix a few typos in login inputs 2016-11-10 23:36:28 -07:00
Kyle Johnson 95d00f70a3 Test for invalid login via session variable.
The previous method had cases where the error messsage was displayed
when it shouldn't have been, such as when specifying ?view=login
2016-11-10 23:29:12 -07:00
Kyle Johnson 3916b02a74 Only load bootstrap css in specific views.
Bootstrap was causing some styling conflicts with the legacy css.
As such only load bootstrap.css on pages which we have specifically
allowed, which would be pages that have been restyled and verified.
2016-11-10 23:07:52 -07:00
Kyle Johnson 0800a69a57 Show error message upon unsuccessful login. Fixes #1648
* Includes bootstrap glyphicons as they're used in the error message.
 * Failure check is done via a simple test in login.js.php and login.js.
   The 'view' param will only be set (to 'postlogin') if the login page
   has refreshed due to a failed login.  Otherwise you're directed to
   the console view.
2016-11-10 22:51:32 -07:00
Kyle Johnson 97fb53e95c Remove extra php tag in functions.php 2016-11-10 21:49:57 -07:00
Kyle Johnson 227b196a2e Move inline Login css to css file 2016-11-10 21:48:42 -07:00
Kyle Johnson 3e3956f45d Update doctype to HTML5, add meta tags for mobile browsers 2016-11-10 21:47:53 -07:00
Kyle Johnson eacf6cd415 Restyle login page, move recaptcha js to <head>
The way it was handled previously resulted in
invalid html, with an extra <head> tag being
inserteed inside the <body>.
2016-11-10 21:46:55 -07:00
Kyle Johnson 1607ae1210 Load bootstrap css 2016-11-10 21:45:46 -07:00
Kyle Johnson 2c93f61622 Add bootstrap 3.3.7 2016-11-10 21:45:18 -07:00
Andrew Bauer 9f43825b92 prevent the end user from slecting an invalid configuration on the PT… (#1676)
* prevent the end user from slecting an invalid configuration on the PTZ control configuraion "Move" tab

* change to console.php should not be in this pr
2016-11-08 22:10:51 -05:00
Kyle Johnson 8c41781a9f Fix event.stop error in watch.js See #1672 (#1678) 2016-11-08 18:53:06 -05:00
Kyle Johnson 735d2df3c9 event is redefined before being passed to deleteEvent. Fixes #1671 2016-11-04 23:23:40 -06:00
Isaac Connor 1e233c0ce5 Merge branch 'master' into improve_filter 2016-11-04 15:20:43 -04:00
Kyle Johnson bd47439056 Merge pull request #1639 from connortechnology/cookie_scale
store the scale value for watch and event views in a cookie, differen…
2016-11-03 12:35:15 -06:00
Isaac Connor 099cca210b fix monitorId to MonitorId 2016-11-03 14:34:17 -04:00
Steve Gilvarry d504043a9e Update ru_ru.php
Remote extra line
2016-11-01 00:32:46 +11:00
Isaac Connor a7c1231b46 fix WatchScale -> EventScale 2016-10-26 14:53:24 -04:00
Steve Gilvarry 0409ae5582 Merge pull request #1652 from connortechnology/fix_popup
handle when window.open fails
2016-10-20 05:17:44 +11:00
Steve Gilvarry 11cc73f55d Merge pull request #1651 from connortechnology/fix_disable_monitor
Fix logic when disabling a monitor
2016-10-20 05:16:22 +11:00
Steve Gilvarry c78a543e8e Merge pull request #1475 from connortechnology/htmlselect
introduce htmlselect as an alternative to buildselect
2016-10-20 05:05:59 +11:00
Pliable Pixels 192d0dbb45 added TimeZone get API 2016-10-18 14:07:31 -04:00
Isaac Connor aaf8f6c98b add the missing case for ServerId in Filter processing. 2016-10-18 10:14:19 -04:00
Isaac Connor b385ba7bf4 Merge branch 'master' into improve_filter 2016-10-18 09:59:45 -04:00
Isaac Connor 7c8b99af23 fix bracket problems 2016-10-11 12:43:13 -04:00
Isaac Connor c02b840274 Fix logic when disabling a monitor 2016-10-11 12:10:47 -04:00
Isaac Connor ded1e0ea73 handle when window.open fails 2016-10-11 11:48:29 -04:00
Jeff Vogt 3801d9e43e Disabled autocorrect, autocapitalize, spellcheck on username field for login form 2016-10-10 11:27:36 -07:00
Andrew Bauer 7b574e0d41 Merge pull request #1645 from connortechnology/fix_onvif
Fix onvif
2016-10-04 16:34:58 -05:00
Isaac Connor ac24865647 add NoDetectProfiles instead of reusing NoDetectedCameras 2016-10-04 14:33:51 -04:00
Isaac Connor 6814bcc791 add NoDetectProfiles instead of reusing NoDetectedCameras 2016-10-04 14:33:38 -04:00
Isaac Connor 09c5e3012a username and password don't actually have to be specified 2016-10-04 14:09:32 -04:00
Isaac Connor 21a94a6200 better error message 2016-10-04 10:29:37 -04:00
Isaac Connor 6c3a3d3d50 store the scale value for watch and event views in a cookie, differentiated by monitorId. 2016-09-27 09:46:04 -04:00
Pliable Pixels 92d7cad5f1 enabled utf8 2016-09-21 11:53:34 -04:00
Isaac Connor 5f46b8f942 Merge pull request #1621 from connortechnology/fix_1620
ptzControl expects a monitor object instead of a dbrow array.
