Isaac Connor
7ef26275bc
use isset to get rid of warnings when eid is not in REQUEST
2019-08-20 10:28:19 -04:00
Isaac Connor
f09941ed48
timezone errors shouldn't be fatal
2019-08-15 15:16:02 -04:00
Isaac Connor
702cb65d2a
Merge branch 'storageareas'
2019-08-08 13:38:36 -04:00
Isaac Connor
df285006d2
change sortHeader to include eid if it is in the request
2019-08-08 13:34:10 -04:00
Isaac Connor
5b0509e000
When invalid operator terms, use print_r on the term instead of just the operator
2019-08-08 09:26:00 -04:00
Isaac Connor
45afc2a534
introduce array_recursive_diff which we use to compare two arrays in Object::changes
2019-07-24 11:24:37 -04:00
Isaac Connor
fe71a9abaa
php_errormsg is deprecated
2019-07-19 16:32:40 -04:00
Tom Hodder
1336c03f97
WIP: Add pagination to frames.php in classic ( #2618 )
...
* add pagination to the frames.php results
* remove commented code, fix view all paging
* removing debugging logging statements
* default frames paging to on
2019-06-16 12:02:00 -04:00
Isaac Connor
b0869a0b13
spaces and quotes
2019-05-31 10:34:53 -04:00
Isaac Connor
db9ba7eeab
Add StartDateTime and EndDateTime as Sort options. Fixes #2614
2019-05-24 10:02:15 -04:00
Isaac Connor
8f28ba0be3
beter debug and less often when no terms in parseFilter
2019-03-22 17:28:12 -04:00
Isaac Connor
7f7acc18ee
spacing and code doc
2019-03-21 14:14:30 -04:00
Isaac Connor
6efeab5f8d
improve readability of parseFilter
2019-03-20 14:26:48 -04:00
Isaac Connor
778707c8df
Merge branch 'master' into storageareas
2019-03-04 14:33:28 -05:00
Isaac Connor
96e29c0299
fix up remaining issues with cycle updates
2019-03-04 13:35:40 -05:00
Isaac Connor
5da51d51bc
Merge branch 'master' into storageareas
2019-02-26 10:55:51 -05:00
Isaac Connor
2187dea2aa
add namespace to Warnings
2019-02-25 15:11:08 -05:00
Isaac Connor
fd310c0f0a
Merge branch 'master' into storageareas
2019-02-22 11:33:47 -05:00
Isaac Connor
8dd8888975
Php namespace ( #2537 )
...
* experiment with namespaces on the Server class
* experiment with namespaces on the Server class
* Implement the ZM namespace on objects
* Implement the ZM namespace on objects
* Implement the ZM namespace on objects
2019-02-22 09:19:07 -05:00
Isaac Connor
5029d7214a
Merge branch 'master' into storageareas
2019-02-18 17:00:45 -05:00
Mitch Capper
b646284da3
don't quote dbEscape values it will quote it already ( #2529 )
2019-02-17 11:31:28 -05:00
Isaac Connor
555cb4780d
Merge branch 'master' into storageareas
2019-02-10 12:37:45 -05:00
Matthew Noorenberghe
a97711de89
Replace or sanitize remaining uses of PHP_SELF. Fixes #2446
2019-02-09 22:12:36 -08:00
Matthew Noorenberghe
effd609ff7
Escape output of state names. Fixes #2475
2019-02-09 20:40:08 -08:00
Matthew Noorenberghe
6d2f3c265f
events.php: Remove inline event handlers and enforce CSP
2019-02-09 17:34:59 -08:00
Matthew Noorenberghe
fcbc22b6a2
functions.php: Ensure 'limit' request parameter is an integer. Fixes #2456
2019-02-09 17:27:47 -08:00
Matthew Noorenberghe
502f53fad0
functions.php: Fix SQLi in getFormChanges
2019-02-09 17:15:02 -08:00
Matthew Noorenberghe
b2a97ee190
frame.php: Fix multiple XSS from 'show' and 'scale' parameters and enforce CSP.
...
Fixes #2448 , fixes #2449 , and fixes #2447 .
