Commit Graph

2001 Commits

Author SHA1 Message Date
Isaac Connor 0eb1efff8b fix eslint errors 2019-02-08 13:48:38 -05:00
Isaac Connor ee3a0c1fd1 fix validateForm running on monitor cancel due to lack of type=button on cancel button 2019-02-08 09:55:32 -05:00
Isaac Connor ca781523a8 Merge branch 'master' into storageareas 2019-02-07 08:57:50 -05:00
Isaac Connor 1039149866 fix buttons on events page. data-onclick-this to data-on-click-this 2019-02-07 08:56:48 -05:00
Isaac Connor d33e094526 Merge branch 'master' into storageareas 2019-02-06 17:03:41 -05:00
Isaac Connor 7e84a5914c fix CSP policy violations on filters view 2019-02-06 13:55:19 -05:00
Isaac Connor 0783802d0c fix CSP violations on events 2019-02-06 13:31:34 -05:00
Isaac Connor b04b67c39d Fix CSP violation in the onclick of the monitor view in montagereview 2019-02-06 12:17:10 -05:00
Isaac Connor 6744a9a116 Make montagereview more robust when the storage area of an event has been deleted. Add the onmouse events using javascript instead of in the html canvas element so that our CSP policy works. 2019-02-06 11:46:55 -05:00
Isaac Connor edaf582eb4 Make montagereview more robust when the storage area of an event has been deleted. Add the onmouse events using javascript instead of in the html canvas element so that our CSP policy works. 2019-02-06 11:46:48 -05:00
Isaac Connor d121ecab75 Merge branch 'improve_session' into storageareas 2019-02-05 15:48:42 -05:00
Isaac Connor 141f2afc8c Merge branch 'master' into storageareas 2019-02-05 15:46:58 -05:00
Isaac Connor 21702dcc68 Merge branch 'master' into improve_session 2019-02-05 12:35:29 -05:00
Isaac Connor a40cd144fa Merge branch 'master' of github.com:ZoneMinder/ZoneMinder 2019-02-05 12:35:15 -05:00
Isaac Connor c54fe7e89a fix state actions 2019-02-05 12:35:06 -05:00
Isaac Connor 78bc2c1dc2 add autocomplete tags to username and password inputs 2019-02-05 11:53:57 -05:00
Isaac Connor a2e04c307d update buttons. reduce duplicated code. Make it so that users with System=View can at least see if there is an update. 2019-01-31 09:40:19 -05:00
Isaac Connor 86b7fe5d29 fix spacing 2019-01-30 16:08:41 -05:00
Isaac Connor 9a3aa49bae Merge branch 'fix_bandwidth' into storageareas 2019-01-30 15:18:16 -05:00
Isaac Connor 533d021dea Merge branch 'master' into storageareas 2019-01-30 15:17:27 -05:00
Isaac Connor 604dbf8776 fix state changing/etc 2019-01-30 14:36:46 -05:00
Isaac Connor 2e2404643f Fix bandwidth due to new actions code. Update buttons on bandwidth popup 2019-01-30 13:20:24 -05:00
Isaac Connor 7ea8be3fa8 spacing, remove non html5 elements 2019-01-25 09:22:08 -05:00
Matt N 8c5687ca30 Fix name/protocol XSS in controlcaps.php. Fixes #2445 (#2479) 2019-01-25 08:35:07 -05:00
Matthew Noorenberghe a3e8fd4fd5 Fix zones.php self-xss. Fixes #2444 2019-01-24 23:40:41 -08:00
Matthew Noorenberghe 47d8c9b066 plugin.php: Remove undefined onclick function reference and enforce CSP
Also fix tag closing.
2019-01-23 19:47:58 -08:00
Matthew Noorenberghe 59cc65411f plugin.php: Fix XSS and directory traversal bugs. Fixes #2436
This view seems like dead code so maybe it should be removed instead.
2019-01-23 19:41:38 -08:00
Isaac Connor 6eb4d7ae27
Filter improvements (#2438)
* Put back code to close the popup when view is none

* clean up and reduce depth of some logic

* Increase width of user popup

* fix code style

* Make execute_filter work on a filter Id instead of name

* rework logic to reduce code depth. Change view to events to display the results of execute.

