Andrew Bauer
|
bd4aea0385
|
rpm specfile - php requires was listed twice
|
2017-02-08 20:21:23 -06:00 |
Andrew Bauer
|
9c8c87f591
|
rpm specfile - require php-mysqli, bump to 1.30.2
|
2017-02-08 20:12:54 -06:00 |
Andrew Bauer
|
8feac1747d
|
Merge pull request #1764 from ZoneMinder/vulerability-fixes
sql injection and session fixation vulerability fixes
|
2017-02-04 16:23:51 -06:00 |
Kyle Johnson
|
5804cd2462
|
Merge pull request #2 from connortechnology/fix_sql_injection
Sanitize input parameters
|
2017-02-04 15:05:54 -07:00 |
Andrew Bauer
|
c5906a5d4f
|
Merge pull request #6 from connortechnology/log_xss_fixes2
Log xss fixes2
|
2017-02-04 16:05:43 -06:00 |
Kyle Johnson
|
024dd54716
|
Merge pull request #7 from ZoneMinder/pdo-emulated-prepares
Tell PDO to use real prepared statements.
|
2017-02-04 15:05:25 -07:00 |
Kyle Johnson
|
6b3a53ec0f
|
Tell PDO to use real prepared statements.
This makes sure the statement and the values aren't
parsed by PHP before sending it to the MySQL server.
See https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php
and https://secure.php.net/manual/en/pdo.setattribute.php
|
2017-02-04 14:59:33 -07:00 |
Isaac Connor
|
9135da92ed
|
fix typo fileFields => filterFields
|
2017-01-31 21:33:43 -05:00 |
Isaac Connor
|
3437f23e8a
|
Merge branch 'master' into fix_sql_injection
|
2017-01-28 14:33:49 -05:00 |
Isaac Connor
|
41dab0750e
|
turn whatever gets output into html escaped html so that nothing gets revealed
|
2017-01-27 21:30:22 -05:00 |
Isaac Connor
|
b5e995712e
|
Merge branch 'master' of github.com:ConnorTechnology/ZoneMinder-Pro
|
2017-01-27 17:43:58 -05:00 |
Isaac Connor
|
a8d1450adf
|
Merge branch 'master' into fix_sql_injection
|
2017-01-27 17:18:34 -05:00 |
Kyle Johnson
|
746a096483
|
Merge branch 'master' of github.com:ZoneMinder/ZoneMinder
|
2017-01-27 15:16:33 -07:00 |
Isaac Connor
|
c1e05753d6
|
Merge branch 'master' of github.com:ZoneMinder/ZoneMinder-Pro
|
2017-01-27 17:12:46 -05:00 |
Isaac Connor
|
9e9b1a3a35
|
Merge pull request #1758 from knnniggett/sanitize_image_path
sanitize the image path before processing
|
2017-01-27 09:41:54 -05:00 |
Isaac Connor
|
20f31ce804
|
Merge pull request #1759 from knnniggett/packpack_crud
check if crud plugin exists before unpacking
|
2017-01-27 09:37:05 -05:00 |
Andrew Bauer
|
fbb8375a1a
|
check if crud plugin exists before unpacking
|
2017-01-25 10:49:58 -06:00 |
Andrew Bauer
|
dbd73690b2
|
use !== false rather than === true
|
2017-01-25 09:26:07 -06:00 |
Andrew Bauer
|
6189d2670c
|
ZM_DIR_EVENTS can be, and often is, a symlink
|
2017-01-25 09:05:34 -06:00 |
Andrew Bauer
|
8b19fca992
|
sanitize the image path before processing
|
2017-01-25 08:30:19 -06:00 |
Andrew Bauer
|
13dc11bdf5
|
Merge pull request #1717 from connortechnology/fix_mmap_leak
must call zmMemInvalidate before next
|
2017-01-24 19:39:51 -06:00 |
Andrew Bauer
|
af728388d0
|
Merge pull request #1734 from connortechnology/fix_1720
Fix 1720
|
2017-01-23 20:35:10 -06:00 |
Isaac Connor
|
ab34127d62
|
bump version too
|
2017-01-16 21:31:45 -05:00 |
Isaac Connor
|
0e64ff9b24
|
Merge pull request #1754 from pliablepixels/1716-doc-img-typo
1716 doc img typo
|
