Commit Graph

165 Commits

Author SHA1 Message Date
Isaac Connor 93b0552ed7 Update saving Users. Don't allow restrictions on admin user. Fix CSP violations. 2020-06-23 22:18:45 -04:00
Isaac Connor f73cb3bebe Don't start filter if the command was execute 2020-06-17 13:36:28 -04:00
Isaac Connor f06dc3f171 Update group save action, using Group object methods. Fixes errors on new MariaDB 2020-04-23 15:16:22 -04:00
Isaac Connor e770be2e13 Merge branch 'release-1.34' 2020-04-23 10:26:16 -04:00
Isaac Connor d0e83fcfcb handle case where g-recaptcha-response is not in the request, due to failure to render the recaptcha 2020-04-21 09:19:29 -04:00
Isaac Connor 571ff260cc Merge branch 'release-1.34' 2020-04-04 16:35:09 -04:00
Isaac Connor f81cfc0513 add 1 month as an option to the version popup dropdown 2020-04-04 11:46:31 -04:00
Isaac Connor 599960ef05 Update group save action, using Group object methods. Fixes errors on new MariaDB 2020-03-28 10:09:13 -04:00
Isaac Connor c3bcdcff64 Use zm_session_start instead of session_start 2020-03-27 14:30:42 -04:00
Isaac Connor 50700031b1 Use zm_session_start instead of session_start 2020-03-27 13:05:12 -04:00
Isaac Connor af36cc3e52 Fix starting and stopping zmcontrol processes across servers. 2020-03-26 13:57:00 -04:00
Isaac Connor 0c70c5c2a4 Save value of V4LMultiBuffer and fix it not being checked for the Use Config Value 2020-02-25 18:14:27 -05:00
Isaac Connor 1a87eb40bd Fixes #2841 and maintains login through password change 2020-02-19 16:55:38 -05:00
Isaac Connor 1c2f2657d2 We don't do automatic login when recaptcha is enabled, so add the login calls on successful recaptcha 2020-02-04 16:41:19 -05:00
Isaac Connor 02e9096d2b When saving an existing Filter and we are unchecking Background, need to stop the filter before saving. Remove dead code 2020-01-13 17:32:57 -05:00
Isaac Connor f61f6eaf7d remove line cutnpasted erroneously 2020-01-10 12:45:47 -05:00
Isaac Connor e951b0af1c add code to set default value for checkboxes 2020-01-03 16:35:04 -05:00
Isaac Connor ea89ebf150 more mysql8 fixes 2019-12-08 21:33:29 -05:00
Isaac Connor 3bd0525e64 escape column names for mysql8 2019-12-08 14:27:07 -05:00
Isaac Connor eedb31730e fix saving Monitor values that don't get passed when empty, like Enabled 2019-11-29 14:49:43 -05:00
Isaac Connor 5b02bc76f4 Fix donate now functionality. Improve zmWindow to take an optional sub path so that we can target /donate directly 2019-11-05 10:07:42 -05:00
Isaac Connor 968c28395d close group popup when saving 2019-11-01 13:39:40 -04:00
Isaac Connor eb2269ea52 improve zone saving testing for value before doing math 2019-10-29 17:42:23 -04:00
Isaac Connor ebebcad10d Merge branch 'master' of github.com:zoneminder/ZoneMinder 2019-10-16 10:13:31 -04:00
Isaac Connor 7146bdd59a IN order to allow specifying a monitor Id that has been deleted, use monitor->Id instead of mid to test for monitor existence 2019-10-16 10:08:30 -04:00
Isaac Connor 4126554092 Move sendControlCommand out of includes/control_functions.php into Monitor.php. Make it smarted about talking to zmcontrol.pl. Fix sending the quit command 2019-10-08 18:07:33 -04:00
Isaac Connor 3d6cab8360 Must force hash regeneration on login. Old hash may be from different user 2019-09-28 17:57:45 -04:00
Isaac Connor 7a3134ae5e Fix restart login in functions. Only start zmc if function is not None and start zma if it isn't None or NoDect. Even if disabled, we still run zma so that we can send it a signal to enable motion detection. 2019-09-28 10:26:50 -04:00
Isaac Connor 5c80e098c5 Only save Group changes if there were changes 2019-09-25 10:14:12 -04:00
Isaac Connor 538478ff1c Need to -1 on the dimensions when comparing to points as they are 0-based 2019-09-23 11:48:58 -04:00
Isaac Connor 1dd09923eb Add special case for just rotating the monitor dimensions and add out of bounds check for zone points 2019-09-23 11:42:49 -04:00
Isaac Connor b9b52c964e Upgrade monitor saving and viewing 2019-09-19 14:56:16 -04:00
Isaac Connor 458268d866 Merge branch 'master' into update_monitor_saving 2019-09-18 11:40:09 -04:00
Isaac Connor 32a1ab58b5 remove use of userLogin which was removed recently 2019-09-15 12:19:35 -04:00
Isaac Connor 8103156436 when deleting multiple events, each event has to be it's own transaction due to locking 2019-09-09 09:16:52 -04:00
Isaac Connor 056449590a Update Monitor object, using Object methods for saving monitors 2019-09-08 12:26:11 -04:00
Isaac Connor 320bf823c5 Don't report errors when creating monitor symlink when it already exists 2019-08-28 09:18:33 -04:00
Isaac Connor f01bedb33e Merge branch 'master' of github.com:ZoneMinder/zoneminder 2019-08-26 18:49:12 -04:00
Isaac Connor 231c9c3902 move executeFilter to Filter->execute. If no changes have been made, don't make a tempfilter. 2019-08-26 18:48:34 -04:00
Isaac Connor 82e8bde406 Fix SaveAs 2019-08-26 16:19:19 -04:00
Isaac Connor 84492f29b1
Fix token auth sessions (#2676)
* If token is present do token based auth and do not do anything with session