2019-02-09 15:10:45 -08:00
Matthew Noorenberghe
c8066919ff
functions.php: Esacepe textContent in htmlOptions()
2019-02-09 14:14:46 -08:00
Matthew Noorenberghe
02f09aad7f
view=export: Remove inline event handlers and fix arbitrary URL/XSS usage. Fixes #2443
2019-02-09 02:01:26 -08:00
Matthew Noorenberghe
0b38e72f88
view=download: Remove inline event handlers and fix arbitrary URL/XSS usage. Fixes #2441
2019-02-09 01:16:32 -08:00
Isaac Connor
533d021dea
Merge branch 'master' into storageareas
2019-01-30 15:17:27 -05:00
Matt N
8c5687ca30
Fix name/protocol XSS in controlcaps.php. Fixes #2445 ( #2479 )
2019-01-25 08:35:07 -05:00
Matt N
fd6179d7c8
Enforce CSP on many more views ( #2480 )
2019-01-25 08:34:29 -05:00
Matthew Noorenberghe
47d8c9b066
plugin.php: Remove undefined onclick function reference and enforce CSP
...
Also fix tag closing.
2019-01-23 19:47:58 -08:00
Isaac Connor
6eb4d7ae27
Filter improvements ( #2438 )
...
* Put back code to close the popup when view is none
* clean up and reduce depth of some logic
* Increase width of user popup
* fix code style
* Make execute_filter work on a filter Id instead of name
* rework logic to reduce code depth. Change view to events to display the results of execute.
* Change the redirect to stay on the new view. When redirecting from executing a filter, it was redirecting to filter.
* Set a form action for correctness. Change execute button to a button instead of a submit. Stay on the filter view when executing
2019-01-23 11:30:51 -05:00
Isaac Connor
cc8de69eba
Merge branch 'master' into storageareas
2019-01-22 11:44:42 -05:00
Matt N
0619a4a161
Validate cnj, obr, and cbr arguments in parseFilter ( #2434 )
2019-01-22 08:03:25 -05:00
Isaac Connor
7260f823cb
Merge branch 'master' into storageareas
2019-01-21 13:52:38 -05:00
Isaac Connor
a2d4dc974b
Merge branch 'master' of github.com:ZoneMinder/ZoneMinder
2019-01-21 11:19:07 -05:00
Isaac Connor
fbc236128e
add a function to format a time into a duration. Can't use date() because 0 doesn't give us 00:00:00 it gives 19:00:00
2019-01-21 11:16:14 -05:00
Matt N
d7ebc85d81
Replace remaining `console` inline event handlers ( #2432 )
...
* Use a hidden submit button in _monitor_filters rather than onkeydown
* events/console: Convert checkbox header toggle inline event listeners
2019-01-21 11:11:40 -05:00
Matt N
35fb4366b6
Fix recaptcha support with the CSP ( #2420 )
2019-01-19 09:47:04 -05:00
Matt N
4e48939660
Add a validateForm event listener and enforce CSP on some views ( #2425 )
...
* Add a validateForm event listener and enforce CSP on the controlcap view
* filter.php: Use .validateFormOnSubmit
* server.php: Use .validateFormOnSubmit and fix makePopupButton condition check
* Use .validateFormOnSubmit and enforce CSP on the storage view
2019-01-19 09:41:53 -05:00
Isaac Connor
552e14a971
Merge branch 'master' into storageareas
2019-01-18 10:36:59 -05:00
Matt N
6bb5aa1b87
More inline JS / nonce conversions ( #2415 )
...
* monitor.php: Add nonce and move <script> inside </body>
* export_functions.php: Untested: Add @nonce to <script>
* blank.php: Add @nonce to <script> and add to CSP enforced views
* Enforce CSP on login and privacy views
* group.php: Add nonce and move <script> inside </body>
* filter.php: Add @nonce to <script>
* Fix updateButtons argument on the filter page upon change and page load
* events.php: Add @nonce to <script>
2019-01-18 09:51:06 -05:00
Isaac Connor
f49dd93b6a
Merge branch 'master' into storageareas
2019-01-16 14:39:56 -05:00
Isaac Connor
1f3da476b8
switch to single quotes
2019-01-16 14:04:24 -05:00
Isaac Connor
d8ef33396a
If multi-port is on, we need to output CORS headers
2019-01-16 13:44:57 -05:00
Isaac Connor
ba21820fd0
fix typo
2019-01-16 12:10:34 -05:00