2017-01-16 21:30:37 -05:00 |
Andrew Bauer
|
9fd52c231a
|
remove packpack build files
|
2017-01-16 08:39:54 -06:00 |
Andrew Bauer
|
5833196a84
|
packpack - change error code handling
|
2017-01-16 08:36:46 -06:00 |
Andrew Bauer
|
000ba2300a
|
packpack - initial support for debian distros
|
2017-01-15 20:43:03 -06:00 |
Pliable Pixels
|
0f3642adf4
|
added uncompressed xml
|
2017-01-15 21:40:25 -05:00 |
Andy Bauer
|
3882b74766
|
rpm specfile - el6 buildrequires epel-rpm-macros
|
2017-01-15 16:39:38 -06:00 |
Pliable Pixels
|
d5d9a3a8e9
|
reminder message for website used to draw XML source images
|
2017-01-15 17:35:34 -05:00 |
Pliable Pixels
|
9bf83a409b
|
fixed image type
|
2017-01-15 17:35:12 -05:00 |
Andy Bauer
|
4325e8f7ea
|
Merge branch 'master' of https://github.com/ZoneMinder/ZoneMinder
|
2017-01-15 15:49:46 -06:00 |
Andy Bauer
|
49c35d5733
|
packpack - f24,f25,el7 confirmed working
|
2017-01-15 15:48:57 -06:00 |
Andrew Bauer
|
418995df84
|
rpm specfile changes
need to put this back in to maintain compatibility with packpack
|
2017-01-15 09:59:17 -06:00 |
Andrew Bauer
|
b3ee97ad11
|
Merge pull request #1753 from jbehrends/docker_apache_fix
Docker - Fixed broken cgi-bin path in apache site conf.
|
2017-01-14 20:38:33 -06:00 |
Josh Behrends
|
41f5ee5032
|
Fixed broken cgi-bin path
|
2017-01-14 16:35:46 -08:00 |
Andy Bauer
|
08d4d0c5c2
|
packpack - auto retrieve zmrepo rpm
|
2017-01-14 16:35:56 -06:00 |
Andy Bauer
|
7d91b4cdc7
|
minor changes to packpack patch
|
2017-01-14 16:24:55 -06:00 |
Isaac Connor
|
80c948b61e
|
Merge pull request #1751 from knnniggett/pp_files
initial commit for packpack support
|
2017-01-14 16:44:05 -05:00 |
Andrew Bauer
|
3ae7038e3b
|
make the build script executable
|
2017-01-14 14:15:54 -06:00 |
Andrew Bauer
|
105e43fafd
|
initial commit for packpack support
|
2017-01-14 14:14:41 -06:00 |
Isaac Connor
|
ac32b001e9
|
use a real variable for the file handle so that it sticks around.
|
2017-01-12 13:05:39 -05:00 |
Isaac Connor
|
c97ecc2a38
|
remove debug line
|
2017-01-12 13:04:44 -05:00 |
Isaac Connor
|
a5cdfd2932
|
call loadMonitors at the beginning. Otherwise we may not know about a monitor while handling a message from it.
|
2017-01-12 13:03:53 -05:00 |
Isaac Connor
|
513cd68c20
|
remove the verified caching. It makes calling zmMemVerify useless.
|
2017-01-12 13:02:16 -05:00 |
Kyle Johnson
|
0e7794f2a7
|
Merge pull request #1 from connortechnology/cookie_http_only
set http_only flag in cookie settings
|
2017-01-12 09:25:36 -07:00 |
Kyle Johnson
|
a0958f9b70
|
Merge pull request #4 from connortechnology/regenerate_session
On successful login, tell php to regenerate the session id
|
2017-01-12 09:06:28 -07:00 |
Andrew Bauer
|
c50cbc2b9e
|
Merge pull request #1749 from jbehrends/1747-docker-apache-config-fix
Fixed apache documentroot, and fixed permissions for "/" in the project's Dockerfile
|
2017-01-12 07:58:15 -06:00 |
Josh Behrends
|
2104561eca
|
Fixed apache documentroot, and fixed permissions for "/"
|
2017-01-11 19:49:29 -08:00 |
Andrew Bauer
|
2e730f0426
|
Merge pull request #1746 from connortechnology/fix_else
fix else behaviour by adding braces
|
2017-01-11 19:38:59 -06:00 |