86b7fe5d29
fix spacing
2019-01-30 16:08:41 -05:00
4bacd26c98
log redirections
2019-01-30 16:08:24 -05:00
97e3a8178a
use session_regenerate_id instead of other strange code
2019-01-30 16:08:09 -05:00
b09a71d0e2
code style
2019-01-30 16:06:16 -05:00
71f961d012
remove redirect to console on login, as it is done in javascript after Logging in message is displayed
2019-01-30 16:05:51 -05:00
4e10e6f0ae
Merge branch 'improve_session' into storageareas
2019-01-30 15:26:37 -05:00
9a3aa49bae
Merge branch 'fix_bandwidth' into storageareas
2019-01-30 15:18:16 -05:00
e90f49deb9
Merge branch 'storageareas' of github.com:ConnorTechnology/ZoneMinder into storageareas
2019-01-30 15:17:32 -05:00
533d021dea
Merge branch 'master' into storageareas
2019-01-30 15:17:27 -05:00
604dbf8776
fix state changing/etc
2019-01-30 14:36:46 -05:00
2e2404643f
Fix bandwidth due to new actions code. Update buttons on bandwidth popup
2019-01-30 13:20:24 -05:00
cc0b5e0f1f
Move is_session_open to session.php. Move code to clear a session into session.php
2019-01-30 12:52:01 -05:00
0eba430932
remove duplicate line
2019-01-30 11:05:43 -05:00
4e9ce3c5b7
Move session code to includes/session.php
2019-01-30 11:05:36 -05:00
85bb70df68
Use zm specific session functions, which are now located in includes/session.php. Be more agressive about clearing session on logout.
2019-01-30 11:05:19 -05:00
1e56e750cf
Introduce ZM_COOKIE_LIFETIME which sets the life of the SESSION cookie, instead of using what is in php.ini
2019-01-30 11:04:38 -05:00
d310fd0d88
Merge branch 'master' of github.com:ZoneMinder/ZoneMinder
2019-01-25 09:22:14 -05:00
7ea8be3fa8
spacing, remove non html5 elements
2019-01-25 09:22:08 -05:00
9956eae70a
Merge pull request #2483 from connortechnology/fix_user_auth_memleak
...
Now that we are dynamically allocating safer_username and safer_passw…
2019-01-26 01:14:18 +11:00
6d7660cdbd
Now that we are dynamically allocating safer_username and safer_password, need to free them. Also, don't strlen them multiple times for efficiency
2019-01-25 08:46:40 -05:00
8c5687ca30
Fix name/protocol XSS in controlcaps.php. Fixes #2445 ( #2479 )
2019-01-25 08:35:07 -05:00
fd6179d7c8
Enforce CSP on many more views ( #2480 )
2019-01-25 08:34:29 -05:00
a81e7c5221
Safer_username and safer_login should be based on the username and login ( #2482 )
...
(lengths * 2)+1. Control input lengths at user input
2019-01-25 08:33:30 -05:00
99a6db3994
Merge pull request #2481 from mnoorenberghe/2444
...
Fix zones.php self-xss. Fixes #2444
2019-01-25 07:15:08 -06:00
a3e8fd4fd5
Fix zones.php self-xss. Fixes #2444
2019-01-24 23:40:41 -08:00
03590226ac
Merge pull request #2439 from mnoorenberghe/plugin_xss
...
Plugin.php: XSS and directory traversal fixes; Enable CSP script-src
2019-01-24 07:32:57 -06:00
47d8c9b066
plugin.php: Remove undefined onclick function reference and enforce CSP
...
Also fix tag closing.
2019-01-23 19:47:58 -08:00
59cc65411f
plugin.php: Fix XSS and directory traversal bugs. Fixes #2436
...
This view seems like dead code so maybe it should be removed instead.
2019-01-23 19:41:38 -08:00
e53678f869
Can't use a normal subsitution on the Order by field. So parse the sort param instead
2019-01-23 12:22:00 -05:00
8d92375d41
Merge branch 'master' of github.com:ZoneMinder/ZoneMinder
2019-01-23 11:31:10 -05:00
6eb4d7ae27
Filter improvements ( #2438 )
...
* Put back code to close the popup when view is none
* clean up and reduce depth of some logic
* Increase width of user popup
* fix code style
* Make execute_filter work on a filter Id instead of name
* rework logic to reduce code depth. Change view to events to display the results of execute.
* Change the redirect to stay on the new view. When redirecting from executing a filter, it was redirecting to filter.
* Set a form action for correctness. Change execute button to a button instead of a submit. Stay on the filter view when executing
2019-01-23 11:30:51 -05:00
b1cc7bf837
fix code style
2019-01-23 11:20:31 -05:00
b9584bb5d2
Increase width of user popup
2019-01-23 11:18:46 -05:00
58d3583722
clean up and reduce depth of some logic
2019-01-23 11:18:30 -05:00
4da95369f9
Fix zone area calculation ( #2437 )
...
Previous method resulted in bogus zone areas (in the range of
1000s of % of frame area) when entering points with the keyboard, even
after applying commit 4937a68650http://mathworld.wolfram.com/PolygonArea.html
It has been tested on ZoneMinder 1.32.3 and works correctly when
either entering coordinates with the keyboard or dragging points with
the mouse.
2019-01-23 10:35:18 -05:00
124be4eee6
Put back code to close the popup when view is none
2019-01-23 10:18:57 -05:00
ad69915e4a
fix build on libav 9, ubuntu trusty
2019-01-22 13:30:40 -05:00
cc8de69eba
Merge branch 'master' into storageareas
2019-01-22 11:44:42 -05:00
e60e3666d5
Fix comment
2019-01-22 10:53:53 -05:00
2914fb1d58
Update to html5, remove code to close popup (as it is taken care of in skin.js now. Use cache_bust on skin.js
2019-01-22 09:15:25 -05:00
e712cedbde
spacing and quotes
2019-01-22 09:14:44 -05:00
ae703c45ee
Set closePopup=true so that we don't need code in the none view to close the popup. The common code in skin.js will take care of it.
2019-01-22 09:14:33 -05:00
0619a4a161
Validate cnj, obr, and cbr arguments in parseFilter ( #2434 )
2019-01-22 08:03:25 -05:00
e7e45b2d95
Remove jQuery use from top-level event listeners in skin.js since view=none doesn't have $j ( #2433 )
2019-01-22 08:00:39 -05:00
7260f823cb
Merge branch 'master' into storageareas
2019-01-21 13:52:38 -05:00
a81428f701
add a test for a 0 fps passed in to updateFrameRate which would cause an infinite loop. Fixes #2427
2019-01-21 13:30:00 -05:00
189e78b42d
add comments and a test for zm_terminate in the checkCommandQueue while loop
2019-01-21 13:29:20 -05:00
83a652aade
add comments and a test for zm_terminate in the checkCommandQueue while loop
2019-01-21 13:29:14 -05:00
9f588d5758
prevent returning infinity from GetFPS
2019-01-21 13:00:10 -05:00
785c208ecf
Fixes #2426 . Ca should have been endTime
2019-01-21 12:01:46 -05:00
Isaac Connor
Steve Gilvarry
Matt N
Andrew Bauer
Isaac Connor
montagdude