2016-09-15 10:18:26 -04:00
Isaac Connor db8cada380 fix merge 2016-09-13 15:01:02 -04:00
Isaac Connor 54db9f2e3a ptzControl expects a monitor object instead of a dbrow array. 2016-09-12 21:36:03 -04:00
Steve Gilvarry 563f4a9d46 Merge pull request #1505 from ZoneMinder/fix_filter_actions
Confirmed check box status is now retained after save and changing filters.
2016-09-11 14:13:51 +10:00
Andrew Bauer e35ef3ce83 Merge pull request #1617 from coracis/master
Update German translation
2016-09-09 08:55:19 -05:00
Andrew Bauer 321deb5506 Merge pull request #1599 from sabbath88/master
add some more translation
2016-09-09 08:40:05 -05:00
corax 070051d06a Merge commit '6fab2e97b1f45115107c4f5138424408f42dc3e9'
For easy pull-requesting
2016-09-09 14:20:03 +02:00
corax 6fab2e97b1 Update German translation of Buffer 2016-09-09 13:32:20 +02:00
corax b10c79b4f7 Add translation for 'Montage Review' 2016-09-09 13:26:19 +02:00
corax 6b18184e4a Remove confusing link to web console 2016-09-09 12:38:30 +02:00
corax 4dc6fc03b3 Add a missing translate()-call 2016-09-09 12:35:34 +02:00
corax 430ecd8e32 Fix some too direct translations into German 2016-09-09 11:51:53 +02:00
corax d017138550 Fix a 'false friend' in German translation 2016-09-09 11:25:12 +02:00
Pliable Pixels 1440dd9265 retab 2016-09-03 15:02:32 -04:00
Pliable Pixels 7bf0b3c423 readded forMonitor - removed by mistake 2016-09-03 14:51:24 -04:00
Pliable Pixels 9a4330eb59 #1537 Zones Controller not returning all zones 2016-09-03 14:46:47 -04:00
Kyle Johnson d6852e10b7 Merge pull request #1609 from connortechnology/fix_1606
implement suggested code to stop the monitor when Function is set to …
2016-09-01 22:57:57 -06:00
Isaac Connor 55f5db55dd implement suggested code to stop the monitor when Function is set to None 2016-09-01 11:43:20 -04:00
David Sabbath Grits 2d44531d1f add some more translation 2016-08-25 14:24:14 +02:00
Andrew Bauer 7d48b2c6c5 Merge pull request #1577 from ZoneMinder/fix_zmaControl
fix error in calling zmaControl
2016-08-17 08:36:51 -05:00
Andrew Bauer ea34f3d69a Merge pull request #1576 from ZoneMinder/show_other_zones
include polygons for the other zones.
2016-08-15 20:36:16 -05:00
Andrew Bauer 31cb86046c Merge pull request #1592 from connortechnology/fix_analysis_frame
Fix analysis frame
2016-08-14 10:54:46 -05:00
Isaac Connor a0bc30d3fe fix the order of analyse/capture being passed 2016-08-12 15:40:47 -04:00