Commit Graph

52 Commits

Author SHA1 Message Date
Isaac Connor 5bf894d263 guard against unsafe monitor name 2014-06-05 15:23:15 -04:00
Isaac Connor 0689e8453c guard against dangerous (old or new) monitor names
by rogerroger288
2014-06-05 15:21:28 -04:00
Isaac Connor baf5da9561 guard against monitor names being dangerous
by rogerroger288
2014-06-05 15:20:04 -04:00
Isaac Connor 5ae3cb8907 merge some security fixes from rogerroger288 2014-06-05 15:14:12 -04:00
m-bene 28f62c4f8f remove call of undefined "fixDevices" function 2014-04-26 04:23:36 +02:00
Maciej Czerniak 50a9055601 fix sql error which prevents remote login from working 2014-04-13 09:54:11 +02:00
m-bene f22b956b8b do not quote column names in parse filter 2014-04-08 09:07:59 +02:00
Isaac Connor ffa952419c Merge branch 'mysql2PDO'
Conflicts:
	distros/ubuntu1204/changelog
	scripts/ZoneMinder/lib/ZoneMinder/ConfigAdmin.pm
	web/includes/actions.php
2014-03-20 16:48:03 -04:00
Andrew Bauer f435435481 Merge remote branch 'nagyrobi/patch-17' into nagyrobi 2014-02-26 09:15:05 -06:00
Andrew Bauer b4679f0a8c Add the ability to set up the Date and time formats by the language files, according to that language's regionals.
The patch allows to set up a global default, in case the language file doesn't contain the date and time definitions.

These definitions are removed from here and added with checking option to the later stage after loading the language files.
2014-02-26 09:14:04 -06:00
Isaac Connor 7b26636bcd Merge pull request #280 from ZoneMinder/zmfixremoval
Remove zmfix
2013-12-22 11:22:18 -08:00
Miklos Marton 5de638214b In the web/includes/functions.php there were some html formatting errors in the outputVideoStream function.
These errors were:
- Unclosed object and embed tags
- param tags without closing tags