* Change the redirect to stay on the new view.  When redirecting from executing a filter, it was redirecting to filter.

* Set a form action for correctness. Change execute button to a button instead of a submit. Stay on the filter view when executing
2019-01-23 11:30:51 -05:00
montagdude 4da95369f9 Fix zone area calculation (#2437)
Previous method resulted in bogus zone areas (in the range of
1000s of % of frame area) when entering points with the keyboard, even
after applying commit 4937a68650. This
change implements the method here:

http://mathworld.wolfram.com/PolygonArea.html

It has been tested on ZoneMinder 1.32.3 and works correctly when
either entering coordinates with the keyboard or dragging points with
the mouse.
2019-01-23 10:35:18 -05:00
Isaac Connor cc8de69eba Merge branch 'master' into storageareas 2019-01-22 11:44:42 -05:00
Isaac Connor 2914fb1d58 Update to html5, remove code to close popup (as it is taken care of in skin.js now. Use cache_bust on skin.js 2019-01-22 09:15:25 -05:00
Matt N 0619a4a161 Validate cnj, obr, and cbr arguments in parseFilter (#2434) 2019-01-22 08:03:25 -05:00
Isaac Connor 7260f823cb Merge branch 'master' into storageareas 2019-01-21 13:52:38 -05:00
Isaac Connor a2d4dc974b Merge branch 'master' of github.com:ZoneMinder/ZoneMinder 2019-01-21 11:19:07 -05:00
Isaac Connor e663397816 spacing 2019-01-21 11:17:21 -05:00
Isaac Connor c6311b7079 When logging in, stay on the login view 2019-01-21 11:17:09 -05:00
Matt N 19c272061a Replace MooTools usage for adding window event listeners (#2429) 2019-01-21 11:14:32 -05:00
Matt N d7ebc85d81 Replace remaining `console` inline event handlers (#2432)
* Use a hidden submit button in _monitor_filters rather than onkeydown

* events/console: Convert checkbox header toggle inline event listeners
2019-01-21 11:11:40 -05:00
Isaac Connor f69b77e38f fix eslint complaints 2019-01-19 12:40:17 -05:00
Matt N a1a42345e3 More eslint fixes; eslint in php; add eslint to travis (#2419)
* Add eslint to travis.yml

* Update eslint package versions and apply new indent rules

* Enable the brace-style and block-style eslint rules

* Enable the 'curly' eslint rule

* Enable the 'keyword-spacing' eslint rule

* Enable the 'key-spacing' eslint rule

* Enable the 'object-curly-spacing' eslint rule

* Enable the 'no-new-object' eslint rule

* Only disable the no-caller eslint rule in the one affected file

* Enable the 'no-unused-vars' eslint rule for local variables

* Add linting of JS in .php files
2019-01-19 10:32:40 -05:00
Matt N c0a6e54d60 skins/classic/views/control.php second order sqli (#2422) 2019-01-19 09:46:21 -05:00
Matt N 34e2e47993 controlcap.php: Reflected xss fix with validHtmlStr (#2423) 2019-01-19 09:43:28 -05:00
Matt N d3f8037e58 Replace onclick='submitTab(...' with a click listener (#2424) 2019-01-19 09:42:12 -05:00
Matt N 4e48939660 Add a validateForm event listener and enforce CSP on some views (#2425)
* Add a validateForm event listener and enforce CSP on the controlcap view

* filter.php: Use .validateFormOnSubmit

* server.php: Use .validateFormOnSubmit and fix makePopupButton condition check

* Use .validateFormOnSubmit and enforce CSP on the storage view
2019-01-19 09:41:53 -05:00
Isaac Connor 552e14a971 Merge branch 'master' into storageareas 2019-01-18 10:36:59 -05:00
Matt N 43a1725060 Fix duplicate 'class' attribute in options (#2418) 2019-01-18 10:05:44 -05:00
Matt N eef113b6a7 Convert some characters to HTML entities (#2417) 2019-01-18 10:02:48 -05:00
Matt N deaf651aad Fix eslint violations (#2416)
* Add more JS libraries to eslintignore

