2e2404643f
Fix bandwidth due to new actions code. Update buttons on bandwidth popup
2019-01-30 13:20:24 -05:00
cc0b5e0f1f
Move is_session_open to session.php. Move code to clear a session into session.php
2019-01-30 12:52:01 -05:00
0eba430932
remove duplicate line
2019-01-30 11:05:43 -05:00
85bb70df68
Use zm specific session functions, which are now located in includes/session.php. Be more agressive about clearing session on logout.
2019-01-30 11:05:19 -05:00
8c5687ca30
Fix name/protocol XSS in controlcaps.php. Fixes #2445 ( #2479 )
2019-01-25 08:35:07 -05:00
fd6179d7c8
Enforce CSP on many more views ( #2480 )
2019-01-25 08:34:29 -05:00
47d8c9b066
plugin.php: Remove undefined onclick function reference and enforce CSP
...
Also fix tag closing.
2019-01-23 19:47:58 -08:00
6eb4d7ae27
Filter improvements ( #2438 )
...
* Put back code to close the popup when view is none
* clean up and reduce depth of some logic
* Increase width of user popup
* fix code style
* Make execute_filter work on a filter Id instead of name
* rework logic to reduce code depth. Change view to events to display the results of execute.
* Change the redirect to stay on the new view. When redirecting from executing a filter, it was redirecting to filter.
* Set a form action for correctness. Change execute button to a button instead of a submit. Stay on the filter view when executing
2019-01-23 11:30:51 -05:00
cc8de69eba
Merge branch 'master' into storageareas
2019-01-22 11:44:42 -05:00
ae703c45ee
Set closePopup=true so that we don't need code in the none view to close the popup. The common code in skin.js will take care of it.
2019-01-22 09:14:33 -05:00
0619a4a161
Validate cnj, obr, and cbr arguments in parseFilter ( #2434 )
2019-01-22 08:03:25 -05:00
7260f823cb
Merge branch 'master' into storageareas
2019-01-21 13:52:38 -05:00
a2d4dc974b
Merge branch 'master' of github.com:ZoneMinder/ZoneMinder
2019-01-21 11:19:07 -05:00
fbc236128e
add a function to format a time into a duration. Can't use date() because 0 doesn't give us 00:00:00 it gives 19:00:00
2019-01-21 11:16:14 -05:00
b24b930f65
After login go to postlogin, not console. the login view is in a popup so we want to close
2019-01-21 11:15:36 -05:00
d7ebc85d81
Replace remaining `console` inline event handlers ( #2432 )
...
* Use a hidden submit button in _monitor_filters rather than onkeydown
* events/console: Convert checkbox header toggle inline event listeners
2019-01-21 11:11:40 -05:00
35fb4366b6
Fix recaptcha support with the CSP ( #2420 )
2019-01-19 09:47:04 -05:00
4e48939660
Add a validateForm event listener and enforce CSP on some views ( #2425 )
...
* Add a validateForm event listener and enforce CSP on the controlcap view
* filter.php: Use .validateFormOnSubmit
* server.php: Use .validateFormOnSubmit and fix makePopupButton condition check
* Use .validateFormOnSubmit and enforce CSP on the storage view
2019-01-19 09:41:53 -05:00
552e14a971
Merge branch 'master' into storageareas
2019-01-18 10:36:59 -05:00
6bb5aa1b87
More inline JS / nonce conversions ( #2415 )
...
* monitor.php: Add nonce and move <script> inside </body>
* export_functions.php: Untested: Add @nonce to <script>
* blank.php: Add @nonce to <script> and add to CSP enforced views
* Enforce CSP on login and privacy views
* group.php: Add nonce and move <script> inside </body>
* filter.php: Add @nonce to <script>
* Fix updateButtons argument on the filter page upon change and page load
* events.php: Add @nonce to <script>
2019-01-18 09:51:06 -05:00
599769b701
rework logic of functions to be more verbose about errors. Implement javascript Nonce support when view=none
2019-01-17 08:50:33 -05:00
f49dd93b6a
Merge branch 'master' into storageareas
2019-01-16 14:39:56 -05:00
1f3da476b8
switch to single quotes
2019-01-16 14:04:24 -05:00
b1cc0c2b82
add CSP nonce to CSRF rewriting
2019-01-16 14:04:07 -05:00
d8ef33396a
If multi-port is on, we need to output CORS headers
2019-01-16 13:44:57 -05:00
ba21820fd0
fix typo
2019-01-16 12:10:34 -05:00
eee1d871e0
get rid of default value for PathToIndex so that it will use PHP_SELF instead
2019-01-16 12:09:26 -05:00
d33fec9c3f
Add a CSP script-src policy with nonce-source and convert more inline event handlers ( #2413 )
...
