e59eb510e3
update and fix the donate popup
2019-03-05 13:10:04 -05:00
36b00d09e3
fix destination view on the monitors view
2019-03-05 11:02:58 -05:00
8053f61a08
fix eslint missing {}
2019-03-05 11:02:09 -05:00
76ee31bf68
fix eslint missing {}
2019-03-05 11:01:58 -05:00
7cee8356bd
Fix setting frame width when changing from fixed width to scaled
2019-03-04 13:43:03 -05:00
96e29c0299
fix up remaining issues with cycle updates
2019-03-04 13:35:40 -05:00
675b4975b0
Fix control presets
2019-03-01 13:37:34 -05:00
804c384b4c
add Event Notification support to server
2019-02-27 09:29:11 -05:00
53c0fae688
Merge fix from storageareas for archive/delete in events list
2019-02-26 10:22:58 -05:00
627e9f74cf
fix spacing
2019-02-25 15:24:25 -05:00
cbd8ee80f8
add namespace for Monitor
2019-02-24 12:40:40 -05:00
3b06f3015a
redirect to console of successfullogin takes us to login
2019-02-24 10:07:42 -05:00
dd590aa729
remove warning when QUERY_STRING is not set
2019-02-24 10:05:45 -05:00
45778384a6
Merge branch 'release-1.32'
2019-02-22 11:24:23 -05:00
9a2dd06e1d
Fix use of empty which isn't supported in old php. Remove the code entirely as I think it was just cutnpasted from somewhere else. We don't care if it is a new server or not in the validate code.
...
Fixes #2540
2019-02-22 11:22:44 -05:00
410cb70ddb
get rid of js that just does the form submit. Upgrade the button from an input to a button. Use 0 and 1 instead of accept and decline, which allows us to pre-select the current value of ZM_TELEMETRY_DATA. So that if you had previously declined, you won't accidentally accept. This fixes the reported error that choosing decline would cause the setting to not be saved and the privacy popup to happen again. ( #2534 )
2019-02-22 09:20:54 -05:00
8dd8888975
Php namespace ( #2537 )
...
* experiment with namespaces on the Server class
* experiment with namespaces on the Server class
* Implement the ZM namespace on objects
* Implement the ZM namespace on objects
* Implement the ZM namespace on objects
2019-02-22 09:19:07 -05:00
e087522203
remove debug
2019-02-21 14:15:10 -05:00
87988185e5
remove data-on-click-this from markEids[] because we have an onclick bind in initPage
2019-02-19 09:58:03 -05:00
7a8668ea99
whitespace
2019-02-12 16:40:48 -05:00
5a333e153c
show object detected file, if object detection in place ( #2514 )
2019-02-11 10:58:34 -05:00
9675367e03
event.js: Wait for delete request to succeed before navigating. Fixes #2384 ( #2515 )
2019-02-11 09:34:51 -05:00
cdbd59f054
bandwidth.php: Submit to the 'bandwidth' view but render the 'none' view. Fixes #2493
2019-02-10 13:22:08 -08:00
cda4a28fec
Fix accidental use of 'let' in 255806bd54
2019-02-10 11:14:55 -08:00
c9032d3cb4
add autocomplete tags to username and password inputs
2019-02-10 00:27:33 -08:00
99f1e23c5b
Replace usage of PHP_SELF in views/. Fixes #2450
2019-02-09 21:39:19 -08:00
effd609ff7
Escape output of state names. Fixes #2475
2019-02-09 20:40:08 -08:00
d7ede4643d
_monitor_filters.php: Escape MonitorName and Source. Fixes #2457
2019-02-09 19:14:31 -08:00
255806bd54
log.js: Escape HTML to be shown in the log HtmlTable. Fixes #2453
2019-02-09 18:43:55 -08:00
6af2c4ad0e
Escape output of WEB_TITLE, HOME_URL, HOME_CONTENT, & WEB_CONSOLE_BANNER. Fixes #2468
2019-02-09 18:06:21 -08:00
9ce05a9a09
user.php: Escape the Username upon display. Fixes #2467
2019-02-09 17:45:52 -08:00
6d2f3c265f
events.php: Remove inline event handlers and enforce CSP
2019-02-09 17:34:59 -08:00
ef0e5f453a
monitor.php: Fix XSS from LinkedMonitors. Fixes #2463
2019-02-09 17:11:53 -08:00
9705edfe24
monitor.php: Escape monitor method. Fixes #2464
2019-02-09 17:01:45 -08:00
cef54feaf9
monitor.php: Escape a bug of output variables. Fixes #2465
2019-02-09 16:54:06 -08:00
254b7286b4
monitor.php: Escape SignalCheckColour to prevent XSS. Fixes #2451
2019-02-09 16:41:54 -08:00
bb75dad091
filter.php: Escape filter query term value to avoid XSS. Fixes #2462
2019-02-09 15:35:55 -08:00
dd37808ef7
filter.php: Escape AutoExecuteCmd before output to prevent XSS. Fixes #2461
2019-02-09 15:24:13 -08:00
70e59ed546
filter.php: Escape the filter name on output. Fixes #2455
2019-02-09 15:19:15 -08:00
b2a97ee190
frame.php: Fix multiple XSS from 'show' and 'scale' parameters and enforce CSP.
...
Fixes #2448 , fixes #2449 , and fixes #2447 .
2019-02-09 15:10:45 -08:00
7b0ee8a6a2
group: Escape group name in heading. Fixes #2454
2019-02-09 14:05:50 -08:00
fa6716a64b
console: Escape source column output to prevent XSS. Fixes #2452
2019-02-09 02:28:40 -08:00
02f09aad7f
view=export: Remove inline event handlers and fix arbitrary URL/XSS usage. Fixes #2443
2019-02-09 02:01:26 -08:00
61f6a92cc0
view=download: Validate the eid parameter to avoid XSS. Fixes #2442
2019-02-09 01:37:32 -08:00
0b38e72f88
view=download: Remove inline event handlers and fix arbitrary URL/XSS usage. Fixes #2441
2019-02-09 01:16:32 -08:00
0eb1efff8b
fix eslint errors
2019-02-08 13:48:38 -05:00
ee3a0c1fd1
fix validateForm running on monitor cancel due to lack of type=button on cancel button
2019-02-08 09:55:32 -05:00
1039149866
fix buttons on events page. data-onclick-this to data-on-click-this
2019-02-07 08:56:48 -05:00
7e84a5914c
fix CSP policy violations on filters view
2019-02-06 13:55:19 -05:00
0783802d0c
fix CSP violations on events
2019-02-06 13:31:34 -05:00
Isaac Connor
Isaac Connor
Pliable Pixels
Matt N