* eslint . --fix

Automatic fixes only

* frame.js: eslint fixes

* events.js: manual eslint fixes

* skin.js: manual eslint fixes

* watch.js: manual eslint fixes

* Remove some tabs used for indentation in JS

* state.js: Fix new-cap eslint violation

* Disable guard-for-in eslint rule to get everything passing
2019-01-18 10:00:55 -05:00
Matt N 6bb5aa1b87 More inline JS / nonce conversions (#2415)
* monitor.php: Add nonce and move <script> inside </body>

* export_functions.php: Untested: Add @nonce to <script>

* blank.php: Add @nonce to <script> and add to CSP enforced views

* Enforce CSP on login and privacy views

* group.php: Add nonce and move <script> inside </body>

* filter.php: Add @nonce to <script>

* Fix updateButtons argument on the filter page upon change and page load

* events.php: Add @nonce to <script>
2019-01-18 09:51:06 -05:00
Isaac Connor 599769b701 rework logic of functions to be more verbose about errors. Implement javascript Nonce support when view=none 2019-01-17 08:50:33 -05:00
Isaac Connor 87d1390fed Merge branch 'storageareas' into h265 2019-01-16 15:20:17 -05:00
Isaac Connor f49dd93b6a Merge branch 'master' into storageareas 2019-01-16 14:39:56 -05:00
Isaac Connor 42076ad09b Merge branch 'master' of github.com:ZoneMinder/ZoneMinder 2019-01-16 13:46:01 -05:00
Isaac Connor a2c23d3263 Need nonce in inline script setting display css 2019-01-16 13:45:26 -05:00
Isaac Connor e156a6cda0 logout view should go to logout view 2019-01-16 12:23:18 -05:00
Matt N d33fec9c3f Add a CSP script-src policy with nonce-source and convert more inline event handlers (#2413)
* Add Content-Security-Policy-Report-Only: script-src 'self' 'nonce-' policy

* Use @data-on-click-this to attach inline click event handlers which expect being called with 'this'

Only handle ones that don't return a value.

* Use @data-on-click to attach inline click event handlers with no args and no return value

* Use @data-on-click-true to attach inline click event handlers with 'true' as the only argument

* Enforce a script-src CSP on views without inline JS

* Convert some onchange attributes to data-on-change
2019-01-16 09:59:58 -05:00
Isaac Connor fd696bc066 Merge branch 'master' of github.com:ZoneMinder/ZoneMinder 2019-01-15 11:38:56 -05:00
Isaac Connor ac27005944 remove debug 2019-01-15 11:38:43 -05:00
Isaac Connor 07c7c271a6 prevent error when event has no frames. Fix PathToIndex() -> PathToIndex. Fixes #2411 2019-01-15 11:38:19 -05:00
Matt N 083f284599 Replace onclick inline event handlers for createPopup (#2410)
* Move <script> before </body>