* update HostController.  Use config constants, don't use sessions

* Remove Session from the components list

* spacing

* Remove Session from App Components list.

* Move APIEnabled check to the api from auth.php

* Rework auth.  login using username and password only occurs on login action now.  Including auth.php should not touch the session.  auth_hash logins no longer touch the session.  replace userLogin with a function called validateUser which matches the semantics of validateToken.

* remove debugging

* Add session storage if stateful query param is on, but only for LEGACY_API_AUTH

* fix mUser to username, etc.

* shuffle lines

* use  instead of session when generating auth hash.

* Add docs regarding the use of cookies and stateful query param

* Only open/close session if we are clearing a session var

* Use zm_session_start instead of session_start

* Should use zm_session_start instead of session_start

* document that zm_session_start should be called previously to session_regenerate_id

* Don't actually write out the session when generating auth hashes.  Means they should never actually persist.

* More backticking of SQL

* add .. to fix #2686

* Use material icons for sort because they look nicer

* fix typo

* have to add authhash to session on login

* restore username&password login for all urls

* fix

* fixes
2019-08-20 09:46:53 -04:00
Isaac Connor 1892528679 quotes 2019-08-08 09:26:15 -04:00
Isaac Connor d4b59211cd Merge branch 'master' into storageareas 2019-08-07 11:21:19 -04:00
Isaac Connor 7e6b0058d2 Update Zone buttons. Fix double submit. Fixes #2671 2019-08-02 08:04:38 -04:00
Isaac Connor 9b6dedb35d Update Filter saving action to use object set/save etc 2019-07-23 09:58:28 -04:00
Pliable Pixels 98bf7800b0 remove a password log, corrected PHP version in log (#2627)
* remove a password log, corrected PHP version in log

