ZaneYork
/
zoneminder
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
12,732 Commits 20 Branches 69 Tags 131 MiB
Commit Graph

5123 Commits

Author SHA1 Message Date
Isaac Connor b7a6aed1cd Merge branch 'master' into storageareas 2019-02-16 11:51:23 -05:00
Isaac Connor 34873d5636 We must leave ZM_HOME_CONTENT unescaped so that we can insert actual html like image tags 2019-02-16 11:50:09 -05:00
Isaac Connor b25770a2f0 Merge branch 'master' into storageareas 2019-02-13 11:52:31 -05:00
Isaac Connor d0745da11c fix path to Control.php 2019-02-13 11:52:16 -05:00
Isaac Connor a41e8a8834 Merge branch 'master' into storageareas 2019-02-13 11:38:38 -05:00
Isaac Connor 400d4dc27e encode the label on the preset so that weird characters and quotes don't break the button 2019-02-13 11:24:09 -05:00
Isaac Connor dd641793a2 Merge branch 'improve_session' into storageareas 2019-02-13 11:17:30 -05:00
Isaac Connor 91a280e56e need to include session.php in auth.php 2019-02-13 11:17:15 -05:00
Isaac Connor d1b3b23c09 Merge branch 'master' into storageareas 2019-02-13 09:42:03 -05:00
Isaac Connor b6a0e704d2 whitespace, remove xhtml cruft 2019-02-12 16:41:08 -05:00
Isaac Connor 7a8668ea99 whitespace 2019-02-12 16:40:48 -05:00
Isaac Connor 9a0f3801de fix + instead of . 2019-02-12 16:25:31 -05:00
Isaac Connor 2f301cf5fe Merge branch 'master' of github.com:ZoneMinder/ZoneMinder 2019-02-12 13:18:08 -05:00
Isaac Connor 5b9bb93703 fix navbar auth 2019-02-12 13:17:55 -05:00
Andrew Bauer 28f5ac4220
Merge pull request #2518 from connortechnology/reload_zmfilter_on_filter_save 
rough in a control function in Filter object.  Use it to start/stop z…
 2019-02-12 09:26:17 -06:00
timwsuqld f95e9c0363 Fix comment about hiding navbar (#2521) 
Fixes #2520
 2019-02-11 17:14:33 -05:00
Isaac Connor 5ce681b463 instantiate a false Frame object with id = objectect 2019-02-11 16:37:22 -05:00
Isaac Connor 5a924ab176 cleanup redundant code and spacing 2019-02-11 16:29:19 -05:00
Isaac Connor 3871c28089 Merge branch 'master' of github.com:ZoneMinder/ZoneMinder 2019-02-11 14:15:35 -05:00
Isaac Connor 40e0019267 fix all the nav missing when a users Monitors Permission is None 2019-02-11 14:15:24 -05:00
Isaac Connor a3374aa26c Merge branch 'reload_zmfilter_on_filter_save' into storageareas 2019-02-11 13:26:53 -05:00
Isaac Connor 5695be9f32 rough in a control function in Filter object. Use it to start/stop zmfilter processes when filters are deleted or Saved. 2019-02-11 13:21:00 -05:00
Pliable Pixels 5a333e153c show object detected file, if object detection in place (#2514) 2019-02-11 10:58:34 -05:00
Matt N 9675367e03 event.js: Wait for delete request to succeed before navigating. Fixes #2384 (#2515) 2019-02-11 09:34:51 -05:00
Matthew Noorenberghe cdbd59f054 bandwidth.php: Submit to the 'bandwidth' view but render the 'none' view. Fixes #2493 2019-02-10 13:22:08 -08:00
Matthew Noorenberghe cda4a28fec Fix accidental use of 'let' in 255806bd54 2019-02-10 11:14:55 -08:00