* Change makePopupLink to not use onclick

* Change makePopupButton to not use onclick

* Use .popup-link in control_functions.php

* Use makePopupButton in controlcaps.php

* Prevent double-encoding in makePopup*

* Use makePopupButton in devices.php

* Use makePopupButton in logout.php

* Use makePopupLink in monitor.php

* Use makePopupLink and .popup-link in montage.php

* Use makePopupButton in options.php

* Use makePopupButton, makePopupLink, and .popup-link in zones.php
2019-01-15 09:01:58 -05:00
Isaac Connor f726666f54 Merge branch 'master' into h265 2019-01-14 12:36:11 -05:00
Isaac Connor fc7403fe3d Merge branch 'master' into storageareas 2019-01-13 14:53:34 -05:00
Isaac Connor a282b487d1 load Help from Config as it is not longer always loaded into ram. 2019-01-11 13:55:03 -05:00
Isaac Connor b373577589 fix function view after actions cleanup 2019-01-10 12:08:25 -05:00
Isaac Connor 1d54216e80 spacing 2019-01-09 16:23:58 -05:00
Isaac Connor c1e4fbac6a extend input path and options to the full width of the popup 2019-01-09 12:37:42 -05:00
Isaac Connor 3f5a2a2aa6 disable delete button when event is archived. 2019-01-07 15:56:23 -05:00
Isaac Connor cf0d55d3db Merge branch 'master' into storageareas 2019-01-05 10:59:01 -05:00
David Beitey e6ba8e58ef Fix #2391 by defining monitor variable (#2392) 2019-01-05 10:20:34 -05:00
Isaac Connor 8eb61b1c11 Merge branch 'master' into storageareas 2019-01-05 10:16:38 -05:00
Isaac Connor 5b5905c83a We always use markEids[] now 2019-01-04 16:29:16 -05:00
Isaac Connor de0ef6ce43 Merge branch 'master' into split_actions 2019-01-04 15:55:54 -05:00
Isaac Connor e72e4e7ce4 Spacing, remove some html4 stuff, clean up duplicated hidden form elements. 2019-01-04 15:52:36 -05:00
Isaac Connor 52466c398b Merge branch 'split_actions' into storageareas 2019-01-04 15:28:55 -05:00
Isaac Connor b8d065275b Merge branch 'master' into storageareas 2019-01-04 15:22:18 -05:00
Isaac Connor 5b9bf48945 Merge branch 'master' into split_actions 2019-01-04 09:35:54 -05:00
Isaac Connor dbe9817bc8 Split actions.php into individual files per view 2019-01-04 09:26:34 -05:00
Andrew Bauer 225fca08e3
Merge pull request #2379 from connortechnology/improve_config_efficiency
Improve config efficiency
2019-01-02 19:34:34 -06:00
Isaac Connor 874930d8fc Merge branch 'master' into improve_config_efficiency 2019-01-02 13:07:53 -05:00
Isaac Connor 99471836b7 Use monitor's serverId when loading server object so that images load from recording server. 2019-01-02 11:28:12 -05:00
Isaac Connor 8a1707a615 Add monitorServerId array to provide server info for each monitor so that we can load images from the recording server. 2019-01-02 11:27:46 -05:00
Isaac Connor 79113a6869 Add a default Server object to handle non-multi-server case 2019-01-02 10:56:40 -05:00
Isaac Connor 1a1231fdaa Merge branch 'master' into storageareas 2018-12-28 10:47:27 -05:00
Isaac Connor 101f24feb5
Update area when editing x and y coords (#2366) 2018-12-27 14:28:14 -05:00
Isaac Connor 3e06bbcef8 Merge branch 'master' into storageareas 2018-12-27 13:50:29 -05:00
Andrew Bauer 27dd8166ea
Merge pull request #2362 from connortechnology/small_groups_fixes
Small groups fixes
2018-12-24 11:30:57 -06:00
Isaac Connor e0a9c4a21e fix event popup detection 2018-12-24 11:23:58 -05:00
Isaac Connor 2b8fa653ed Merge branch 'small_groups_fixes' into storageareas 2018-12-24 09:48:36 -05:00
Isaac Connor 27826b4aca Merge branch 'master' into storageareas 2018-12-24 09:48:29 -05:00
Isaac Connor 68adc289fe Fix colspan count now that depth is zero-based 2018-12-24 09:40:23 -05:00
Isaac Connor 1130d6650a Fix spacing and pass popup to previous/next event so that popups stay as popups 2018-12-21 10:50:19 -05:00
Isaac Connor 0bfe1007c8 Merge branch 'master' into storageareas 2018-12-14 10:16:08 -05:00
Andrew Bauer 21a98f3653 Merge branch 'remove_default_view' of https://github.com/connortechnology/ZoneMinder into connortechnology-remove_default_view 2018-12-11 09:44:13 -06:00
Isaac Connor 278abbc201 Merge branch 'master' into remove_default_view 2018-12-11 10:37:26 -05:00
Andrew Bauer 3cf6bf1786
Merge pull request #2243 from connortechnology/add_archive_filter_to_montagereview
Rough in an archived status filter in montagereview.
2018-12-11 09:36:35 -06:00
Andrew Bauer fe5cb4bfdc
Merge pull request #2283 from connortechnology/warn_colour_when_disabled
Use a warning colour when motion detection is disabled.
2018-12-11 09:36:07 -06:00
Andrew Bauer 4d7e98475f
Merge pull request #2297 from connortechnology/introduce_getBodyTopHTML
Introduce get body top html
2018-12-11 09:35:54 -06:00
Andrew Bauer c530337c50