* PHP version correction
2019-06-16 11:59:48 -04:00
Isaac Connor 4b9b2015cb write a note why regnerateAuthHash doesn't work when saving config 2019-06-04 16:30:57 -04:00
Isaac Connor cc269378cf regenerate auth_hash in session because we might have changed an auth hash setting 2019-06-04 16:27:25 -04:00
Isaac Connor eaa1939f6b comment out debug lines 2019-05-31 10:35:54 -04:00
Isaac Connor 274737d1b1 Fix moocord to mocord. 2019-05-31 10:35:18 -04:00
Isaac Connor 75ec4818a6 WHen saving a monitor, only start zmc and zma if appropriate 2019-05-31 10:15:02 -04:00
Isaac Connor ba96f0709c fix saving user using password_hash 2019-05-30 09:58:54 -04:00
Isaac Connor 628760d5b9 Spacing and braces cleanup from asker's code 2019-05-29 10:29:03 -04:00
Isaac Connor c4d76f03c9 Introduce ZM_PATH_SHUTDOWN to cmake config 2019-05-27 12:09:32 -04:00
Isaac Connor 93aeceecfc Merge branch 'crypt-replacement' of https://github.com/pliablepixels/ZoneMinder into pliablepixels-crypt-replacement 2019-05-17 10:18:15 -04:00
Pliable Pixels adb01c4d0e added password_compat for PHP >=5.3 <5.5 2019-05-12 13:57:25 -04:00
Pliable Pixels d7dbaf52d4 move user creation to bcrypt 2019-05-12 13:01:29 -04:00
Pliable Pixels a9d601e5ae add ability to revoke tokens and enable/disable APIs per user 2019-05-12 10:56:17 -04:00
Isaac Connor b3fb934fb5 add namespace to Logging calls 2019-04-29 14:16:55 -04:00
Isaac Connor 1a1c2db15f add the shutdown view and actions 2019-04-12 14:55:56 -04:00
Isaac Connor 8d07a4a08f Log useful error messages when can't mkdir the monitor events dir or the symlink to it. symlink is a warning because the symlink is just a user aid 2019-03-25 11:58:04 -04:00
Isaac Connor 6d4d353209 fix namespace on MontageLayout 2019-03-22 17:27:58 -04:00
Isaac Connor 520c41da23 Merge ../ZoneMinder.connortechnology.bad into storageareas 2019-03-18 14:40:03 -04:00
Isaac Connor e59eb510e3 update and fix the donate popup 2019-03-05 13:10:04 -05:00
Isaac Connor 73ae3f49ed Merge branch 'master' into storageareas 2019-03-05 11:35:55 -05:00
Isaac Connor 7779edb485 Fix saving multiple monitors at once by moving the relevant code to includes/actions/monitors.php 2019-03-05 11:02:37 -05:00
Isaac Connor 466c379e94 Merge branch 'master' into storageareas 2019-03-01 14:03:49 -05:00
Isaac Connor 675b4975b0 Fix control presets 2019-03-01 13:37:34 -05:00
Isaac Connor 5da51d51bc Merge branch 'master' into storageareas 2019-02-26 10:55:51 -05:00
Isaac Connor 53c0fae688 Merge fix from storageareas for archive/delete in events list 2019-02-26 10:22:58 -05:00
Isaac Connor 46c6735311 Missing namespace on filter. Fixes #2541 2019-02-24 10:02:49 -05:00
Isaac Connor fd310c0f0a Merge branch 'master' into storageareas 2019-02-22 11:33:47 -05:00
Isaac Connor 2b90bf15a6
Improve session (#2487)
* Introduce ZM_COOKIE_LIFETIME which sets the life of the SESSION cookie, instead of using what is in php.ini

* Use zm specific session functions, which are now located in includes/session.php.  Be more agressive about clearing session on logout.

* Move session code to includes/session.php

* remove duplicate line

* Move is_session_open to session.php.  Move code to clear a session into session.php

* improve debug line when there is a problem updating config entry

* split description into description and help text for COOKIE_LIFETIME

* Remove redirect on line.  We do it in javascript on postlogin view so that we can say logging in before switching to console

* If there is a username in the session, then we are logged in, but we need to load the user object from the db.  We can't just trust it from the session. The user may have been deleted and having that data in the session can be a security risk. So load the user object on every request.

* Use session_regenerate_id instead of our broken code to do the same

* Move auth code to includes/auth.php

* add autocomplete tags to username and password inputs

* Don't redirect to login if we are already viewing login.  Put auth before including skin includes

* need to include session.php in auth.php

* update to php namespace
2019-02-22 09:43:38 -05:00
Isaac Connor 410cb70ddb
get rid of js that just does the form submit. Upgrade the button from an input to a button. Use 0 and 1 instead of accept and decline, which allows us to pre-select the current value of ZM_TELEMETRY_DATA. So that if you had previously declined, you won't accidentally accept. This fixes the reported error that choosing decline would cause the setting to not be saved and the privacy popup to happen again. (#2534) 2019-02-22 09:20:54 -05:00
Isaac Connor 8dd8888975
Php namespace (#2537)
* experiment with namespaces on the Server class