* Add Content-Security-Policy-Report-Only: script-src 'self' 'nonce-' policy
* Use @data-on-click-this to attach inline click event handlers which expect being called with 'this'
Only handle ones that don't return a value.
* Use @data-on-click to attach inline click event handlers with no args and no return value
* Use @data-on-click-true to attach inline click event handlers with 'true' as the only argument
* Enforce a script-src CSP on views without inline JS
* Convert some onchange attributes to data-on-change
2019-01-16 09:59:58 -05:00
fd696bc066
Merge branch 'master' of github.com:ZoneMinder/ZoneMinder
2019-01-15 11:38:56 -05:00
3182d8bab7
implement to_json method so that defaults get included
2019-01-15 11:36:56 -05:00
07d8ac1d49
implement timezone check function ( #2387 )
...
* implement timezone check function
* remove comment
* also check if the timezone is valid
* whitespace
2019-01-15 09:05:11 -05:00
083f284599
Replace onclick inline event handlers for createPopup ( #2410 )
...
* Move <script> before </body>
* Change makePopupLink to not use onclick
* Change makePopupButton to not use onclick
* Use .popup-link in control_functions.php
* Use makePopupButton in controlcaps.php
* Prevent double-encoding in makePopup*
* Use makePopupButton in devices.php
* Use makePopupButton in logout.php
* Use makePopupLink in monitor.php
* Use makePopupLink and .popup-link in montage.php
* Use makePopupButton in options.php
* Use makePopupButton, makePopupLink, and .popup-link in zones.php
2019-01-15 09:01:58 -05:00
fc7403fe3d
Merge branch 'master' into storageareas
2019-01-13 14:53:34 -05:00
c834fbe462
the filter action should singular filter, not filters
2019-01-13 14:52:39 -05:00
b373577589
fix function view after actions cleanup
2019-01-10 12:08:25 -05:00
f3a807f1f8
Merge branch 'master' into storageareas
2019-01-07 09:21:25 -05:00
b4f8500cb5
Merge branch 'split_actions'
2019-01-05 18:33:04 -05:00
3f10553464
Fix include path to Monitors.php
2019-01-05 18:32:53 -05:00
1a75cf333e
Merge branch 'master' into storageareas
2019-01-05 11:12:38 -05:00
e34a5e972a
fix missing }
2019-01-05 11:12:26 -05:00
8eb61b1c11
Merge branch 'master' into storageareas
2019-01-05 10:16:38 -05:00
5b5905c83a
We always use markEids[] now
2019-01-04 16:29:16 -05:00
0e20666992
fix eventdetail actions being in events
2019-01-04 15:43:31 -05:00
ab198bfd75
remove master version of actions.php
2019-01-04 15:29:21 -05:00
52466c398b
Merge branch 'split_actions' into storageareas
2019-01-04 15:28:55 -05:00
b8d065275b
Merge branch 'master' into storageareas
2019-01-04 15:22:18 -05:00
e2f32ab091
Upgrade config saving
2019-01-04 09:43:36 -05:00
7ec96655c3
fix missing ! when testing for permission on editing config
2019-01-04 09:37:26 -05:00
5b9bf48945
Merge branch 'master' into split_actions
2019-01-04 09:35:54 -05:00
46adcbb66b
Merge branch 'master' of github.com:ZoneMinder/ZoneMinder
2019-01-04 09:34:51 -05:00
edeaa07c12
Fix no quotes around Id
2019-01-04 09:34:42 -05:00
6cad852e11
fix path to MontageLayout
2019-01-04 09:34:18 -05:00
dbe9817bc8
Split actions.php into individual files per view
2019-01-04 09:26:34 -05:00
874930d8fc
Merge branch 'master' into improve_config_efficiency
2019-01-02 13:07:53 -05:00
5060358870
Merge branch 'master' into storageareas
2018-12-29 09:56:53 -05:00
d14e9ecf74
force overloadframes and ExtendAlarmFrames to int ( #2373 )
2018-12-29 09:53:31 -05:00
1a1231fdaa
Merge branch 'master' into storageareas
2018-12-28 10:47:27 -05:00
a029909972
fix path to thumb and anal images ( #2367 )
2018-12-28 10:46:13 -05:00
fb37fc48e1
update viewImagePatch ( #2370 )
2018-12-28 10:38:39 -05:00
28dafd5931
Merge branch 'storageareas' into zma_to_thread
2018-12-26 12:02:00 -05:00
5f9a113da1
redirect to montage rather than montagereview
2018-12-26 10:34:01 -06:00
2b8fa653ed
Merge branch 'small_groups_fixes' into storageareas
2018-12-24 09:48:36 -05:00
e0cae5709f
Group::find is now more powerful so we can just use it to return all Groups to be deleted
2018-12-24 09:39:40 -05:00
63199289ad
Change depth function to be 0-based.
