Commit Graph

8 Commits

Author SHA1 Message Date
Matt N 33092e4022 Allow API authentication using the `auth` query parameter containing an auth. hash. (#1845)
* Allow API authentication using the `auth` query parameter containing an auth. hash.

Fixes #1827

The same auth. hash for zms is used here. This allows consumers to use the API without sending the password in the query string and not require forging logins via the login form.

* Move logger.php's global Debug function to Logger::Debug to avoid polluting globals

This avoids a conflict with CakePHP when logger.php gets included indrectly from API code.

* Protect action=login when ZM_ENABLE_CSRF_MAGIC is enabled
2017-05-15 21:51:48 -04:00
Isaac Connor 41dab0750e turn whatever gets output into html escaped html so that nothing gets revealed 2017-01-27 21:30:22 -05:00
Isaac Connor a2a3bda2e1 remove unneccessary quoting and escaping 2013-12-06 15:51:36 -05:00
Isaac Connor 60e2703637 fix missing n 2013-10-17 17:01:37 -04:00
Isaac Connor 36c4fad644 remove extra quoets since dbEcape does quoting now 2013-10-17 15:35:23 -04:00
Isaac Connor 9e2d7cfd24 initial convert to PDO with no testing 2013-10-16 16:07:58 -04:00
stan 07fca2ad9a Fixed environment fetching when in cli mode and logfile error message.
git-svn-id: http://svn.zoneminder.com/svn/zm/trunk@3471 e3e1d417-86f3-4887-817a-d78f3d33393f
2011-06-27 16:15:59 +00:00
stan 6ff385e407 git-svn-id: http://svn.zoneminder.com/svn/zm/trunk@3459 e3e1d417-86f3-4887-817a-d78f3d33393f 2011-06-21 09:19:10 +00:00