* experiment with namespaces on the Server class

* Implement the ZM namespace on objects

* Implement the ZM namespace on objects

* Implement the ZM namespace on objects
2019-02-22 09:19:07 -05:00
Isaac Connor 8837015239 remove bogus test for Filter Id 2019-02-19 13:54:25 -05:00
Isaac Connor 6d1541a4d2 Merge branch 'fix_privacy_view' into storageareas 2019-02-19 12:57:01 -05:00
Isaac Connor 97a888c0db get rid of js that just does the form submit. Upgrade the button from an input to a button. Use 0 and 1 instead of accept and decline, which allows us to pre-select the current value of ZM_TELEMETRY_DATA. So that if you had previously declined, you won't accidentally accept. This fixes the reported error that choosing decline would cause the setting to not be saved and the privacy popup to happen again. 2019-02-19 12:54:12 -05:00
Isaac Connor b25770a2f0 Merge branch 'master' into storageareas 2019-02-13 11:52:31 -05:00
Isaac Connor d0745da11c fix path to Control.php 2019-02-13 11:52:16 -05:00
Isaac Connor a3374aa26c Merge branch 'reload_zmfilter_on_filter_save' into storageareas 2019-02-11 13:26:53 -05:00
Isaac Connor 5695be9f32 rough in a control function in Filter object. Use it to start/stop zmfilter processes when filters are deleted or Saved. 2019-02-11 13:21:00 -05:00
Matthew Noorenberghe cdbd59f054 bandwidth.php: Submit to the 'bandwidth' view but render the 'none' view. Fixes #2493 2019-02-10 13:22:08 -08:00
Isaac Connor 555cb4780d Merge branch 'master' into storageareas 2019-02-10 12:37:45 -05:00
Matthew Noorenberghe a97711de89 Replace or sanitize remaining uses of PHP_SELF. Fixes #2446 2019-02-09 22:12:36 -08:00
Isaac Connor 141f2afc8c Merge branch 'master' into storageareas 2019-02-05 15:46:58 -05:00
Isaac Connor c54fe7e89a fix state actions 2019-02-05 12:35:06 -05:00
Isaac Connor 71f961d012 remove redirect to console on login, as it is done in javascript after Logging in message is displayed 2019-01-30 16:05:51 -05:00
Isaac Connor 9a3aa49bae Merge branch 'fix_bandwidth' into storageareas 2019-01-30 15:18:16 -05:00
Isaac Connor 533d021dea Merge branch 'master' into storageareas 2019-01-30 15:17:27 -05:00
Isaac Connor 604dbf8776 fix state changing/etc 2019-01-30 14:36:46 -05:00
Isaac Connor 2e2404643f Fix bandwidth due to new actions code. Update buttons on bandwidth popup 2019-01-30 13:20:24 -05:00
Isaac Connor 6eb4d7ae27
Filter improvements (#2438)
* Put back code to close the popup when view is none

* clean up and reduce depth of some logic

* Increase width of user popup

* fix code style

* Make execute_filter work on a filter Id instead of name

* rework logic to reduce code depth. Change view to events to display the results of execute.

* Change the redirect to stay on the new view.  When redirecting from executing a filter, it was redirecting to filter.

* Set a form action for correctness. Change execute button to a button instead of a submit. Stay on the filter view when executing
2019-01-23 11:30:51 -05:00
Isaac Connor cc8de69eba Merge branch 'master' into storageareas 2019-01-22 11:44:42 -05:00
Isaac Connor ae703c45ee Set closePopup=true so that we don't need code in the none view to close the popup. The common code in skin.js will take care of it. 2019-01-22 09:14:33 -05:00
Isaac Connor 7260f823cb Merge branch 'master' into storageareas 2019-01-21 13:52:38 -05:00
Isaac Connor b24b930f65 After login go to postlogin, not console. the login view is in a popup so we want to close 2019-01-21 11:15:36 -05:00
Isaac Connor 552e14a971 Merge branch 'master' into storageareas 2019-01-18 10:36:59 -05:00
Isaac Connor 599769b701 rework logic of functions to be more verbose about errors. Implement javascript Nonce support when view=none 2019-01-17 08:50:33 -05:00
Isaac Connor fc7403fe3d Merge branch 'master' into storageareas 2019-01-13 14:53:34 -05:00