Isaac Connor
|
b87839f785
|
turn off csrf on view=view_video
|
2017-04-19 10:12:51 -04:00 |
Isaac Connor
|
d1d4fa7b8f
|
fix the redirect location
|
2017-04-19 10:02:07 -04:00 |
Isaac Connor
|
7815f1c539
|
introduce a redirect flag global variable to allow us to redirect. Which allows to redirect on successful login so we don't get repost popups
|
2017-04-05 10:05:21 -04:00 |
Isaac Connor
|
b2db0888ae
|
add a warning if csrf_check returns false
|
2017-03-30 10:46:13 -04:00 |
Isaac Connor
|
35067211e0
|
more the csrf to before actions.php
|
2017-03-29 10:19:00 -04:00 |
Isaac Connor
|
3cd9e46df9
|
Merge branch 'knnniggett-csrf' into storageareas
|
2017-03-28 20:44:38 -04:00 |
Andy Bauer
|
eb55a6bb9b
|
set action,view, and/or request to NULL if there are not defined
|
2017-03-28 17:52:31 -05:00 |
Andy Bauer
|
4e16ae6d19
|
add ZM_ENABLE_CSRF_MAGIC toggle
|
2017-03-28 17:29:36 -05:00 |
Andrew Bauer
|
d38bae72ae
|
integrate csrf-magic library
|
2017-03-18 20:12:06 -05:00 |
Kyle Johnson
|
746a096483
|
Merge branch 'master' of github.com:ZoneMinder/ZoneMinder
|
2017-01-27 15:16:33 -07:00 |
Isaac Connor
|
30674919c4
|
always include Storage object, because in the end we will be using it everywhere
|
2017-01-02 10:34:45 -05:00 |
Isaac Connor
|
5ae34a7561
|
Merge branch 'master' into storageareas
|
2017-01-02 09:39:10 -05:00 |
Andy Bauer
|
2dda2d9e1e
|
remove unneeded, empty files
|
2016-12-26 09:49:14 -06:00 |
Andy Bauer
|
254fcbcef7
|
update gpl 2 mailing address in source files
|
2016-12-26 09:23:16 -06:00 |
Isaac Connor
|
69c39f8a23
|
set http_only flag in cookie settings
|
2016-12-14 14:39:44 -05:00 |
Isaac Connor
|
acbc5bc9e3
|
Merge branch 'cookie_http_only' into storageareas
|
2016-12-08 15:20:54 -05:00 |
Isaac Connor
|
772792a1b9
|
remove extra ,
|
2016-12-08 15:20:43 -05:00 |
Isaac Connor
|
7f2bf04c2f
|
Merge branch 'cookie_http_only' into storageareas
|
2016-12-08 14:26:13 -05:00 |
Isaac Connor
|
20793ee822
|
set httpOnly to true on cookie creation. This will override whatever is in php.ini
|
2016-12-08 14:25:29 -05:00 |
Isaac Connor
|
c2d6b3d809
|
fix auth
|
2016-11-29 15:25:10 -05:00 |
Isaac Connor
|
f9af1e7129
|
put authorized check back after including actions.php where it needs to go
|
2016-11-28 11:34:46 -05:00 |
Isaac Connor
|
f153e9b8fb
|
MontageReview should only be visisble to people who can view events. Fix running state
|
2016-10-20 13:38:12 -04:00 |
Isaac Connor
|
67e14bd12f
|
move States loading code into state view where it belongs. Move runnign check into specific places where it is needed. These changes reduce events list load time by about 4 seconds for me.