2018-12-24 09:38:55 -05:00
7a8beffdcc
Merge branch 'master' into storageareas
2018-12-20 15:10:52 -05:00
a277f697e9
whitespace
2018-12-20 14:58:38 -05:00
0bfe1007c8
Merge branch 'master' into storageareas
2018-12-14 10:16:08 -05:00
567b60ffa7
support for forwarded proto/port in Server.php ( #2343 )
2018-12-13 10:24:32 -05:00
8d74354fcb
Merge pull request #2242 from connortechnology/cleanup_auth
...
Cleanup auth
2018-12-12 20:53:24 -06:00
eba8b3327d
Merge branch 'master' into cleanup_auth
2018-12-11 16:04:42 -05:00
4d7e98475f
Merge pull request #2297 from connortechnology/introduce_getBodyTopHTML
...
Introduce get body top html
2018-12-11 09:35:54 -06:00
c8c34d3f95
Merge branch 'master' into storageareas
2018-12-11 10:21:22 -05:00
e1ecd47bff
Fix missing use of UrlToApi
2018-12-11 09:40:40 -05:00
a1141d2dc4
remove second use of HTTP_HOST and use a better method of stripping off port from HTTP_HOST
2018-12-07 08:39:23 -05:00
757e538550
strip port from HTTP_HOST
2018-12-06 17:12:03 -05:00
2df6d74a3e
Merge branch 'master' into storageareas
2018-12-02 17:15:12 -05:00
e327ad100e
fix WebSite camera startup issue
2018-12-01 17:03:50 -06:00
cae6ffd5a3
use HTTP_HOST instead of SERVER_NAME
2018-12-01 13:27:08 -06:00
7d90a56561
Merge branch 'master' into storageareas
2018-11-30 14:46:42 -05:00
8c626c984b
Need to pass port through all Url functions
2018-11-30 14:45:58 -05:00
fe45e83bb4
Fix PathToIndex
2018-11-29 15:54:25 -05:00
4cf7ff7fe4
Merge branch 'server_path_prefix' into storageareas
2018-11-29 15:53:58 -05:00
3bd5774ea1
Default to PathToIndex should have the index.php in it
2018-11-29 15:53:19 -05:00
af2bb992e9
Merge branch 'server_path_prefix' into storageareas
2018-11-29 14:33:46 -05:00
1c17f334d3
fix missing bits. Implement UrlToIndex in Monitor and fix use of Url(). Implement PathToApi as well
2018-11-29 14:26:30 -05:00
4625f7c879
Merge branch 'master' into storageareas
2018-11-28 10:46:49 -05:00
1e915e9567
Merge branch 'master' into server_path_prefix
2018-11-28 10:45:36 -05:00
57acb2aac6
Merge branch 'server_path_prefix' into storageareas
2018-11-28 10:41:11 -05:00
f8b2ff5c77
rework from Url() to PathToIndex(), PathToZMS(), UrlToIndex() and UrlToZMS()
2018-11-27 17:35:25 -05:00
17c1933913
remove an extra l
2018-11-26 16:20:15 -05:00
19f3cce41f
Dont auto-guess pathPrefix
2018-11-23 13:54:14 -05:00
7ad19be0d7
Merge branch 'server_path_prefix' into storageareas
2018-11-23 13:29:01 -05:00
dea5db9dd9
Merge branch 'zmaudit_check_other_storageareas' into storageareas
2018-11-23 11:11:39 -05:00
c5f7fb7b18
Merge branch 'master' into server_path_prefix
2018-11-22 10:04:33 -05:00
b16cd7ec84
Merge branch 'h265' into zma_to_thread
2018-11-20 12:38:17 -05:00
62e511cfd1
Merge branch 'master' into h265
2018-11-17 10:41:20 -05:00
415d43fafb
Include Server Name when testing for CORS. Also be case insensitive.
2018-11-15 12:23:52 -05:00
e24a308481
Merge branch 'master' into h265
2018-11-14 17:15:37 -05:00
9d5772b517
Merge branch 'fix_multiserver_daemon_restarting' into storageareas
2018-11-14 13:02:30 -05:00
786ca5b22a
implement remove service restart for zma. Use daemonControl instead of saving the monitor when restarting zmc
2018-11-14 13:00:19 -05:00
Isaac Connor
Matt N
Isaac Connor
Andrew Bauer
Mike Rosack
Andrew Bauer