Isaac Connor 555cb4780d Merge branch 'master' into storageareas 2019-02-10 12:37:45 -05:00
Isaac Connor c9032d3cb4 add autocomplete tags to username and password inputs 2019-02-10 00:27:33 -08:00
Matthew Noorenberghe c8e41bfee7 log.php: Ensure 'line' is an integer. Helps with #2466 2019-02-10 00:10:39 -08:00
Matthew Noorenberghe a6ee79f428 Fix typo in dbc1c7b72f comment 2019-02-09 22:40:39 -08:00
Matthew Noorenberghe dbc1c7b72f Only output the CSRF Try Again button (and add a warning) when ZM_LOG_DEBUG is on. Fixes #2469 2019-02-09 22:39:54 -08:00
Matthew Noorenberghe a97711de89 Replace or sanitize remaining uses of PHP_SELF. Fixes #2446 2019-02-09 22:12:36 -08:00
Matthew Noorenberghe 99f1e23c5b Replace usage of PHP_SELF in views/. Fixes #2450 2019-02-09 21:39:19 -08:00
Matthew Noorenberghe effd609ff7 Escape output of state names. Fixes #2475 2019-02-09 20:40:08 -08:00
Matthew Noorenberghe d7ede4643d _monitor_filters.php: Escape MonitorName and Source. Fixes #2457 2019-02-09 19:14:31 -08:00
Matthew Noorenberghe c9d597dced logger.php: Don't output Panic messages unless debugging is on. Fixes #2460 2019-02-09 18:51:30 -08:00
Matthew Noorenberghe 255806bd54 log.js: Escape HTML to be shown in the log HtmlTable. Fixes #2453 2019-02-09 18:43:55 -08:00
Matthew Noorenberghe 6af2c4ad0e Escape output of WEB_TITLE, HOME_URL, HOME_CONTENT, & WEB_CONSOLE_BANNER. Fixes #2468 2019-02-09 18:06:21 -08:00
Matthew Noorenberghe 9ce05a9a09 user.php: Escape the Username upon display. Fixes #2467 2019-02-09 17:45:52 -08:00
Matthew Noorenberghe 6d2f3c265f events.php: Remove inline event handlers and enforce CSP 2019-02-09 17:34:59 -08:00
Matthew Noorenberghe fcbc22b6a2 functions.php: Ensure 'limit' request parameter is an integer. Fixes #2456 2019-02-09 17:27:47 -08:00
Matthew Noorenberghe 502f53fad0 functions.php: Fix SQLi in getFormChanges 2019-02-09 17:15:02 -08:00
Matthew Noorenberghe ef0e5f453a monitor.php: Fix XSS from LinkedMonitors. Fixes #2463 2019-02-09 17:11:53 -08:00
Matthew Noorenberghe 9705edfe24 monitor.php: Escape monitor method. Fixes #2464 2019-02-09 17:01:45 -08:00
Matthew Noorenberghe cef54feaf9 monitor.php: Escape a bug of output variables. Fixes #2465 2019-02-09 16:54:06 -08:00
Matthew Noorenberghe 254b7286b4 monitor.php: Escape SignalCheckColour to prevent XSS. Fixes #2451 2019-02-09 16:41:54 -08:00
Matthew Noorenberghe bb75dad091 filter.php: Escape filter query term value to avoid XSS. Fixes #2462 2019-02-09 15:35:55 -08:00
Matthew Noorenberghe dd37808ef7 filter.php: Escape AutoExecuteCmd before output to prevent XSS. Fixes #2461 2019-02-09 15:24:13 -08:00
Matthew Noorenberghe 70e59ed546 filter.php: Escape the filter name on output. Fixes #2455 2019-02-09 15:19:15 -08:00
Matthew Noorenberghe b2a97ee190 frame.php: Fix multiple XSS from 'show' and 'scale' parameters and enforce CSP. 
Fixes #2448, fixes #2449, and fixes #2447.
 2019-02-09 15:10:45 -08:00