|
2016-10-20 13:16:50 -04:00 |
Isaac Connor
|
fc540786a5
|
Move login by auth hash out of actions.php and into index.php. Double quotes to single quotes and google code style changes in indx.php
|
2016-10-20 11:51:42 -04:00 |
Isaac Connor
|
01397b6695
|
Merge branch 'iconnor-updated-console' into storageareas
|
2016-05-06 14:31:27 -04:00 |
Isaac Connor
|
83795805f2
|
Move state getting into index.php
|
2016-05-06 14:30:50 -04:00 |
Isaac Connor
|
44e5b566b8
|
Merge branch 'iconnor-updated-console' into storageareas
|
2016-05-06 11:56:24 -04:00 |
Isaac Connor
|
8405db4750
|
Move running=daemonCheck from header to index.php so that it is defined early and can be used everywhere
|
2016-05-06 11:56:03 -04:00 |
Isaac Connor
|
851a81eff7
|
Merge pull request #1406 from ZoneMinder/svg_zones
replace the static zone image with a stream, and use SVG to draw the zones
|
2016-04-11 11:14:11 -04:00 |
Isaac Connor
|
56c2679afd
|
Merge branch 'icon_video' into storageareas
|
2016-04-11 10:30:01 -04:00 |
Andrew Bauer
|
5542788a45
|
make cannot write to content dir an error, rather than fatal
|
2016-04-10 18:45:38 -05:00 |
Isaac Connor
|
bbd33cc159
|
add monitor class so we don't have to everywhere else
|
2016-04-08 13:56:49 -04:00 |
Isaac Connor
|
1b69299c2d
|
Include Monitor object so it can be used elsewhere
|
2016-03-29 14:36:42 -04:00 |
Isaac Connor
|
c309cdaad4
|
include Event object so it can be used elsewhere
|
2016-03-29 12:06:51 -04:00 |
Isaac Connor
|
41d92bbf94
|
need to include Server class
|
2015-12-02 10:26:11 -05:00 |
Isaac Connor
|
644080fd41
|
call CORSHeaders
|
2015-12-02 10:05:27 -05:00 |
Andy Bauer
|
cb7acb36ab
|
Use relative URL's instead of absolute
|
2015-10-24 13:04:54 -05:00 |
Andrew Bauer
|
13aab8a1be
|
Merge pull request #1113 from baffo32/1112-detect-missing-content
Fatal if content dirs are unwritable
|
2015-10-14 06:49:33 -05:00 |
baffo32
|
da8e9dd81b
|
Remove reference to php.ini from timezone error
|
2015-10-13 16:55:38 -04:00 |
baffo32
|
250c3c31e1
|
Revised source-install specific recommendation.
|
2015-10-13 16:45:31 -04:00 |
baffo32
|
362b190641
|
Fatal if content dirs are unwritable
|
2015-10-12 16:16:22 -04:00 |
baffo32
|
4a280a73d1
|
Use Fatal function to report bad timezone
|
2015-10-12 15:43:24 -04:00 |
baffo32
|
d20478a15f
|
Detect invalid timezones
|
2015-10-12 13:22:30 -04:00 |
baffo32
|
7190b532dd
|
Fatal error if date.timezone is unset
|
2015-10-12 13:07:07 -04:00 |
Isaac Connor
|
c0139e87ad
|
define ZM_BASE_PROTOCOL
|
2015-09-17 15:14:43 -04:00 |
Isaac Connor
|
82f5ab5175
|
Fix use of DEFINED. It takes a string not a constant. When COOKIE is not set or has changed, set it
|
2015-05-11 16:22:14 -04:00 |
Isaac Connor
|
01af58018b
|
close the session before requiring the page contents to fix the concurrency issue that exists due to using the file-backed session.
|
2015-04-20 13:06:34 -04:00 |
Isaac Connor
|
0af7d0cc0b
|
check defined(ZM_DEFAULT_SKIN) otherwise php will turn it into a string
|
2015-02-19 16:04:06 -05:00 |
Isaac Connor
|
b159f6ce9e
|
Fatal->Error since Fatal is fatal
|
2015-02-19 15:57:37 -05:00 |
Isaac Connor
|
8eb8cacd56
|
Check to make sure that skin and css are valid.
|
2015-02-19 14:17:33 -05:00 |