Merge pull request #2331 from connortechnology/fix_ios9
Fix ios9
2018-12-11 09:29:50 -06:00
Isaac Connor c8c34d3f95 Merge branch 'master' into storageareas 2018-12-11 10:21:22 -05:00
Isaac Connor 1e8c4276bb fix #2319 some more. This is fixing rate sticking across gapless events and reload 2018-12-10 17:32:17 -05:00
Isaac Connor a9290759a5 Merge branch 'fix_ios9' into storageareas 2018-12-03 16:25:34 -05:00
Isaac Connor 18ce7c9ea0 Old browsers, specifically Safari on IOS9 doesn't support let. Need to use var instead. 2018-12-03 15:17:16 -05:00
Isaac Connor 4272225a17 Merge branch 'master' into h265 2018-11-30 16:42:16 -05:00
Isaac Connor 7d90a56561 Merge branch 'master' into storageareas 2018-11-30 14:46:42 -05:00
Isaac Connor af2bb992e9 Merge branch 'server_path_prefix' into storageareas 2018-11-29 14:33:46 -05:00
Isaac Connor 17551eacee Merge branch 'server_path_prefix' 2018-11-29 14:27:32 -05:00
Isaac Connor 1c17f334d3 fix missing bits. Implement UrlToIndex in Monitor and fix use of Url(). Implement PathToApi as well 2018-11-29 14:26:30 -05:00
Isaac Connor d83fb2e985 Merge branch 'master' of github.com:ZoneMinder/ZoneMinder 2018-11-29 14:08:03 -05:00
Isaac Connor 5e0d742e26 Use history.go(-1) which works on safari 2018-11-29 14:04:35 -05:00
Andrew Bauer 5a88cbcddb
Merge pull request #2329 from connortechnology/fix_2319
Fix rate resetting
2018-11-29 09:57:13 -06:00
Isaac Connor c0a9fae01f Merge branch 'fix_2319' into storageareas 2018-11-29 09:57:41 -05:00
Isaac Connor 605397b565 Fix rate resetting by storing it in a cookie and using that on initial event load. Fixes #2319 2018-11-29 09:43:21 -05:00
Isaac Connor 1e915e9567 Merge branch 'master' into server_path_prefix 2018-11-28 10:45:36 -05:00
Isaac Connor 57acb2aac6 Merge branch 'server_path_prefix' into storageareas 2018-11-28 10:41:11 -05:00
Isaac Connor a89dd83565 Update to use object instead of db row 2018-11-28 09:55:34 -05:00
Isaac Connor cd13dda294 fix use of instead of 2018-11-28 09:54:22 -05:00
Isaac Connor f8b2ff5c77 rework from Url() to PathToIndex(), PathToZMS(), UrlToIndex() and UrlToZMS() 2018-11-27 17:35:25 -05:00
Isaac Connor b5430a1927 Merge branch 'fix_2317' into storageareas 2018-11-23 15:35:55 -05:00
Isaac Connor 6128d2a4d9 fix #2317 by updating the url encoding of a filter to match events for that monitor 2018-11-23 15:34:23 -05:00
Isaac Connor 19f3cce41f Dont auto-guess pathPrefix 2018-11-23 13:54:14 -05:00
Isaac Connor 7ad19be0d7 Merge branch 'server_path_prefix' into storageareas 2018-11-23 13:29:01 -05:00
Isaac Connor dea5db9dd9 Merge branch 'zmaudit_check_other_storageareas' into storageareas 2018-11-23 11:11:39 -05:00
Isaac Connor c5f7fb7b18 Merge branch 'master' into server_path_prefix 2018-11-22 10:04:33 -05:00
Isaac Connor 62e511cfd1 Merge branch 'master' into h265 2018-11-17 10:41:20 -05:00
Isaac Connor d8d9544497 Merge branch 'master' of github.com:ZoneMinder/ZoneMinder 2018-11-17 10:39:52 -05:00
Isaac Connor 87140ecdb5 white space and quiet warning 2018-11-17 10:39:42 -05:00
Andrew Bauer 5c2e5d89ed
fix gpl mailing address
This makes rpmlint & lintian complain less
2018-11-15 19:53:45 -06:00
Isaac Connor f72651da5a Add auth hash to ajax fps and status calls in zone edit 2018-11-15 12:22:35 -05:00
Isaac Connor e24a308481 Merge branch 'master' into h265 2018-11-14 17:15:37 -05:00
Isaac Connor d89c0bc737 Merge branch 'master' into storageareas 2018-11-14 15:55:00 -05:00
Isaac Connor aa8ac9c31c spaces and quotes 2018-11-14 15:54:45 -05:00
Isaac Connor 3a409b26aa Use buttons instead of anchor tags for Prev/Next/FIrst/Last buttons 2018-11-14 15:54:34 -05:00
Isaac Connor 3be31020b7 Automatically add width to frames view when thumbnails are turned on. 2018-11-14 15:54:01 -05:00
Isaac Connor 490fb40917 DefaultView in the past was used to control whether the watch view starts up with ptz controls visible or the events list. Isaac changed the watch view to always have the controls visible... so this setting is no longer useful. 2018-11-14 09:22:38 -05:00
Isaac Connor e8ed1367d7 Merge branch 'master' into storageareas 2018-11-13 14:22:00 -05:00
Isaac Connor 246765ced9 Add tooltip for sorting monitors 2018-11-11 16:23:19 -05:00
Isaac Connor 82abd04f36 Add type=button to buttons so they don't act like submit buttons 2018-11-07 13:19:42 -05:00
Isaac Connor 702143e51b Create a function called getBodyTopHTML that outputs the body tag and anything else that should go at the top.
Things like the we require javascript message, and any other messages like error messages.
Use this on the monitor and console view to stick an error message at the top when saving a monitor fails.