These errors lead to rendering errors when using the mobile skins with some specific streaming options.
2013-12-22 15:17:21 +01:00
Kfir Itzhak e9bb632a78 Remove zmfix 2013-12-22 16:08:17 +02:00
Isaac Connor 0c58957e04 fixes 2013-12-17 14:58:06 -05:00
Isaac Connor 4c348cf159 more updates 2013-12-17 11:16:20 -05:00
Isaac Connor a2a3bda2e1 remove unneccessary quoting and escaping 2013-12-06 15:51:36 -05:00
Isaac Connor 86b04d0e6f fixup dbFetchMOnitor 2013-12-06 14:22:07 -05:00
Philipp Rehs d4babd23f1 Fix checkJsonError messages
The $value string was not set inside checkJsonError, so it was not possible to see the data which caused the error
2013-11-30 18:13:02 +01:00
Isaac Connor 969918781f more updates, currently the log updates are not enough. Filtering does not work. 2013-11-13 10:11:16 -05:00
Isaac Connor 463d8a136f Merge branch 'master' into mysql2PDO
Conflicts:
	zm.conf.in
2013-11-08 11:22:09 -05:00
Isaac Connor 03809cfa0f improve error reporting 2013-11-07 10:58:27 -05:00
Isaac Connor 4c6c415f02 fix: wrote dbCon instead of dbConn 2013-11-07 10:03:19 -05:00
Kfir Itzhak be21a882ab Merge pull request #242 from ZoneMinder/removeversionnumberfromzm.conf
Remove ZM_VERSION from zm.conf
2013-11-04 12:27:50 -08:00
Isaac Connor 51455b5c85 more updates and removal of escaping and quoting 2013-11-04 12:43:34 -05:00
Isaac Connor 7989e8e980 Merge branch 'master' into mysql2PDO 2013-11-03 16:07:37 -05:00
Isaac Connor 3fa91a30a3 allow the value side of config lines potentially be empty. 2013-11-03 15:52:37 -05:00
Isaac Connor 72b80d7417 remake this branch off master instead of off mysql2PDO.
Establish an automake substitution of @VERSION@ and use it throughotu to override whatever is in zm.conf
2013-11-01 09:47:28 -04:00
Isaac Connor 7fdb933d6b rework dbQuery, dbFetchOne to take a parameters array, and use it 2013-10-18 14:15:24 -04:00
Isaac Connor cde89a7144 more quoting removal, some slight optimisations 2013-10-17 21:03:24 -04:00
Isaac Connor 92591a6835 more removal of quotes 2013-10-17 17:05:50 -04:00
Isaac Connor ef765afa2d Merge branch 'master' into mysql2PDO 2013-10-17 17:02:44 -04:00
Isaac Connor 60e2703637 fix missing n 2013-10-17 17:01:37 -04:00
Isaac Connor 09fbdc9e35 forget the updates to this file 2013-10-17 16:57:05 -04:00
Isaac Connor 0979830b91 more removal of exra quotes 2013-10-17 15:54:17 -04:00
Isaac Connor 36c4fad644 remove extra quoets since dbEcape does quoting now 2013-10-17 15:35:23 -04:00
Isaac Connor 870a59bed4 fix missing <?php. The missing full size tag makes the file fail when short tags are turned off 2013-10-17 14:23:25 -04:00
Isaac Connor b126c5ae7e fix typo 2013-10-16 16:55:24 -04:00
Isaac Connor 9e2d7cfd24 initial convert to PDO with no testing 2013-10-16 16:07:58 -04:00
Isaac Connor 34f84a4097 Merge branch 'v1.26.4-beta' 2013-10-03 10:14:09 -04:00
Knniggett 6d00540b5d Improve Chrome browser support & log streaming events 2013-09-21 14:52:41 -05:00
Isaac Connor b08a8252c4 Merge branch 'dukess-master' into v1.26.4-beta
Conflicts:
	scripts/zmupdate.pl.in
2013-09-18 13:03:54 -04:00
Isaac Connor c9ad6e661a Merge branch 'master' of https://github.com/dukess/ZoneMinder into dukess-master 2013-09-18 12:57:26 -04:00
Serguei S. Dukachev ed9f647dd7 Update actions.php
SQL-ERR 'Incorrect integer value: '' for column 'Enabled' at row 1', statement was 'update Monitors set Function = 'Monitor', Enabled = '' where Id = '2''
2013-09-13 03:48:01 -07:00
Richard Kojedzinszky 0f5c90bbe4 Rewritten the query to allow mysql to use indexes
On a system with heavy logging, without this the login procedure took
too long.
2013-09-12 22:46:26 +02:00
Isaac Connor ab1314f250 clean out autogenerated files 2013-09-12 14:43:57 -04:00
Kyle Johnson c8ad6ae656 Fixes #107 for real this time. 2013-09-05 20:31:52 -04:00
Kyle Johnson d47aaec775 Merge pull request #92 from knnniggett/patch-9
Update getBrowser() to match IE10
2013-09-03 06:38:13 -07:00
Kyle Johnson 2f92689d7e Resolving CVE-2013-0232 - this should fix #93. 2013-08-30 21:53:19 -04:00
Andy de51926434 Update getBrowser() to match IE10
Updates the preg_match expression to match Internet Explorer 10. The previous pattern would not detect IE10, and hence zoneminder would not attempt to stream via Cambozola, which leaves IE10 users looking at a broken link.

NOTE: There is another file in the zoneminder source tree, AssetDispatcher.php, that also uses the same pattern match expression.  It is part of the Cake folder, which I am not familiar with.  Please advise if we should edit that file as well.
2013-08-29 17:41:20 -05:00
nagyrobi 60ea6a387d Update lang.php
Add the ability to set up the Date and time formats by the language files, according to that language's regionals.
The patch allows to set up a global default, in case the language file doesn't contain the date and time definitions.

Here we look if the constants are already defined or not, if they are not, define them to the original defaults.
2013-08-16 12:05:33 +02:00