This is a pretty quick, crude implementation.
2018-11-07 12:33:54 -05:00
Andrew Bauer a50c2bae35
Merge pull request #2289 from connortechnology/audio_only_with_ffmpeg
Audio only with ffmpeg
2018-11-03 20:39:18 -05:00
Isaac Connor 1dac088000 Merge branch 'audio_only_with_ffmpeg' into storageareas 2018-10-31 14:48:24 -04:00
Isaac Connor 589b6f3eef add further note about needing h264 passthrough 2018-10-31 11:35:06 -04:00
Isaac Connor 69f7d36729 Make it clear that audio recording is only for ffmpeg input type 2018-10-31 11:34:30 -04:00
Isaac Connor 80cfb02570 Merge branch 'warn_colour_when_disabled' into storageareas 2018-10-30 12:05:47 -04:00
Isaac Connor f95379742b Use a warning colour when motion detection is disabled. 2018-10-30 12:04:05 -04:00
Isaac Connor 9148d3f7c4 Merge branch 'zone_point_buttons' into storageareas 2018-10-24 12:44:21 -04:00
Isaac Connor 9cf31eafa0 Use a button element instead of an anchor tag for plus and minus point buttons. Cleanup dead code 2018-10-24 12:43:43 -04:00
Isaac Connor ca8770bd5a Merge branch 'fix_rce' into storageareas 2018-10-24 10:17:16 -04:00
Isaac Connor 2024df4393 use json_encode/decode instead of serialize/unserialize to pass onvif probe results around. Also clean up some code/ add some missing things. Fixes #2271 and #2272 2018-10-24 09:49:56 -04:00
Isaac Connor ccd64b0fae Merge branch 'master' of github.com:ZoneMinder/ZoneMinder 2018-10-22 14:21:34 -04:00
Isaac Connor 7e4c54fec0 Use proper buttons and remove extra bootstrap styles from buttons so that they aren't all jammed together 2018-10-22 13:54:27 -04:00